URL: https://thedailyblog.co.nz/
Submission Tags: falconsandbox
Submission: On November 30 via api from US — Scanned from DE

Summary

This website contacted 42 IPs in 10 countries across 36 domains to perform 354 HTTP transactions. The main IP is 210.5.53.72, located in New Zealand and belongs to VOYAGERNET-AS-AP Voyager Internet Ltd., NZ. The main domain is thedailyblog.co.nz.
TLS certificate: Issued by R3 on October 27th 2021. Valid for: 3 months.
This is the only time thedailyblog.co.nz was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
85 210.5.53.72 56030 (VOYAGERNE...)
7 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
26 142.250.186.66 15169 (GOOGLE)
11 2a00:1450:400... 15169 (GOOGLE)
1 1 75.101.226.202 14618 (AMAZON-AES)
1 52.216.101.139 16509 (AMAZON-02)
37 2a00:1450:400... 15169 (GOOGLE)
17 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
6 2a00:1450:400... 15169 (GOOGLE)
1 42 2a00:1450:400... 15169 (GOOGLE)
1 10 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
2 104.20.228.67 13335 (CLOUDFLAR...)
5 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
11 2a00:1450:400... 15169 (GOOGLE)
7 2a00:1450:400... 15169 (GOOGLE)
15 2a00:1450:400... 15169 (GOOGLE)
3 14 142.250.185.194 15169 (GOOGLE)
2 4 2.18.234.21 16625 (AKAMAI-AS)
2 3 185.33.221.91 29990 (ASN-APPNEX)
4 138.201.84.244 24940 (HETZNER-AS)
1 4 46.4.10.47 24940 (HETZNER-AS)
2 2 145.239.193.130 16276 (OVH)
1 88.198.250.30 24940 (HETZNER-AS)
1 2a0b:4d07:101::1 44239 (PROINITY ...)
2 46.236.13.147 12703 (PULSANT-AS)
1 2 142.250.74.198 15169 (GOOGLE)
1 54.76.176.197 16509 (AMAZON-02)
1 104.92.94.3 16625 (AKAMAI-AS)
19 2a00:1450:400... 15169 (GOOGLE)
3 2a00:1450:400... 15169 (GOOGLE)
1 18.66.248.39 16509 (AMAZON-02)
2 34.247.11.162 16509 (AMAZON-02)
1 2 2620:116:800d... 16509 (AMAZON-02)
1 1 35.156.157.11 16509 (AMAZON-02)
2 2 104.111.215.191 16625 (AKAMAI-AS)
2 35.227.252.103 15169 (GOOGLE)
3 3 185.64.190.78 62713 (AS-PUBMATIC)
2 2 69.173.151.100 26667 (RUBICONPR...)
1 1 52.18.11.109 16509 (AMAZON-02)
1 2a05:d01c:1d8... 16509 (AMAZON-02)
354 42
Apex Domain
Subdomains
Transfer
84 thedailyblog.co.nz
thedailyblog.co.nz
4 MB
63 googlesyndication.com
84e95da076e33d3921ac34dbc2e8fe22.safeframe.googlesyndication.com
tpc.googlesyndication.com
pagead2.googlesyndication.com
511 KB
59 gstatic.com
fonts.gstatic.com
www.gstatic.com
encrypted-tbn0.gstatic.com
encrypted-tbn2.gstatic.com
encrypted-tbn1.gstatic.com
encrypted-tbn3.gstatic.com
1 MB
50 doubleclick.net
securepubads.g.doubleclick.net
stats.g.doubleclick.net
googleads.g.doubleclick.net
static.doubleclick.net
cm.g.doubleclick.net
8019191.fls.doubleclick.net
344 KB
28 youtube.com
img.youtube.com
www.youtube.com
1 MB
12 google.com
adservice.google.com
www.google.com
27 KB
11 googletagservices.com
www.googletagservices.com
390 KB
8 redintelligence.net
hal9000.redintelligence.net
hal90002.redintelligence.net
58 KB
7 ampproject.org
cdn.ampproject.org
129 KB
7 googleapis.com
fonts.googleapis.com
5 KB
4 casalemedia.com
dsum-sec.casalemedia.com
4 KB
3 pubmatic.com
image6.pubmatic.com
1 KB
3 webgains.io
analytics.webgains.io
api.webgains.io
51 KB
3 adnxs.com
ib.adnxs.com
3 KB
2 rubiconproject.com
pixel.rubiconproject.com
923 B
2 openx.net
rtb.openx.net
415 B
2 addthis.com
e.dlx.addthis.com
1 KB
2 quantserve.com
cms.quantserve.com
796 B
2 webgains.com
track.webgains.com
5 KB
2 medialead.de
pv.medialead.de
2 KB
2 ytimg.com
i.ytimg.com
94 KB
2 ggpht.com
yt3.ggpht.com
5 KB
2 statcounter.com
secure.statcounter.com
c.statcounter.com
14 KB
2 google-analytics.com
www.google-analytics.com
20 KB
2 googletagmanager.com
www.googletagmanager.com
67 KB
1 innovid.com
ag.innovid.com
297 B
1 everesttech.net
pixel.everesttech.net
375 B
1 agkn.com
d.agkn.com
759 B
1 awin1.com
www.awin1.com
704 B
1 ad-server.eu
ad-server.eu
312 B
1 office-partner.de
adv.office-partner.de
1 KB
1 media01.eu
pb.media01.eu
629 B
1 google.de
adservice.google.de
792 B
1 eveningreport.nz
eveningreport.nz
8 KB
1 amazonaws.com
apple-resources.s3.amazonaws.com
15 KB
1 applemediaservices.com
tools.applemediaservices.com
438 B
354 36
Domain Requested by
84 thedailyblog.co.nz thedailyblog.co.nz
42 tpc.googlesyndication.com 1 redirects securepubads.g.doubleclick.net
thedailyblog.co.nz
84e95da076e33d3921ac34dbc2e8fe22.safeframe.googlesyndication.com
googleads.g.doubleclick.net
tpc.googlesyndication.com
26 securepubads.g.doubleclick.net thedailyblog.co.nz
www.googletagservices.com
securepubads.g.doubleclick.net
84e95da076e33d3921ac34dbc2e8fe22.safeframe.googlesyndication.com
20 www.youtube.com thedailyblog.co.nz
www.youtube.com
17 fonts.gstatic.com fonts.googleapis.com
www.youtube.com
15 encrypted-tbn2.gstatic.com 84e95da076e33d3921ac34dbc2e8fe22.safeframe.googlesyndication.com
15 pagead2.googlesyndication.com 84e95da076e33d3921ac34dbc2e8fe22.safeframe.googlesyndication.com
googleads.g.doubleclick.net
tpc.googlesyndication.com
www.googletagservices.com
www.gstatic.com
securepubads.g.doubleclick.net
14 cm.g.doubleclick.net 3 redirects googleads.g.doubleclick.net
84e95da076e33d3921ac34dbc2e8fe22.safeframe.googlesyndication.com
11 www.gstatic.com www.youtube.com
www.gstatic.com
84e95da076e33d3921ac34dbc2e8fe22.safeframe.googlesyndication.com
11 www.googletagservices.com thedailyblog.co.nz
securepubads.g.doubleclick.net
84e95da076e33d3921ac34dbc2e8fe22.safeframe.googlesyndication.com
10 www.google.com 1 redirects securepubads.g.doubleclick.net
www.youtube.com
84e95da076e33d3921ac34dbc2e8fe22.safeframe.googlesyndication.com
tpc.googlesyndication.com
9 encrypted-tbn0.gstatic.com 84e95da076e33d3921ac34dbc2e8fe22.safeframe.googlesyndication.com
8 img.youtube.com thedailyblog.co.nz
7 cdn.ampproject.org securepubads.g.doubleclick.net
cdn.ampproject.org
7 fonts.googleapis.com thedailyblog.co.nz
securepubads.g.doubleclick.net
hal90002.redintelligence.net
84e95da076e33d3921ac34dbc2e8fe22.safeframe.googlesyndication.com
6 84e95da076e33d3921ac34dbc2e8fe22.safeframe.googlesyndication.com securepubads.g.doubleclick.net
5 googleads.g.doubleclick.net www.youtube.com
thedailyblog.co.nz
84e95da076e33d3921ac34dbc2e8fe22.safeframe.googlesyndication.com
4 encrypted-tbn3.gstatic.com 84e95da076e33d3921ac34dbc2e8fe22.safeframe.googlesyndication.com
4 hal90002.redintelligence.net 1 redirects 84e95da076e33d3921ac34dbc2e8fe22.safeframe.googlesyndication.com
hal90002.redintelligence.net
4 hal9000.redintelligence.net 84e95da076e33d3921ac34dbc2e8fe22.safeframe.googlesyndication.com
hal90002.redintelligence.net
4 dsum-sec.casalemedia.com 2 redirects googleads.g.doubleclick.net
3 image6.pubmatic.com 3 redirects
3 encrypted-tbn1.gstatic.com 84e95da076e33d3921ac34dbc2e8fe22.safeframe.googlesyndication.com
3 ib.adnxs.com 2 redirects googleads.g.doubleclick.net
2 pixel.rubiconproject.com 2 redirects
2 rtb.openx.net 84e95da076e33d3921ac34dbc2e8fe22.safeframe.googlesyndication.com
2 e.dlx.addthis.com 2 redirects
2 cms.quantserve.com 1 redirects 84e95da076e33d3921ac34dbc2e8fe22.safeframe.googlesyndication.com
2 api.webgains.io analytics.webgains.io
2 8019191.fls.doubleclick.net 1 redirects thedailyblog.co.nz
2 track.webgains.com thedailyblog.co.nz
84e95da076e33d3921ac34dbc2e8fe22.safeframe.googlesyndication.com
2 pv.medialead.de 2 redirects
2 i.ytimg.com www.youtube.com
2 yt3.ggpht.com www.youtube.com
2 static.doubleclick.net www.youtube.com
2 adservice.google.com securepubads.g.doubleclick.net
8019191.fls.doubleclick.net
2 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
2 www.googletagmanager.com thedailyblog.co.nz
adv.office-partner.de
1 ag.innovid.com 84e95da076e33d3921ac34dbc2e8fe22.safeframe.googlesyndication.com
1 pixel.everesttech.net 1 redirects
1 d.agkn.com 1 redirects
1 analytics.webgains.io track.webgains.com
1 www.awin1.com 84e95da076e33d3921ac34dbc2e8fe22.safeframe.googlesyndication.com
1 ad-server.eu 84e95da076e33d3921ac34dbc2e8fe22.safeframe.googlesyndication.com
1 adv.office-partner.de hal90002.redintelligence.net
1 pb.media01.eu hal90002.redintelligence.net
1 c.statcounter.com secure.statcounter.com
1 secure.statcounter.com thedailyblog.co.nz
1 stats.g.doubleclick.net www.google-analytics.com
1 adservice.google.de securepubads.g.doubleclick.net
1 eveningreport.nz thedailyblog.co.nz
1 apple-resources.s3.amazonaws.com thedailyblog.co.nz
1 tools.applemediaservices.com 1 redirects
354 53
Subject Issuer Validity Valid
thedailyblog.co.nz
R3
2021-10-27 -
2022-01-25
3 months crt.sh
upload.video.google.com
GTS CA 1C3
2021-11-01 -
2022-01-24
3 months crt.sh
*.google-analytics.com
GTS CA 1C3
2021-11-01 -
2022-01-24
3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3
2021-11-01 -
2022-01-24
3 months crt.sh
eveningreport.nz
R3
2021-11-04 -
2022-02-02
3 months crt.sh
*.google.com
GTS CA 1C3
2021-11-01 -
2022-01-24
3 months crt.sh
*.gstatic.com
GTS CA 1C3
2021-11-01 -
2022-01-24
3 months crt.sh
*.google.de
GTS CA 1C3
2021-11-01 -
2022-01-24
3 months crt.sh
tpc.googlesyndication.com
GTS CA 1C3
2021-11-01 -
2022-01-24
3 months crt.sh
www.google.com
GTS CA 1C3
2021-11-01 -
2022-01-24
3 months crt.sh
us-dallas.statcounter.com
Sectigo RSA Domain Validation Secure Server CA
2021-11-06 -
2022-12-06
a year crt.sh
*.doubleclick.net
GTS CA 1C3
2021-11-01 -
2022-01-24
3 months crt.sh
*.googleusercontent.com
GTS CA 1C3
2021-11-01 -
2022-01-24
3 months crt.sh
edgestatic.com
GTS CA 1C3
2021-11-01 -
2022-01-24
3 months crt.sh
misc-sni.google.com
GTS CA 1C3
2021-11-01 -
2022-01-24
3 months crt.sh
redintelligence.net
R3
2021-10-21 -
2022-01-19
3 months crt.sh
*.media01.eu
RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1
2021-05-27 -
2022-05-27
a year crt.sh
adv.office-partner.de
R3
2021-11-07 -
2022-02-05
3 months crt.sh
*.webgains.com
Sectigo RSA Domain Validation Secure Server CA
2021-05-20 -
2022-06-20
a year crt.sh
www.awin1.com
DigiCert SHA2 Secure Server CA
2021-06-11 -
2022-06-16
a year crt.sh
*.webgains.io
Amazon
2021-03-12 -
2022-04-10
a year crt.sh
*.quantserve.com
DigiCert TLS RSA SHA256 2020 CA1
2021-09-22 -
2022-09-21
a year crt.sh
*.openx.net
GeoTrust RSA CA 2018
2021-07-08 -
2022-08-08
a year crt.sh
*.innovid.com
RapidSSL RSA CA 2018
2020-02-07 -
2022-04-07
2 years crt.sh

This page contains 25 frames:

Primary Page: https://thedailyblog.co.nz/
Frame ID: 3904D789DBBBEAE4D653F9B512CE7BAF
Requests: 130 HTTP requests in this frame

Frame: https://84e95da076e33d3921ac34dbc2e8fe22.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 567D3695E3C88ABFF6DA6328C7279279
Requests: 1 HTTP requests in this frame

Frame: https://www.youtube.com/embed/mG3nm_a0D0U
Frame ID: CD208FF8D87624E5AD30F2A88B65C6EC
Requests: 18 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjss8ed-Z847yf1FRFk0gOyiqlsTCJpwFFalP-s-KNFb33T4GfwCIJyWTvo18DxucBfhg--HHObFlUJXZY_TzfFph8F33F9uukYlPueB5SDwkuKDRtP4_koYEWm6DK7g4B8CvnJxTu-WqsNQisy7ZqzUZSsmSnqI1ICYm1fJK0zxkpyt-72Urf1a5B_qfE2GBvdZrVxnOhZy2aVcp1lElpRRWB1OwgCIJqCYpQNk8fW8vzxxnm0serH04Xn1pesQOtjcBc7abdLz4XWrn8BD_e87HZ04mGlGwuDrgOHNQV-MRRfOzWnIfVodxMGZtyETBH7oldIk&sai=AMfl-YQPrIo5y-sBKP_371a941joSCgqXRI34XxZImnlk5erx7ma1f0KqhTB-Qt9boqbQfoAvGthdZWuNQzYD22QZBiJ86u4c62RJRGUc6gPPAJdlD19KDLR8Du6x99VxR1U&sig=Cg0ArKJSzIumhKAL1ruGEAE&uach_m=[UACH]&adurl=
Frame ID: E1414801D428E5C718519A556C63DF1F
Requests: 8 HTTP requests in this frame

Frame: https://www.youtube.com/embed/cvga01tHYRc?autoplay=0&enablejsapi=1&origin=https%3A%2F%2Fthedailyblog.co.nz&widgetid=1
Frame ID: C51A4BD7B6CC7098F1C4A6D30DE16292
Requests: 18 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssnQHqRL-c_NJBAftHB7O53NrOWhpoQGBqC5ydRbQFvgIvu38ugIvR8N1VEAi5xbuQe6ivAt6wk6DR8xRT94IFp7MIF7mBALy51mS64mXRRGKwmsLJ6YT_P5K7YI-5QV4GQWpBT6Oo1NcYOLM5_krwHXsXhm5o-9pFiz5r1HjVbwD4M0rDaQM6E6ZKW4VYZo7ZvcbSswV48PmPgTFuxw7J9L6s_afdISPVER0Cw9ZG80z5V2457uz20zz0c54UUGN93kS4rdoKl7QgjGKVjlkNR-C2VctULNVqRbV2Poo8MR8DOMKTb4DYmzcQ_IQM20yIhtWRwQA&sai=AMfl-YSJuZxmU8R1xPdQczAIyJlhDS8rmmZw_NHHAbO83OxhCWUA3QZb1QJrPVkHlWcRscuO9SYgRGK2bn7_h9mf3Y1_9iEAkj4bNMy1v6TzGdYdqh775Sndk4Y-1LVF-3c&sig=Cg0ArKJSzEw_AcTe4ZwYEAE&uach_m=[UACH]&adurl=
Frame ID: 22737232CACFE155E74008FC4E332049
Requests: 7 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/012111011823000/amp4ads-v0.mjs
Frame ID: A0E38517C0704C7644E8ACA5C4E98256
Requests: 17 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssQLMJtXsmgxc3UbgEcTHrJJAxwvPyyuVJwFL8kgJ3L07esmMuZJiPQaPa6Vv-jCq7Qah4E_36isBecvfT0MA41POHjr8mhE0M4QLcByq6y6olI8k5JIi9Je3GB4YyuyTi3CVf-ZUT6BOCy1G3ncCBHvrTEzUOpzIACFr1aPRED9DCGFEtuzu4jHM9sSblf9jIxm0hEFY-IAouoBRLkpCHeE7_r2gqE3fSBhqh4dVSSXZZ_VjoZZHnpH4jwaQnijJ7364BnPnJUdDxcX1EF7tTYh89ClMyO6RkEwznSgG6xHJxRt3eQZDkir2cFSXL4cSRGnsKeqQ&sai=AMfl-YSqKD3JarnMlaFvuDHuT-mcxjyBxXq0kmiwDKohqQPl6ZsUDf0KBmThXByUKNajbqwCMGY1A3zGJgSkP0DpdvzJp7wNeCoKBp9tnXJaB8CwLJ-bwNQDW91aawET5TY&sig=Cg0ArKJSzPgkN1KhUeTKEAE&uach_m=[UACH]&adurl=
Frame ID: 16F05EA45F7FFD7A0517A5E05CCD74FA
Requests: 8 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuX2GNv83mVt47UgwSKVxCSVWBmxNUc7Zx5TQhRTdV1bkMOZqhAwcE6ubRb4bWwdqDvUFX-vTzFYl9dsr7-RRPQNP3csh9yv061Bl3d454QJRaF_8w780_IIGQzigQ0SUq7gRlZWKYG5SbAJ6Q7trfKMmBXildLiDScerQQpG_qSUZdGRqLip0hfTI2TPp6P2X3oeZtGWD5KWjus8VJ9n3STTelG0N36Dn1KNWtJcQCFeaePJZ2SjllmHxP_LawqnlJhr-gzixHrFWNxyQiHWC045u9zDwQjBwIKj3iLxFWBbJAviK1p_UILvVRNQU_sCOXnexgdVw&sai=AMfl-YRnO8c9uitpFC0NTIB9YT_F0sSrgRA5a7BbD-VJiqYZvKEWoSGd5GzwRbxwsX8A7jv5Q1RVAgwE5L5lS8oO_zD0Qvp-lWjC9KyUaj24g1wE4hoUZZW4hTyWc9NgVHs&sig=Cg0ArKJSzFtDcBFsIeUzEAE&uach_m=[UACH]&adurl=
Frame ID: 3728A088BC30918B9F48E59A336FE45A
Requests: 8 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstbYZfvdBYPC1UkpzU_mzCfp5FLLZZd7m6TsqnlyGcb_xUEJAtlBoDTPFs34cTBqsR8f7WH76HRvVNop9HJIdx0l6KkvtRZRjZgb9_-AnH9uxxvkdVL2Dp4nY2t1VVZSt9So0CajwnorOoYJlQARwo06SJR0Aqa5xAzawTqPOyhVc6ispz0oVt1ht_F1VaBPYw3CIAKAlJTeMHc4im-W1rcZVvKoSPBe5js7xgk-bRKmWqAEz23EBKw_tcCJ_8K2wCsIhPuB8v7ik6NkZ4TYTDgXAIb5a-0aY-4fMLITHmkf1mkPGrtoRNW-L_5uX80m-rRv0aSABMICjY&sai=AMfl-YSIyE6ZR9WtzlPc00spMEqVzy658B7il8zVQ7WeZ2_zj6zCuBuryGny1F93eDk78__r59bApKy5JB3d8L3UD-xzsaNjbhFnSJtLHE-6q5oZuF1I_3n1G_8lU-NrAw0&sig=Cg0ArKJSzJus4PiIG4IGEAE&uach_m=[UACH]&adurl=
Frame ID: B6F2B561C321686711E2FD5BEF6B4A40
Requests: 9 HTTP requests in this frame

Frame: https://84e95da076e33d3921ac34dbc2e8fe22.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: A3FD96726540EB09339373830AF7C96D
Requests: 20 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhCn9EsYtKK9lQEwAQ&v=APEucNUlpG4Tib0GGJ5Xlj79lvlubCjzRodl5dTfZKOZoVfa1Z9qo0CwakeQlB73AzS0zTGIXDCD48Mu4alrhh5bglyCuslrbghkb5viEJes4PcJ3HhrYwtv2J3ZFH7s3avfcWzg8FnRkmhdEY9Sw0hNedCe5lXDAzGAfVc0uraKosjKSVuEn-8
Frame ID: 53CCAFCCD9DC831A16289E15649E7B7E
Requests: 5 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 8991D7B18C7F927BEF74DC707CDD1137
Requests: 3 HTTP requests in this frame

Frame: https://pb.media01.eu/view.aspx?trackid=529D4F146E3238B0FD87AE72E1190AD4&dt_subid1=52180&dt_subid2=43926000204209700710616011794002&actionid=731824&produktid=businessgiro&dt_url=
Frame ID: 73BDE1AF7B36B59F663525EC925A4328
Requests: 1 HTTP requests in this frame

Frame: https://adv.office-partner.de/?utm_source=webgains&utm_campaign=webgains
Frame ID: 48D0E4A270D96D5D9A2D783574B9C4E7
Requests: 2 HTTP requests in this frame

Frame: https://8019191.fls.doubleclick.net/activityi;dc_pre=CITK_uvrwPQCFcREHQkddTYD6A;src=8019191;type=invmedia;cat=1up4h04i;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=2794780153201.4395
Frame ID: 6BFA1E769F3A36AAB12DE001637E76CE
Requests: 2 HTTP requests in this frame

Frame: https://hal90002.redintelligence.net/request_content.php?s=43926000204209700710616011794002&a=14753bce
Frame ID: 182DF1855DAB9379691365A336E45B1D
Requests: 8 HTTP requests in this frame

Frame: https://84e95da076e33d3921ac34dbc2e8fe22.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 27AE02F3934510B83AD86972D13DBCF9
Requests: 26 HTTP requests in this frame

Frame: https://84e95da076e33d3921ac34dbc2e8fe22.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: B756CB79A62BCCB85516FC46EC8EBF5E
Requests: 18 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html
Frame ID: A1F2FC4133806C00E023C9BFF8C3E5E4
Requests: 2 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: DC6B91751902C9276D9AA8A4EE8EF712
Requests: 2 HTTP requests in this frame

Frame: https://84e95da076e33d3921ac34dbc2e8fe22.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: D222BDDCC660DE83C5DCAE8DAAC6C9D5
Requests: 20 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 3D5D88B923DC6FF44DC2472BBE38A74D
Requests: 9 HTTP requests in this frame

Frame: https://84e95da076e33d3921ac34dbc2e8fe22.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: F9ACB1A9D1ABB82C6DCB686C1D32764C
Requests: 18 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 5F52DDD5FD24AE6DC19F1A79A96B6942
Requests: 9 HTTP requests in this frame

Screenshot

Page Title

The Daily Blog

Page Statistics

354
Requests

94 %
HTTPS

50 %
IPv6

36
Domains

53
Subdomains

42
IPs

10
Countries

8053 kB
Transfer

16421 kB
Size

41
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 61
  • https://tools.applemediaservices.com/api/badges/listen-on-apple-podcasts/badge/en-US?size=250x83&releaseDate=1606352220&h=79ac0fbf02ad5db86494e28360c5d19f HTTP 301
  • https://apple-resources.s3.amazonaws.com/media-badges/listen-on-apple-podcasts/badge/en-us.svg
Request Chain 214
  • https://www.google.com/pagead/drt/ui HTTP 302
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Request Chain 225
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEADGRWgGDXqeQNmh5nKZu3Y&google_cver=1
Request Chain 226
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
  • https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YaZ.Wp1Fd22iraeQB251TAAA HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEADGRWgGDXqeQNmh5nKZu3Y&google_cver=1&google_hm=2
Request Chain 227
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
  • https://ib.adnxs.com/setuid?entity=101&code=CAESEOBWYQOn-yW3TNQA3TxWPNw&google_cver=1
Request Chain 228
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=Mzk1MTg5MzY4MDk2MzIxMjg0MQ%3D%3D
Request Chain 233
  • https://hal90002.redintelligence.net/request.php?zone=npoee1nv94vs&nw=20&renderingType=javascript&namespace=33378dbaaf&subid=&uid=261f6f7dfdb32c77&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=300x250&scrollPos=0x0&extData[]=&envData=&gdpr=-1&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCGx_VWX6mYZfRGdT77_UP4ZWb2AW1zfmDV8zeuavlDPAuEAEgot_RIGCV4pCCoAfIAQmpAmYnJL0kGLM-qAMBqgSVAk_QjBFRaOyzgJEFGaWJT8MHU7rtDJoNO4x2M7FyTNr9xoJKDNf01bESOtc5XgABprp7MWmDuywHMd0Y-hu_BP5SQllelbpEY87Eb5_dfUaZzwfVyExzoCGMHCBV6UyeBuWXJDfrQ-kxqrBakg_fPab7QebSoBvbuHQWRz3YA4r2bhb8LKf0tnLddoySNaz93z_9a2PShTFcIXHGH3K89x2JoV44RiVL5873J44KaV7lXDTlpOCHkFdFX89fysqHQDW7tUGdgYJAVatJH1VOkAhWWM-7OWW-SRy0n9eyUHP7_w2LoQkM_katdtaq9TJv7zP4g5CuUTJ9ThOpOCMVm1J09NrwwsIUNGQ7wk7JYfIMT3JQSDrABKqd_L7PAeAEA5AGAaAGTYAH6-foXqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB9XJG6gHpr4bqAfz0RuoB5bYG6gHqpuxAqgH35-xAtgHANIICQiI4YAQEAEYHYAKAZgLAcgLAYAMAbATwpraCtATANgTA9gUAdAVAYAXAQ%26ae%3D1%26num%3D1%26cid%3DCAASFeRoGFzwVeDlHHL2ykUrsJyJn0uXVQ%26sig%3DAOD64_36S9c5P60ZlcXY2OdneLZrHouSlQ%26client%3Dca-pub-6251155607275344%26dbm_c%3DAKAmf-AIgCa81hBlCWZC2L3hR3oUvKkjTADJAu00KFkKrVUKStzAqxe-xUgHsHQRAP5A8NrIPv0PhR9zKbE1uwrGiJjdQcdXq9ZUbhhkusgnU-voGtZ2cnHIpFD9jivdtArn225bYFSgNceHuPv5waYTWvnmnUt4yg%26cry%3D1%26dbm_d%3DAKAmf-A3N0EXQ2HtuJl2Mybsp0qXvcFBMcvEhZOh-uB2oUxjKElNas9PAIUvvCclepZ9wdoiNMiOH4qTY66cFxhA0T-4DS8eJ5c7bnGeaJP90_Aa-5RZO8ABdrwD8GpTbp9bgo0_lRbk4i-cX5BtHoWiJTqzgW64KpLuvuvGy-hlKHJ6zWPtxbMeEtjjwJylUrjr0-c0QuMfy1fL9IfGzduoTqFEtwPswD9Fk_Hh2VaR4_fNSkLO4JGcvDq7ZPHqgzz4WW-ojhzfIOnLj1y6ancfbqPT1tsaQoupSB4OeXAjKju2IhsceDunG81G7c_RG91ct1n16DUrdHEhWAvRfEiZtcA3M6aoX-1Cw-sxKfbDtOuypfUNEa6xBMPLEMGekJqCzxQFqWznobm2b21Bk6dy95OUsAbJS_ZNvrdGQGb4oDisTMoDZe1KmZMwtX4q3o8lte0UwriC%26adurl%3D&documentReferer=https%3A%2F%2Fthedailyblog.co.nz%2F&ancestorOrigins=https%3A%2F%2Fthedailyblog.co.nz&random=5616217258290&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0 HTTP 302
  • https://hal90002.redintelligence.net/request.php?zone=npoee1nv94vs&nw=20&renderingType=javascript&namespace=33378dbaaf&subid=&uid=261f6f7dfdb32c77&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=300x250&scrollPos=0x0&extData[]=&envData=&gdpr=-1&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCGx_VWX6mYZfRGdT77_UP4ZWb2AW1zfmDV8zeuavlDPAuEAEgot_RIGCV4pCCoAfIAQmpAmYnJL0kGLM-qAMBqgSVAk_QjBFRaOyzgJEFGaWJT8MHU7rtDJoNO4x2M7FyTNr9xoJKDNf01bESOtc5XgABprp7MWmDuywHMd0Y-hu_BP5SQllelbpEY87Eb5_dfUaZzwfVyExzoCGMHCBV6UyeBuWXJDfrQ-kxqrBakg_fPab7QebSoBvbuHQWRz3YA4r2bhb8LKf0tnLddoySNaz93z_9a2PShTFcIXHGH3K89x2JoV44RiVL5873J44KaV7lXDTlpOCHkFdFX89fysqHQDW7tUGdgYJAVatJH1VOkAhWWM-7OWW-SRy0n9eyUHP7_w2LoQkM_katdtaq9TJv7zP4g5CuUTJ9ThOpOCMVm1J09NrwwsIUNGQ7wk7JYfIMT3JQSDrABKqd_L7PAeAEA5AGAaAGTYAH6-foXqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB9XJG6gHpr4bqAfz0RuoB5bYG6gHqpuxAqgH35-xAtgHANIICQiI4YAQEAEYHYAKAZgLAcgLAYAMAbATwpraCtATANgTA9gUAdAVAYAXAQ%26ae%3D1%26num%3D1%26cid%3DCAASFeRoGFzwVeDlHHL2ykUrsJyJn0uXVQ%26sig%3DAOD64_36S9c5P60ZlcXY2OdneLZrHouSlQ%26client%3Dca-pub-6251155607275344%26dbm_c%3DAKAmf-AIgCa81hBlCWZC2L3hR3oUvKkjTADJAu00KFkKrVUKStzAqxe-xUgHsHQRAP5A8NrIPv0PhR9zKbE1uwrGiJjdQcdXq9ZUbhhkusgnU-voGtZ2cnHIpFD9jivdtArn225bYFSgNceHuPv5waYTWvnmnUt4yg%26cry%3D1%26dbm_d%3DAKAmf-A3N0EXQ2HtuJl2Mybsp0qXvcFBMcvEhZOh-uB2oUxjKElNas9PAIUvvCclepZ9wdoiNMiOH4qTY66cFxhA0T-4DS8eJ5c7bnGeaJP90_Aa-5RZO8ABdrwD8GpTbp9bgo0_lRbk4i-cX5BtHoWiJTqzgW64KpLuvuvGy-hlKHJ6zWPtxbMeEtjjwJylUrjr0-c0QuMfy1fL9IfGzduoTqFEtwPswD9Fk_Hh2VaR4_fNSkLO4JGcvDq7ZPHqgzz4WW-ojhzfIOnLj1y6ancfbqPT1tsaQoupSB4OeXAjKju2IhsceDunG81G7c_RG91ct1n16DUrdHEhWAvRfEiZtcA3M6aoX-1Cw-sxKfbDtOuypfUNEa6xBMPLEMGekJqCzxQFqWznobm2b21Bk6dy95OUsAbJS_ZNvrdGQGb4oDisTMoDZe1KmZMwtX4q3o8lte0UwriC%26adurl%3D&documentReferer=https%3A%2F%2Fthedailyblog.co.nz%2F&ancestorOrigins=https%3A%2F%2Fthedailyblog.co.nz&random=5616217258290&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0&uidRedirect=1
Request Chain 235
  • https://pv.medialead.de/trck/epv/e99aace94e6e5873830a7df8deda4aa6?subid=43926000204209700710616011794002&t=htlp HTTP 301
  • https://pb.media01.eu/view.aspx?trackid=529D4F146E3238B0FD87AE72E1190AD4&dt_subid1=52180&dt_subid2=43926000204209700710616011794002&actionid=731824&produktid=businessgiro&dt_url=
Request Chain 238
  • https://8019191.fls.doubleclick.net/activityi;src=8019191;type=invmedia;cat=1up4h04i;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=2794780153201.4395 HTTP 302
  • https://8019191.fls.doubleclick.net/activityi;dc_pre=CITK_uvrwPQCFcREHQkddTYD6A;src=8019191;type=invmedia;cat=1up4h04i;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=2794780153201.4395
Request Chain 240
  • https://pv.medialead.de/trck/eview/e99aace94e6e5873830a7df8deda4aa6?subid=43926000204209700710616011794002 HTTP 301
  • https://ad-server.eu/wm/pb/native.png
Request Chain 330
  • https://tpc.googlesyndication.com/pageadimg/imgad?id=CICAgKC7wqyMOBCcChicCjIIWCv19vqeVug HTTP 301
  • https://tpc.googlesyndication.com/simgad/3218002549567218547
Request Chain 335
  • https://d.agkn.com/pixel/2175/?google_gid=CAESECH8cPvClIJ7e3X3u364h28&google_cver=1&google_push=AYg5qPLirjcWh8ZXhcLP3y-OgaEfuPYKfLwhCTjTNdQAb1H7GjssQGlG7jZx-hM9NcNfYS0tBA6i9xqzlPVL9_JjPk3m3uhp9Spf HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=ak_dmp&google_push=AYg5qPLirjcWh8ZXhcLP3y-OgaEfuPYKfLwhCTjTNdQAb1H7GjssQGlG7jZx-hM9NcNfYS0tBA6i9xqzlPVL9_JjPk3m3uhp9Spf&google_hm=Q0FFU0VDSDhjUHZDbElKN2UzWDN1MzY0aDI4
Request Chain 336
  • https://e.dlx.addthis.com/e/a-1189/s-3614?redirect_provider_id=3614&ru=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Ddatalogix_dmp%26google_hm%3D%3CNA_ID%3E%26google_push%3DAYg5qPLtIB1kKjzPfLs42kJHoO5w-y3OTNztBo6lhyNPWtMXPvx2KbMh-KfixzL7109Kva8ZhNo7bIrjMO4F6gBzX3EpWTlrmucyAQ&google_gid=CAESEEoFJaVLWUqrtBF_ZD9nkE0&google_cver=1 HTTP 302
  • https://e.dlx.addthis.com/e/a-1189/s-3614?redirect_provider_id=3614&ru=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Ddatalogix_dmp%26google_hm%3D%3CNA_ID%3E%26google_push%3DAYg5qPLtIB1kKjzPfLs42kJHoO5w-y3OTNztBo6lhyNPWtMXPvx2KbMh-KfixzL7109Kva8ZhNo7bIrjMO4F6gBzX3EpWTlrmucyAQ&google_gid=CAESEEoFJaVLWUqrtBF_ZD9nkE0&google_cver=1&rd=Y HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=datalogix_dmp&google_hm=MjAyMTExMzAxOTQxMTUwMDA5MjU0MTc0MDkyOQ%3D%3D&google_push=AYg5qPLtIB1kKjzPfLs42kJHoO5w-y3OTNztBo6lhyNPWtMXPvx2KbMh-KfixzL7109Kva8ZhNo7bIrjMO4F6gBzX3EpWTlrmucyAQ
Request Chain 338
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEALJJ2ENLjcm6oIjWNCphLo&google_cver=1&google_push=AYg5qPJXgB3ZDX2rClrv_zGEixEGGdNaAxqZCTYuD-uFf3N7PFRU-PFaK-tQ-KNHXEBWvCv6oO9kvnT57ZY9mOksGYWo25P19Aul-g HTTP 302
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEALJJ2ENLjcm6oIjWNCphLo&google_cver=1&google_push=AYg5qPJXgB3ZDX2rClrv_zGEixEGGdNaAxqZCTYuD-uFf3N7PFRU-PFaK-tQ-KNHXEBWvCv6oO9kvnT57ZY9mOksGYWo25P19Aul-g&rdf=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=MqzQGjbOTq20vnoO20RrqA%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AYg5qPJXgB3ZDX2rClrv_zGEixEGGdNaAxqZCTYuD-uFf3N7PFRU-PFaK-tQ-KNHXEBWvCv6oO9kvnT57ZY9mOksGYWo25P19Aul-g
Request Chain 339
  • https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEE6Qy1_HMQaLeglqqT5NkfA&google_cver=1&google_push=AYg5qPKdaIUcNpxNHHQBIeThvDn2DXYPps8wK4NRaTTcWR8BQvzBL84W1P_WhRTFbyV74oEoqIn5zEi6f36SSskoCgCeAXDj8kUYTA HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1dNSUEyU1otMUItSDlVRA==&google_push=AYg5qPKdaIUcNpxNHHQBIeThvDn2DXYPps8wK4NRaTTcWR8BQvzBL84W1P_WhRTFbyV74oEoqIn5zEi6f36SSskoCgCeAXDj8kUYTA
Request Chain 340
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEJ-a5JhwGwrkXty8BXtCmFk&google_cver=1&google_push=AYg5qPIuCQCGiXvinzT5FwZYa_9Cboz8wSjY7tT1c57Q9FVdMlB0DBiFip3kaBPhssVPPBr6fpCO2p3qCk68deiieLHPB6gDrI9-bA HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YaZ-Wp1Fd22iraeQB251TAAABE0AAAIB&google_push=AYg5qPIuCQCGiXvinzT5FwZYa_9Cboz8wSjY7tT1c57Q9FVdMlB0DBiFip3kaBPhssVPPBr6fpCO2p3qCk68deiieLHPB6gDrI9-bA&google_gid=CAESEJ-a5JhwGwrkXty8BXtCmFk&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YaZ-Wp1Fd22iraeQB251TAAABE0AAAIB&google_push=AYg5qPIuCQCGiXvinzT5FwZYa_9Cboz8wSjY7tT1c57Q9FVdMlB0DBiFip3kaBPhssVPPBr6fpCO2p3qCk68deiieLHPB6gDrI9-bA&google_gid=CAESEJ-a5JhwGwrkXty8BXtCmFk&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YaZ-Wp1Fd22iraeQB251TAAABE0AAAIB&google_push=AYg5qPIuCQCGiXvinzT5FwZYa_9Cboz8wSjY7tT1c57Q9FVdMlB0DBiFip3kaBPhssVPPBr6fpCO2p3qCk68deiieLHPB6gDrI9-bA&google_gid=CAESEJ-a5JhwGwrkXty8BXtCmFk&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YaZ-Wp1Fd22iraeQB251TAAABE0AAAIB&google_push=AYg5qPIuCQCGiXvinzT5FwZYa_9Cboz8wSjY7tT1c57Q9FVdMlB0DBiFip3kaBPhssVPPBr6fpCO2p3qCk68deiieLHPB6gDrI9-bA&google_gid=CAESEJ-a5JhwGwrkXty8BXtCmFk&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YaZ-Wp1Fd22iraeQB251TAAABE0AAAIB&google_push=AYg5qPIuCQCGiXvinzT5FwZYa_9Cboz8wSjY7tT1c57Q9FVdMlB0DBiFip3kaBPhssVPPBr6fpCO2p3qCk68deiieLHPB6gDrI9-bA&google_gid=CAESEJ-a5JhwGwrkXty8BXtCmFk&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YaZ-Wp1Fd22iraeQB251TAAABE0AAAIB&google_push=AYg5qPIuCQCGiXvinzT5FwZYa_9Cboz8wSjY7tT1c57Q9FVdMlB0DBiFip3kaBPhssVPPBr6fpCO2p3qCk68deiieLHPB6gDrI9-bA&google_gid=CAESEJ-a5JhwGwrkXty8BXtCmFk&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YaZ-Wp1Fd22iraeQB251TAAABE0AAAIB&google_push=AYg5qPIuCQCGiXvinzT5FwZYa_9Cboz8wSjY7tT1c57Q9FVdMlB0DBiFip3kaBPhssVPPBr6fpCO2p3qCk68deiieLHPB6gDrI9-bA&google_gid=CAESEJ-a5JhwGwrkXty8BXtCmFk&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YaZ-Wp1Fd22iraeQB251TAAABE0AAAIB&google_push=AYg5qPIuCQCGiXvinzT5FwZYa_9Cboz8wSjY7tT1c57Q9FVdMlB0DBiFip3kaBPhssVPPBr6fpCO2p3qCk68deiieLHPB6gDrI9-bA&google_gid=CAESEJ-a5JhwGwrkXty8BXtCmFk&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YaZ-Wp1Fd22iraeQB251TAAABE0AAAIB&google_push=AYg5qPIuCQCGiXvinzT5FwZYa_9Cboz8wSjY7tT1c57Q9FVdMlB0DBiFip3kaBPhssVPPBr6fpCO2p3qCk68deiieLHPB6gDrI9-bA&google_gid=CAESEJ-a5JhwGwrkXty8BXtCmFk&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YaZ-Wp1Fd22iraeQB251TAAABE0AAAIB&google_push=AYg5qPIuCQCGiXvinzT5FwZYa_9Cboz8wSjY7tT1c57Q9FVdMlB0DBiFip3kaBPhssVPPBr6fpCO2p3qCk68deiieLHPB6gDrI9-bA&google_gid=CAESEJ-a5JhwGwrkXty8BXtCmFk&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YaZ-Wp1Fd22iraeQB251TAAABE0AAAIB&google_push=AYg5qPIuCQCGiXvinzT5FwZYa_9Cboz8wSjY7tT1c57Q9FVdMlB0DBiFip3kaBPhssVPPBr6fpCO2p3qCk68deiieLHPB6gDrI9-bA&google_gid=CAESEJ-a5JhwGwrkXty8BXtCmFk&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YaZ-Wp1Fd22iraeQB251TAAABE0AAAIB&google_push=AYg5qPIuCQCGiXvinzT5FwZYa_9Cboz8wSjY7tT1c57Q9FVdMlB0DBiFip3kaBPhssVPPBr6fpCO2p3qCk68deiieLHPB6gDrI9-bA&google_gid=CAESEJ-a5JhwGwrkXty8BXtCmFk&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YaZ-Wp1Fd22iraeQB251TAAABE0AAAIB&google_push=AYg5qPIuCQCGiXvinzT5FwZYa_9Cboz8wSjY7tT1c57Q9FVdMlB0DBiFip3kaBPhssVPPBr6fpCO2p3qCk68deiieLHPB6gDrI9-bA&google_gid=CAESEJ-a5JhwGwrkXty8BXtCmFk&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YaZ-Wp1Fd22iraeQB251TAAABE0AAAIB&google_push=AYg5qPIuCQCGiXvinzT5FwZYa_9Cboz8wSjY7tT1c57Q9FVdMlB0DBiFip3kaBPhssVPPBr6fpCO2p3qCk68deiieLHPB6gDrI9-bA&google_gid=CAESEJ-a5JhwGwrkXty8BXtCmFk&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YaZ-Wp1Fd22iraeQB251TAAABE0AAAIB&google_push=AYg5qPIuCQCGiXvinzT5FwZYa_9Cboz8wSjY7tT1c57Q9FVdMlB0DBiFip3kaBPhssVPPBr6fpCO2p3qCk68deiieLHPB6gDrI9-bA&google_gid=CAESEJ-a5JhwGwrkXty8BXtCmFk&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YaZ-Wp1Fd22iraeQB251TAAABE0AAAIB&google_push=AYg5qPIuCQCGiXvinzT5FwZYa_9Cboz8wSjY7tT1c57Q9FVdMlB0DBiFip3kaBPhssVPPBr6fpCO2p3qCk68deiieLHPB6gDrI9-bA&google_gid=CAESEJ-a5JhwGwrkXty8BXtCmFk&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YaZ-Wp1Fd22iraeQB251TAAABE0AAAIB&google_push=AYg5qPIuCQCGiXvinzT5FwZYa_9Cboz8wSjY7tT1c57Q9FVdMlB0DBiFip3kaBPhssVPPBr6fpCO2p3qCk68deiieLHPB6gDrI9-bA&google_gid=CAESEJ-a5JhwGwrkXty8BXtCmFk&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YaZ-Wp1Fd22iraeQB251TAAABE0AAAIB&google_push=AYg5qPIuCQCGiXvinzT5FwZYa_9Cboz8wSjY7tT1c57Q9FVdMlB0DBiFip3kaBPhssVPPBr6fpCO2p3qCk68deiieLHPB6gDrI9-bA&google_gid=CAESEJ-a5JhwGwrkXty8BXtCmFk&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YaZ-Wp1Fd22iraeQB251TAAABE0AAAIB&google_push=AYg5qPIuCQCGiXvinzT5FwZYa_9Cboz8wSjY7tT1c57Q9FVdMlB0DBiFip3kaBPhssVPPBr6fpCO2p3qCk68deiieLHPB6gDrI9-bA&google_gid=CAESEJ-a5JhwGwrkXty8BXtCmFk&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YaZ-Wp1Fd22iraeQB251TAAABE0AAAIB&google_push=AYg5qPIuCQCGiXvinzT5FwZYa_9Cboz8wSjY7tT1c57Q9FVdMlB0DBiFip3kaBPhssVPPBr6fpCO2p3qCk68deiieLHPB6gDrI9-bA&google_gid=CAESEJ-a5JhwGwrkXty8BXtCmFk&google_cver=1
Request Chain 361
  • https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEGayuP6X5gr_ON-40SAM8r0&google_cver=1&google_push=AYg5qPK-ZxZa46-n5Y8oPd-EtUcWNyC2c-EzqWEySeLaxLrrK9fAAr5VqnH_yh3tqrEi54GHxDRF314qXZU2c3sqP1pmqswVQAQ HTTP 302
  • https://cm.g.doubleclick.net/pixel?gdpr=1&google_nid=B765081F39B1F7&google_push=AYg5qPK-ZxZa46-n5Y8oPd-EtUcWNyC2c-EzqWEySeLaxLrrK9fAAr5VqnH_yh3tqrEi54GHxDRF314qXZU2c3sqP1pmqswVQAQ&google_hm=RA4O_LoN8ckncZND0oWWrA
Request Chain 362
  • https://pixel.everesttech.net/1/m?url=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Deverest%26google_hm%3D__EFGSURFER_USB64__%26google_push%3DAYg5qPIYW2SD3TA40TKBk-khoJEwi12jWaebhQQG_iM3ecwv3AohNIkw1UKiTBqS0xb3ZNqNh4VwB9hbsd_kWx3H1EWMpsy1El8&google_gid=CAESEJO_OpfbLyNYNN6wkvtO4vg&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=everest&google_hm=WWFaQFhBQUFCWVRVbUZlaw&google_push=AYg5qPIYW2SD3TA40TKBk-khoJEwi12jWaebhQQG_iM3ecwv3AohNIkw1UKiTBqS0xb3ZNqNh4VwB9hbsd_kWx3H1EWMpsy1El8
Request Chain 364
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEPw9h6nx9Aa0RaY_YtUSj3M&google_cver=1&google_push=AYg5qPIHSHBlk69GL7ClxBedeNZEaw_LbZR330qpkFDs0ZkdUWs-iZXN_DpZqOBXWq0VV-tquKqFNrtSkQvH1ivwd3iJ7UC04w HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=MqzQGjbOTq20vnoO20RrqA%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AYg5qPIHSHBlk69GL7ClxBedeNZEaw_LbZR330qpkFDs0ZkdUWs-iZXN_DpZqOBXWq0VV-tquKqFNrtSkQvH1ivwd3iJ7UC04w
Request Chain 365
  • https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEIa6pI3soUWQoWTJXu8xNIE&google_cver=1&google_push=AYg5qPLDZEhaaPXLQ6-hGu7X5LxlJS-234qLU5o01sI437U6qkLGELzw_G1bSYdvxjNbJgEqnF3nHqFnaR-PjQtxiCH6eEzU2D0 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1dNSUEzNkUtMVotNlJQSA==&google_push=AYg5qPLDZEhaaPXLQ6-hGu7X5LxlJS-234qLU5o01sI437U6qkLGELzw_G1bSYdvxjNbJgEqnF3nHqFnaR-PjQtxiCH6eEzU2D0
Request Chain 366
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEH7xNOwSZmI7z55j1XDEGOI&google_cver=1&google_push=AYg5qPK-z5sl0As4tkFo43vZN5mUw6ieLjcexQ-p50E0gRMAn5LmCdfDso0NlJUzRABTG4J100LGLLfBr_bwFGOVcEaWGd3BNkE HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YaZ-Wp1Fd22iraeQB251TAAABE0AAAIB&google_cver=1&google_gid=CAESEH7xNOwSZmI7z55j1XDEGOI&google_push=AYg5qPK-z5sl0As4tkFo43vZN5mUw6ieLjcexQ-p50E0gRMAn5LmCdfDso0NlJUzRABTG4J100LGLLfBr_bwFGOVcEaWGd3BNkE HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YaZ-Wp1Fd22iraeQB251TAAABE0AAAIB&google_cver=1&google_gid=CAESEH7xNOwSZmI7z55j1XDEGOI&google_push=AYg5qPK-z5sl0As4tkFo43vZN5mUw6ieLjcexQ-p50E0gRMAn5LmCdfDso0NlJUzRABTG4J100LGLLfBr_bwFGOVcEaWGd3BNkE HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YaZ-Wp1Fd22iraeQB251TAAABE0AAAIB&google_cver=1&google_gid=CAESEH7xNOwSZmI7z55j1XDEGOI&google_push=AYg5qPK-z5sl0As4tkFo43vZN5mUw6ieLjcexQ-p50E0gRMAn5LmCdfDso0NlJUzRABTG4J100LGLLfBr_bwFGOVcEaWGd3BNkE HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YaZ-Wp1Fd22iraeQB251TAAABE0AAAIB&google_cver=1&google_gid=CAESEH7xNOwSZmI7z55j1XDEGOI&google_push=AYg5qPK-z5sl0As4tkFo43vZN5mUw6ieLjcexQ-p50E0gRMAn5LmCdfDso0NlJUzRABTG4J100LGLLfBr_bwFGOVcEaWGd3BNkE HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YaZ-Wp1Fd22iraeQB251TAAABE0AAAIB&google_cver=1&google_gid=CAESEH7xNOwSZmI7z55j1XDEGOI&google_push=AYg5qPK-z5sl0As4tkFo43vZN5mUw6ieLjcexQ-p50E0gRMAn5LmCdfDso0NlJUzRABTG4J100LGLLfBr_bwFGOVcEaWGd3BNkE HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YaZ-Wp1Fd22iraeQB251TAAABE0AAAIB&google_cver=1&google_gid=CAESEH7xNOwSZmI7z55j1XDEGOI&google_push=AYg5qPK-z5sl0As4tkFo43vZN5mUw6ieLjcexQ-p50E0gRMAn5LmCdfDso0NlJUzRABTG4J100LGLLfBr_bwFGOVcEaWGd3BNkE HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YaZ-Wp1Fd22iraeQB251TAAABE0AAAIB&google_cver=1&google_gid=CAESEH7xNOwSZmI7z55j1XDEGOI&google_push=AYg5qPK-z5sl0As4tkFo43vZN5mUw6ieLjcexQ-p50E0gRMAn5LmCdfDso0NlJUzRABTG4J100LGLLfBr_bwFGOVcEaWGd3BNkE HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YaZ-Wp1Fd22iraeQB251TAAABE0AAAIB&google_cver=1&google_gid=CAESEH7xNOwSZmI7z55j1XDEGOI&google_push=AYg5qPK-z5sl0As4tkFo43vZN5mUw6ieLjcexQ-p50E0gRMAn5LmCdfDso0NlJUzRABTG4J100LGLLfBr_bwFGOVcEaWGd3BNkE HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YaZ-Wp1Fd22iraeQB251TAAABE0AAAIB&google_cver=1&google_gid=CAESEH7xNOwSZmI7z55j1XDEGOI&google_push=AYg5qPK-z5sl0As4tkFo43vZN5mUw6ieLjcexQ-p50E0gRMAn5LmCdfDso0NlJUzRABTG4J100LGLLfBr_bwFGOVcEaWGd3BNkE HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YaZ-Wp1Fd22iraeQB251TAAABE0AAAIB&google_cver=1&google_gid=CAESEH7xNOwSZmI7z55j1XDEGOI&google_push=AYg5qPK-z5sl0As4tkFo43vZN5mUw6ieLjcexQ-p50E0gRMAn5LmCdfDso0NlJUzRABTG4J100LGLLfBr_bwFGOVcEaWGd3BNkE HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YaZ-Wp1Fd22iraeQB251TAAABE0AAAIB&google_cver=1&google_gid=CAESEH7xNOwSZmI7z55j1XDEGOI&google_push=AYg5qPK-z5sl0As4tkFo43vZN5mUw6ieLjcexQ-p50E0gRMAn5LmCdfDso0NlJUzRABTG4J100LGLLfBr_bwFGOVcEaWGd3BNkE HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YaZ-Wp1Fd22iraeQB251TAAABE0AAAIB&google_cver=1&google_gid=CAESEH7xNOwSZmI7z55j1XDEGOI&google_push=AYg5qPK-z5sl0As4tkFo43vZN5mUw6ieLjcexQ-p50E0gRMAn5LmCdfDso0NlJUzRABTG4J100LGLLfBr_bwFGOVcEaWGd3BNkE HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YaZ-Wp1Fd22iraeQB251TAAABE0AAAIB&google_cver=1&google_gid=CAESEH7xNOwSZmI7z55j1XDEGOI&google_push=AYg5qPK-z5sl0As4tkFo43vZN5mUw6ieLjcexQ-p50E0gRMAn5LmCdfDso0NlJUzRABTG4J100LGLLfBr_bwFGOVcEaWGd3BNkE HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YaZ-Wp1Fd22iraeQB251TAAABE0AAAIB&google_cver=1&google_gid=CAESEH7xNOwSZmI7z55j1XDEGOI&google_push=AYg5qPK-z5sl0As4tkFo43vZN5mUw6ieLjcexQ-p50E0gRMAn5LmCdfDso0NlJUzRABTG4J100LGLLfBr_bwFGOVcEaWGd3BNkE HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YaZ-Wp1Fd22iraeQB251TAAABE0AAAIB&google_cver=1&google_gid=CAESEH7xNOwSZmI7z55j1XDEGOI&google_push=AYg5qPK-z5sl0As4tkFo43vZN5mUw6ieLjcexQ-p50E0gRMAn5LmCdfDso0NlJUzRABTG4J100LGLLfBr_bwFGOVcEaWGd3BNkE HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YaZ-Wp1Fd22iraeQB251TAAABE0AAAIB&google_cver=1&google_gid=CAESEH7xNOwSZmI7z55j1XDEGOI&google_push=AYg5qPK-z5sl0As4tkFo43vZN5mUw6ieLjcexQ-p50E0gRMAn5LmCdfDso0NlJUzRABTG4J100LGLLfBr_bwFGOVcEaWGd3BNkE HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YaZ-Wp1Fd22iraeQB251TAAABE0AAAIB&google_cver=1&google_gid=CAESEH7xNOwSZmI7z55j1XDEGOI&google_push=AYg5qPK-z5sl0As4tkFo43vZN5mUw6ieLjcexQ-p50E0gRMAn5LmCdfDso0NlJUzRABTG4J100LGLLfBr_bwFGOVcEaWGd3BNkE HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YaZ-Wp1Fd22iraeQB251TAAABE0AAAIB&google_cver=1&google_gid=CAESEH7xNOwSZmI7z55j1XDEGOI&google_push=AYg5qPK-z5sl0As4tkFo43vZN5mUw6ieLjcexQ-p50E0gRMAn5LmCdfDso0NlJUzRABTG4J100LGLLfBr_bwFGOVcEaWGd3BNkE HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YaZ-Wp1Fd22iraeQB251TAAABE0AAAIB&google_cver=1&google_gid=CAESEH7xNOwSZmI7z55j1XDEGOI&google_push=AYg5qPK-z5sl0As4tkFo43vZN5mUw6ieLjcexQ-p50E0gRMAn5LmCdfDso0NlJUzRABTG4J100LGLLfBr_bwFGOVcEaWGd3BNkE HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YaZ-Wp1Fd22iraeQB251TAAABE0AAAIB&google_cver=1&google_gid=CAESEH7xNOwSZmI7z55j1XDEGOI&google_push=AYg5qPK-z5sl0As4tkFo43vZN5mUw6ieLjcexQ-p50E0gRMAn5LmCdfDso0NlJUzRABTG4J100LGLLfBr_bwFGOVcEaWGd3BNkE

354 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request /
thedailyblog.co.nz/
275 KB
34 KB
Document
General
Full URL
https://thedailyblog.co.nz/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
210.5.53.72 , New Zealand, ASN56030 (VOYAGERNET-AS-AP Voyager Internet Ltd., NZ),
Reverse DNS
vps1166.lnx.vps.isx.net.nz
Software
nginx / PleskLin
Resource Hash
81e5f11f8a2a8947ccb6cb8693b42f6d2acbeea99c44ae4b45917956b5ad7053

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

server
nginx
date
Tue, 30 Nov 2021 19:41:10 GMT
content-type
text/html; charset=UTF-8
content-length
34497
last-modified
Tue, 30 Nov 2021 19:26:19 GMT
accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
cache-control
max-age=0, no-cache, no-store, must-revalidate
pragma
no-cache
expires
Mon, 29 Oct 1923 20:30:00 GMT
x-powered-by
PleskLin
style.min.css
thedailyblog.co.nz/wp-includes/css/dist/block-library/
79 KB
10 KB
Stylesheet
General
Full URL
https://thedailyblog.co.nz/wp-includes/css/dist/block-library/style.min.css?ver=d860d08fab8817159afd19afefb90d35
Requested by
Host: thedailyblog.co.nz
URL: https://thedailyblog.co.nz/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
210.5.53.72 , New Zealand, ASN56030 (VOYAGERNET-AS-AP Voyager Internet Ltd., NZ),
Reverse DNS
vps1166.lnx.vps.isx.net.nz
Software
nginx / PleskLin
Resource Hash
9110fc122dda3067c424d9b8ff7747e2030b0bd9298f69a3683d399ad3373a6a

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://thedailyblog.co.nz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Tue, 30 Nov 2021 19:41:10 GMT
content-encoding
br
etag
W/"60fa65b2-13abe"
last-modified
Fri, 23 Jul 2021 06:46:10 GMT
server
nginx
x-powered-by
PleskLin
content-type
text/css
style.css
thedailyblog.co.nz/wp-content/plugins/wordpress-social-login/assets/css/
268 B
276 B
Stylesheet
General
Full URL
https://thedailyblog.co.nz/wp-content/plugins/wordpress-social-login/assets/css/style.css?ver=d860d08fab8817159afd19afefb90d35
Requested by
Host: thedailyblog.co.nz
URL: https://thedailyblog.co.nz/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
210.5.53.72 , New Zealand, ASN56030 (VOYAGERNET-AS-AP Voyager Internet Ltd., NZ),
Reverse DNS
vps1166.lnx.vps.isx.net.nz
Software
nginx / PleskLin
Resource Hash
ddca68622fef19ca9794aecf8a9b9566a3838d5892a5138bf5f0e1a3d56b5c92

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://thedailyblog.co.nz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Tue, 30 Nov 2021 19:41:10 GMT
content-encoding
br
etag
W/"5f739d0f-10c"
last-modified
Tue, 29 Sep 2020 20:46:07 GMT
server
nginx
x-powered-by
PleskLin
content-type
text/css
frontend.css
thedailyblog.co.nz/wp-content/plugins/wp-math-captcha/css/
277 B
265 B
Stylesheet
General
Full URL
https://thedailyblog.co.nz/wp-content/plugins/wp-math-captcha/css/frontend.css?ver=d860d08fab8817159afd19afefb90d35
Requested by
Host: thedailyblog.co.nz
URL: https://thedailyblog.co.nz/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
210.5.53.72 , New Zealand, ASN56030 (VOYAGERNET-AS-AP Voyager Internet Ltd., NZ),
Reverse DNS
vps1166.lnx.vps.isx.net.nz
Software
nginx / PleskLin
Resource Hash
b67941a710bc007120fa919bf7feebe922b2e8835ff033cb4ae578745eef93eb

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://thedailyblog.co.nz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Tue, 30 Nov 2021 19:41:10 GMT
content-encoding
br
etag
W/"5ba4848b-115"
last-modified
Fri, 21 Sep 2018 05:41:31 GMT
server
nginx
x-powered-by
PleskLin
content-type
text/css
style.css
thedailyblog.co.nz/wp-content/plugins/td-composer/td-multi-purpose/
70 KB
9 KB
Stylesheet
General
Full URL
https://thedailyblog.co.nz/wp-content/plugins/td-composer/td-multi-purpose/style.css?ver=61179afdbbd6a8d8c8a7f82ae3fcd87d
Requested by
Host: thedailyblog.co.nz
URL: https://thedailyblog.co.nz/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
210.5.53.72 , New Zealand, ASN56030 (VOYAGERNET-AS-AP Voyager Internet Ltd., NZ),
Reverse DNS
vps1166.lnx.vps.isx.net.nz
Software
nginx / PleskLin
Resource Hash
b8d672580b2905758e845bc540e20fa872e990610e21f2f60408a8bfae76abcb

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://thedailyblog.co.nz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Tue, 30 Nov 2021 19:41:10 GMT
content-encoding
br
etag
W/"61284f37-11855"
last-modified
Fri, 27 Aug 2021 02:34:31 GMT
server
nginx
x-powered-by
PleskLin
content-type
text/css
css
fonts.googleapis.com/
29 KB
2 KB
Stylesheet
General
Full URL
https://fonts.googleapis.com/css?family=Open+Sans%3A300italic%2C400%2C400italic%2C600%2C600italic%2C700%7CRoboto%3A300%2C400%2C400italic%2C500%2C500italic%2C700%2C900&ver=9.7.3
Requested by
Host: thedailyblog.co.nz
URL: https://thedailyblog.co.nz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
d0d63bf5491efdf119ff9c1fccdb8361c8d05b3ae2add05305ce5a3668ac49a4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://thedailyblog.co.nz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Tue, 30 Nov 2021 18:21:46 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Tue, 30 Nov 2021 19:41:10 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Tue, 30 Nov 2021 19:41:10 GMT
style.css
thedailyblog.co.nz/wp-content/themes/Newspaper/
177 KB
26 KB
Stylesheet
General
Full URL
https://thedailyblog.co.nz/wp-content/themes/Newspaper/style.css?ver=9.7.3
Requested by
Host: thedailyblog.co.nz
URL: https://thedailyblog.co.nz/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
210.5.53.72 , New Zealand, ASN56030 (VOYAGERNET-AS-AP Voyager Internet Ltd., NZ),
Reverse DNS
vps1166.lnx.vps.isx.net.nz
Software
nginx / PleskLin
Resource Hash
b5b703eeaf5065d45ab4bf9f4a256e2ebf791e0d4d6a82da4e7367cbe03ef30f

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://thedailyblog.co.nz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Tue, 30 Nov 2021 19:41:10 GMT
content-encoding
br
etag
W/"61284f03-2c482"
last-modified
Fri, 27 Aug 2021 02:33:39 GMT
server
nginx
x-powered-by
PleskLin
content-type
text/css
td_legacy_main.css
thedailyblog.co.nz/wp-content/plugins/td-composer/legacy/Newspaper/assets/css/
984 KB
81 KB
Stylesheet
General
Full URL
https://thedailyblog.co.nz/wp-content/plugins/td-composer/legacy/Newspaper/assets/css/td_legacy_main.css?ver=61179afdbbd6a8d8c8a7f82ae3fcd87d
Requested by
Host: thedailyblog.co.nz
URL: https://thedailyblog.co.nz/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
210.5.53.72 , New Zealand, ASN56030 (VOYAGERNET-AS-AP Voyager Internet Ltd., NZ),
Reverse DNS
vps1166.lnx.vps.isx.net.nz
Software
nginx / PleskLin
Resource Hash
d39565761da81a7a99fd66a537eeb7250c9bf5fe52529be9a6a91e67ad1ad46d

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://thedailyblog.co.nz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Tue, 30 Nov 2021 19:41:10 GMT
content-encoding
br
etag
W/"61284f37-f5ece"
last-modified
Fri, 27 Aug 2021 02:34:31 GMT
server
nginx
x-powered-by
PleskLin
content-type
text/css
tdb_less_front.css
thedailyblog.co.nz/wp-content/plugins/td-cloud-library/assets/css/
101 KB
11 KB
Stylesheet
General
Full URL
https://thedailyblog.co.nz/wp-content/plugins/td-cloud-library/assets/css/tdb_less_front.css?ver=d158fac1e2f85794ec26781eb2a38fd9
Requested by
Host: thedailyblog.co.nz
URL: https://thedailyblog.co.nz/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
210.5.53.72 , New Zealand, ASN56030 (VOYAGERNET-AS-AP Voyager Internet Ltd., NZ),
Reverse DNS
vps1166.lnx.vps.isx.net.nz
Software
nginx / PleskLin
Resource Hash
a8acd6db992817ef0230b22e01b4772a59ef1e151112cbb039ad79a8d9260565

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://thedailyblog.co.nz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Tue, 30 Nov 2021 19:41:10 GMT
content-encoding
br
etag
W/"61284f5a-193e6"
last-modified
Fri, 27 Aug 2021 02:35:06 GMT
server
nginx
x-powered-by
PleskLin
content-type
text/css
jquery.min.js
thedailyblog.co.nz/wp-includes/js/jquery/
87 KB
30 KB
Script
General
Full URL
https://thedailyblog.co.nz/wp-includes/js/jquery/jquery.min.js?ver=3.6.0
Requested by
Host: thedailyblog.co.nz
URL: https://thedailyblog.co.nz/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
210.5.53.72 , New Zealand, ASN56030 (VOYAGERNET-AS-AP Voyager Internet Ltd., NZ),
Reverse DNS
vps1166.lnx.vps.isx.net.nz
Software
nginx / PleskLin
Resource Hash
bd4de6a3fc0fb68d6f76ba7b93514b96a92e585c295b5351c31ad92a4b0777ea

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://thedailyblog.co.nz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Tue, 30 Nov 2021 19:41:10 GMT
content-encoding
br
etag
W/"60fa65b2-15db1"
last-modified
Fri, 23 Jul 2021 06:46:10 GMT
server
nginx
x-powered-by
PleskLin
content-type
application/javascript
jquery-migrate.min.js
thedailyblog.co.nz/wp-includes/js/jquery/
11 KB
4 KB
Script
General
Full URL
https://thedailyblog.co.nz/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2
Requested by
Host: thedailyblog.co.nz
URL: https://thedailyblog.co.nz/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
210.5.53.72 , New Zealand, ASN56030 (VOYAGERNET-AS-AP Voyager Internet Ltd., NZ),
Reverse DNS
vps1166.lnx.vps.isx.net.nz
Software
nginx / PleskLin
Resource Hash
029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://thedailyblog.co.nz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Tue, 30 Nov 2021 19:41:10 GMT
content-encoding
br
etag
W/"5fd05a97-2bd8"
last-modified
Wed, 09 Dec 2020 05:03:19 GMT
server
nginx
x-powered-by
PleskLin
content-type
application/javascript
jquery.colorbox.js
thedailyblog.co.nz/wp-content/plugins/wp-ajax-edit-comments/js/
28 KB
8 KB
Script
General
Full URL
https://thedailyblog.co.nz/wp-content/plugins/wp-ajax-edit-comments/js/jquery.colorbox.js?ver=6.1
Requested by
Host: thedailyblog.co.nz
URL: https://thedailyblog.co.nz/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
210.5.53.72 , New Zealand, ASN56030 (VOYAGERNET-AS-AP Voyager Internet Ltd., NZ),
Reverse DNS
vps1166.lnx.vps.isx.net.nz
Software
nginx / PleskLin
Resource Hash
c5a310590b84ddb8c45b12b32267c95961a7fc4f7bbd13828113d00abfdd24b4

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://thedailyblog.co.nz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Tue, 30 Nov 2021 19:41:10 GMT
content-encoding
br
etag
W/"5e6428ed-71f1"
last-modified
Sat, 07 Mar 2020 23:06:21 GMT
server
nginx
x-powered-by
PleskLin
content-type
application/javascript
js
www.googletagmanager.com/gtag/
90 KB
36 KB
Script
General
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-41539225-10
Requested by
Host: thedailyblog.co.nz
URL: https://thedailyblog.co.nz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
56e804210fd89a6c96bd70419ae26b19bed0629a143bb9b8f3aeffc28a4050ec
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://thedailyblog.co.nz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Tue, 30 Nov 2021 19:41:11 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
36136
x-xss-protection
0
last-modified
Tue, 30 Nov 2021 18:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Tue, 30 Nov 2021 19:41:11 GMT
wp-emoji-release.min.js
thedailyblog.co.nz/wp-includes/js/
18 KB
5 KB
Script
General
Full URL
https://thedailyblog.co.nz/wp-includes/js/wp-emoji-release.min.js?ver=d860d08fab8817159afd19afefb90d35
Requested by
Host: thedailyblog.co.nz
URL: https://thedailyblog.co.nz/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
210.5.53.72 , New Zealand, ASN56030 (VOYAGERNET-AS-AP Voyager Internet Ltd., NZ),
Reverse DNS
vps1166.lnx.vps.isx.net.nz
Software
nginx / PleskLin
Resource Hash
def5de6254be138b8b35d680d1fdd8b07827d03b8626daebfeeb4157ec330ea7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://thedailyblog.co.nz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Tue, 30 Nov 2021 19:41:11 GMT
content-encoding
br
etag
W/"60fa65b2-4705"
last-modified
Fri, 23 Jul 2021 06:46:10 GMT
server
nginx
x-powered-by
PleskLin
content-type
application/javascript
gpt.js
securepubads.g.doubleclick.net/tag/js/
77 KB
27 KB
Script
General
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: thedailyblog.co.nz
URL: https://thedailyblog.co.nz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
sffe /
Resource Hash
545c4f635d9b7adc66a5d435227d5982d2cf1722cd19be7652d7d35da7f9298b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://thedailyblog.co.nz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Tue, 30 Nov 2021 19:41:11 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1060 / 478 of 1000 / last-modified: 1638289429"
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
26853
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Tue, 30 Nov 2021 19:41:11 GMT
The-Daily-Blog-Logo-May-1-cdn.png
thedailyblog.co.nz/wp-content/uploads/2019/07/
31 KB
31 KB
Image
General
Full URL
https://thedailyblog.co.nz/wp-content/uploads/2019/07/The-Daily-Blog-Logo-May-1-cdn.png
Requested by
Host: thedailyblog.co.nz
URL: https://thedailyblog.co.nz/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
210.5.53.72 , New Zealand, ASN56030 (VOYAGERNET-AS-AP Voyager Internet Ltd., NZ),
Reverse DNS
vps1166.lnx.vps.isx.net.nz
Software
nginx / PleskLin
Resource Hash
0d53e53662547ba7d7a2b5b82a2546ed1836fd30c1234f949d52218e31337859

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://thedailyblog.co.nz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Tue, 30 Nov 2021 19:41:11 GMT
last-modified
Thu, 18 Jul 2019 05:28:57 GMT
server
nginx
x-powered-by
PleskLin
etag
"5d300399-7b23"
content-type
image/png
accept-ranges
bytes
content-length
31523
Screen-Shot-2021-11-30-at-9.36.14-AM-324x160.png
thedailyblog.co.nz/wp-content/uploads/2021/11/
101 KB
101 KB
Image
General
Full URL
https://thedailyblog.co.nz/wp-content/uploads/2021/11/Screen-Shot-2021-11-30-at-9.36.14-AM-324x160.png
Requested by
Host: thedailyblog.co.nz
URL: https://thedailyblog.co.nz/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
210.5.53.72 , New Zealand, ASN56030 (VOYAGERNET-AS-AP Voyager Internet Ltd., NZ),
Reverse DNS
vps1166.lnx.vps.isx.net.nz
Software
nginx / PleskLin
Resource Hash
b56eecd25900ad77097a6c08f96c9ef7826cde9d8fbd64b5a5067f4bb2be0fe2

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://thedailyblog.co.nz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Tue, 30 Nov 2021 19:41:12 GMT
last-modified
Mon, 29 Nov 2021 20:37:21 GMT
server
nginx
x-powered-by
PleskLin
etag
"61a53a01-19325"
content-type
image/png
accept-ranges
bytes
content-length
103205
Screen-Shot-2021-11-30-at-6.39.57-AM-324x160.png
thedailyblog.co.nz/wp-content/uploads/2021/11/
70 KB
70 KB
Image
General
Full URL
https://thedailyblog.co.nz/wp-content/uploads/2021/11/Screen-Shot-2021-11-30-at-6.39.57-AM-324x160.png
Requested by
Host: thedailyblog.co.nz
URL: https://thedailyblog.co.nz/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
210.5.53.72 , New Zealand, ASN56030 (VOYAGERNET-AS-AP Voyager Internet Ltd., NZ),
Reverse DNS
vps1166.lnx.vps.isx.net.nz
Software
nginx / PleskLin
Resource Hash
01fa6d2ca5c5a9c10141c53387fbb2f0a72c0e77cceea23edac17c300314863f

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://thedailyblog.co.nz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Tue, 30 Nov 2021 19:41:12 GMT
last-modified
Mon, 29 Nov 2021 17:45:25 GMT
server
nginx
x-powered-by
PleskLin
etag
"61a511b5-1179a"
content-type
image/png
accept-ranges
bytes
content-length
71578
Screen-Shot-2021-11-30-at-6.33.31-AM-324x160.png
thedailyblog.co.nz/wp-content/uploads/2021/11/
57 KB
57 KB
Image
General
Full URL
https://thedailyblog.co.nz/wp-content/uploads/2021/11/Screen-Shot-2021-11-30-at-6.33.31-AM-324x160.png
Requested by
Host: thedailyblog.co.nz
URL: https://thedailyblog.co.nz/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
210.5.53.72 , New Zealand, ASN56030 (VOYAGERNET-AS-AP Voyager Internet Ltd., NZ),
Reverse DNS
vps1166.lnx.vps.isx.net.nz
Software
nginx / PleskLin
Resource Hash
58a0a3b8704ec1e1d8f37d3148cde822c6e7b3e7f38feb38dc196ebf34e5c2de

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://thedailyblog.co.nz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Tue, 30 Nov 2021 19:41:12 GMT
last-modified
Mon, 29 Nov 2021 17:34:07 GMT
server
nginx
x-powered-by
PleskLin
etag
"61a50f0f-e517"
content-type
image/png
accept-ranges
bytes
content-length
58647
EPzXeeDXUAAX1li-1-1-324x160.jpg
thedailyblog.co.nz/wp-content/uploads/2021/11/
11 KB
12 KB
Image
General
Full URL
https://thedailyblog.co.nz/wp-content/uploads/2021/11/EPzXeeDXUAAX1li-1-1-324x160.jpg
Requested by
Host: thedailyblog.co.nz
URL: https://thedailyblog.co.nz/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
210.5.53.72 , New Zealand, ASN56030 (VOYAGERNET-AS-AP Voyager Internet Ltd., NZ),
Reverse DNS
vps1166.lnx.vps.isx.net.nz
Software
nginx / PleskLin
Resource Hash
babc40630140b5468e7d2f5ebe92b26f409e9b52d79a8ae0d176f58f2de9f5c7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://thedailyblog.co.nz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Tue, 30 Nov 2021 19:41:12 GMT
last-modified
Mon, 29 Nov 2021 17:32:26 GMT
server
nginx
x-powered-by
PleskLin
etag
"61a50eaa-2d85"
content-type
image/jpeg
accept-ranges
bytes
content-length
11653
2902443145_9da4e9770e_c-324x160.jpg
thedailyblog.co.nz/wp-content/uploads/2021/11/
6 KB
6 KB
Image
General
Full URL
https://thedailyblog.co.nz/wp-content/uploads/2021/11/2902443145_9da4e9770e_c-324x160.jpg
Requested by
Host: thedailyblog.co.nz
URL: https://thedailyblog.co.nz/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
210.5.53.72 , New Zealand, ASN56030 (VOYAGERNET-AS-AP Voyager Internet Ltd., NZ),
Reverse DNS
vps1166.lnx.vps.isx.net.nz
Software
nginx / PleskLin
Resource Hash
87d4eaf643585cc24cd1c85fa47a4ebdbd1afb6feba82d87a7ccb248432952be

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://thedailyblog.co.nz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Tue, 30 Nov 2021 19:41:12 GMT
last-modified
Sun, 28 Nov 2021 01:09:49 GMT
server
nginx
x-powered-by
PleskLin
etag
"61a2d6dd-18dd"
content-type
image/jpeg
accept-ranges
bytes
content-length
6365
Screen-Shot-2021-11-28-at-4.01.15-PM-324x160.png
thedailyblog.co.nz/wp-content/uploads/2021/11/
31 KB
31 KB
Image
General
Full URL
https://thedailyblog.co.nz/wp-content/uploads/2021/11/Screen-Shot-2021-11-28-at-4.01.15-PM-324x160.png
Requested by
Host: thedailyblog.co.nz
URL: https://thedailyblog.co.nz/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
210.5.53.72 , New Zealand, ASN56030 (VOYAGERNET-AS-AP Voyager Internet Ltd., NZ),
Reverse DNS
vps1166.lnx.vps.isx.net.nz
Software
nginx / PleskLin
Resource Hash
eef15e0f5b63223c06167149d13e65daa91155531c57c7672a2d60949031c87b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://thedailyblog.co.nz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Tue, 30 Nov 2021 19:41:12 GMT
last-modified
Sun, 28 Nov 2021 03:01:37 GMT
server
nginx
x-powered-by
PleskLin
etag
"61a2f111-7b41"
content-type
image/png
accept-ranges
bytes
content-length
31553
Screen-Shot-2021-11-30-at-6.33.31-AM-324x235.png
thedailyblog.co.nz/wp-content/uploads/2021/11/
80 KB
80 KB
Image
General
Full URL
https://thedailyblog.co.nz/wp-content/uploads/2021/11/Screen-Shot-2021-11-30-at-6.33.31-AM-324x235.png
Requested by
Host: thedailyblog.co.nz
URL: https://thedailyblog.co.nz/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
210.5.53.72 , New Zealand, ASN56030 (VOYAGERNET-AS-AP Voyager Internet Ltd., NZ),
Reverse DNS
vps1166.lnx.vps.isx.net.nz
Software
nginx / PleskLin
Resource Hash
aa1cab67f2ce2f4fed626d0c140bae547db6dd55802e480438fd635ed7b1b5aa

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://thedailyblog.co.nz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Tue, 30 Nov 2021 19:41:12 GMT
last-modified
Mon, 29 Nov 2021 17:34:08 GMT
server
nginx
x-powered-by
PleskLin
etag
"61a50f10-13f82"
content-type
image/png
accept-ranges
bytes
content-length
81794
skynews-omicron-variant-charlotte-lomas_5598175-100x70.jpg
thedailyblog.co.nz/wp-content/uploads/2021/11/
2 KB
3 KB
Image
General
Full URL
https://thedailyblog.co.nz/wp-content/uploads/2021/11/skynews-omicron-variant-charlotte-lomas_5598175-100x70.jpg
Requested by
Host: thedailyblog.co.nz
URL: https://thedailyblog.co.nz/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
210.5.53.72 , New Zealand, ASN56030 (VOYAGERNET-AS-AP Voyager Internet Ltd., NZ),
Reverse DNS
vps1166.lnx.vps.isx.net.nz
Software
nginx / PleskLin
Resource Hash
93ca0c9eb6a8c20f5c4c91c7791891bfbdb74199ecf15e352dfee1b300b37072

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://thedailyblog.co.nz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Tue, 30 Nov 2021 19:41:12 GMT
last-modified
Sun, 28 Nov 2021 16:18:27 GMT
server
nginx
x-powered-by
PleskLin
etag
"61a3abd3-9db"
content-type
image/jpeg
accept-ranges
bytes
content-length
2523
2902443145_9da4e9770e_c-100x70.jpg
thedailyblog.co.nz/wp-content/uploads/2021/11/
2 KB
2 KB
Image
General
Full URL
https://thedailyblog.co.nz/wp-content/uploads/2021/11/2902443145_9da4e9770e_c-100x70.jpg
Requested by
Host: thedailyblog.co.nz
URL: https://thedailyblog.co.nz/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
210.5.53.72 , New Zealand, ASN56030 (VOYAGERNET-AS-AP Voyager Internet Ltd., NZ),
Reverse DNS
vps1166.lnx.vps.isx.net.nz
Software
nginx / PleskLin
Resource Hash
cf5185f75e3a887c7f312005d9d59a29893e6f964d8a351bd9d2c5ec0d983d70

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://thedailyblog.co.nz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Tue, 30 Nov 2021 19:41:12 GMT
last-modified
Sun, 28 Nov 2021 01:09:49 GMT
server
nginx
x-powered-by
PleskLin
etag
"61a2d6dd-834"
content-type
image/jpeg
accept-ranges
bytes
content-length
2100
Screen-Shot-2021-11-28-at-4.01.15-PM-100x70.png
thedailyblog.co.nz/wp-content/uploads/2021/11/
6 KB
7 KB
Image
General
Full URL
https://thedailyblog.co.nz/wp-content/uploads/2021/11/Screen-Shot-2021-11-28-at-4.01.15-PM-100x70.png
Requested by
Host: thedailyblog.co.nz
URL: https://thedailyblog.co.nz/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
210.5.53.72 , New Zealand, ASN56030 (VOYAGERNET-AS-AP Voyager Internet Ltd., NZ),
Reverse DNS
vps1166.lnx.vps.isx.net.nz
Software
nginx / PleskLin
Resource Hash
5b278d4956a05c098c4470ebc4e8eef09f6cc0603aec285b99f2390a549fcb53

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://thedailyblog.co.nz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Tue, 30 Nov 2021 19:41:12 GMT
last-modified
Sun, 28 Nov 2021 03:01:37 GMT
server
nginx
x-powered-by
PleskLin
etag
"61a2f111-19f6"
content-type
image/png
accept-ranges
bytes
content-length
6646
unnamed-1-1-100x70.jpg
thedailyblog.co.nz/wp-content/uploads/2021/11/
3 KB
3 KB
Image
General
Full URL
https://thedailyblog.co.nz/wp-content/uploads/2021/11/unnamed-1-1-100x70.jpg
Requested by
Host: thedailyblog.co.nz
URL: https://thedailyblog.co.nz/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
210.5.53.72 , New Zealand, ASN56030 (VOYAGERNET-AS-AP Voyager Internet Ltd., NZ),
Reverse DNS
vps1166.lnx.vps.isx.net.nz
Software
nginx / PleskLin
Resource Hash
705ab96fffcb6271b575e41f5a56f29302e9062742c472755b5ff67d4560bc3d

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://thedailyblog.co.nz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Tue, 30 Nov 2021 19:41:12 GMT
last-modified
Sat, 27 Nov 2021 17:22:19 GMT
server
nginx
x-powered-by
PleskLin
etag
"61a2694b-b3d"
content-type
image/jpeg
accept-ranges
bytes
content-length
2877
Screen-Shot-2021-11-28-at-6.19.08-AM-100x70.png
thedailyblog.co.nz/wp-content/uploads/2021/11/
17 KB
17 KB
Image
General
Full URL
https://thedailyblog.co.nz/wp-content/uploads/2021/11/Screen-Shot-2021-11-28-at-6.19.08-AM-100x70.png
Requested by
Host: thedailyblog.co.nz
URL: https://thedailyblog.co.nz/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
210.5.53.72 , New Zealand, ASN56030 (VOYAGERNET-AS-AP Voyager Internet Ltd., NZ),
Reverse DNS
vps1166.lnx.vps.isx.net.nz
Software
nginx / PleskLin
Resource Hash
0913125a85710095ce4e31d77f2a9a9917e2a7a9f3cf2575f74308b14c22b579

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://thedailyblog.co.nz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Tue, 30 Nov 2021 19:41:12 GMT
last-modified
Sat, 27 Nov 2021 18:24:23 GMT
server
nginx
x-powered-by
PleskLin
etag
"61a277d7-4386"
content-type
image/png
accept-ranges
bytes
content-length
17286
Screen-Shot-2021-11-30-at-9.36.14-AM-324x235.png
thedailyblog.co.nz/wp-content/uploads/2021/11/
141 KB
141 KB
Image
General
Full URL
https://thedailyblog.co.nz/wp-content/uploads/2021/11/Screen-Shot-2021-11-30-at-9.36.14-AM-324x235.png
Requested by
Host: thedailyblog.co.nz
URL: https://thedailyblog.co.nz/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
210.5.53.72 , New Zealand, ASN56030 (VOYAGERNET-AS-AP Voyager Internet Ltd., NZ),
Reverse DNS
vps1166.lnx.vps.isx.net.nz
Software
nginx / PleskLin
Resource Hash
ed6c2370e3d2a5e1a2ec2da2964b71b9f4ad159d5688cf3851958ac56278206f

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://thedailyblog.co.nz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Tue, 30 Nov 2021 19:41:12 GMT
last-modified
Mon, 29 Nov 2021 20:37:21 GMT
server
nginx
x-powered-by
PleskLin
etag
"61a53a01-232bf"
content-type
image/png
accept-ranges
bytes
content-length
144063
Screen-Shot-2021-11-25-at-5.52.23-PM-100x70.png
thedailyblog.co.nz/wp-content/uploads/2021/11/
12 KB
12 KB
Image
General
Full URL
https://thedailyblog.co.nz/wp-content/uploads/2021/11/Screen-Shot-2021-11-25-at-5.52.23-PM-100x70.png
Requested by
Host: thedailyblog.co.nz
URL: https://thedailyblog.co.nz/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
210.5.53.72 , New Zealand, ASN56030 (VOYAGERNET-AS-AP Voyager Internet Ltd., NZ),
Reverse DNS
vps1166.lnx.vps.isx.net.nz
Software
nginx / PleskLin
Resource Hash
452a41553aeea0a8b6a20a9610abbb8d1d3e1f57e77737b45defb8b43865a8e9

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://thedailyblog.co.nz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Tue, 30 Nov 2021 19:41:12 GMT
last-modified
Thu, 25 Nov 2021 04:52:47 GMT
server
nginx
x-powered-by
PleskLin
etag
"619f169f-3128"
content-type
image/png
accept-ranges
bytes
content-length
12584
unnamed-1-1-1-100x70.jpg
thedailyblog.co.nz/wp-content/uploads/2021/11/
2 KB
2 KB
Image
General
Full URL
https://thedailyblog.co.nz/wp-content/uploads/2021/11/unnamed-1-1-1-100x70.jpg
Requested by
Host: thedailyblog.co.nz
URL: https://thedailyblog.co.nz/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
210.5.53.72 , New Zealand, ASN56030 (VOYAGERNET-AS-AP Voyager Internet Ltd., NZ),
Reverse DNS
vps1166.lnx.vps.isx.net.nz
Software
nginx / PleskLin
Resource Hash
342ef537e7c4b83126b6c082466ec18d3fb17c994e6079a537f7ebd3fc2ba1ad

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://thedailyblog.co.nz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Tue, 30 Nov 2021 19:41:12 GMT
last-modified
Sat, 27 Nov 2021 18:06:47 GMT
server
nginx
x-powered-by
PleskLin
etag
"61a273b7-74a"
content-type
image/jpeg
accept-ranges
bytes
content-length
1866
3b4e35f475e8076af3ffb98d50dad7a7-1-100x70.jpg
thedailyblog.co.nz/wp-content/uploads/2021/10/
3 KB
3 KB
Image
General
Full URL
https://thedailyblog.co.nz/wp-content/uploads/2021/10/3b4e35f475e8076af3ffb98d50dad7a7-1-100x70.jpg
Requested by
Host: thedailyblog.co.nz
URL: https://thedailyblog.co.nz/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
210.5.53.72 , New Zealand, ASN56030 (VOYAGERNET-AS-AP Voyager Internet Ltd., NZ),
Reverse DNS
vps1166.lnx.vps.isx.net.nz
Software
nginx / PleskLin
Resource Hash
1f1dad5118af2904b6baebf68ca6812accaa29e6e6991545c0c85952993b7955

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://thedailyblog.co.nz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Tue, 30 Nov 2021 19:41:12 GMT
last-modified
Wed, 20 Oct 2021 20:34:32 GMT
server
nginx
x-powered-by
PleskLin
etag
"61707d58-aed"
content-type
image/jpeg
accept-ranges
bytes
content-length
2797
2902443145_9da4e9770e_c-100x70.jpg
thedailyblog.co.nz/wp-content/uploads/2021/10/
2 KB
2 KB
Image
General
Full URL
https://thedailyblog.co.nz/wp-content/uploads/2021/10/2902443145_9da4e9770e_c-100x70.jpg
Requested by
Host: thedailyblog.co.nz
URL: https://thedailyblog.co.nz/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
210.5.53.72 , New Zealand, ASN56030 (VOYAGERNET-AS-AP Voyager Internet Ltd., NZ),
Reverse DNS
vps1166.lnx.vps.isx.net.nz
Software
nginx / PleskLin
Resource Hash
cf5185f75e3a887c7f312005d9d59a29893e6f964d8a351bd9d2c5ec0d983d70

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://thedailyblog.co.nz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Tue, 30 Nov 2021 19:41:12 GMT
last-modified
Mon, 18 Oct 2021 18:19:29 GMT
server
nginx
x-powered-by
PleskLin
etag
"616dbab1-834"
content-type
image/jpeg
accept-ranges
bytes
content-length
2100
Screen-Shot-2021-11-27-at-5.45.59-AM-324x235.png
thedailyblog.co.nz/wp-content/uploads/2021/11/
97 KB
97 KB
Image
General
Full URL
https://thedailyblog.co.nz/wp-content/uploads/2021/11/Screen-Shot-2021-11-27-at-5.45.59-AM-324x235.png
Requested by
Host: thedailyblog.co.nz
URL: https://thedailyblog.co.nz/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
210.5.53.72 , New Zealand, ASN56030 (VOYAGERNET-AS-AP Voyager Internet Ltd., NZ),
Reverse DNS
vps1166.lnx.vps.isx.net.nz
Software
nginx / PleskLin
Resource Hash
41c1c14d4949e2fe0d0f378f46800961b24b9a7cd8f515fd67727af809006245

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://thedailyblog.co.nz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Tue, 30 Nov 2021 19:41:12 GMT
last-modified
Fri, 26 Nov 2021 16:46:22 GMT
server
nginx
x-powered-by
PleskLin
etag
"61a10f5e-18281"
content-type
image/png
accept-ranges
bytes
content-length
98945
Nobel-awards-680wide-100x70.png
thedailyblog.co.nz/wp-content/uploads/2021/11/
12 KB
12 KB
Image
General
Full URL
https://thedailyblog.co.nz/wp-content/uploads/2021/11/Nobel-awards-680wide-100x70.png
Requested by
Host: thedailyblog.co.nz
URL: https://thedailyblog.co.nz/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
210.5.53.72 , New Zealand, ASN56030 (VOYAGERNET-AS-AP Voyager Internet Ltd., NZ),
Reverse DNS
vps1166.lnx.vps.isx.net.nz
Software
nginx / PleskLin
Resource Hash
17fb87c96fb0c8607ca806340880caf12c3f64ef820aa46ad83f442c58bd8ae5

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://thedailyblog.co.nz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Tue, 30 Nov 2021 19:41:12 GMT
last-modified
Fri, 26 Nov 2021 12:17:53 GMT
server
nginx
x-powered-by
PleskLin
etag
"61a0d071-2ee6"
content-type
image/png
accept-ranges
bytes
content-length
12006
1626759855963-100x70.jpg
thedailyblog.co.nz/wp-content/uploads/2021/11/
3 KB
3 KB
Image
General
Full URL
https://thedailyblog.co.nz/wp-content/uploads/2021/11/1626759855963-100x70.jpg
Requested by
Host: thedailyblog.co.nz
URL: https://thedailyblog.co.nz/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
210.5.53.72 , New Zealand, ASN56030 (VOYAGERNET-AS-AP Voyager Internet Ltd., NZ),
Reverse DNS
vps1166.lnx.vps.isx.net.nz
Software
nginx / PleskLin
Resource Hash
110e64beb89f1827af4da07190ed859bb6ffd5d090cd43879c9bdc96cf678508

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://thedailyblog.co.nz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Tue, 30 Nov 2021 19:41:12 GMT
last-modified
Tue, 23 Nov 2021 18:00:31 GMT
server
nginx
x-powered-by
PleskLin
etag
"619d2c3f-b30"
content-type
image/jpeg
accept-ranges
bytes
content-length
2864
Screen-Shot-2021-11-21-at-9.03.51-AM-100x70.png
thedailyblog.co.nz/wp-content/uploads/2021/11/
13 KB
13 KB
Image
General
Full URL
https://thedailyblog.co.nz/wp-content/uploads/2021/11/Screen-Shot-2021-11-21-at-9.03.51-AM-100x70.png
Requested by
Host: thedailyblog.co.nz
URL: https://thedailyblog.co.nz/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
210.5.53.72 , New Zealand, ASN56030 (VOYAGERNET-AS-AP Voyager Internet Ltd., NZ),
Reverse DNS
vps1166.lnx.vps.isx.net.nz
Software
nginx / PleskLin
Resource Hash
45f42a9e2401a2f382dd98f2bb8b0ad3a8f108b48cea1583c234374f819e4ecd

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://thedailyblog.co.nz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Tue, 30 Nov 2021 19:41:12 GMT
last-modified
Sat, 20 Nov 2021 20:04:22 GMT
server
nginx
x-powered-by
PleskLin
etag
"619954c6-32d5"
content-type
image/png
accept-ranges
bytes
content-length
13013
Screen-Shot-2021-11-21-at-8.20.37-AM-100x70.png
thedailyblog.co.nz/wp-content/uploads/2021/11/
14 KB
14 KB
Image
General
Full URL
https://thedailyblog.co.nz/wp-content/uploads/2021/11/Screen-Shot-2021-11-21-at-8.20.37-AM-100x70.png
Requested by
Host: thedailyblog.co.nz
URL: https://thedailyblog.co.nz/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
210.5.53.72 , New Zealand, ASN56030 (VOYAGERNET-AS-AP Voyager Internet Ltd., NZ),
Reverse DNS
vps1166.lnx.vps.isx.net.nz
Software
nginx / PleskLin
Resource Hash
15f408dbe95ea982498c273a0f8b5bb62663e63d05003b0b0a3cf3b921cd3656

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://thedailyblog.co.nz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Tue, 30 Nov 2021 19:41:12 GMT
last-modified
Sat, 20 Nov 2021 19:20:55 GMT
server
nginx
x-powered-by
PleskLin
etag
"61994a97-36a5"
content-type
image/png
accept-ranges
bytes
content-length
13989
Screen-Shot-2021-11-21-at-7.44.37-AM-100x70.png
thedailyblog.co.nz/wp-content/uploads/2021/11/
15 KB
15 KB
Image
General
Full URL
https://thedailyblog.co.nz/wp-content/uploads/2021/11/Screen-Shot-2021-11-21-at-7.44.37-AM-100x70.png
Requested by
Host: thedailyblog.co.nz
URL: https://thedailyblog.co.nz/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
210.5.53.72 , New Zealand, ASN56030 (VOYAGERNET-AS-AP Voyager Internet Ltd., NZ),
Reverse DNS
vps1166.lnx.vps.isx.net.nz
Software
nginx / PleskLin
Resource Hash
c61a9f345c53f349e9cd65bdb793219f3313f6123e4a853d8816cb21c748974c

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://thedailyblog.co.nz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Tue, 30 Nov 2021 19:41:12 GMT
last-modified
Sat, 20 Nov 2021 18:51:25 GMT
server
nginx
x-powered-by
PleskLin
etag
"619943ad-3c31"
content-type
image/png
accept-ranges
bytes
content-length
15409
EPzXeeDXUAAX1li-1-1-324x235.jpg
thedailyblog.co.nz/wp-content/uploads/2021/11/
16 KB
16 KB
Image
General
Full URL
https://thedailyblog.co.nz/wp-content/uploads/2021/11/EPzXeeDXUAAX1li-1-1-324x235.jpg
Requested by
Host: thedailyblog.co.nz
URL: https://thedailyblog.co.nz/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
210.5.53.72 , New Zealand, ASN56030 (VOYAGERNET-AS-AP Voyager Internet Ltd., NZ),
Reverse DNS
vps1166.lnx.vps.isx.net.nz
Software
nginx / PleskLin
Resource Hash
58abc50280b1ab8b51dbfba47cc6f29716891240da58dc367c4df680af13b8c9

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://thedailyblog.co.nz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Tue, 30 Nov 2021 19:41:12 GMT
last-modified
Mon, 29 Nov 2021 17:32:26 GMT
server
nginx
x-powered-by
PleskLin
etag
"61a50eaa-3f7b"
content-type
image/jpeg
accept-ranges
bytes
content-length
16251
Screen-Shot-2021-10-10-at-12.12.28-PM-1536x1185-1-100x70.png
thedailyblog.co.nz/wp-content/uploads/2021/11/
15 KB
15 KB
Image
General
Full URL
https://thedailyblog.co.nz/wp-content/uploads/2021/11/Screen-Shot-2021-10-10-at-12.12.28-PM-1536x1185-1-100x70.png
Requested by
Host: thedailyblog.co.nz
URL: https://thedailyblog.co.nz/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
210.5.53.72 , New Zealand, ASN56030 (VOYAGERNET-AS-AP Voyager Internet Ltd., NZ),
Reverse DNS
vps1166.lnx.vps.isx.net.nz
Software
nginx / PleskLin
Resource Hash
f11e712f5ba6206d7a0d18f722e4432541c83f305a4487df0221c177a77d82cf

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://thedailyblog.co.nz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Tue, 30 Nov 2021 19:41:12 GMT
last-modified
Thu, 11 Nov 2021 00:36:35 GMT
server
nginx
x-powered-by
PleskLin
etag
"618c6593-3bab"
content-type
image/png
accept-ranges
bytes
content-length
15275
1625169872233-100x70.jpg
thedailyblog.co.nz/wp-content/uploads/2021/11/
4 KB
4 KB
Image
General
Full URL
https://thedailyblog.co.nz/wp-content/uploads/2021/11/1625169872233-100x70.jpg
Requested by
Host: thedailyblog.co.nz
URL: https://thedailyblog.co.nz/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
210.5.53.72 , New Zealand, ASN56030 (VOYAGERNET-AS-AP Voyager Internet Ltd., NZ),
Reverse DNS
vps1166.lnx.vps.isx.net.nz
Software
nginx / PleskLin
Resource Hash
112cd63fd5ea29884b8bfb783298e9b62dfbb6957f72f6c314c319be19da7fd4

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://thedailyblog.co.nz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Tue, 30 Nov 2021 19:41:12 GMT
last-modified
Wed, 24 Nov 2021 06:12:58 GMT
server
nginx
x-powered-by
PleskLin
etag
"619dd7ea-1106"
content-type
image/jpeg
accept-ranges
bytes
content-length
4358
Screen-Shot-2021-11-24-at-5.52.43-PM-100x70.png
thedailyblog.co.nz/wp-content/uploads/2021/11/
14 KB
14 KB
Image
General
Full URL
https://thedailyblog.co.nz/wp-content/uploads/2021/11/Screen-Shot-2021-11-24-at-5.52.43-PM-100x70.png
Requested by
Host: thedailyblog.co.nz
URL: https://thedailyblog.co.nz/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
210.5.53.72 , New Zealand, ASN56030 (VOYAGERNET-AS-AP Voyager Internet Ltd., NZ),
Reverse DNS
vps1166.lnx.vps.isx.net.nz
Software
nginx / PleskLin
Resource Hash
b326ea6de03ce4cf0e65d5f84d46bd3061e061f68b56b53189fa18b2f0bd6a2a

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://thedailyblog.co.nz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Tue, 30 Nov 2021 19:41:12 GMT
last-modified
Wed, 24 Nov 2021 04:55:34 GMT
server
nginx
x-powered-by
PleskLin
etag
"619dc5c6-3655"
content-type
image/png
accept-ranges
bytes
content-length
13909
Screen-Shot-2021-05-09-at-6.44.05-AM-1-100x70.png
thedailyblog.co.nz/wp-content/uploads/2021/07/
6 KB
7 KB
Image
General
Full URL
https://thedailyblog.co.nz/wp-content/uploads/2021/07/Screen-Shot-2021-05-09-at-6.44.05-AM-1-100x70.png
Requested by
Host: thedailyblog.co.nz
URL: https://thedailyblog.co.nz/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
210.5.53.72 , New Zealand, ASN56030 (VOYAGERNET-AS-AP Voyager Internet Ltd., NZ),
Reverse DNS
vps1166.lnx.vps.isx.net.nz
Software
nginx / PleskLin
Resource Hash
2f9026bfd34af089ef174d86c7c4d3a7ca9162b22216b544e518d462e5f60e90

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://thedailyblog.co.nz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Tue, 30 Nov 2021 19:41:12 GMT
last-modified
Thu, 01 Jul 2021 18:19:16 GMT
server
nginx
x-powered-by
PleskLin
etag
"60de0724-19cf"
content-type
image/png
accept-ranges
bytes
content-length
6607
1502244531487-100x70.jpg
thedailyblog.co.nz/wp-content/uploads/2021/11/
2 KB
2 KB
Image
General
Full URL
https://thedailyblog.co.nz/wp-content/uploads/2021/11/1502244531487-100x70.jpg
Requested by
Host: thedailyblog.co.nz
URL: https://thedailyblog.co.nz/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
210.5.53.72 , New Zealand, ASN56030 (VOYAGERNET-AS-AP Voyager Internet Ltd., NZ),
Reverse DNS
vps1166.lnx.vps.isx.net.nz
Software
nginx / PleskLin
Resource Hash
a2f4e82889c321379d880ffccb70876e454cf53351ff4777a9905a37b12a9b98

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://thedailyblog.co.nz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Tue, 30 Nov 2021 19:41:12 GMT
last-modified
Tue, 16 Nov 2021 17:03:05 GMT
server
nginx
x-powered-by
PleskLin
etag
"6193e449-703"
content-type
image/jpeg
accept-ranges
bytes
content-length
1795
Screen-Shot-2021-11-30-at-6.39.57-AM-324x235.png
thedailyblog.co.nz/wp-content/uploads/2021/11/
102 KB
102 KB
Image
General
Full URL
https://thedailyblog.co.nz/wp-content/uploads/2021/11/Screen-Shot-2021-11-30-at-6.39.57-AM-324x235.png
Requested by
Host: thedailyblog.co.nz
URL: https://thedailyblog.co.nz/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
210.5.53.72 , New Zealand, ASN56030 (VOYAGERNET-AS-AP Voyager Internet Ltd., NZ),
Reverse DNS
vps1166.lnx.vps.isx.net.nz
Software
nginx / PleskLin
Resource Hash
df9cf65cf8eeda243962715c134e21678d4c1ac8e5a90d96dd003b8352d57727

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://thedailyblog.co.nz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Tue, 30 Nov 2021 19:41:12 GMT
last-modified
Mon, 29 Nov 2021 17:45:25 GMT
server
nginx
x-powered-by
PleskLin
etag
"61a511b5-19882"
content-type
image/png
accept-ranges
bytes
content-length
104578
unnamed-100x70.png
thedailyblog.co.nz/wp-content/uploads/2021/11/
6 KB
6 KB
Image
General
Full URL
https://thedailyblog.co.nz/wp-content/uploads/2021/11/unnamed-100x70.png
Requested by
Host: thedailyblog.co.nz
URL: https://thedailyblog.co.nz/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
210.5.53.72 , New Zealand, ASN56030 (VOYAGERNET-AS-AP Voyager Internet Ltd., NZ),
Reverse DNS
vps1166.lnx.vps.isx.net.nz
Software
nginx / PleskLin
Resource Hash
7d6e6199c851602282d6bec87bf88a1f9a4aea35aa228937da59f520e354d705

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://thedailyblog.co.nz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Tue, 30 Nov 2021 19:41:12 GMT
last-modified
Sat, 27 Nov 2021 19:10:49 GMT
server
nginx
x-powered-by
PleskLin
etag
"61a282b9-1898"
content-type
image/png
accept-ranges
bytes
content-length
6296
Screen-Shot-2021-11-03-at-10.10.36-AM-1-100x70.png
thedailyblog.co.nz/wp-content/uploads/2021/11/
15 KB
15 KB
Image
General
Full URL
https://thedailyblog.co.nz/wp-content/uploads/2021/11/Screen-Shot-2021-11-03-at-10.10.36-AM-1-100x70.png
Requested by
Host: thedailyblog.co.nz
URL: https://thedailyblog.co.nz/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
210.5.53.72 , New Zealand, ASN56030 (VOYAGERNET-AS-AP Voyager Internet Ltd., NZ),
Reverse DNS
vps1166.lnx.vps.isx.net.nz
Software
nginx / PleskLin
Resource Hash
21837485e10c6b663c4eec4b3bc5d9a2276632ba28d60feff08eb2fd0e66c5f7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://thedailyblog.co.nz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Tue, 30 Nov 2021 19:41:12 GMT
last-modified
Fri, 19 Nov 2021 02:29:36 GMT
server
nginx
x-powered-by
PleskLin
etag
"61970c10-3b2c"
content-type
image/png
accept-ranges
bytes
content-length
15148
Screen-Shot-2021-11-04-at-1.47.59-PM-1-100x70.png
thedailyblog.co.nz/wp-content/uploads/2021/11/
8 KB
8 KB
Image
General
Full URL
https://thedailyblog.co.nz/wp-content/uploads/2021/11/Screen-Shot-2021-11-04-at-1.47.59-PM-1-100x70.png
Requested by
Host: thedailyblog.co.nz
URL: https://thedailyblog.co.nz/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
210.5.53.72 , New Zealand, ASN56030 (VOYAGERNET-AS-AP Voyager Internet Ltd., NZ),
Reverse DNS
vps1166.lnx.vps.isx.net.nz
Software
nginx / PleskLin
Resource Hash
38aea16b938dcd7510429cb96ea3e845f2451485538bc9dd9d40929dfb9fafcd

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://thedailyblog.co.nz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Tue, 30 Nov 2021 19:41:12 GMT
last-modified
Thu, 25 Nov 2021 03:39:39 GMT
server
nginx
x-powered-by
PleskLin
etag
"619f057b-1e50"
content-type
image/png
accept-ranges
bytes
content-length
7760
cover-1-100x70.png
thedailyblog.co.nz/wp-content/uploads/2021/11/
11 KB
11 KB
Image
General
Full URL
https://thedailyblog.co.nz/wp-content/uploads/2021/11/cover-1-100x70.png
Requested by
Host: thedailyblog.co.nz
URL: https://thedailyblog.co.nz/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
210.5.53.72 , New Zealand, ASN56030 (VOYAGERNET-AS-AP Voyager Internet Ltd., NZ),
Reverse DNS
vps1166.lnx.vps.isx.net.nz
Software
nginx / PleskLin
Resource Hash
6ca1978797374f9bfac40e1129dea601e2efb1ed6c28c608528bcc84505b1071

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://thedailyblog.co.nz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Tue, 30 Nov 2021 19:41:12 GMT
last-modified
Tue, 23 Nov 2021 19:30:54 GMT
server
nginx
x-powered-by
PleskLin
etag
"619d416e-2cbb"
content-type
image/png
accept-ranges
bytes
content-length
11451
Screen-Shot-2021-12-01-at-7.28.33-AM-324x235.png
thedailyblog.co.nz/wp-content/uploads/2021/12/
134 KB
134 KB
Image
General
Full URL
https://thedailyblog.co.nz/wp-content/uploads/2021/12/Screen-Shot-2021-12-01-at-7.28.33-AM-324x235.png
Requested by
Host: thedailyblog.co.nz
URL: https://thedailyblog.co.nz/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
210.5.53.72 , New Zealand, ASN56030 (VOYAGERNET-AS-AP Voyager Internet Ltd., NZ),
Reverse DNS
vps1166.lnx.vps.isx.net.nz
Software
nginx / PleskLin
Resource Hash
3026fe5d8b3c29b1505450207f48e80cb4b358cf0c9d8b42d691c9d7c2134454

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://thedailyblog.co.nz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Tue, 30 Nov 2021 19:41:12 GMT
last-modified
Tue, 30 Nov 2021 18:59:32 GMT
server
nginx
x-powered-by
PleskLin
etag
"61a67494-2160c"
content-type
image/png
accept-ranges
bytes
content-length
136716
Screen-Shot-2017-07-22-at-8.23.41-AM-100x70.png
thedailyblog.co.nz/wp-content/uploads/2021/11/
6 KB
6 KB
Image
General
Full URL
https://thedailyblog.co.nz/wp-content/uploads/2021/11/Screen-Shot-2017-07-22-at-8.23.41-AM-100x70.png
Requested by
Host: thedailyblog.co.nz
URL: https://thedailyblog.co.nz/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
210.5.53.72 , New Zealand, ASN56030 (VOYAGERNET-AS-AP Voyager Internet Ltd., NZ),
Reverse DNS
vps1166.lnx.vps.isx.net.nz
Software
nginx / PleskLin
Resource Hash
28d1a6730ff05f9e14ba04cfa7e6cdb813e2fac5b1200a301bf03341428852a0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://thedailyblog.co.nz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Tue, 30 Nov 2021 19:41:12 GMT
last-modified
Thu, 25 Nov 2021 17:19:16 GMT
server
nginx
x-powered-by
PleskLin
etag
"619fc594-164b"
content-type
image/png
accept-ranges
bytes
content-length
5707
Screen-Shot-2021-11-30-at-9.36.14-AM-100x70.png
thedailyblog.co.nz/wp-content/uploads/2021/11/
16 KB
17 KB
Image
General
Full URL
https://thedailyblog.co.nz/wp-content/uploads/2021/11/Screen-Shot-2021-11-30-at-9.36.14-AM-100x70.png
Requested by
Host: thedailyblog.co.nz
URL: https://thedailyblog.co.nz/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
210.5.53.72 , New Zealand, ASN56030 (VOYAGERNET-AS-AP Voyager Internet Ltd., NZ),
Reverse DNS
vps1166.lnx.vps.isx.net.nz
Software
nginx / PleskLin
Resource Hash
b40f986a9ddb9cc58ee58d4132eb20e89b1cc160f6ad4747a1d9a14af9047edf

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://thedailyblog.co.nz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Tue, 30 Nov 2021 19:41:12 GMT
last-modified
Mon, 29 Nov 2021 20:37:21 GMT
server
nginx
x-powered-by
PleskLin
etag
"61a53a01-41d9"
content-type
image/png
accept-ranges
bytes
content-length
16857
image-100x70.jpg
thedailyblog.co.nz/wp-content/uploads/2021/11/
2 KB
2 KB
Image
General
Full URL
https://thedailyblog.co.nz/wp-content/uploads/2021/11/image-100x70.jpg
Requested by
Host: thedailyblog.co.nz
URL: https://thedailyblog.co.nz/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
210.5.53.72 , New Zealand, ASN56030 (VOYAGERNET-AS-AP Voyager Internet Ltd., NZ),
Reverse DNS
vps1166.lnx.vps.isx.net.nz
Software
nginx / PleskLin
Resource Hash
08f9cfe799c314f157fe6a88446be906373859e57a66ece7e866582e129622f2

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://thedailyblog.co.nz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Tue, 30 Nov 2021 19:41:12 GMT
last-modified
Sun, 28 Nov 2021 20:47:04 GMT
server
nginx
x-powered-by
PleskLin
etag
"61a3eac8-912"
content-type
image/jpeg
accept-ranges
bytes
content-length
2322
1200-100x70.jpg
thedailyblog.co.nz/wp-content/uploads/2021/11/
3 KB
3 KB
Image
General
Full URL
https://thedailyblog.co.nz/wp-content/uploads/2021/11/1200-100x70.jpg
Requested by
Host: thedailyblog.co.nz
URL: https://thedailyblog.co.nz/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
210.5.53.72 , New Zealand, ASN56030 (VOYAGERNET-AS-AP Voyager Internet Ltd., NZ),
Reverse DNS
vps1166.lnx.vps.isx.net.nz
Software
nginx / PleskLin
Resource Hash
c31d2b1c4652ec5a7c8e5c412fffe63773e5542ae9849ea5bbfe9c9dc597382d

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://thedailyblog.co.nz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Tue, 30 Nov 2021 19:41:12 GMT
last-modified
Sun, 28 Nov 2021 15:58:25 GMT
server
nginx
x-powered-by
PleskLin
etag
"61a3a721-a67"
content-type
image/jpeg
accept-ranges
bytes
content-length
2663
Unknown-1-4.jpeg
thedailyblog.co.nz/wp-content/uploads/2021/11/
8 KB
8 KB
Image
General
Full URL
https://thedailyblog.co.nz/wp-content/uploads/2021/11/Unknown-1-4.jpeg
Requested by
Host: thedailyblog.co.nz
URL: https://thedailyblog.co.nz/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
210.5.53.72 , New Zealand, ASN56030 (VOYAGERNET-AS-AP Voyager Internet Ltd., NZ),
Reverse DNS
vps1166.lnx.vps.isx.net.nz
Software
nginx / PleskLin
Resource Hash
4e5da5ddf83a42ab5f30c5f474011805d1f84f859a10ddc6b5478556a33c4c81

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://thedailyblog.co.nz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Tue, 30 Nov 2021 19:41:12 GMT
last-modified
Mon, 29 Nov 2021 17:20:27 GMT
server
nginx
x-powered-by
PleskLin
etag
"61a50bdb-1f58"
content-type
image/jpeg
accept-ranges
bytes
content-length
8024
Unknown-8-100x70.jpeg
thedailyblog.co.nz/wp-content/uploads/2021/11/
3 KB
3 KB
Image
General
Full URL
https://thedailyblog.co.nz/wp-content/uploads/2021/11/Unknown-8-100x70.jpeg
Requested by
Host: thedailyblog.co.nz
URL: https://thedailyblog.co.nz/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
210.5.53.72 , New Zealand, ASN56030 (VOYAGERNET-AS-AP Voyager Internet Ltd., NZ),
Reverse DNS
vps1166.lnx.vps.isx.net.nz
Software
nginx / PleskLin
Resource Hash
e20e81b00213976f21f87de80297a2047f24eb9c7702a74f17cb0d32d7931504

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://thedailyblog.co.nz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Tue, 30 Nov 2021 19:41:12 GMT
last-modified
Mon, 29 Nov 2021 17:09:38 GMT
server
nginx
x-powered-by
PleskLin
etag
"61a50952-cbc"
content-type
image/jpeg
accept-ranges
bytes
content-length
3260
Screen-Shot-2021-11-08-at-4.52.25-AM-100x70.png
thedailyblog.co.nz/wp-content/uploads/2021/11/
18 KB
18 KB
Image
General
Full URL
https://thedailyblog.co.nz/wp-content/uploads/2021/11/Screen-Shot-2021-11-08-at-4.52.25-AM-100x70.png
Requested by
Host: thedailyblog.co.nz
URL: https://thedailyblog.co.nz/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
210.5.53.72 , New Zealand, ASN56030 (VOYAGERNET-AS-AP Voyager Internet Ltd., NZ),
Reverse DNS
vps1166.lnx.vps.isx.net.nz
Software
nginx / PleskLin
Resource Hash
03966f855eacb7ab58e5d814869ce127bc956a6d8c96d8adaeb7182a75e5e7e3

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://thedailyblog.co.nz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Tue, 30 Nov 2021 19:41:12 GMT
last-modified
Sun, 07 Nov 2021 15:52:43 GMT
server
nginx
x-powered-by
PleskLin
etag
"6187f64b-4714"
content-type
image/png
accept-ranges
bytes
content-length
18196
Screen-Shot-2021-11-29-at-3.33.38-PM-100x70.png
thedailyblog.co.nz/wp-content/uploads/2021/11/
14 KB
14 KB
Image
General
Full URL
https://thedailyblog.co.nz/wp-content/uploads/2021/11/Screen-Shot-2021-11-29-at-3.33.38-PM-100x70.png
Requested by
Host: thedailyblog.co.nz
URL: https://thedailyblog.co.nz/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
210.5.53.72 , New Zealand, ASN56030 (VOYAGERNET-AS-AP Voyager Internet Ltd., NZ),
Reverse DNS
vps1166.lnx.vps.isx.net.nz
Software
nginx / PleskLin
Resource Hash
74774e29f34f591648d77455e2f2aa70bcc72eb4ecef7d06e76bc155989f86f6

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://thedailyblog.co.nz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Tue, 30 Nov 2021 19:41:12 GMT
last-modified
Mon, 29 Nov 2021 02:34:02 GMT
server
nginx
x-powered-by
PleskLin
etag
"61a43c1a-3892"
content-type
image/png
accept-ranges
bytes
content-length
14482
Unknown-13-100x70.png
thedailyblog.co.nz/wp-content/uploads/2021/11/
3 KB
3 KB
Image
General
Full URL
https://thedailyblog.co.nz/wp-content/uploads/2021/11/Unknown-13-100x70.png
Requested by
Host: thedailyblog.co.nz
URL: https://thedailyblog.co.nz/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
210.5.53.72 , New Zealand, ASN56030 (VOYAGERNET-AS-AP Voyager Internet Ltd., NZ),
Reverse DNS
vps1166.lnx.vps.isx.net.nz
Software
nginx / PleskLin
Resource Hash
6b471e3e0fe243d81bde212bfa10b56236464e52c9c84864b32fc392ff8c2290

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://thedailyblog.co.nz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Tue, 30 Nov 2021 19:41:12 GMT
last-modified
Sun, 28 Nov 2021 16:22:31 GMT
server
nginx
x-powered-by
PleskLin
etag
"61a3acc7-c23"
content-type
image/png
accept-ranges
bytes
content-length
3107
Unknown-5-100x70.png
thedailyblog.co.nz/wp-content/uploads/2021/11/
2 KB
3 KB
Image
General
Full URL
https://thedailyblog.co.nz/wp-content/uploads/2021/11/Unknown-5-100x70.png
Requested by
Host: thedailyblog.co.nz
URL: https://thedailyblog.co.nz/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
210.5.53.72 , New Zealand, ASN56030 (VOYAGERNET-AS-AP Voyager Internet Ltd., NZ),
Reverse DNS
vps1166.lnx.vps.isx.net.nz
Software
nginx / PleskLin
Resource Hash
ed783dc04a12297851b6cb79308338d982d19de35aaa3de92766ef8a57f33cae

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://thedailyblog.co.nz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Tue, 30 Nov 2021 19:41:12 GMT
last-modified
Sun, 07 Nov 2021 16:14:37 GMT
server
nginx
x-powered-by
PleskLin
etag
"6187fb6d-9e0"
content-type
image/png
accept-ranges
bytes
content-length
2528
gpt.js
www.googletagservices.com/tag/js/
77 KB
27 KB
Script
General
Full URL
https://www.googletagservices.com/tag/js/gpt.js
Requested by
Host: thedailyblog.co.nz
URL: https://thedailyblog.co.nz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
545c4f635d9b7adc66a5d435227d5982d2cf1722cd19be7652d7d35da7f9298b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://thedailyblog.co.nz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Tue, 30 Nov 2021 19:41:11 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1060 / 802 of 1000 / last-modified: 1638289429"
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
26853
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Tue, 30 Nov 2021 19:41:11 GMT
en-us.svg
apple-resources.s3.amazonaws.com/media-badges/listen-on-apple-podcasts/badge/
Redirect Chain
  • https://tools.applemediaservices.com/api/badges/listen-on-apple-podcasts/badge/en-US?size=250x83&releaseDate=1606352220&h=79ac0fbf02ad5db86494e28360c5d19f
  • https://apple-resources.s3.amazonaws.com/media-badges/listen-on-apple-podcasts/badge/en-us.svg
15 KB
15 KB
Image
General
Full URL
https://apple-resources.s3.amazonaws.com/media-badges/listen-on-apple-podcasts/badge/en-us.svg
Requested by
Host: thedailyblog.co.nz
URL: https://thedailyblog.co.nz/
Protocol
HTTP/1.1
Server
52.216.101.139 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-1-w.amazonaws.com
Software
AmazonS3 /
Resource Hash
aca2df4cadce191ac1a3971f0992dacdfe74bd91fac4be65bf44f50501fd090e

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://thedailyblog.co.nz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date
Tue, 30 Nov 2021 19:41:13 GMT
Last-Modified
Wed, 25 Sep 2019 20:57:40 GMT
Server
AmazonS3
x-amz-request-id
7M9NYGQEM4Z7A6Q9
ETag
"73e9586637bc3c66a109a02ff0e941cc"
Content-Type
image/svg+xml
Accept-Ranges
bytes
Content-Length
15299
x-amz-id-2
EynQ/KrQ0wTCpZUMhAiUBzJn5k65LmMD3Gir647fDm4DjUUePFajQO+4NkGUyZuO1BxFGS+qkEA=

Redirect headers

x-runtime
0.004595
date
Tue, 30 Nov 2021 19:41:11 GMT
content-encoding
gzip
referrer-policy
strict-origin-when-cross-origin
x-permitted-cross-domain-policies
none
x-download-options
noopen
x-frame-options
SAMEORIGIN
content-type
text/html; charset=utf-8
location
https://apple-resources.s3.amazonaws.com/media-badges/listen-on-apple-podcasts/badge/en-us.svg
x-xss-protection
1; mode=block
cache-control
no-cache
strict-transport-security
max-age=31536000; includeSubDomains
vary
Accept-Encoding
x-content-type-options
nosniff
x-request-id
58f4d377-097a-454e-a97d-c225d47bcb53
spotify-podcast-badge-blk-grn-330x80-1.png
eveningreport.nz/wp-content/uploads/2020/12/
8 KB
8 KB
Image
General
Full URL
https://eveningreport.nz/wp-content/uploads/2020/12/spotify-podcast-badge-blk-grn-330x80-1.png
Requested by
Host: thedailyblog.co.nz
URL: https://thedailyblog.co.nz/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
210.5.53.72 , New Zealand, ASN56030 (VOYAGERNET-AS-AP Voyager Internet Ltd., NZ),
Reverse DNS
vps1166.lnx.vps.isx.net.nz
Software
nginx / PleskLin
Resource Hash
a28365cd282903fb5fffd8bad185af709326623d32def1f3613f594cb05083d6

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://thedailyblog.co.nz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Tue, 30 Nov 2021 19:41:13 GMT
last-modified
Sun, 13 Dec 2020 04:52:13 GMT
server
nginx
x-powered-by
PleskLin
etag
"5fd59dfd-215a"
content-type
image/png
accept-ranges
bytes
content-length
8538
default.jpg
img.youtube.com/vi/cvga01tHYRc/
3 KB
4 KB
Image
General
Full URL
https://img.youtube.com/vi/cvga01tHYRc/default.jpg
Requested by
Host: thedailyblog.co.nz
URL: https://thedailyblog.co.nz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0637f3a500b413b8352bc0e576e8de4150daf55a6d99a744f4e1eebd42ad605f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://thedailyblog.co.nz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Tue, 30 Nov 2021 19:41:11 GMT
x-content-type-options
nosniff
age
0
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/youtube
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3510
x-xss-protection
0
server
sffe
etag
"1629952402"
vary
Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
image/jpeg
cache-control
public, max-age=7200
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Tue, 30 Nov 2021 21:41:11 GMT
default.jpg
img.youtube.com/vi/GOWAxGVoND0/
3 KB
3 KB
Image
General
Full URL
https://img.youtube.com/vi/GOWAxGVoND0/default.jpg
Requested by
Host: thedailyblog.co.nz
URL: https://thedailyblog.co.nz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ad10bbf847525ba6a67fb1e619a42cd49e5b3aef41c6b3aae291fb7530b04d21
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://thedailyblog.co.nz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Tue, 30 Nov 2021 19:41:11 GMT
x-content-type-options
nosniff
age
0
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3035
x-xss-protection
0
server
sffe
etag
"1629343707"
vary
Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
image/jpeg
cache-control
public, max-age=7200
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Tue, 30 Nov 2021 21:41:11 GMT
default.jpg
img.youtube.com/vi/Xck7qIB33Mc/
3 KB
4 KB
Image
General
Full URL
https://img.youtube.com/vi/Xck7qIB33Mc/default.jpg
Requested by
Host: thedailyblog.co.nz
URL: https://thedailyblog.co.nz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c4e702a8b29fb467c446adbc495051fafd5446f9782ecc630e25ac15a9abee66
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://thedailyblog.co.nz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Tue, 30 Nov 2021 19:41:11 GMT
x-content-type-options
nosniff
age
0
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3564
x-xss-protection
0
server
sffe
etag
"1628745647"
vary
Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
image/jpeg
cache-control
public, max-age=7200
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Tue, 30 Nov 2021 21:41:11 GMT
default.jpg
img.youtube.com/vi/f5OQ08tCjgQ/
3 KB
3 KB
Image
General
Full URL
https://img.youtube.com/vi/f5OQ08tCjgQ/default.jpg
Requested by
Host: thedailyblog.co.nz
URL: https://thedailyblog.co.nz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ad1e34304ab814ab8d6f79ed77db2ec72d8a445efe2cbace2dbef7065512151c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://thedailyblog.co.nz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Tue, 30 Nov 2021 19:41:11 GMT
x-content-type-options
nosniff
age
0
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3107
x-xss-protection
0
server
sffe
etag
"1601418711"
vary
Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
image/jpeg
cache-control
public, max-age=7200
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Tue, 30 Nov 2021 21:41:11 GMT
default.jpg
img.youtube.com/vi/FGjGtXKN2Ik/
4 KB
4 KB
Image
General
Full URL
https://img.youtube.com/vi/FGjGtXKN2Ik/default.jpg
Requested by
Host: thedailyblog.co.nz
URL: https://thedailyblog.co.nz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
162391f51ebd58aebb4215fe9c90db931c4514f37004742c29f1421edb42f71c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://thedailyblog.co.nz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Tue, 30 Nov 2021 19:41:11 GMT
x-content-type-options
nosniff
age
0
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3889
x-xss-protection
0
server
sffe
etag
"1567400689"
vary
Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
image/jpeg
cache-control
public, max-age=7200
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Tue, 30 Nov 2021 21:41:11 GMT
default.jpg
img.youtube.com/vi/ayReNeRg8WY/
5 KB
5 KB
Image
General
Full URL
https://img.youtube.com/vi/ayReNeRg8WY/default.jpg
Requested by
Host: thedailyblog.co.nz
URL: https://thedailyblog.co.nz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
2f3d6f4f8120e43546823b135b11f38d90777f826669db7a4a4965e0fe51138e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://thedailyblog.co.nz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Tue, 30 Nov 2021 19:41:11 GMT
x-content-type-options
nosniff
age
0
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4896
x-xss-protection
0
server
sffe
etag
"0"
vary
Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
image/jpeg
cache-control
public, max-age=7200
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Tue, 30 Nov 2021 21:41:11 GMT
default.jpg
img.youtube.com/vi/Cr5-gk-8TKU/
5 KB
5 KB
Image
General
Full URL
https://img.youtube.com/vi/Cr5-gk-8TKU/default.jpg
Requested by
Host: thedailyblog.co.nz
URL: https://thedailyblog.co.nz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ef841e92bcd2666d84e1f14b07e8b04e1040b82b4442edc2a2650769294ca0de
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://thedailyblog.co.nz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Tue, 30 Nov 2021 19:41:11 GMT
x-content-type-options
nosniff
age
0
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4788
x-xss-protection
0
server
sffe
etag
"0"
vary
Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
image/jpeg
cache-control
public, max-age=7200
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Tue, 30 Nov 2021 21:41:11 GMT
default.jpg
img.youtube.com/vi/Zl8MOAPZCVs/
5 KB
5 KB
Image
General
Full URL
https://img.youtube.com/vi/Zl8MOAPZCVs/default.jpg
Requested by
Host: thedailyblog.co.nz
URL: https://thedailyblog.co.nz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
60f95df4a5e754f8d84e603841febc8b7b8cb5a0ae14a7440ef20d5dc804c840
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://thedailyblog.co.nz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Tue, 30 Nov 2021 19:41:11 GMT
x-content-type-options
nosniff
age
0
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4893
x-xss-protection
0
server
sffe
etag
"0"
vary
Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
image/jpeg
cache-control
public, max-age=7200
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Tue, 30 Nov 2021 21:41:11 GMT
1558241354977-218x150.jpg
thedailyblog.co.nz/wp-content/uploads/2021/11/
7 KB
8 KB
Image
General
Full URL
https://thedailyblog.co.nz/wp-content/uploads/2021/11/1558241354977-218x150.jpg
Requested by
Host: thedailyblog.co.nz
URL: https://thedailyblog.co.nz/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
210.5.53.72 , New Zealand, ASN56030 (VOYAGERNET-AS-AP Voyager Internet Ltd., NZ),
Reverse DNS
vps1166.lnx.vps.isx.net.nz
Software
nginx / PleskLin
Resource Hash
71b955427b418dd287d9fdeff8a28c0533181c79f0275d821c6056c98e1a90b3

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://thedailyblog.co.nz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Tue, 30 Nov 2021 19:41:12 GMT
last-modified
Wed, 24 Nov 2021 15:39:12 GMT
server
nginx
x-powered-by
PleskLin
etag
"619e5ca0-1dc3"
content-type
image/jpeg
accept-ranges
bytes
content-length
7619
Screen-Shot-2021-11-18-at-5.40.06-AM-218x150.png
thedailyblog.co.nz/wp-content/uploads/2021/11/
57 KB
57 KB
Image
General
Full URL
https://thedailyblog.co.nz/wp-content/uploads/2021/11/Screen-Shot-2021-11-18-at-5.40.06-AM-218x150.png
Requested by
Host: thedailyblog.co.nz
URL: https://thedailyblog.co.nz/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
210.5.53.72 , New Zealand, ASN56030 (VOYAGERNET-AS-AP Voyager Internet Ltd., NZ),
Reverse DNS
vps1166.lnx.vps.isx.net.nz
Software
nginx / PleskLin
Resource Hash
0746e2ef32ef6d5f9cad7e09128c601ac30419895f90a55ad774f50726eafa29

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://thedailyblog.co.nz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Tue, 30 Nov 2021 19:41:12 GMT
last-modified
Wed, 17 Nov 2021 16:40:37 GMT
server
nginx
x-powered-by
PleskLin
etag
"61953085-e4a1"
content-type
image/png
accept-ranges
bytes
content-length
58529
Screen-Shot-2021-11-23-at-5.51.23-PM-218x150.png
thedailyblog.co.nz/wp-content/uploads/2021/11/
69 KB
69 KB
Image
General
Full URL
https://thedailyblog.co.nz/wp-content/uploads/2021/11/Screen-Shot-2021-11-23-at-5.51.23-PM-218x150.png
Requested by
Host: thedailyblog.co.nz
URL: https://thedailyblog.co.nz/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
210.5.53.72 , New Zealand, ASN56030 (VOYAGERNET-AS-AP Voyager Internet Ltd., NZ),
Reverse DNS
vps1166.lnx.vps.isx.net.nz
Software
nginx / PleskLin
Resource Hash
f2d6800181f55473a31864c278c85c544d8e7b0c07fd00206f82ebbce177d6e6

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://thedailyblog.co.nz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Tue, 30 Nov 2021 19:41:12 GMT
last-modified
Tue, 23 Nov 2021 04:51:47 GMT
server
nginx
x-powered-by
PleskLin
etag
"619c7363-11350"
content-type
image/png
accept-ranges
bytes
content-length
70480
unnamed-1-1-1-218x150.jpg
thedailyblog.co.nz/wp-content/uploads/2021/11/
5 KB
5 KB
Image
General
Full URL
https://thedailyblog.co.nz/wp-content/uploads/2021/11/unnamed-1-1-1-218x150.jpg
Requested by
Host: thedailyblog.co.nz
URL: https://thedailyblog.co.nz/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
210.5.53.72 , New Zealand, ASN56030 (VOYAGERNET-AS-AP Voyager Internet Ltd., NZ),
Reverse DNS
vps1166.lnx.vps.isx.net.nz
Software
nginx / PleskLin
Resource Hash
96c07c7efb7f667f57918d51a6eecbe397fffb0bfdd1b7c1dd6a6d9de4280ba9

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://thedailyblog.co.nz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Tue, 30 Nov 2021 19:41:12 GMT
last-modified
Sat, 27 Nov 2021 18:06:47 GMT
server
nginx
x-powered-by
PleskLin
etag
"61a273b7-142c"
content-type
image/jpeg
accept-ranges
bytes
content-length
5164
Screen-Shot-2021-07-18-at-6.56.17-AM-218x150.png
thedailyblog.co.nz/wp-content/uploads/2021/11/
67 KB
67 KB
Image
General
Full URL
https://thedailyblog.co.nz/wp-content/uploads/2021/11/Screen-Shot-2021-07-18-at-6.56.17-AM-218x150.png
Requested by
Host: thedailyblog.co.nz
URL: https://thedailyblog.co.nz/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
210.5.53.72 , New Zealand, ASN56030 (VOYAGERNET-AS-AP Voyager Internet Ltd., NZ),
Reverse DNS
vps1166.lnx.vps.isx.net.nz
Software
nginx / PleskLin
Resource Hash
6a928910f082e0c86d86100dca7cd9e10cd517eb1ebd2fc54bde6c64e56b6d93

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://thedailyblog.co.nz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Tue, 30 Nov 2021 19:41:12 GMT
last-modified
Tue, 09 Nov 2021 02:12:19 GMT
server
nginx
x-powered-by
PleskLin
etag
"6189d903-10aae"
content-type
image/png
accept-ranges
bytes
content-length
68270
141003-Moss-christ-real-tease_v3hlhq-218x150.jpeg
thedailyblog.co.nz/wp-content/uploads/2021/11/
8 KB
8 KB
Image
General
Full URL
https://thedailyblog.co.nz/wp-content/uploads/2021/11/141003-Moss-christ-real-tease_v3hlhq-218x150.jpeg
Requested by
Host: thedailyblog.co.nz
URL: https://thedailyblog.co.nz/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
210.5.53.72 , New Zealand, ASN56030 (VOYAGERNET-AS-AP Voyager Internet Ltd., NZ),
Reverse DNS
vps1166.lnx.vps.isx.net.nz
Software
nginx / PleskLin
Resource Hash
1191e5ba707655a4efca2e0939a4557c33d74e8a009135fba789878bd2244cbb

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://thedailyblog.co.nz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Tue, 30 Nov 2021 19:41:12 GMT
last-modified
Mon, 22 Nov 2021 18:13:06 GMT
server
nginx
x-powered-by
PleskLin
etag
"619bddb2-1f7d"
content-type
image/jpeg
accept-ranges
bytes
content-length
8061
Screen-Shot-2021-11-12-at-6.19.10-AM-218x150.png
thedailyblog.co.nz/wp-content/uploads/2021/11/
77 KB
77 KB
Image
General
Full URL
https://thedailyblog.co.nz/wp-content/uploads/2021/11/Screen-Shot-2021-11-12-at-6.19.10-AM-218x150.png
Requested by
Host: thedailyblog.co.nz
URL: https://thedailyblog.co.nz/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
210.5.53.72 , New Zealand, ASN56030 (VOYAGERNET-AS-AP Voyager Internet Ltd., NZ),
Reverse DNS
vps1166.lnx.vps.isx.net.nz
Software
nginx / PleskLin
Resource Hash
d4852779df5e8c22392d7581b7ebb1fa5d1933ddbd04cc30da0fd4caf9862577

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://thedailyblog.co.nz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Tue, 30 Nov 2021 19:41:12 GMT
last-modified
Thu, 11 Nov 2021 17:19:43 GMT
server
nginx
x-powered-by
PleskLin
etag
"618d50af-13435"
content-type
image/png
accept-ranges
bytes
content-length
78901
unnamed-1-218x150.jpg
thedailyblog.co.nz/wp-content/uploads/2021/11/
11 KB
11 KB
Image
General
Full URL
https://thedailyblog.co.nz/wp-content/uploads/2021/11/unnamed-1-218x150.jpg
Requested by
Host: thedailyblog.co.nz
URL: https://thedailyblog.co.nz/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
210.5.53.72 , New Zealand, ASN56030 (VOYAGERNET-AS-AP Voyager Internet Ltd., NZ),
Reverse DNS
vps1166.lnx.vps.isx.net.nz
Software
nginx / PleskLin
Resource Hash
d1edac4e8b9235b20c47addd67ecf8d14815edc475cc1761be60d06c82efda94

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://thedailyblog.co.nz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Tue, 30 Nov 2021 19:41:12 GMT
last-modified
Thu, 25 Nov 2021 18:39:38 GMT
server
nginx
x-powered-by
PleskLin
etag
"619fd86a-2cfc"
content-type
image/jpeg
accept-ranges
bytes
content-length
11516
Screen-Shot-2021-11-19-at-5.10.27-AM-218x150.png
thedailyblog.co.nz/wp-content/uploads/2021/11/
64 KB
64 KB
Image
General
Full URL
https://thedailyblog.co.nz/wp-content/uploads/2021/11/Screen-Shot-2021-11-19-at-5.10.27-AM-218x150.png
Requested by
Host: thedailyblog.co.nz
URL: https://thedailyblog.co.nz/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
210.5.53.72 , New Zealand, ASN56030 (VOYAGERNET-AS-AP Voyager Internet Ltd., NZ),
Reverse DNS
vps1166.lnx.vps.isx.net.nz
Software
nginx / PleskLin
Resource Hash
8f6f1c01204988c94493b7611c3dfb5ca706efc0a0a2b20e75bb3a189bc54881

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://thedailyblog.co.nz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Tue, 30 Nov 2021 19:41:12 GMT
last-modified
Thu, 18 Nov 2021 16:11:05 GMT
server
nginx
x-powered-by
PleskLin
etag
"61967b19-ff6d"
content-type
image/png
accept-ranges
bytes
content-length
65389
a97b122e34_photo.jpg-324x235.png
thedailyblog.co.nz/wp-content/uploads/2019/11/
45 KB
46 KB
Image
General
Full URL
https://thedailyblog.co.nz/wp-content/uploads/2019/11/a97b122e34_photo.jpg-324x235.png
Requested by
Host: thedailyblog.co.nz
URL: https://thedailyblog.co.nz/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
210.5.53.72 , New Zealand, ASN56030 (VOYAGERNET-AS-AP Voyager Internet Ltd., NZ),
Reverse DNS
vps1166.lnx.vps.isx.net.nz
Software
nginx / PleskLin
Resource Hash
80a9c29d12d183d279ae773c6552e674ed68a456b380476d13c47ee4eee8cc66

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://thedailyblog.co.nz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Tue, 30 Nov 2021 19:41:12 GMT
last-modified
Tue, 05 Nov 2019 04:35:13 GMT
server
nginx
x-powered-by
PleskLin
etag
"5dc0fc01-b5ba"
content-type
image/png
accept-ranges
bytes
content-length
46522
underscore.min.js
thedailyblog.co.nz/wp-includes/js/
19 KB
7 KB
Script
General
Full URL
https://thedailyblog.co.nz/wp-includes/js/underscore.min.js?ver=1.13.1
Requested by
Host: thedailyblog.co.nz
URL: https://thedailyblog.co.nz/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
210.5.53.72 , New Zealand, ASN56030 (VOYAGERNET-AS-AP Voyager Internet Ltd., NZ),
Reverse DNS
vps1166.lnx.vps.isx.net.nz
Software
nginx / PleskLin
Resource Hash
5dacc86b8a64742e60d70192353e5643da219a3f84c0b26cf6116b06b67fff32

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://thedailyblog.co.nz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Tue, 30 Nov 2021 19:41:11 GMT
content-encoding
br
etag
W/"60fa65b2-4a84"
last-modified
Fri, 23 Jul 2021 06:46:10 GMT
server
nginx
x-powered-by
PleskLin
content-type
application/javascript
js_posts_autoload.min.js
thedailyblog.co.nz/wp-content/plugins/td-cloud-library/assets/js/
5 KB
2 KB
Script
General
Full URL
https://thedailyblog.co.nz/wp-content/plugins/td-cloud-library/assets/js/js_posts_autoload.min.js?ver=d158fac1e2f85794ec26781eb2a38fd9
Requested by
Host: thedailyblog.co.nz
URL: https://thedailyblog.co.nz/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
210.5.53.72 , New Zealand, ASN56030 (VOYAGERNET-AS-AP Voyager Internet Ltd., NZ),
Reverse DNS
vps1166.lnx.vps.isx.net.nz
Software
nginx / PleskLin
Resource Hash
7dadf41d55487432b3b4f5db5e8ed8a757ad7d295b1570567d2d2fc6929bd24f

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://thedailyblog.co.nz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Tue, 30 Nov 2021 19:41:11 GMT
content-encoding
br
etag
W/"61284f5a-13c4"
last-modified
Fri, 27 Aug 2021 02:35:06 GMT
server
nginx
x-powered-by
PleskLin
content-type
application/javascript
tagdiv_theme.min.js
thedailyblog.co.nz/wp-content/plugins/td-composer/legacy/Newspaper/js/
222 KB
49 KB
Script
General
Full URL
https://thedailyblog.co.nz/wp-content/plugins/td-composer/legacy/Newspaper/js/tagdiv_theme.min.js?ver=9.7.3
Requested by
Host: thedailyblog.co.nz
URL: https://thedailyblog.co.nz/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
210.5.53.72 , New Zealand, ASN56030 (VOYAGERNET-AS-AP Voyager Internet Ltd., NZ),
Reverse DNS
vps1166.lnx.vps.isx.net.nz
Software
nginx / PleskLin
Resource Hash
bfc68292dce3d30b4560f474533c284e190e30ab44adfec151584e409814b52c

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://thedailyblog.co.nz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Tue, 30 Nov 2021 19:41:11 GMT
content-encoding
br
etag
W/"61284f37-379bd"
last-modified
Fri, 27 Aug 2021 02:34:31 GMT
server
nginx
x-powered-by
PleskLin
content-type
application/javascript
comment-reply.min.js
thedailyblog.co.nz/wp-includes/js/
3 KB
1 KB
Script
General
Full URL
https://thedailyblog.co.nz/wp-includes/js/comment-reply.min.js?ver=d860d08fab8817159afd19afefb90d35
Requested by
Host: thedailyblog.co.nz
URL: https://thedailyblog.co.nz/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
210.5.53.72 , New Zealand, ASN56030 (VOYAGERNET-AS-AP Voyager Internet Ltd., NZ),
Reverse DNS
vps1166.lnx.vps.isx.net.nz
Software
nginx / PleskLin
Resource Hash
143ce443c390db3b8598f951de20bd04623859a581a15b8cde43ebfa1f8ec103

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://thedailyblog.co.nz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Tue, 30 Nov 2021 19:41:11 GMT
content-encoding
br
etag
W/"607887e9-ba8"
last-modified
Thu, 15 Apr 2021 18:37:29 GMT
server
nginx
x-powered-by
PleskLin
content-type
application/javascript
js_files_for_front.min.js
thedailyblog.co.nz/wp-content/plugins/td-cloud-library/assets/js/
12 KB
3 KB
Script
General
Full URL
https://thedailyblog.co.nz/wp-content/plugins/td-cloud-library/assets/js/js_files_for_front.min.js?ver=d158fac1e2f85794ec26781eb2a38fd9
Requested by
Host: thedailyblog.co.nz
URL: https://thedailyblog.co.nz/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
210.5.53.72 , New Zealand, ASN56030 (VOYAGERNET-AS-AP Voyager Internet Ltd., NZ),
Reverse DNS
vps1166.lnx.vps.isx.net.nz
Software
nginx / PleskLin
Resource Hash
374fefdcddee55c37ce66bdc2f94c29d95089daf20eafd8a12c6e1e36eba4f4e

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://thedailyblog.co.nz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Tue, 30 Nov 2021 19:41:11 GMT
content-encoding
br
etag
W/"61284f5a-2fe8"
last-modified
Fri, 27 Aug 2021 02:35:06 GMT
server
nginx
x-powered-by
PleskLin
content-type
application/javascript
jquery.atd.textarea.js
thedailyblog.co.nz/wp-content/plugins/wp-ajax-edit-comments/js/
27 KB
7 KB
Script
General
Full URL
https://thedailyblog.co.nz/wp-content/plugins/wp-ajax-edit-comments/js/jquery.atd.textarea.js?ver=6.1
Requested by
Host: thedailyblog.co.nz
URL: https://thedailyblog.co.nz/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
210.5.53.72 , New Zealand, ASN56030 (VOYAGERNET-AS-AP Voyager Internet Ltd., NZ),
Reverse DNS
vps1166.lnx.vps.isx.net.nz
Software
nginx / PleskLin
Resource Hash
59eea5789a6787902ce1ec6a71b34f32808d75f6a0be489cd4f5910d7bed804b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://thedailyblog.co.nz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Tue, 30 Nov 2021 19:41:11 GMT
content-encoding
br
etag
W/"5e6428ed-6bd5"
last-modified
Sat, 07 Mar 2020 23:06:21 GMT
server
nginx
x-powered-by
PleskLin
content-type
application/javascript
frontend.js
thedailyblog.co.nz/wp-content/plugins/wp-ajax-edit-comments/js/
1 KB
658 B
Script
General
Full URL
https://thedailyblog.co.nz/wp-content/plugins/wp-ajax-edit-comments/js/frontend.js?ver=6.1
Requested by
Host: thedailyblog.co.nz
URL: https://thedailyblog.co.nz/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
210.5.53.72 , New Zealand, ASN56030 (VOYAGERNET-AS-AP Voyager Internet Ltd., NZ),
Reverse DNS
vps1166.lnx.vps.isx.net.nz
Software
nginx / PleskLin
Resource Hash
cf929e11b42b085a4f5d5385314f7b7104d2e260a10691955ab6eed27f5c241f

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://thedailyblog.co.nz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Tue, 30 Nov 2021 19:41:11 GMT
content-encoding
br
etag
W/"5e6428ed-589"
last-modified
Sat, 07 Mar 2020 23:06:21 GMT
server
nginx
x-powered-by
PleskLin
content-type
application/javascript
wp-embed.min.js
thedailyblog.co.nz/wp-includes/js/
1 KB
808 B
Script
General
Full URL
https://thedailyblog.co.nz/wp-includes/js/wp-embed.min.js?ver=d860d08fab8817159afd19afefb90d35
Requested by
Host: thedailyblog.co.nz
URL: https://thedailyblog.co.nz/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
210.5.53.72 , New Zealand, ASN56030 (VOYAGERNET-AS-AP Voyager Internet Ltd., NZ),
Reverse DNS
vps1166.lnx.vps.isx.net.nz
Software
nginx / PleskLin
Resource Hash
5be614bce53f767993a5f5f14a6badd6aae6bf3af7cbdbf4d31520de49e27991

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://thedailyblog.co.nz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Tue, 30 Nov 2021 19:41:11 GMT
content-encoding
br
etag
W/"601c30d1-592"
last-modified
Thu, 04 Feb 2021 17:37:21 GMT
server
nginx
x-powered-by
PleskLin
content-type
application/javascript
background-2.png
thedailyblog.co.nz/wp-content/uploads/2019/07/
3 KB
3 KB
Image
General
Full URL
https://thedailyblog.co.nz/wp-content/uploads/2019/07/background-2.png
Requested by
Host: thedailyblog.co.nz
URL: https://thedailyblog.co.nz/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
210.5.53.72 , New Zealand, ASN56030 (VOYAGERNET-AS-AP Voyager Internet Ltd., NZ),
Reverse DNS
vps1166.lnx.vps.isx.net.nz
Software
nginx / PleskLin
Resource Hash
6fdf2e738abfdce14ffdf46869ac63a03b357c9eeeed6a02411a68bb7714a0dc

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://thedailyblog.co.nz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Tue, 30 Nov 2021 19:41:12 GMT
last-modified
Sun, 21 Jul 2019 05:49:55 GMT
server
nginx
x-powered-by
PleskLin
etag
"5d33fd03-cbe"
content-type
image/png
accept-ranges
bytes
content-length
3262
truncated
/
121 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
a4b423bd3e84385d2bb624a55cddfaafe863235df9791628cb4fc0a9472d3f76

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Content-Type
image/png
elements.png
thedailyblog.co.nz/wp-content/plugins/td-composer/legacy/Newspaper/assets/images/sprite/
4 KB
4 KB
Image
General
Full URL
https://thedailyblog.co.nz/wp-content/plugins/td-composer/legacy/Newspaper/assets/images/sprite/elements.png
Requested by
Host: thedailyblog.co.nz
URL: https://thedailyblog.co.nz/wp-content/plugins/td-composer/legacy/Newspaper/assets/css/td_legacy_main.css?ver=61179afdbbd6a8d8c8a7f82ae3fcd87d
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
210.5.53.72 , New Zealand, ASN56030 (VOYAGERNET-AS-AP Voyager Internet Ltd., NZ),
Reverse DNS
vps1166.lnx.vps.isx.net.nz
Software
nginx / PleskLin
Resource Hash
f6287abfc98a913c318b4348a67f84a2d5432ee57f2ece29904a76fb4eff1167

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://thedailyblog.co.nz/wp-content/plugins/td-composer/legacy/Newspaper/assets/css/td_legacy_main.css?ver=61179afdbbd6a8d8c8a7f82ae3fcd87d
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Tue, 30 Nov 2021 19:41:12 GMT
last-modified
Fri, 27 Aug 2021 02:34:30 GMT
server
nginx
x-powered-by
PleskLin
etag
"61284f36-10e4"
content-type
image/png
accept-ranges
bytes
content-length
4324
newspaper.woff
thedailyblog.co.nz/wp-content/themes/Newspaper/images/icons/
120 KB
121 KB
Font
General
Full URL
https://thedailyblog.co.nz/wp-content/themes/Newspaper/images/icons/newspaper.woff?16
Requested by
Host: thedailyblog.co.nz
URL: https://thedailyblog.co.nz/wp-content/themes/Newspaper/style.css?ver=9.7.3
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
210.5.53.72 , New Zealand, ASN56030 (VOYAGERNET-AS-AP Voyager Internet Ltd., NZ),
Reverse DNS
vps1166.lnx.vps.isx.net.nz
Software
nginx / PleskLin
Resource Hash
0f74eda5ca917f0146ec28a71e0602f7a3b9dae063acfeecfe6549bdb165d47a

Request headers

Referer
https://thedailyblog.co.nz/wp-content/themes/Newspaper/style.css?ver=9.7.3
Origin
https://thedailyblog.co.nz
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Tue, 30 Nov 2021 19:41:12 GMT
last-modified
Fri, 27 Aug 2021 02:33:50 GMT
server
nginx
x-powered-by
PleskLin
etag
"61284f0e-1e17c"
content-type
font/woff
accept-ranges
bytes
content-length
123260
memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v27/
44 KB
44 KB
Font
General
Full URL
https://fonts.gstatic.com/s/opensans/v27/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans%3A300italic%2C400%2C400italic%2C600%2C600italic%2C700%7CRoboto%3A300%2C400%2C400italic%2C500%2C500italic%2C700%2C900&ver=9.7.3
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
88915cdc03fc5b9a20aec966fe93ee38aa3fd76bfef296e41d305271b3541c96
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://thedailyblog.co.nz
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 26 Nov 2021 13:52:02 GMT
x-content-type-options
nosniff
age
366549
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
44656
x-xss-protection
0
last-modified
Thu, 28 Oct 2021 00:30:43 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Sat, 26 Nov 2022 13:52:02 GMT
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v29/
15 KB
15 KB
Font
General
Full URL
https://fonts.gstatic.com/s/roboto/v29/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans%3A300italic%2C400%2C400italic%2C600%2C600italic%2C700%7CRoboto%3A300%2C400%2C400italic%2C500%2C500italic%2C700%2C900&ver=9.7.3
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://thedailyblog.co.nz
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 26 Nov 2021 13:39:48 GMT
x-content-type-options
nosniff
age
367283
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15688
x-xss-protection
0
last-modified
Wed, 22 Sep 2021 16:13:19 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Sat, 26 Nov 2022 13:39:48 GMT
KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v29/
16 KB
16 KB
Font
General
Full URL
https://fonts.gstatic.com/s/roboto/v29/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans%3A300italic%2C400%2C400italic%2C600%2C600italic%2C700%7CRoboto%3A300%2C400%2C400italic%2C500%2C500italic%2C700%2C900&ver=9.7.3
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
bb46ed079c3dd3c39af5051b4ada48f29f49151dad4fa218117bad2fdb5e616f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://thedailyblog.co.nz
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Tue, 30 Nov 2021 14:02:00 GMT
x-content-type-options
nosniff
age
20351
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15920
x-xss-protection
0
last-modified
Wed, 22 Sep 2021 16:13:21 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Wed, 30 Nov 2022 14:02:00 GMT
KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v29/
15 KB
16 KB
Font
General
Full URL
https://fonts.gstatic.com/s/roboto/v29/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans%3A300italic%2C400%2C400italic%2C600%2C600italic%2C700%7CRoboto%3A300%2C400%2C400italic%2C500%2C500italic%2C700%2C900&ver=9.7.3
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0eaeadb58e6995ba85eccb6198aaef77eeb1d4b66699e4e1f3fc10eb6adfcdb9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://thedailyblog.co.nz
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Wed, 24 Nov 2021 17:56:19 GMT
x-content-type-options
nosniff
age
524692
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15828
x-xss-protection
0
last-modified
Wed, 22 Sep 2021 16:13:28 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Thu, 24 Nov 2022 17:56:19 GMT
memtYaGs126MiZpBA-UFUIcVXSCEkx2cmqvXlWqWuU6F.woff2
fonts.gstatic.com/s/opensans/v27/
47 KB
47 KB
Font
General
Full URL
https://fonts.gstatic.com/s/opensans/v27/memtYaGs126MiZpBA-UFUIcVXSCEkx2cmqvXlWqWuU6F.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans%3A300italic%2C400%2C400italic%2C600%2C600italic%2C700%7CRoboto%3A300%2C400%2C400italic%2C500%2C500italic%2C700%2C900&ver=9.7.3
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f57a038a716263766ff4d7f7d8a6ea13b22701ae6fc91e8b1b52fd8784844d23
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://thedailyblog.co.nz
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 26 Nov 2021 13:44:20 GMT
x-content-type-options
nosniff
age
367011
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
47836
x-xss-protection
0
last-modified
Thu, 28 Oct 2021 00:32:23 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Sat, 26 Nov 2022 13:44:20 GMT
KFOkCnqEu92Fr1Mu51xIIzI.woff2
fonts.gstatic.com/s/roboto/v29/
17 KB
17 KB
Font
General
Full URL
https://fonts.gstatic.com/s/roboto/v29/KFOkCnqEu92Fr1Mu51xIIzI.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans%3A300italic%2C400%2C400italic%2C600%2C600italic%2C700%7CRoboto%3A300%2C400%2C400italic%2C500%2C500italic%2C700%2C900&ver=9.7.3
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
46375ee9192c1e0f6eabe4d32b2a48b996b93037f7b4beb970df5b87359548fd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://thedailyblog.co.nz
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 26 Nov 2021 13:21:56 GMT
x-content-type-options
nosniff
age
368355
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
17304
x-xss-protection
0
last-modified
Wed, 22 Sep 2021 16:13:19 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Sat, 26 Nov 2022 13:21:56 GMT
pubads_impl_2021111701.js
securepubads.g.doubleclick.net/gpt/
345 KB
116 KB
Script
General
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021111701.js
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
sffe /
Resource Hash
8d8aa9c2c3798099cba43890c7808bfb34b70dbc853177ef287b50bc28161911
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://thedailyblog.co.nz/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Intervention
<https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

date
Tue, 30 Nov 2021 19:41:11 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
118578
x-xss-protection
0
last-modified
Wed, 17 Nov 2021 09:34:38 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
private, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Tue, 30 Nov 2021 19:41:11 GMT
analytics.js
www.google-analytics.com/
49 KB
20 KB
Script
General
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-41539225-10
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://thedailyblog.co.nz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 02 Nov 2021 17:39:06 GMT
server
Golfe2
age
2404
date
Tue, 30 Nov 2021 19:01:07 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20006
expires
Tue, 30 Nov 2021 21:01:07 GMT
integrator.js
adservice.google.de/adsid/
107 B
792 B
Script
General
Full URL
https://adservice.google.de/adsid/integrator.js?domain=thedailyblog.co.nz
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021111701.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://thedailyblog.co.nz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 30 Nov 2021 19:41:12 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/
107 B
549 B
Script
General
Full URL
https://adservice.google.com/adsid/integrator.js?domain=thedailyblog.co.nz
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021111701.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://thedailyblog.co.nz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 30 Nov 2021 19:41:11 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/
229 KB
38 KB
XHR
General
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=2771262642247056&correlator=3674118884877988&output=ldjh&impl=fifs&vrg=2021111701&ptt=17&sc=1&sfv=1-0-38&ecs=20211130&iu_parts=9201682%2CTDB_Inpage%2CTDB_Top_Left%2CTDB_Top-Premium_RHS%2CTDB_Custom_2_Sidebar%2CTDB_BigBanner&enc_prev_ius=%2F0%2F1%2C%2F0%2F2%2C%2F0%2F3%2C%2F0%2F4%2C%2F0%2F5&prev_iu_szs=300x250%2C300x250%2C300x250%2C300x250%7C300x600%2C728x90&cookie_enabled=1&bc=31&abxe=1&lmt=1638300379&dt=1638301271907&dlt=1638301270255&idt=1628&frm=20&biw=1600&bih=1200&oid=2&adxs=-9%2C-9%2C1010%2C-9%2C606&adys=-9%2C-9%2C1126%2C-9%2C56&adks=1428025172%2C2170472645%2C4066769718%2C779929888%2C3305512707&ucis=1%7C2%7C3%7C4%7C5&ifi=1&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fthedailyblog.co.nz%2F&vis=1&dmc=8&scr_x=0&scr_y=0&psz=0x-1%7C0x-1%7C324x250%7C0x-1%7C728x90&msz=0x-1%7C0x-1%7C300x-1%7C0x-1%7C728x90&ga_vid=1271377222.1638301272&ga_sid=1638301272&ga_hid=833964476&ga_fc=false&fws=2%2C2%2C4%2C2%2C4&ohw=0%2C0%2C1164%2C0%2C1600&btvi=-1%7C-1%7C0%7C-1%7C0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&nvt=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021111701.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
cafe /
Resource Hash
9e003d0a9b6e48625f2545c1c244c1fd60c90365a9ca4644d34f33f0c9565f6c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://thedailyblog.co.nz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Tue, 30 Nov 2021 19:41:13 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2,-2,-2,-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
39080
x-xss-protection
0
google-lineitem-id
5117564639,-1,5631716845,5631734098,5746352566
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138345394481,-1,138341317577,138341759389,138357154544
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://thedailyblog.co.nz
access-control-expose-headers
x-google-amp-ad-validated-version
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/
48 KB
19 KB
XHR
General
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=2771262642247056&correlator=3674118884877988&output=ldjh&impl=fifs&vrg=2021111701&ptt=17&sc=1&sfv=1-0-38&ecs=20211130&iu_parts=9201682%2CTDB_Custom_3_Sidebar&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x600%7C300x250&eri=2&cookie_enabled=1&bc=31&abxe=1&lmt=1638300379&dt=1638301271917&dlt=1638301270255&idt=1628&frm=20&biw=1600&bih=1200&oid=2&adxs=1022&adys=1424&adks=4041111758&ucis=6&ifi=6&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fthedailyblog.co.nz%2F&vis=1&dmc=8&scr_x=0&scr_y=0&psz=300x44&msz=300x0&ga_vid=1271377222.1638301272&ga_sid=1638301272&ga_hid=833964476&ga_fc=false&fws=4&ohw=1164&btvi=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&nvt=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021111701.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
cafe /
Resource Hash
0a175bce85730a96d2facacbcc6c6bf0c2ea2744dd519ee6089225cdfb88ca25
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://thedailyblog.co.nz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Tue, 30 Nov 2021 19:41:11 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
18973
x-xss-protection
0
google-lineitem-id
5668412368
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138369104301
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://thedailyblog.co.nz
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
84e95da076e33d3921ac34dbc2e8fe22.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 567D
6 KB
4 KB
Document
General
Full URL
https://84e95da076e33d3921ac34dbc2e8fe22.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021111701.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://thedailyblog.co.nz/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin
*
content-length
3108
date
Tue, 30 Nov 2021 19:41:12 GMT
expires
Wed, 30 Nov 2022 19:41:12 GMT
cache-control
public, immutable, max-age=31536000
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
mG3nm_a0D0U
www.youtube.com/embed/ Frame CD20
59 KB
25 KB
Document
General
Full URL
https://www.youtube.com/embed/mG3nm_a0D0U
Requested by
Host: thedailyblog.co.nz
URL: https://thedailyblog.co.nz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
a701d12a41eefbeca1b94b18cb069f4923885dd86c72f2d132127d2eeb201115
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://thedailyblog.co.nz/

Response headers

content-type
text/html; charset=utf-8
x-content-type-options
nosniff
cache-control
no-cache, no-store, max-age=0, must-revalidate
pragma
no-cache
expires
Mon, 01 Jan 1990 00:00:00 GMT
date
Tue, 30 Nov 2021 19:41:11 GMT
strict-transport-security
max-age=31536000
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-model=*, ch-ua-platform=*, ch-ua-platform-version=*
report-to
{"group":"AXrpQdexiF0ssZ_nH8Dr-M3QgbdVRvO77RECMA","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/encsid_AXrpQdexiF0ssZ_nH8Dr-M3QgbdVRvO77RECMA"}]}
cross-origin-opener-policy-report-only
same-origin; report-to="AXrpQdexiF0ssZ_nH8Dr-M3QgbdVRvO77RECMA"
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=de for more info."
content-encoding
br
server
ESF
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
ads
securepubads.g.doubleclick.net/gampad/
48 KB
19 KB
XHR
General
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=2771262642247056&correlator=3674118884877988&output=ldjh&impl=fifs&vrg=2021111701&ptt=17&sc=1&sfv=1-0-38&ecs=20211130&iu_parts=9201682%2CTDB_Custom_Sidebar1&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x250%7C300x600&eri=2&cookie_enabled=1&bc=31&abxe=1&lmt=1638300379&dt=1638301271946&dlt=1638301270255&idt=1628&frm=20&biw=1600&bih=1200&oid=2&adxs=1022&adys=2588&adks=1376718479&ucis=7&ifi=7&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fthedailyblog.co.nz%2F&vis=1&dmc=8&scr_x=0&scr_y=0&psz=300x21&msz=300x0&ga_vid=1271377222.1638301272&ga_sid=1638301272&ga_hid=833964476&ga_fc=false&fws=4&ohw=1164&btvi=2&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&nvt=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021111701.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
cafe /
Resource Hash
6c43f80bf3ca6ced6a071c779581cf3f2d0b15347cc26cdc9259e20c3b69d856
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://thedailyblog.co.nz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Tue, 30 Nov 2021 19:41:13 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
19035
x-xss-protection
0
google-lineitem-id
5120109838
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138321021077
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://thedailyblog.co.nz
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/
15 KB
8 KB
XHR
General
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=2771262642247056&correlator=3674118884877988&output=ldjh&impl=fifs&vrg=2021111701&ptt=17&sc=1&sfv=1-0-38&ecs=20211130&iu_parts=9201682%2CTDB_Custom_4_Sidebar&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x250%7C300x600&eri=2&cookie_enabled=1&bc=31&abxe=1&lmt=1638300379&dt=1638301271955&dlt=1638301270255&idt=1628&frm=20&biw=1600&bih=1200&oid=2&adxs=1022&adys=2609&adks=3845702400&ucis=8&ifi=8&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fthedailyblog.co.nz%2F&vis=1&dmc=8&scr_x=0&scr_y=0&psz=0x0&msz=300x0&ga_vid=1271377222.1638301272&ga_sid=1638301272&ga_hid=833964476&ga_fc=false&fws=4&ohw=1164&btvi=3&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&nvt=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021111701.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
cafe /
Resource Hash
29a6d5ddf0b6b4ce05fa86a77f46e23fa0469595b5a94e2e496fb66c9b309a97
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://thedailyblog.co.nz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Tue, 30 Nov 2021 19:41:13 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
8366
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://thedailyblog.co.nz
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/
101 KB
25 KB
XHR
General
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=2771262642247056&correlator=3674118884877988&output=ldjh&impl=fifs&vrg=2021111701&ptt=17&sc=1&sfv=1-0-38&ecs=20211130&iu_parts=9201682%2CTDB_Custom_5_Sidebar&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x600%7C300x250&eri=2&cookie_enabled=1&bc=31&abxe=1&lmt=1638300379&dt=1638301271960&dlt=1638301270255&idt=1628&frm=20&biw=1600&bih=1200&oid=2&adxs=1022&adys=2609&adks=1997834511&ucis=9&ifi=9&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fthedailyblog.co.nz%2F&vis=1&dmc=8&scr_x=0&scr_y=0&psz=0x0&msz=300x0&ga_vid=1271377222.1638301272&ga_sid=1638301272&ga_hid=833964476&ga_fc=false&fws=4&ohw=1164&btvi=4&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&nvt=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021111701.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
cafe /
Resource Hash
39ba78bb21ee97e4a8dfbffe40468ca376f3888a4eba366ddda4bc4126fb0660
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://thedailyblog.co.nz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Tue, 30 Nov 2021 19:41:14 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
25428
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://thedailyblog.co.nz
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/
87 KB
22 KB
XHR
General
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=2771262642247056&correlator=3674118884877988&output=ldjh&impl=fifs&vrg=2021111701&ptt=17&sc=1&sfv=1-0-38&ecs=20211130&iu_parts=9201682%2CTDB_Extra_Ad_1&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x600%7C300x250&eri=2&cookie_enabled=1&bc=31&abxe=1&lmt=1638300379&dt=1638301271965&dlt=1638301270255&idt=1628&frm=20&biw=1600&bih=1200&oid=2&adxs=1010&adys=2635&adks=2066838578&ucis=a&ifi=10&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fthedailyblog.co.nz%2F&vis=1&dmc=8&scr_x=0&scr_y=0&psz=324x0&msz=324x0&ga_vid=1271377222.1638301272&ga_sid=1638301272&ga_hid=833964476&ga_fc=false&fws=4&ohw=1164&btvi=5&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&nvt=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021111701.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
cafe /
Resource Hash
97bb377e81d07773db24552f566e2d1d99763837fb5ce826513d80c417f2012e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://thedailyblog.co.nz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Tue, 30 Nov 2021 19:41:14 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
22946
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://thedailyblog.co.nz
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
truncated
/
125 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
6cc9f7888aa74f17e27205ad59ecf79db56b25123b30aa7913b5a6617206b58a

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Content-Type
image/png
Screen-Shot-2021-11-14-at-2.26.27-PM-534x462.png
thedailyblog.co.nz/wp-content/uploads/2021/11/
190 KB
190 KB
Image
General
Full URL
https://thedailyblog.co.nz/wp-content/uploads/2021/11/Screen-Shot-2021-11-14-at-2.26.27-PM-534x462.png
Requested by
Host: thedailyblog.co.nz
URL: https://thedailyblog.co.nz/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
210.5.53.72 , New Zealand, ASN56030 (VOYAGERNET-AS-AP Voyager Internet Ltd., NZ),
Reverse DNS
vps1166.lnx.vps.isx.net.nz
Software
nginx / PleskLin
Resource Hash
090bfccf24b07e5178fe468500964411acd65badb135d0953c42743df50d41d4

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://thedailyblog.co.nz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Tue, 30 Nov 2021 19:41:12 GMT
last-modified
Sun, 14 Nov 2021 16:33:00 GMT
server
nginx
x-powered-by
PleskLin
etag
"61913a3c-2f836"
content-type
image/png
accept-ranges
bytes
content-length
194614
Screen-Shot-2021-11-07-at-11.43.06-AM-534x462.png
thedailyblog.co.nz/wp-content/uploads/2021/11/
454 KB
455 KB
Image
General
Full URL
https://thedailyblog.co.nz/wp-content/uploads/2021/11/Screen-Shot-2021-11-07-at-11.43.06-AM-534x462.png
Requested by
Host: thedailyblog.co.nz
URL: https://thedailyblog.co.nz/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
210.5.53.72 , New Zealand, ASN56030 (VOYAGERNET-AS-AP Voyager Internet Ltd., NZ),
Reverse DNS
vps1166.lnx.vps.isx.net.nz
Software
nginx / PleskLin
Resource Hash
51d8b554bc4b79dac28be002c0774228f4797702851be15a3c4dab20ab322492

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://thedailyblog.co.nz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Tue, 30 Nov 2021 19:41:12 GMT
last-modified
Sun, 07 Nov 2021 06:16:55 GMT
server
nginx
x-powered-by
PleskLin
etag
"61876f57-718c0"
content-type
image/png
accept-ranges
bytes
content-length
465088
Screen-Shot-2021-11-04-at-5.55.34-PM-534x462.png
thedailyblog.co.nz/wp-content/uploads/2021/11/
524 KB
525 KB
Image
General
Full URL
https://thedailyblog.co.nz/wp-content/uploads/2021/11/Screen-Shot-2021-11-04-at-5.55.34-PM-534x462.png
Requested by
Host: thedailyblog.co.nz
URL: https://thedailyblog.co.nz/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
210.5.53.72 , New Zealand, ASN56030 (VOYAGERNET-AS-AP Voyager Internet Ltd., NZ),
Reverse DNS
vps1166.lnx.vps.isx.net.nz
Software
nginx / PleskLin
Resource Hash
7bc2c48f13ebfcc7698e88eac7e5bf3b4a8ef162830496e8eb849917753c76aa

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://thedailyblog.co.nz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Tue, 30 Nov 2021 19:41:12 GMT
last-modified
Thu, 04 Nov 2021 04:56:06 GMT
server
nginx
x-powered-by
PleskLin
etag
"618367e6-830d1"
content-type
image/png
accept-ranges
bytes
content-length
536785
Screen-Shot-2021-08-20-at-4.56.25-PM-534x462.png
thedailyblog.co.nz/wp-content/uploads/2021/08/
270 KB
270 KB
Image
General
Full URL
https://thedailyblog.co.nz/wp-content/uploads/2021/08/Screen-Shot-2021-08-20-at-4.56.25-PM-534x462.png
Requested by
Host: thedailyblog.co.nz
URL: https://thedailyblog.co.nz/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
210.5.53.72 , New Zealand, ASN56030 (VOYAGERNET-AS-AP Voyager Internet Ltd., NZ),
Reverse DNS
vps1166.lnx.vps.isx.net.nz
Software
nginx / PleskLin
Resource Hash
2b9a9e20a2087fbfe29c5ad841151f560719560927aab480b578abb759e3dacf

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://thedailyblog.co.nz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Tue, 30 Nov 2021 19:41:12 GMT
last-modified
Mon, 23 Aug 2021 17:33:53 GMT
server
nginx
x-powered-by
PleskLin
etag
"6123dc01-4366c"
content-type
image/png
accept-ranges
bytes
content-length
276076
memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTSGmu1aB.woff2
fonts.gstatic.com/s/opensans/v27/
31 KB
31 KB
Font
General
Full URL
https://fonts.gstatic.com/s/opensans/v27/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTSGmu1aB.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans%3A300italic%2C400%2C400italic%2C600%2C600italic%2C700%7CRoboto%3A300%2C400%2C400italic%2C500%2C500italic%2C700%2C900&ver=9.7.3
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e3bbdc376b0d9f6584950084b59e7fffc02ca3da87ea543bafe19d4a5e1b9f0e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://thedailyblog.co.nz
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 26 Nov 2021 04:45:57 GMT
x-content-type-options
nosniff
age
399315
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
31272
x-xss-protection
0
last-modified
Thu, 28 Oct 2021 00:30:45 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Sat, 26 Nov 2022 04:45:57 GMT
collect
www.google-analytics.com/j/
2 B
22 B
XHR
General
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j96&a=833964476&t=pageview&_s=1&dl=https%3A%2F%2Fthedailyblog.co.nz%2F&ul=en-us&de=UTF-8&dt=The%20Daily%20Blog&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YAhAAUABAAAAAC~&jid=597139017&gjid=1900242360&cid=1271377222.1638301272&tid=UA-41539225-10&_gid=113896429.1638301272&_r=1&gtm=2ouba1&z=57406350
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://thedailyblog.co.nz/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 30 Nov 2021 19:41:12 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://thedailyblog.co.nz
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/
104 KB
25 KB
XHR
General
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=2771262642247056&correlator=3674118884877988&output=ldjh&impl=fifs&vrg=2021111701&ptt=17&sc=1&sfv=1-0-38&ecs=20211130&iu_parts=9201682%2CTDB_Custom_5_Sidebar&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x600%7C300x250&eri=2&cookie_enabled=1&bc=31&abxe=1&lmt=1638300379&dt=1638301272064&dlt=1638301270255&idt=1628&frm=20&biw=1600&bih=1200&oid=2&adxs=1022&adys=7072&adks=1997834510&ucis=b&ifi=11&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fthedailyblog.co.nz%2F&vis=1&dmc=8&scr_x=0&scr_y=0&psz=300x44&msz=300x0&ga_vid=1271377222.1638301272&ga_sid=1638301272&ga_hid=833964476&ga_fc=true&fws=4&ohw=1164&btvi=6&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&nvt=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021111701.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
cafe /
Resource Hash
0beadc559ed158412d3e2c05023e3d81b622f831cd2398748f5ad38dc3c909a3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://thedailyblog.co.nz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Tue, 30 Nov 2021 19:41:15 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
25773
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://thedailyblog.co.nz
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame E141
0
0
Fetch
General
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjss8ed-Z847yf1FRFk0gOyiqlsTCJpwFFalP-s-KNFb33T4GfwCIJyWTvo18DxucBfhg--HHObFlUJXZY_TzfFph8F33F9uukYlPueB5SDwkuKDRtP4_koYEWm6DK7g4B8CvnJxTu-WqsNQisy7ZqzUZSsmSnqI1ICYm1fJK0zxkpyt-72Urf1a5B_qfE2GBvdZrVxnOhZy2aVcp1lElpRRWB1OwgCIJqCYpQNk8fW8vzxxnm0serH04Xn1pesQOtjcBc7abdLz4XWrn8BD_e87HZ04mGlGwuDrgOHNQV-MRRfOzWnIfVodxMGZtyETBH7oldIk&sai=AMfl-YQPrIo5y-sBKP_371a941joSCgqXRI34XxZImnlk5erx7ma1f0KqhTB-Qt9boqbQfoAvGthdZWuNQzYD22QZBiJ86u4c62RJRGUc6gPPAJdlD19KDLR8Du6x99VxR1U&sig=Cg0ArKJSzIumhKAL1ruGEAE&uach_m=[UACH]&adurl=
Requested by
Host: thedailyblog.co.nz
URL: https://thedailyblog.co.nz/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://thedailyblog.co.nz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 30 Nov 2021 19:41:12 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
expires
Tue, 30 Nov 2021 19:41:12 GMT
abg_lite_fy2019.js
tpc.googlesyndication.com/pagead/js/r20211111/r20110914/ Frame E141
19 KB
8 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20211111/r20110914/abg_lite_fy2019.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021111701.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
65623c8434f7dadaba113a4521a101729ee3e6635e4412f2ccc99fbe6412d15e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://thedailyblog.co.nz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Tue, 30 Nov 2021 19:40:56 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
16
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7840
x-xss-protection
0
server
cafe
etag
9525834815172239946
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 14 Dec 2021 19:40:56 GMT
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20211111/r20110914/client/ Frame E141
2 KB
1 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20211111/r20110914/client/window_focus_fy2019.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021111701.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
36eb26e781bd5df368210633ce1197df38df32820e93c18e48afb04ad1cea627
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://thedailyblog.co.nz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Tue, 30 Nov 2021 19:40:06 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
66
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1332
x-xss-protection
0
server
cafe
etag
3351516697335751560
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 14 Dec 2021 19:40:06 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame E141
119 KB
36 KB
Script
General
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021111701.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8aa335ad864ac08058c857f05f31cc4c1853a014859bd8ebff6d2a54e05813e8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://thedailyblog.co.nz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Tue, 30 Nov 2021 19:41:12 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
37119
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1636547677202025"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Tue, 30 Nov 2021 19:41:12 GMT
l
www.google.com/ads/measurement/ Frame E141
0
0
Image
General
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaTbi81M6n-EFGHcjV95IldSSMsSZQ0CggCNMM9x1mpmz1-3MdLOSPJrq201uP5Ibz_HgdXqPpAmEuf_tMkEz67c3uE5Hw
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021111701.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://thedailyblog.co.nz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

12816479813386492085
tpc.googlesyndication.com/simgad/ Frame E141
13 KB
13 KB
Image
General
Full URL
https://tpc.googlesyndication.com/simgad/12816479813386492085
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021111701.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c9616efe33dcade754cca2b451c6fa9b65c28f2a717c7d4bbc076e3ae11d5992
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://thedailyblog.co.nz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Tue, 30 Nov 2021 06:44:50 GMT
x-content-type-options
nosniff
age
46582
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
12862
x-xss-protection
0
last-modified
Wed, 27 Oct 2021 19:46:43 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Wed, 30 Nov 2022 06:44:50 GMT
ads
securepubads.g.doubleclick.net/gampad/
90 KB
24 KB
XHR
General
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=2771262642247056&correlator=3674118884877988&output=ldjh&impl=fifs&vrg=2021111701&ptt=17&sc=1&sfv=1-0-38&ecs=20211130&iu_parts=9201682%2CTDB_Custom_5_Sidebar&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x600%7C300x250&eri=2&cookie=ID%3Db9c062c731419ff1-227510be1bcc0018%3AT%3D1638301271%3AS%3DALNI_Ma3nIQGjS-9UqCuck1u6ykdB7iTKQ&bc=31&abxe=1&lmt=1638300379&dt=1638301272112&dlt=1638301270255&idt=1628&frm=20&biw=1600&bih=1200&oid=2&adxs=1022&adys=7742&adks=1997834509&ucis=c&ifi=12&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fthedailyblog.co.nz%2F&vis=1&dmc=8&scr_x=0&scr_y=0&psz=300x44&msz=300x0&psts=AGkb-H9ngbzE9TrFdBKEmWAWfA_7sbyuw4BPVJRJ8_msPbQ5U5JOD2rlT1f_M3fS8jn3lf1pz8pptqT-jOzR&ga_vid=1271377222.1638301272&ga_sid=1638301272&ga_hid=833964476&ga_fc=true&fws=4&ohw=1164&btvi=7&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&nvt=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021111701.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
cafe /
Resource Hash
7bc56885b54f01152ef604104f28278df6209a546216f0e2c133a81ff5999e06
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://thedailyblog.co.nz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Tue, 30 Nov 2021 19:41:16 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
24828
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://thedailyblog.co.nz
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
Citizen-A-KL-MB-MH.png
thedailyblog.co.nz/wp-content/uploads/2013/05/
224 KB
224 KB
Image
General
Full URL
https://thedailyblog.co.nz/wp-content/uploads/2013/05/Citizen-A-KL-MB-MH.png
Requested by
Host: thedailyblog.co.nz
URL: https://thedailyblog.co.nz/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
210.5.53.72 , New Zealand, ASN56030 (VOYAGERNET-AS-AP Voyager Internet Ltd., NZ),
Reverse DNS
vps1166.lnx.vps.isx.net.nz
Software
nginx / PleskLin
Resource Hash
2e48e1678c508bc7a9fc6eaacdd41f084266964cef2376dc9cd86b95ec4ad9dc

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://thedailyblog.co.nz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Tue, 30 Nov 2021 19:41:12 GMT
last-modified
Fri, 01 Jul 2016 02:13:31 GMT
server
nginx
x-powered-by
PleskLin
etag
"5775d1cb-38062"
content-type
image/png
accept-ranges
bytes
content-length
229474
ads
securepubads.g.doubleclick.net/gampad/
438 B
257 B
XHR
General
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=2771262642247056&correlator=3674118884877988&output=ldjh&impl=fifs&vrg=2021111701&ptt=17&sc=1&sfv=1-0-38&ecs=20211130&iu_parts=9201682%2CTDB_Footer&enc_prev_ius=%2F0%2F1&prev_iu_szs=728x90&eri=2&cookie=ID%3Db9c062c731419ff1-227510be1bcc0018%3AT%3D1638301271%3AS%3DALNI_Ma3nIQGjS-9UqCuck1u6ykdB7iTKQ&bc=31&abxe=1&lmt=1638300379&dt=1638301272120&dlt=1638301270255&idt=1628&frm=20&biw=1600&bih=1200&oid=2&adxs=436&adys=9044&adks=2328761135&ucis=d&ifi=13&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fthedailyblog.co.nz%2F&vis=1&dmc=8&scr_x=0&scr_y=0&psz=728x0&msz=728x0&psts=AGkb-H9ngbzE9TrFdBKEmWAWfA_7sbyuw4BPVJRJ8_msPbQ5U5JOD2rlT1f_M3fS8jn3lf1pz8pptqT-jOzR&ga_vid=1271377222.1638301272&ga_sid=1638301272&ga_hid=833964476&ga_fc=true&fws=4&ohw=1600&btvi=8&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&nvt=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021111701.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
cafe /
Resource Hash
6abd20d7799972da16c835c68da65121bc4722c77bb62b0a4d4c62cc87f205dd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://thedailyblog.co.nz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Tue, 30 Nov 2021 19:41:15 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
226
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://thedailyblog.co.nz
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/j/
1 B
441 B
XHR
General
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-41539225-10&cid=1271377222.1638301272&jid=597139017&gjid=1900242360&_gid=113896429.1638301272&_u=YAhAAUAAAAAAAC~&z=476865949
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c06::9c Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://thedailyblog.co.nz/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
date
Tue, 30 Nov 2021 19:41:12 GMT
content-type
text/plain
access-control-allow-origin
https://thedailyblog.co.nz
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1
expires
Fri, 01 Jan 1990 00:00:00 GMT
counter.js
secure.statcounter.com/counter/
39 KB
13 KB
Script
General
Full URL
https://secure.statcounter.com/counter/counter.js
Requested by
Host: thedailyblog.co.nz
URL: https://thedailyblog.co.nz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.20.228.67 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e9573e931158bcc83146a7882d6c298c1adf3828b6c785af7cbb9fd9d25ad884

Request headers

Referer
https://thedailyblog.co.nz/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Intervention
<https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

date
Tue, 30 Nov 2021 19:41:12 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Tue, 12 Oct 2021 11:08:17 GMT
server
cloudflare
age
30029
etag
W/"61656ca1-9cdd"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/x-javascript
cache-control
max-age=43200
cf-ray
6b668d470f124a98-FRA
expires
Tue, 30 Nov 2021 23:20:43 GMT
www-player-webp.css
www.youtube.com/s/player/10df06bb/ Frame CD20
336 KB
46 KB
Stylesheet
General
Full URL
https://www.youtube.com/s/player/10df06bb/www-player-webp.css
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/mG3nm_a0D0U
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3c55743b58d342599d6de2048f24e73a34db12343acaf87b41083cb90d35304f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.youtube.com/embed/mG3nm_a0D0U
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Tue, 30 Nov 2021 12:05:09 GMT
content-encoding
br
x-content-type-options
nosniff
age
27363
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
47200
x-xss-protection
0
last-modified
Tue, 23 Nov 2021 14:49:27 GMT
server
sffe
vary
Accept-Encoding, Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
text/css
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Wed, 30 Nov 2022 12:05:09 GMT
www-embed-player.js
www.youtube.com/s/player/10df06bb/www-embed-player.vflset/ Frame CD20
215 KB
70 KB
Script
General
Full URL
https://www.youtube.com/s/player/10df06bb/www-embed-player.vflset/www-embed-player.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/mG3nm_a0D0U
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5241d3458a6081971613b26af579e3e5bb320d399bd699bf0b943f72f10271ef
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.youtube.com/embed/mG3nm_a0D0U
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Tue, 30 Nov 2021 13:07:43 GMT
content-encoding
br
x-content-type-options
nosniff
age
23609
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
71977
x-xss-protection
0
last-modified
Tue, 23 Nov 2021 14:49:27 GMT
server
sffe
vary
Accept-Encoding, Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Wed, 30 Nov 2022 13:07:43 GMT
base.js
www.youtube.com/s/player/10df06bb/player_ias.vflset/de_DE/ Frame CD20
2 MB
523 KB
Script
General
Full URL
https://www.youtube.com/s/player/10df06bb/player_ias.vflset/de_DE/base.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/mG3nm_a0D0U
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4ade01c43a6a30c054628dabd4b086ca6566c6421ed69ccb37af29c642cc50c6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.youtube.com/embed/mG3nm_a0D0U
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Tue, 30 Nov 2021 16:02:34 GMT
content-encoding
br
x-content-type-options
nosniff
age
13118
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
535067
x-xss-protection
0
last-modified
Tue, 23 Nov 2021 14:49:27 GMT
server
sffe
vary
Accept-Encoding, Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Wed, 30 Nov 2022 16:02:34 GMT
fetch-polyfill.js
www.youtube.com/s/player/10df06bb/fetch-polyfill.vflset/ Frame CD20
8 KB
3 KB
Script
General
Full URL
https://www.youtube.com/s/player/10df06bb/fetch-polyfill.vflset/fetch-polyfill.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/mG3nm_a0D0U
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
de6c4ffa2bd9fd283610e28d0db2ec48607aab39d213a51aef248673a0a7e980
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.youtube.com/embed/mG3nm_a0D0U
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Tue, 30 Nov 2021 06:13:47 GMT
content-encoding
br
x-content-type-options
nosniff
age
48445
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2830
x-xss-protection
0
last-modified
Tue, 23 Nov 2021 14:49:27 GMT
server
sffe
vary
Accept-Encoding, Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Wed, 30 Nov 2022 06:13:47 GMT
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame CD20
15 KB
15 KB
Font
General
Full URL
https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/mG3nm_a0D0U
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.youtube.com/
Origin
https://www.youtube.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Tue, 30 Nov 2021 17:06:41 GMT
x-content-type-options
nosniff
age
9271
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15344
x-xss-protection
0
last-modified
Mon, 16 Oct 2017 17:32:55 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Wed, 30 Nov 2022 17:06:41 GMT
t.php
c.statcounter.com/
348 B
696 B
XHR
General
Full URL
https://c.statcounter.com/t.php?sc_project=11553132&u1=9385628C54634F5DCF09C56971DC6A94&java=1&security=2e55f0b2&sc_snum=1&sess=30eed3&sc_rum_e_s=3218&sc_rum_e_e=3224&sc_rum_f_s=0&sc_rum_f_e=3210&p=0&rcat=d&rdom=d&rdomg=new&bb=1&jg=new&rr=1.1.1.1.1.1.1.1.1&resolution=1600&h=1200&camefrom=&u=https%3A//thedailyblog.co.nz/&t=The%20Daily%20Blog&get_config=true
Requested by
Host: secure.statcounter.com
URL: https://secure.statcounter.com/counter/counter.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.20.228.67 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7b228b131f5265f370bf12a87c6a517aaa06fcd9f53adce94ecf5805fe3d0b60

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://thedailyblog.co.nz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Tue, 30 Nov 2021 19:41:12 GMT
content-encoding
br
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
cf-ray
6b668d4778634a98-FRA
p3p
policyref="http://www.statcounter.com/w3c/p3p.xml", CP="ADMa OUR COM NAV NID DSP NOI COR"
access-control-allow-origin
https://thedailyblog.co.nz
access-control-allow-credentials
true
content-type
application/json
expires
Mon, 26 Jul 1997 05:00:00 GMT
player_api
www.youtube.com/
980 B
512 B
Script
General
Full URL
https://www.youtube.com/player_api?_=1638301271560
Requested by
Host: thedailyblog.co.nz
URL: https://thedailyblog.co.nz/wp-includes/js/jquery/jquery.min.js?ver=3.6.0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
5c5213ae9607e223883edb6fc2e766c15e2de3916e76855a226f8b539cce6b2b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://thedailyblog.co.nz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Tue, 30 Nov 2021 19:41:12 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
server
ESF
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=31536000
report-to
{"group":"AXrpQdexiF0ssZ_nH8Dr-M3QgbdVRvO77RECMA","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/encsid_AXrpQdexiF0ssZ_nH8Dr-M3QgbdVRvO77RECMA"}]}
content-type
text/javascript; charset=utf-8
cache-control
private, max-age=0
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-model=*, ch-ua-platform=*, ch-ua-platform-version=*
cross-origin-opener-policy-report-only
same-origin; report-to="AXrpQdexiF0ssZ_nH8Dr-M3QgbdVRvO77RECMA"
expires
Tue, 30 Nov 2021 19:41:12 GMT
truncated
/ Frame E141
211 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
037a1f8c14829784d3d6b6eb8889da5c955e253440c8f587ea65a14451dc1549

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Content-Type
image/png
view
securepubads.g.doubleclick.net/pcs/ Frame E141
0
0
Fetch
General
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuSXYEjcy3FMake_mvtscBH5oz5S850pb0EKOP_FkHznGI6HFEqHJH61rppf0wniCbM8SBg7LDmw-MQwGD5ly0AmOs-ZHu5zNPRMGWHkMuNjy0JS6TWpP3pISsr_4SN0EDGiTJyk2bfHTU7YVHbGvHkWZBnEUfm0Bsp36FYQNi8xQNvnm-l5ylUSU9lFs4of9c5CTtFUlvGCg5ddseP3vYZdRRT5jS5S_uGnpTmKMUG8xPQoKNUoe3KDeDbl11EdZYNL6661dAP4Jm724PmNTxB73yOl3D4DqpEADl4RkLtu7ICN3Hqk11RXlMX2ccra9aT5SPaoQ&sai=AMfl-YQUYYXUlnO0alGZF1wJSh1tApk_HrG26DyRa0vhFww7YEUeIRuHJ6yJbJoc3L4dk8eLBTNVlyzVk2Cy1p-9_kNHJJPyvBQPdLDuHAxIgTVWAgCOdeEmYn0_8bKrCH68&sig=Cg0ArKJSzFMhyO_2LzgTEAE&uach_m=[UACH]&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0%3D&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://thedailyblog.co.nz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 30 Nov 2021 19:41:12 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
expires
Tue, 30 Nov 2021 19:41:12 GMT
www-widgetapi.js
www.youtube.com/s/player/10df06bb/www-widgetapi.vflset/
146 KB
48 KB
Script
General
Full URL
https://www.youtube.com/s/player/10df06bb/www-widgetapi.vflset/www-widgetapi.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/player_api?_=1638301271560
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7baeed670b9dfe277223ef349839f35391de32a5c4df26f241c90c1d878a30fd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://thedailyblog.co.nz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Tue, 30 Nov 2021 16:07:28 GMT
content-encoding
br
x-content-type-options
nosniff
age
12824
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
48723
x-xss-protection
0
last-modified
Tue, 23 Nov 2021 14:49:27 GMT
server
sffe
vary
Accept-Encoding, Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Wed, 30 Nov 2022 16:07:28 GMT
id
googleads.g.doubleclick.net/pagead/ Frame CD20
113 B
723 B
XHR
General
Full URL
https://googleads.g.doubleclick.net/pagead/id
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/10df06bb/www-embed-player.vflset/www-embed-player.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e64ecccb52fdb8676562da8fec80716ca7138b6d139422adfce24eec42c4eab0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Tue, 30 Nov 2021 19:41:12 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
133
x-xss-protection
0
pragma
no-cache
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://www.youtube.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ad_status.js
static.doubleclick.net/instream/ Frame CD20
29 B
588 B
Script
General
Full URL
https://static.doubleclick.net/instream/ad_status.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/10df06bb/www-embed-player.vflset/www-embed-player.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Tue, 30 Nov 2021 19:27:28 GMT
x-content-type-options
nosniff
age
824
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
29
x-xss-protection
0
last-modified
Thu, 12 Dec 2013 23:40:16 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=900
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 30 Nov 2021 19:42:28 GMT
remote.js
www.youtube.com/s/player/10df06bb/player_ias.vflset/de_DE/ Frame CD20
94 KB
29 KB
Script
General
Full URL
https://www.youtube.com/s/player/10df06bb/player_ias.vflset/de_DE/remote.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/10df06bb/player_ias.vflset/de_DE/base.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
54f22aa5e8ca501f9a326bb2bfd66cda703af49194cbca042413ce710855d662
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.youtube.com/embed/mG3nm_a0D0U
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Tue, 30 Nov 2021 16:02:37 GMT
content-encoding
br
x-content-type-options
nosniff
age
13115
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
29859
x-xss-protection
0
last-modified
Tue, 23 Nov 2021 14:49:27 GMT
server
sffe
vary
Accept-Encoding, Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Wed, 30 Nov 2022 16:02:37 GMT
TEwuquBp3QwJuFHIV_KXdL761CQTMLpoUpbSVkNeo80.js
www.google.com/js/th/ Frame CD20
35 KB
13 KB
Script
General
Full URL
https://www.google.com/js/th/TEwuquBp3QwJuFHIV_KXdL761CQTMLpoUpbSVkNeo80.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/10df06bb/player_ias.vflset/de_DE/base.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4c4c2eaae069dd0c09b851c857f29774befad4241330ba685296d256435ea3cd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Mon, 29 Nov 2021 15:04:12 GMT
content-encoding
br
x-content-type-options
nosniff
age
103020
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13375
x-xss-protection
0
last-modified
Fri, 12 Nov 2021 10:00:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Tue, 29 Nov 2022 15:04:12 GMT
embed.js
www.youtube.com/s/player/10df06bb/player_ias.vflset/de_DE/ Frame CD20
24 KB
7 KB
Script
General
Full URL
https://www.youtube.com/s/player/10df06bb/player_ias.vflset/de_DE/embed.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/10df06bb/player_ias.vflset/de_DE/base.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3b79552b464a6cae059926b71822dc20c7eeabec6336b43b6d3074f00561a9e7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.youtube.com/embed/mG3nm_a0D0U
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Tue, 30 Nov 2021 16:02:31 GMT
content-encoding
br
x-content-type-options
nosniff
age
13121
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7355
x-xss-protection
0
last-modified
Tue, 23 Nov 2021 14:49:27 GMT
server
sffe
vary
Accept-Encoding, Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Wed, 30 Nov 2022 16:02:31 GMT
truncated
/ Frame CD20
175 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
67ea46bc3d15351067faccb3613bd833dd3f15137a4b4a09f2e873fd41d024d2

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Content-Type
image/png
AKedOLSJ14sB0CtJhMb88MGQ786nK_zDJJYJo4Pf5scO=s68-c-k-c0x00ffffff-no-rj
yt3.ggpht.com/ytc/ Frame CD20
3 KB
3 KB
Image
General
Full URL
https://yt3.ggpht.com/ytc/AKedOLSJ14sB0CtJhMb88MGQ786nK_zDJJYJo4Pf5scO=s68-c-k-c0x00ffffff-no-rj
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/mG3nm_a0D0U
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
353dd6889e2b035cfcc5f805e5422819a218a618f8b6ce7380c1ae1f2c2e0d18
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Tue, 30 Nov 2021 17:11:10 GMT
x-content-type-options
nosniff
age
9002
content-disposition
inline;filename="unnamed.jpg"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2595
x-xss-protection
0
server
fife
etag
"v1d"
vary
Origin
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
timing-allow-origin
*
expires
Thu, 18 Nov 2021 05:35:09 GMT
default.jpg
i.ytimg.com/vi/mG3nm_a0D0U/ Frame CD20
4 KB
5 KB
Image
General
Full URL
https://i.ytimg.com/vi/mG3nm_a0D0U/default.jpg
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/mG3nm_a0D0U
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2016 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b5f671e0af697ecab4baa111def1d10fc177a156542554c954adc63c33ba9ea8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Tue, 30 Nov 2021 19:21:48 GMT
x-content-type-options
nosniff
age
1164
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/youtube
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4051
x-xss-protection
0
server
sffe
etag
"1637801908"
vary
Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
image/jpeg
cache-control
public, max-age=7200
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Tue, 30 Nov 2021 21:21:48 GMT
truncated
/
171 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
5d54dcd77074f01887904d8c513df01f4263607b438f5a98a3366f192b908d75

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Content-Type
image/gif
cvga01tHYRc
www.youtube.com/embed/ Frame C51A
60 KB
24 KB
Document
General
Full URL
https://www.youtube.com/embed/cvga01tHYRc?autoplay=0&enablejsapi=1&origin=https%3A%2F%2Fthedailyblog.co.nz&widgetid=1
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/10df06bb/www-widgetapi.vflset/www-widgetapi.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
6f5bb2c93033629733463ca6445e17b5e6d1978a4d62ed5910216f7c598337d5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://thedailyblog.co.nz/

Response headers

content-type
text/html; charset=utf-8
x-content-type-options
nosniff
cache-control
no-cache, no-store, max-age=0, must-revalidate
pragma
no-cache
expires
Mon, 01 Jan 1990 00:00:00 GMT
date
Tue, 30 Nov 2021 19:41:12 GMT
strict-transport-security
max-age=31536000
report-to
{"group":"AXrpQdexiF0ssZ_nH8Dr-M3QgbdVRvO77RECMA","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/encsid_AXrpQdexiF0ssZ_nH8Dr-M3QgbdVRvO77RECMA"}]}
cross-origin-opener-policy-report-only
same-origin; report-to="AXrpQdexiF0ssZ_nH8Dr-M3QgbdVRvO77RECMA"
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-model=*, ch-ua-platform=*, ch-ua-platform-version=*
content-encoding
br
server
ESF
x-xss-protection
0
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cast_sender.js
www.gstatic.com/cv/js/sender/v1/ Frame CD20
4 KB
3 KB
Script
General
Full URL
https://www.gstatic.com/cv/js/sender/v1/cast_sender.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/10df06bb/player_ias.vflset/de_DE/base.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ee147e859ad0f09aa50367974e38ab53e7c7054c4a51d400a7f45b0eb251454f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Tue, 30 Nov 2021 19:41:12 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/cloudview
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2007
x-xss-protection
0
last-modified
Tue, 16 Feb 2021 23:57:06 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="cloudview"
vary
Accept-Encoding
report-to
{"group":"cloudview","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/cloudview"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Tue, 30 Nov 2021 19:41:12 GMT
generate_204
www.youtube.com/ Frame CD20
0
9 B
Image
General
Full URL
https://www.youtube.com/generate_204?sK9iaw
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/mG3nm_a0D0U
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.youtube.com/embed/mG3nm_a0D0U
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Tue, 30 Nov 2021 19:41:12 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
www-player-webp.css
www.youtube.com/s/player/10df06bb/ Frame C51A
336 KB
46 KB
Stylesheet
General
Full URL
https://www.youtube.com/s/player/10df06bb/www-player-webp.css
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/cvga01tHYRc?autoplay=0&enablejsapi=1&origin=https%3A%2F%2Fthedailyblog.co.nz&widgetid=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3c55743b58d342599d6de2048f24e73a34db12343acaf87b41083cb90d35304f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.youtube.com/embed/cvga01tHYRc?autoplay=0&enablejsapi=1&origin=https%3A%2F%2Fthedailyblog.co.nz&widgetid=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Tue, 30 Nov 2021 12:05:09 GMT
content-encoding
br
x-content-type-options
nosniff
age
27363
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
47200
x-xss-protection
0
last-modified
Tue, 23 Nov 2021 14:49:27 GMT
server
sffe
vary
Accept-Encoding, Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
text/css
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Wed, 30 Nov 2022 12:05:09 GMT
www-embed-player.js
www.youtube.com/s/player/10df06bb/www-embed-player.vflset/ Frame C51A
215 KB
70 KB
Script
General
Full URL
https://www.youtube.com/s/player/10df06bb/www-embed-player.vflset/www-embed-player.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/cvga01tHYRc?autoplay=0&enablejsapi=1&origin=https%3A%2F%2Fthedailyblog.co.nz&widgetid=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5241d3458a6081971613b26af579e3e5bb320d399bd699bf0b943f72f10271ef
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.youtube.com/embed/cvga01tHYRc?autoplay=0&enablejsapi=1&origin=https%3A%2F%2Fthedailyblog.co.nz&widgetid=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Tue, 30 Nov 2021 13:07:43 GMT
content-encoding
br
x-content-type-options
nosniff
age
23609
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
71977
x-xss-protection
0
last-modified
Tue, 23 Nov 2021 14:49:27 GMT
server
sffe
vary
Accept-Encoding, Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Wed, 30 Nov 2022 13:07:43 GMT
base.js
www.youtube.com/s/player/10df06bb/player_ias.vflset/de_DE/ Frame C51A
2 MB
523 KB
Script
General
Full URL
https://www.youtube.com/s/player/10df06bb/player_ias.vflset/de_DE/base.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/cvga01tHYRc?autoplay=0&enablejsapi=1&origin=https%3A%2F%2Fthedailyblog.co.nz&widgetid=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4ade01c43a6a30c054628dabd4b086ca6566c6421ed69ccb37af29c642cc50c6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.youtube.com/embed/cvga01tHYRc?autoplay=0&enablejsapi=1&origin=https%3A%2F%2Fthedailyblog.co.nz&widgetid=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Tue, 30 Nov 2021 16:02:34 GMT
content-encoding
br
x-content-type-options
nosniff
age
13118
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
535067
x-xss-protection
0
last-modified
Tue, 23 Nov 2021 14:49:27 GMT
server
sffe
vary
Accept-Encoding, Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Wed, 30 Nov 2022 16:02:34 GMT
fetch-polyfill.js
www.youtube.com/s/player/10df06bb/fetch-polyfill.vflset/ Frame C51A
8 KB
3 KB
Script
General
Full URL
https://www.youtube.com/s/player/10df06bb/fetch-polyfill.vflset/fetch-polyfill.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/cvga01tHYRc?autoplay=0&enablejsapi=1&origin=https%3A%2F%2Fthedailyblog.co.nz&widgetid=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
de6c4ffa2bd9fd283610e28d0db2ec48607aab39d213a51aef248673a0a7e980
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.youtube.com/embed/cvga01tHYRc?autoplay=0&enablejsapi=1&origin=https%3A%2F%2Fthedailyblog.co.nz&widgetid=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Tue, 30 Nov 2021 06:13:47 GMT
content-encoding
br
x-content-type-options
nosniff
age
48445
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2830
x-xss-protection
0
last-modified
Tue, 23 Nov 2021 14:49:27 GMT
server
sffe
vary
Accept-Encoding, Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Wed, 30 Nov 2022 06:13:47 GMT
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame C51A
15 KB
15 KB
Font
General
Full URL
https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/cvga01tHYRc?autoplay=0&enablejsapi=1&origin=https%3A%2F%2Fthedailyblog.co.nz&widgetid=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.youtube.com/
Origin
https://www.youtube.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Tue, 30 Nov 2021 17:06:41 GMT
x-content-type-options
nosniff
age
9271
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15344
x-xss-protection
0
last-modified
Mon, 16 Oct 2017 17:32:55 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Wed, 30 Nov 2022 17:06:41 GMT
cast_sender.js
www.gstatic.com/eureka/clank/96/ Frame CD20
52 KB
15 KB
Script
General
Full URL
https://www.gstatic.com/eureka/clank/96/cast_sender.js
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/cv/js/sender/v1/cast_sender.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
25fcfee1ad623c5654d6a20d5936f56999688ce944da13f9ea606cf4b9fc18d5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Tue, 30 Nov 2021 13:57:15 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
20637
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/cloudview-release
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15236
x-xss-protection
0
last-modified
Mon, 04 Oct 2021 15:10:33 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"cloudview-release","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/cloudview-release"}]}
content-type
text/javascript
cache-control
public, max-age=86400
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="cloudview-release"
expires
Wed, 01 Dec 2021 13:57:15 GMT
id
googleads.g.doubleclick.net/pagead/ Frame C51A
113 B
159 B
XHR
General
Full URL
https://googleads.g.doubleclick.net/pagead/id
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/10df06bb/www-embed-player.vflset/www-embed-player.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
f67468353051bd55e02f4851f957e9ee695c3f1e5a6b5353503ca548d2a62bd4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Tue, 30 Nov 2021 19:41:12 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
133
x-xss-protection
0
pragma
no-cache
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://www.youtube.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ad_status.js
static.doubleclick.net/instream/ Frame C51A
29 B
54 B
Script
General
Full URL
https://static.doubleclick.net/instream/ad_status.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/10df06bb/www-embed-player.vflset/www-embed-player.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Tue, 30 Nov 2021 19:27:28 GMT
x-content-type-options
nosniff
age
824
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
29
x-xss-protection
0
last-modified
Thu, 12 Dec 2013 23:40:16 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=900
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 30 Nov 2021 19:42:28 GMT
remote.js
www.youtube.com/s/player/10df06bb/player_ias.vflset/de_DE/ Frame C51A
94 KB
29 KB
Script
General
Full URL
https://www.youtube.com/s/player/10df06bb/player_ias.vflset/de_DE/remote.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/10df06bb/player_ias.vflset/de_DE/base.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
54f22aa5e8ca501f9a326bb2bfd66cda703af49194cbca042413ce710855d662
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.youtube.com/embed/cvga01tHYRc?autoplay=0&enablejsapi=1&origin=https%3A%2F%2Fthedailyblog.co.nz&widgetid=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Tue, 30 Nov 2021 16:02:37 GMT
content-encoding
br
x-content-type-options
nosniff
age
13115
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
29859
x-xss-protection
0
last-modified
Tue, 23 Nov 2021 14:49:27 GMT
server
sffe
vary
Accept-Encoding, Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Wed, 30 Nov 2022 16:02:37 GMT
TEwuquBp3QwJuFHIV_KXdL761CQTMLpoUpbSVkNeo80.js
www.google.com/js/th/ Frame C51A
35 KB
13 KB
Script
General
Full URL
https://www.google.com/js/th/TEwuquBp3QwJuFHIV_KXdL761CQTMLpoUpbSVkNeo80.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/10df06bb/player_ias.vflset/de_DE/base.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4c4c2eaae069dd0c09b851c857f29774befad4241330ba685296d256435ea3cd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Mon, 29 Nov 2021 15:04:12 GMT
content-encoding
br
x-content-type-options
nosniff
age
103020
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13375
x-xss-protection
0
last-modified
Fri, 12 Nov 2021 10:00:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Tue, 29 Nov 2022 15:04:12 GMT
embed.js
www.youtube.com/s/player/10df06bb/player_ias.vflset/de_DE/ Frame C51A
24 KB
7 KB
Script
General
Full URL
https://www.youtube.com/s/player/10df06bb/player_ias.vflset/de_DE/embed.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/10df06bb/player_ias.vflset/de_DE/base.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3b79552b464a6cae059926b71822dc20c7eeabec6336b43b6d3074f00561a9e7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.youtube.com/embed/cvga01tHYRc?autoplay=0&enablejsapi=1&origin=https%3A%2F%2Fthedailyblog.co.nz&widgetid=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Tue, 30 Nov 2021 16:02:31 GMT
content-encoding
br
x-content-type-options
nosniff
age
13121
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7355
x-xss-protection
0
last-modified
Tue, 23 Nov 2021 14:49:27 GMT
server
sffe
vary
Accept-Encoding, Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Wed, 30 Nov 2022 16:02:31 GMT
truncated
/ Frame C51A
175 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
67ea46bc3d15351067faccb3613bd833dd3f15137a4b4a09f2e873fd41d024d2

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Content-Type
image/png
AKedOLSJ14sB0CtJhMb88MGQ786nK_zDJJYJo4Pf5scO=s68-c-k-c0x00ffffff-no-rj
yt3.ggpht.com/ytc/ Frame C51A
3 KB
3 KB
Image
General
Full URL
https://yt3.ggpht.com/ytc/AKedOLSJ14sB0CtJhMb88MGQ786nK_zDJJYJo4Pf5scO=s68-c-k-c0x00ffffff-no-rj
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/cvga01tHYRc?autoplay=0&enablejsapi=1&origin=https%3A%2F%2Fthedailyblog.co.nz&widgetid=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
353dd6889e2b035cfcc5f805e5422819a218a618f8b6ce7380c1ae1f2c2e0d18
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Tue, 30 Nov 2021 17:11:10 GMT
x-content-type-options
nosniff
age
9002
content-disposition
inline;filename="unnamed.jpg"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2595
x-xss-protection
0
server
fife
etag
"v1d"
vary
Origin
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
timing-allow-origin
*
expires
Thu, 18 Nov 2021 05:35:09 GMT
maxresdefault.jpg
i.ytimg.com/vi/cvga01tHYRc/ Frame C51A
90 KB
90 KB
Image
General
Full URL
https://i.ytimg.com/vi/cvga01tHYRc/maxresdefault.jpg
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/cvga01tHYRc?autoplay=0&enablejsapi=1&origin=https%3A%2F%2Fthedailyblog.co.nz&widgetid=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2016 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c240a5146daf94f9fa762825b3d88545b0b8301b261ff0782b22016c17fc8add
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Tue, 30 Nov 2021 19:39:19 GMT
x-content-type-options
nosniff
age
113
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
91733
x-xss-protection
0
server
sffe
etag
"1629952402"
vary
Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
image/jpeg
cache-control
public, max-age=7200
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Tue, 30 Nov 2021 21:39:19 GMT
cast_sender.js
www.gstatic.com/cv/js/sender/v1/ Frame C51A
4 KB
2 KB
Script
General
Full URL
https://www.gstatic.com/cv/js/sender/v1/cast_sender.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/10df06bb/player_ias.vflset/de_DE/base.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ee147e859ad0f09aa50367974e38ab53e7c7054c4a51d400a7f45b0eb251454f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Tue, 30 Nov 2021 19:41:13 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/cloudview
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2007
x-xss-protection
0
last-modified
Tue, 16 Feb 2021 23:57:06 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="cloudview"
vary
Accept-Encoding
report-to
{"group":"cloudview","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/cloudview"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Tue, 30 Nov 2021 19:41:13 GMT
generate_204
www.youtube.com/ Frame C51A
0
9 B
Image
General
Full URL
https://www.youtube.com/generate_204?ICGdOA
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/cvga01tHYRc?autoplay=0&enablejsapi=1&origin=https%3A%2F%2Fthedailyblog.co.nz&widgetid=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.youtube.com/embed/cvga01tHYRc?autoplay=0&enablejsapi=1&origin=https%3A%2F%2Fthedailyblog.co.nz&widgetid=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Tue, 30 Nov 2021 19:41:13 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
cast_sender.js
www.gstatic.com/eureka/clank/96/ Frame C51A
52 KB
15 KB
Script
General
Full URL
https://www.gstatic.com/eureka/clank/96/cast_sender.js
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/cv/js/sender/v1/cast_sender.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
25fcfee1ad623c5654d6a20d5936f56999688ce944da13f9ea606cf4b9fc18d5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Tue, 30 Nov 2021 13:57:15 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
20638
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/cloudview-release
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15236
x-xss-protection
0
last-modified
Mon, 04 Oct 2021 15:10:33 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"cloudview-release","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/cloudview-release"}]}
content-type
text/javascript
cache-control
public, max-age=86400
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="cloudview-release"
expires
Wed, 01 Dec 2021 13:57:15 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame 2273
0
0
Fetch
General
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssnQHqRL-c_NJBAftHB7O53NrOWhpoQGBqC5ydRbQFvgIvu38ugIvR8N1VEAi5xbuQe6ivAt6wk6DR8xRT94IFp7MIF7mBALy51mS64mXRRGKwmsLJ6YT_P5K7YI-5QV4GQWpBT6Oo1NcYOLM5_krwHXsXhm5o-9pFiz5r1HjVbwD4M0rDaQM6E6ZKW4VYZo7ZvcbSswV48PmPgTFuxw7J9L6s_afdISPVER0Cw9ZG80z5V2457uz20zz0c54UUGN93kS4rdoKl7QgjGKVjlkNR-C2VctULNVqRbV2Poo8MR8DOMKTb4DYmzcQ_IQM20yIhtWRwQA&sai=AMfl-YSJuZxmU8R1xPdQczAIyJlhDS8rmmZw_NHHAbO83OxhCWUA3QZb1QJrPVkHlWcRscuO9SYgRGK2bn7_h9mf3Y1_9iEAkj4bNMy1v6TzGdYdqh775Sndk4Y-1LVF-3c&sig=Cg0ArKJSzEw_AcTe4ZwYEAE&uach_m=[UACH]&adurl=
Requested by
Host: thedailyblog.co.nz
URL: https://thedailyblog.co.nz/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://thedailyblog.co.nz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 30 Nov 2021 19:41:13 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
abg_lite_fy2019.js
tpc.googlesyndication.com/pagead/js/r20211111/r20110914/ Frame 2273
19 KB
8 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20211111/r20110914/abg_lite_fy2019.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021111701.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
65623c8434f7dadaba113a4521a101729ee3e6635e4412f2ccc99fbe6412d15e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://thedailyblog.co.nz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Tue, 30 Nov 2021 19:39:58 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
75
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7840
x-xss-protection
0
server
cafe
etag
9525834815172239946
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 14 Dec 2021 19:39:58 GMT
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20211111/r20110914/client/ Frame 2273
2 KB
1 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20211111/r20110914/client/window_focus_fy2019.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021111701.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
36eb26e781bd5df368210633ce1197df38df32820e93c18e48afb04ad1cea627
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://thedailyblog.co.nz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Tue, 30 Nov 2021 19:40:06 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
67
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1332
x-xss-protection
0
server
cafe
etag
3351516697335751560
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 14 Dec 2021 19:40:06 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 2273
119 KB
36 KB
Script
General
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021111701.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8aa335ad864ac08058c857f05f31cc4c1853a014859bd8ebff6d2a54e05813e8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://thedailyblog.co.nz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Tue, 30 Nov 2021 19:41:13 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
37119
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1636547677202025"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Tue, 30 Nov 2021 19:41:13 GMT
2583571175871041583
tpc.googlesyndication.com/simgad/ Frame 2273
50 KB
50 KB
Image
General
Full URL
https://tpc.googlesyndication.com/simgad/2583571175871041583
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021111701.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4d9b4c9c0fb4555dc93155778ce71c918f42a46e212d1e1358eeca27df4135c2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://thedailyblog.co.nz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Wed, 24 Nov 2021 07:40:01 GMT
x-content-type-options
nosniff
age
561672
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
51163
x-xss-protection
0
last-modified
Tue, 25 Aug 2020 20:32:38 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Thu, 24 Nov 2022 07:40:01 GMT
amp4ads-v0.mjs
cdn.ampproject.org/rtv/012111011823000/ Frame A0E3
189 KB
55 KB
Script
General
Full URL
https://cdn.ampproject.org/rtv/012111011823000/amp4ads-v0.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021111701.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
98ba8f881333898d751dabe4f8b4cacc4489a9f5b6b4fd1fc67c571dbfec95cf
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://thedailyblog.co.nz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
271181
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
55592
x-xss-protection
0
server
sffe
date
Sat, 27 Nov 2021 16:21:32 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"11dee2040f5fc1d7"
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Sun, 27 Nov 2022 16:21:32 GMT
amp-ad-exit-0.1.mjs
cdn.ampproject.org/rtv/012111011823000/v0/ Frame A0E3
13 KB
5 KB
Script
General
Full URL
https://cdn.ampproject.org/rtv/012111011823000/v0/amp-ad-exit-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021111701.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
65f6185cfe1cf88fa7981160dd6fa443e111887215b72953718ea70f8e2ba9f2
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://thedailyblog.co.nz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
271181
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4992
x-xss-protection
0
server
sffe
date
Sat, 27 Nov 2021 16:21:32 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"858600ba27ef7413"
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Sun, 27 Nov 2022 16:21:32 GMT
amp-analytics-0.1.mjs
cdn.ampproject.org/rtv/012111011823000/v0/ Frame A0E3
89 KB
28 KB
Script
General
Full URL
https://cdn.ampproject.org/rtv/012111011823000/v0/amp-analytics-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021111701.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
9e97fc43ecd2f16948c3a8d2de65e0e5483db4ed5ab174058c178ca1c8665d0b
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://thedailyblog.co.nz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
271181
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
28555
x-xss-protection
0
server
sffe
date
Sat, 27 Nov 2021 16:21:32 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"a64e482645fd262b"
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Sun, 27 Nov 2022 16:21:32 GMT
amp-bind-0.1.mjs
cdn.ampproject.org/rtv/012111011823000/v0/ Frame A0E3
39 KB
14 KB
Script
General
Full URL
https://cdn.ampproject.org/rtv/012111011823000/v0/amp-bind-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021111701.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
cdc5c77fe8175f57d1dfab4cfb8085616d8134bc78125aef0ad20e94eabea2f5
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://thedailyblog.co.nz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
603366
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13809
x-xss-protection
0
server
sffe
date
Tue, 23 Nov 2021 20:05:07 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"6246efd7e09cdfdf"
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Wed, 23 Nov 2022 20:05:07 GMT
amp-fit-text-0.1.mjs
cdn.ampproject.org/rtv/012111011823000/v0/ Frame A0E3
5 KB
2 KB
Script
General
Full URL
https://cdn.ampproject.org/rtv/012111011823000/v0/amp-fit-text-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021111701.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3d76ab4ac854cafef51bbbb5177ea75816df90e3c775294991a016404f2b6bb5
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://thedailyblog.co.nz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
271181
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1731
x-xss-protection
0
server
sffe
date
Sat, 27 Nov 2021 16:21:32 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"cb4f0e89d7d37d9b"
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Sun, 27 Nov 2022 16:21:32 GMT
amp-form-0.1.mjs
cdn.ampproject.org/rtv/012111011823000/v0/ Frame A0E3
40 KB
13 KB
Script
General
Full URL
https://cdn.ampproject.org/rtv/012111011823000/v0/amp-form-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021111701.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
9a630b852e94f20cb8140704fd830bf40bfea0a2effaa67d06a0eadafbf3d508
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://thedailyblog.co.nz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
271181
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
12826
x-xss-protection
0
server
sffe
date
Sat, 27 Nov 2021 16:21:32 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"f02165e023e70703"
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Sun, 27 Nov 2022 16:21:32 GMT
css
fonts.googleapis.com/ Frame A0E3
3 KB
579 B
Stylesheet
General
Full URL
https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021111701.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
32b5c88160bab78ae20a39de4a8abe015f4f4c5d48be8300a6686d32a570ccfb
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://thedailyblog.co.nz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Tue, 30 Nov 2021 17:51:31 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Tue, 30 Nov 2021 19:41:13 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Tue, 30 Nov 2021 19:41:13 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame 16F0
0
0
Fetch
General
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssQLMJtXsmgxc3UbgEcTHrJJAxwvPyyuVJwFL8kgJ3L07esmMuZJiPQaPa6Vv-jCq7Qah4E_36isBecvfT0MA41POHjr8mhE0M4QLcByq6y6olI8k5JIi9Je3GB4YyuyTi3CVf-ZUT6BOCy1G3ncCBHvrTEzUOpzIACFr1aPRED9DCGFEtuzu4jHM9sSblf9jIxm0hEFY-IAouoBRLkpCHeE7_r2gqE3fSBhqh4dVSSXZZ_VjoZZHnpH4jwaQnijJ7364BnPnJUdDxcX1EF7tTYh89ClMyO6RkEwznSgG6xHJxRt3eQZDkir2cFSXL4cSRGnsKeqQ&sai=AMfl-YSqKD3JarnMlaFvuDHuT-mcxjyBxXq0kmiwDKohqQPl6ZsUDf0KBmThXByUKNajbqwCMGY1A3zGJgSkP0DpdvzJp7wNeCoKBp9tnXJaB8CwLJ-bwNQDW91aawET5TY&sig=Cg0ArKJSzPgkN1KhUeTKEAE&uach_m=[UACH]&adurl=
Requested by
Host: thedailyblog.co.nz
URL: https://thedailyblog.co.nz/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://thedailyblog.co.nz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 30 Nov 2021 19:41:13 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
abg_lite_fy2019.js
tpc.googlesyndication.com/pagead/js/r20211111/r20110914/ Frame 16F0
19 KB
8 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20211111/r20110914/abg_lite_fy2019.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021111701.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
65623c8434f7dadaba113a4521a101729ee3e6635e4412f2ccc99fbe6412d15e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://thedailyblog.co.nz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Tue, 30 Nov 2021 19:39:58 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
75
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7840
x-xss-protection
0
server
cafe
etag
9525834815172239946
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 14 Dec 2021 19:39:58 GMT
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20211111/r20110914/client/ Frame 16F0
2 KB
1 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20211111/r20110914/client/window_focus_fy2019.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021111701.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
36eb26e781bd5df368210633ce1197df38df32820e93c18e48afb04ad1cea627
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://thedailyblog.co.nz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Tue, 30 Nov 2021 19:40:06 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
67
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1332
x-xss-protection
0
server
cafe
etag
3351516697335751560
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 14 Dec 2021 19:40:06 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 16F0
119 KB
36 KB
Script
General
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021111701.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8aa335ad864ac08058c857f05f31cc4c1853a014859bd8ebff6d2a54e05813e8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://thedailyblog.co.nz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Tue, 30 Nov 2021 19:41:13 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
37119
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1636547677202025"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Tue, 30 Nov 2021 19:41:13 GMT
l
www.google.com/ads/measurement/ Frame 16F0
0
0
Image
General
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaQUBitoObDfcB14Gk6siJVBn7PiHaSUcAhkzpSEmaGGNnK32Pf6XzMqlWwKEMQ7tQU-zjFPMScvnmNri36oSrUrhu5FIQ
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021111701.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://thedailyblog.co.nz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

15515833803270513543
tpc.googlesyndication.com/simgad/ Frame 16F0
41 KB
41 KB
Image
General
Full URL
https://tpc.googlesyndication.com/simgad/15515833803270513543
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021111701.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7414c20598c02f964afbaa5f423af72885050a7aa71a363711b1c0a49fb37bfa
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://thedailyblog.co.nz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Sun, 28 Nov 2021 18:08:08 GMT
x-content-type-options
nosniff
age
178385
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
41923
x-xss-protection
0
last-modified
Mon, 01 Mar 2021 22:42:07 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Mon, 28 Nov 2022 18:08:08 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame 3728
0
0
Fetch
General
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuX2GNv83mVt47UgwSKVxCSVWBmxNUc7Zx5TQhRTdV1bkMOZqhAwcE6ubRb4bWwdqDvUFX-vTzFYl9dsr7-RRPQNP3csh9yv061Bl3d454QJRaF_8w780_IIGQzigQ0SUq7gRlZWKYG5SbAJ6Q7trfKMmBXildLiDScerQQpG_qSUZdGRqLip0hfTI2TPp6P2X3oeZtGWD5KWjus8VJ9n3STTelG0N36Dn1KNWtJcQCFeaePJZ2SjllmHxP_LawqnlJhr-gzixHrFWNxyQiHWC045u9zDwQjBwIKj3iLxFWBbJAviK1p_UILvVRNQU_sCOXnexgdVw&sai=AMfl-YRnO8c9uitpFC0NTIB9YT_F0sSrgRA5a7BbD-VJiqYZvKEWoSGd5GzwRbxwsX8A7jv5Q1RVAgwE5L5lS8oO_zD0Qvp-lWjC9KyUaj24g1wE4hoUZZW4hTyWc9NgVHs&sig=Cg0ArKJSzFtDcBFsIeUzEAE&uach_m=[UACH]&adurl=
Requested by
Host: thedailyblog.co.nz
URL: https://thedailyblog.co.nz/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://thedailyblog.co.nz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 30 Nov 2021 19:41:13 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
abg_lite_fy2019.js
tpc.googlesyndication.com/pagead/js/r20211111/r20110914/ Frame 3728
19 KB
8 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20211111/r20110914/abg_lite_fy2019.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021111701.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
65623c8434f7dadaba113a4521a101729ee3e6635e4412f2ccc99fbe6412d15e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://thedailyblog.co.nz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Tue, 30 Nov 2021 19:39:58 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
75
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7840
x-xss-protection
0
server
cafe
etag
9525834815172239946
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 14 Dec 2021 19:39:58 GMT
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20211111/r20110914/client/ Frame 3728
2 KB
1 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20211111/r20110914/client/window_focus_fy2019.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021111701.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
36eb26e781bd5df368210633ce1197df38df32820e93c18e48afb04ad1cea627
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://thedailyblog.co.nz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Tue, 30 Nov 2021 19:40:06 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
67
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1332
x-xss-protection
0
server
cafe
etag
3351516697335751560
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 14 Dec 2021 19:40:06 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 3728
119 KB
36 KB
Script
General
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021111701.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8aa335ad864ac08058c857f05f31cc4c1853a014859bd8ebff6d2a54e05813e8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://thedailyblog.co.nz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Tue, 30 Nov 2021 19:41:13 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
37119
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1636547677202025"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Tue, 30 Nov 2021 19:41:13 GMT
l
www.google.com/ads/measurement/ Frame 3728
0
0
Image
General
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaSrtqwklUBlbngznOCwDxaEDmsvDTR6639WN4orkX3iN9tqhROZ_K53YNessSrewBZYxA5F5T7Fw4QavZg-SgEINivT9w
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021111701.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://thedailyblog.co.nz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

17339819649150446487
tpc.googlesyndication.com/simgad/ Frame 3728
23 KB
23 KB
Image
General
Full URL
https://tpc.googlesyndication.com/simgad/17339819649150446487
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021111701.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
749b1c397eff7ebda926c547943bae2e1f0d12b9dc5c30c60e095402080f705c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://thedailyblog.co.nz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Tue, 30 Nov 2021 05:29:54 GMT
x-content-type-options
nosniff
age
51079
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
23472
x-xss-protection
0
last-modified
Mon, 01 Mar 2021 22:48:27 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Wed, 30 Nov 2022 05:29:54 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame B6F2
0
0
Fetch
General
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstbYZfvdBYPC1UkpzU_mzCfp5FLLZZd7m6TsqnlyGcb_xUEJAtlBoDTPFs34cTBqsR8f7WH76HRvVNop9HJIdx0l6KkvtRZRjZgb9_-AnH9uxxvkdVL2Dp4nY2t1VVZSt9So0CajwnorOoYJlQARwo06SJR0Aqa5xAzawTqPOyhVc6ispz0oVt1ht_F1VaBPYw3CIAKAlJTeMHc4im-W1rcZVvKoSPBe5js7xgk-bRKmWqAEz23EBKw_tcCJ_8K2wCsIhPuB8v7ik6NkZ4TYTDgXAIb5a-0aY-4fMLITHmkf1mkPGrtoRNW-L_5uX80m-rRv0aSABMICjY&sai=AMfl-YSIyE6ZR9WtzlPc00spMEqVzy658B7il8zVQ7WeZ2_zj6zCuBuryGny1F93eDk78__r59bApKy5JB3d8L3UD-xzsaNjbhFnSJtLHE-6q5oZuF1I_3n1G_8lU-NrAw0&sig=Cg0ArKJSzJus4PiIG4IGEAE&uach_m=[UACH]&adurl=
Requested by
Host: thedailyblog.co.nz
URL: https://thedailyblog.co.nz/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://thedailyblog.co.nz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 30 Nov 2021 19:41:13 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
abg_lite_fy2019.js
tpc.googlesyndication.com/pagead/js/r20211111/r20110914/ Frame B6F2
19 KB
8 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20211111/r20110914/abg_lite_fy2019.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021111701.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
65623c8434f7dadaba113a4521a101729ee3e6635e4412f2ccc99fbe6412d15e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://thedailyblog.co.nz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Tue, 30 Nov 2021 19:39:58 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
75
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7840
x-xss-protection
0
server
cafe
etag
9525834815172239946
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 14 Dec 2021 19:39:58 GMT
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20211111/r20110914/client/ Frame B6F2
2 KB
1 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20211111/r20110914/client/window_focus_fy2019.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021111701.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
36eb26e781bd5df368210633ce1197df38df32820e93c18e48afb04ad1cea627
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://thedailyblog.co.nz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Tue, 30 Nov 2021 19:40:06 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
67
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1332
x-xss-protection
0
server
cafe
etag
3351516697335751560
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 14 Dec 2021 19:40:06 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame B6F2
119 KB
36 KB
Script
General
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021111701.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8aa335ad864ac08058c857f05f31cc4c1853a014859bd8ebff6d2a54e05813e8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://thedailyblog.co.nz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Tue, 30 Nov 2021 19:41:13 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
37119
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1636547677202025"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Tue, 30 Nov 2021 19:41:13 GMT
l
www.google.com/ads/measurement/ Frame B6F2
0
0
Image
General
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaTxIbYf_sw9c78o2tEXKt-En37v6k9KWnok1f9QaVouVwQDJHs54fSSBbGSfNuMkoX-awO8kMLOhrh56UI_hPET-Svxqg
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021111701.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://thedailyblog.co.nz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

17477597680110236569
tpc.googlesyndication.com/simgad/ Frame B6F2
66 KB
66 KB
Image
General
Full URL
https://tpc.googlesyndication.com/simgad/17477597680110236569
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021111701.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b0c275307b8e5e416916a37725bb7a8561bc98648534ebeabfe2c5402957e23b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://thedailyblog.co.nz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 26 Nov 2021 04:15:32 GMT
x-content-type-options
nosniff
age
401141
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
67569
x-xss-protection
0
last-modified
Fri, 23 Jul 2021 04:59:47 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Sat, 26 Nov 2022 04:15:32 GMT
en.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame A0E3
2 KB
2 KB
Image
General
Full URL
https://tpc.googlesyndication.com/pagead/images/adchoices/en.png
Requested by
Host: thedailyblog.co.nz
URL: https://thedailyblog.co.nz/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://thedailyblog.co.nz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 30 Nov 2021 09:41:39 GMT
x-content-type-options
nosniff
server
cafe
age
35974
etag
14819457070020093239
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
content-type
image/png
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2502
x-xss-protection
0
expires
Wed, 01 Dec 2021 09:41:39 GMT
icon.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame A0E3
295 B
319 B
Image
General
Full URL
https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png
Requested by
Host: thedailyblog.co.nz
URL: https://thedailyblog.co.nz/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://thedailyblog.co.nz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 30 Nov 2021 09:53:05 GMT
x-content-type-options
nosniff
server
cafe
age
35288
etag
426692510519060060
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
content-type
image/png
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
295
x-xss-protection
0
expires
Wed, 01 Dec 2021 09:53:05 GMT
adview
securepubads.g.doubleclick.net/pagead/ Frame A0E3
0
0
Image
General
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=Czx22V36mYY2SPNSIlQf38rmYAYz43N1mhYjzxoUPwI23ARABIKLf0SBgleKQgqAHoAHEhseeA8gBAakC2daWD8ERsz7gAgCoAwGqBKsCT9DMjgfbO_20Z2eYkJGh1HRLywdf9eNJQfWS2aZaMhdTZwQ-28lr4Rd-tmC-QXmW5EdrEbA7VDbhKkeRXw-oPWh6qw-gajhds0vRpobFwV4fL_WyneQtWnygZzG0pBiHcHlLlC_bB5gduzTkbMYVkQiNoMXdb4nzkNaMKbG3xCZdB_T6LSzcMsws1wOHQAOV8k06dBTI-4JXiu13NurXma9bwdfflZ8WMVy3aQk0TRATZtCyOxfnviPYh8VY3eB_3JYjjeTknpb_KIs3Wq54Td0nvpz0JeSrO53E2vkcWmR7wFNggU0VC_ByMZ6ydAclvZ9eW3zzf8FvRcBTzjpKU97SqsgR_Xa7PptFdYq-lwik5wHGkvGrOYZPZyxaVYL72R0sn4qrum3mvVPABKe6rtfvA-AEAYAHpPm4YagHjs4bqAeT2BuoB-6WsQKoB_6esQKoB9XJG6gHpr4b2AcB8gcDEIZB0ggJCIjhgBAQARgdgAoByAsB2BMD0BUBmBYBgBcBshceChwIABIUcHViLTYyNTExNTU2MDcyNzUzNDQY8vQU&sigh=hq9ky21-8LM&uach_m=[UACH]&template_id=5001&uap=UACH(platform)&uapv=UACH(platformVersion)&uaa=UACH(architecture)&uam=UACH(model)&uafv=UACH(uaFullVersion)&uab=UACH(bitness)
Requested by
Host: thedailyblog.co.nz
URL: https://thedailyblog.co.nz/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://thedailyblog.co.nz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

view
securepubads.g.doubleclick.net/pcs/ Frame 2273
0
0
Fetch
General
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvVI14pPYJugzLjwHVtNDgDqBLOxIQ6m9STHE50cEW2F52RJsNjsli37tuwCjhNf9cs5cwK-E-NvqqNNSRCh4E5JH9Fv8bNMqwKbLmr-x5Hd7S9owGZebjld-1FaeB7wXeBR9TXZAvIVs2v4Lu1RSvEPB9PWP3xEYD6XtxHHgCTJZFdcP5lOzJw8ummOrk3SAmeKZZGLLsqh6tkZNVjXu8T8ab_qlvHDttWM8iDgtr69VRclnD5ijD6howQStxkAfi-VV3ZYQkVdPif0xL65NFamvog9FU4XuJMcn6tGJuKXB73_Sg2YGgK4-nZwwX6WwpJKUfPKyof&sai=AMfl-YT0l9uJt5ps4eaIut4j3XGWRpGUD3JL0qSmKbC9b5JmSjVoTMH6QcnqALfb1Vj8nyQqofhsHZ7Dfx37FVKqhcGMwIHB_PpBNNNh_pkoJsNBLlZTLcn5OaFnMJ79x1Q&sig=Cg0ArKJSzAxb0bZWRZUtEAE&uach_m=[UACH]&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://thedailyblog.co.nz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 30 Nov 2021 19:41:13 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
expires
Tue, 30 Nov 2021 19:41:13 GMT
truncated
/ Frame 2273
216 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
35042c496581e1d0b6f8b29ce448b35444c90cf4616a80b70331429aaa2166e7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Content-Type
image/png
view
securepubads.g.doubleclick.net/pcs/ Frame 16F0
0
0
Fetch
General
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuBV38E-474MolMlnNVzcZwyK2j4k3EkFB8nkvHqKCQ6Wgw0aTKgkUhaLAtfGZKNb9f_vWBAkU6ENIePMH3FT-4-4tREt6Y35fPorLmGv99Vco2QB6k4Cc4viUm2jF7bLISNQCZH3sMjqLbM6Det-kBd4bfddz8v8rercvLiGrQJlgI4zo0jS-57TfVfAruzXh3eU5y7Jtn4fId92U3kiy7HdqF9eOA3IdCJEjEpQ8Q8pYhdB1Kv08gqrh4HfIxsX4rdWZ0KUkvzaCPwRRlVul0FrkrT5QIa4KtS532US-L-S6IgaLWhmekYsufE3WfNSOuFSl2DAGN&sai=AMfl-YTDtJYNMHOWwf3EmJuNICvtBgF0Pf5OzE1QHhAeVKem-oLhNpCFvD3qUjsfBGV_Uqlve2i1NLaIfS3n_NYG0GDrYK0faflHg9oL7B-KzYnwWh8hUIKl9sXhK-9Tnks&sig=Cg0ArKJSzO94gNl8OBtmEAE&uach_m=[UACH]&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://thedailyblog.co.nz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 30 Nov 2021 19:41:13 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
expires
Tue, 30 Nov 2021 19:41:13 GMT
truncated
/ Frame 16F0
216 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
872c97ba4a0520a75ad0e159768f93c47220ace2f07978ed667101a88b17774e

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Content-Type
image/png
view
securepubads.g.doubleclick.net/pcs/ Frame 3728
0
0
Fetch
General
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuUau5MkhmuWqg2FQ_SN47SZBrNlw-Oux6mouH5oWLh24yAu9SEs9Vb47SGWSU5gD5DRO6JA-CzP_8uur_nxqwi5NPcVxxHLHIfqv0xv9Irouv0AoILxP8UTjYvm9wD4CCmZWr1_vKS9bTAPyug0vAujaHO5DUzfM5ZELEdk4p9Ds_AL_KaYQbGrRAyG4p1DKZElNsEt3jTsaLbq-P5rNoxOhX7dOPncloW2Ounp1hldZ7cRDG8HrqbGQoUOHgl2UpbN4PWdmca2d9D8xBMzcX--TAB6XnjjTp6DEG7b0U3rzaRNzunWMqpS2e2A4bw4k6XwTLlJ52Rcw&sai=AMfl-YQhazJdGLFSom0lqRzAMJdlluh7dZkvMANXnNLpkf3T8NC12JWWcUyajEypwv6SeNu7ns4t55DHwVpeX5zqRNgEg6QrBd8VPA16pruPHaL9LR38G_SrTCTPd4L01mk&sig=Cg0ArKJSzNlZf-yw-Wa3EAE&uach_m=[UACH]&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://thedailyblog.co.nz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 30 Nov 2021 19:41:13 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
expires
Tue, 30 Nov 2021 19:41:13 GMT
truncated
/ Frame 3728
216 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
9b5623b4ad4e21e08825566ea685829f4a8a5b570ce1709a75f27e0a35d5967f

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Content-Type
image/png
view
securepubads.g.doubleclick.net/pcs/ Frame B6F2
0
0
Fetch
General
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstH_8eKEwWyicAc_2RaFcAyy9V-FP5vtbiUsOoOZ3Cq1_mPMxVqssMzw0FA5L0imxrkJJfyKHPqrHuitCNg5f1CT1rEUpNS7bYgGy8_ZYk6raPvwyywxIcv0NFwIHs5GBul1zdI-XuauBHrIdEvV151z0koI49yB1anITSYzyDRBNzmWlaWNzByl7ChAoRapol1NViFsiH_RPykfN7KHlLeg4htnjc8M7fh75A7xW8x9Cs76gUaZewqDn_xjuymxvmkmqMUY3damvSHqu-89Th8gsaKSL8TF74XH1hM5yMUgfZ_iF303qIzkSifFsI&sai=AMfl-YRpAjNRhMqHQSrJVRTF4GdpdpeyEEeI1ZFLRGib5v5KpY9f72uank2MhEP0w9BNwKL9aHpTpihF2GbrDxQ0sRI8vZ42_u7auVObDNhKXs2pGs7AIU5C7NqckxYv3pA&sig=Cg0ArKJSzANqclEzbpihEAE&uach_m=[UACH]&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://thedailyblog.co.nz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 30 Nov 2021 19:41:13 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
expires
Tue, 30 Nov 2021 19:41:13 GMT
truncated
/ Frame B6F2
215 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
ebf941cf3b118bbe070e35c2ff116f3285eaf846ff87bb4b5119c8a496b683f5

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Content-Type
image/png
downsize_200k_v1
tpc.googlesyndication.com/simgad/17663047172003170444/ Frame A0E3
2 KB
2 KB
Image
General
Full URL
https://tpc.googlesyndication.com/simgad/17663047172003170444/downsize_200k_v1?w=100&h=100
Requested by
Host: thedailyblog.co.nz
URL: https://thedailyblog.co.nz/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d7056c0a72648ef2f7dc77f9ba194755c45df5c9f7cc31eb6cbaa465f15c4945
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://thedailyblog.co.nz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Sat, 27 Nov 2021 16:57:38 GMT
x-content-type-options
nosniff
age
269015
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2457
x-xss-protection
0
last-modified
Wed, 03 Feb 2021 11:53:28 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Sun, 27 Nov 2022 16:57:38 GMT
truncated
/ Frame A0E3
216 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
3030cd165935e13129a538d05355e4cab04a5291003e37ecec8245cc513bcb8c

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Content-Type
image/png
4UabrENHsxJlGDuGo1OIlLU94YtzCwY.woff2
fonts.gstatic.com/s/googlesans/v36/ Frame A0E3
21 KB
21 KB
Font
General
Full URL
https://fonts.gstatic.com/s/googlesans/v36/4UabrENHsxJlGDuGo1OIlLU94YtzCwY.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1abc5469f1235e85489ca1062a07fe18c7f449e3ba039d3de0da07fbb3c5892d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://thedailyblog.co.nz
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Tue, 30 Nov 2021 16:54:46 GMT
x-content-type-options
nosniff
age
9987
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
21660
x-xss-protection
0
last-modified
Wed, 01 Sep 2021 18:07:18 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Wed, 30 Nov 2022 16:54:46 GMT
4UaGrENHsxJlGDuGo1OIlL3Owp4.woff2
fonts.gstatic.com/s/googlesans/v36/ Frame A0E3
21 KB
21 KB
Font
General
Full URL
https://fonts.gstatic.com/s/googlesans/v36/4UaGrENHsxJlGDuGo1OIlL3Owp4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c55eebd9845964c111ecdbe7e583ed00ff47536f13c46a7e9c70430cc7ea091f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://thedailyblog.co.nz
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Mon, 29 Nov 2021 18:21:26 GMT
x-content-type-options
nosniff
age
91187
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
21424
x-xss-protection
0
last-modified
Wed, 01 Sep 2021 18:08:24 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Tue, 29 Nov 2022 18:21:26 GMT
si
googleads.g.doubleclick.net/pagead/drt/ Frame A0E3
Redirect Chain
  • https://www.google.com/pagead/drt/ui
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
0
0
Image
General
Full URL
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Requested by
Host: thedailyblog.co.nz
URL: https://thedailyblog.co.nz/
Protocol
H3
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Redirect headers

date
Tue, 30 Nov 2021 19:41:13 GMT
x-content-type-options
nosniff
server
cafe
content-type
text/html; charset=UTF-8
location
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
cache-control
private
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
ww.mjs
cdn.ampproject.org/rtv/012111011823000/ Frame A0E3
44 KB
13 KB
Fetch
General
Full URL
https://cdn.ampproject.org/rtv/012111011823000/ww.mjs
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012111011823000/amp4ads-v0.mjs
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c12b5a0cd92c9c7b2dc1eb27e61f457f3aea8a63efdb8730379b69b5699760f5
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept
text/plain
Referer
https://thedailyblog.co.nz/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
592570
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13267
x-xss-protection
0
server
sffe
date
Tue, 23 Nov 2021 23:05:03 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"7efc785ca7345398"
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Wed, 23 Nov 2022 23:05:03 GMT
container.html
84e95da076e33d3921ac34dbc2e8fe22.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame A3FD
6 KB
3 KB
Document
General
Full URL
https://84e95da076e33d3921ac34dbc2e8fe22.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021111701.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://thedailyblog.co.nz/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin
*
content-length
3108
date
Tue, 30 Nov 2021 19:41:12 GMT
expires
Wed, 30 Nov 2022 19:41:12 GMT
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, immutable, max-age=31536000
age
1
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
pixel
googleads.g.doubleclick.net/xbbe/ Frame 53CC
624 B
299 B
Document
General
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhCn9EsYtKK9lQEwAQ&v=APEucNUlpG4Tib0GGJ5Xlj79lvlubCjzRodl5dTfZKOZoVfa1Z9qo0CwakeQlB73AzS0zTGIXDCD48Mu4alrhh5bglyCuslrbghkb5viEJes4PcJ3HhrYwtv2J3ZFH7s3avfcWzg8FnRkmhdEY9Sw0hNedCe5lXDAzGAfVc0uraKosjKSVuEn-8
Requested by
Host: 84e95da076e33d3921ac34dbc2e8fe22.safeframe.googlesyndication.com
URL: https://84e95da076e33d3921ac34dbc2e8fe22.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://84e95da076e33d3921ac34dbc2e8fe22.safeframe.googlesyndication.com/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
gzip
date
Tue, 30 Nov 2021 19:41:13 GMT
server
cafe
cache-control
private
content-length
276
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Tue, 30 Nov 2021 19:41:13 GMT
ad
googleads.g.doubleclick.net/dbm/ Frame A3FD
25 KB
15 KB
Script
General
Full URL
https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-Dz1I9XFI222RypnbgRUyagSY4nQmc45xrP1cqrmfwUOBbSyvILdVpZ5WZjwN3YVopiEwXgiO9YcfFXXxBMadwyBjmvlhnvnU2lBrC-H3OHUt72NTIHywiCi4FV1wAA_MQiG6RDc--uaq6ujODbNJ71Kay7Aw&cry=1&dbm_d=AKAmf-CjPKMcnphgB9tYnClSYd_3PjlWYKiitP0-33h_jnEGTSYmKfyPFZNHnQh9i2f7OrFKhBzQCgeKAXFDADRCsUWYsqaixAnAIMq1ZfMt1jr8rBaRhyMZPvqY7DEI5hXGIsRn6bmhv06GjRW3Hw74GDIsgxWATZAjU-uG-6wfdXWBLiYPjtlJC9KDO67LMBnW-O2Y4WKGc-XnO00gVLEBsGhETV5RgaC-ywyDB4xAk3u7UJdXtjnyDWwJBcbnAiOjsLE-0Dn6-eogrA5qozGOp9nldSbyCuv0b5U4ztOiVm7dogyIhH0QQZytZp4jiQUQqFXKCfbKeHomyZbNpuZ-xhkRcIruHHAMolH5nEzmzLQY0EjjxiXBwWfw_wSm6VjXtjsH9iRFD1MINEHFdU5Q1LZdCsBf9f92SAOQtVlRfsM7AQht8MRiiOoDldAOJQL1JmwvCASOqbrx7Z8-eIqeuNzbtFnxOd9BJT80JabL8sB6Wxn85MGmHpLFO_aG8pCJhDOnh5uQ3o5nLQqqZn-Y7zI5ObrLC64cX0Lx5yMVJNuede5kylBjKxbzj_DqjHfSR6dC0yLCmeOW_UyqdBnvIF16x1u-E7CqAJbobxLofvINN56kaYeb-JZwp1lCrN9or0hfA09i4quu8vs1hwonJsuzpzZj5NsbOIgdYgMZi_9vZwebDMxCumkYuCMehJd3niT9stkMyQ0TZ1FkaPSti3Q-AV_2EyC-C4gaxcLUqi5hBqpnXTSg31LqSeKfyTpDj0J-TbyO7r6UqbsiY29WnlHk7wddetA6rgg8DJAE1l_1SuA-j4thBCaC0dfw6z7wvVl1qMPICRDAhL6_P0CPbG8rz0afWlbMi9b0QT3TFcB13y5lCAO76PCzqwgq7NfetRE48l5p8SplXqn1FQRSXvoM_Jc7rrf13DrukDw6q0kvLDKRprdVJF9pjWUFsxx0mLFYn_VS45vu2ghf65fVbieGZJ9YeSG04lQKHytgVRdSwYI-ug-aH6VE1n1fDnAEj1dSgL0Iw-hjNoG4nkoldbJ3tY5VflLQwD1-npqzmHPQk3nh5kRS7t1wZqvU2xVCkj2EC4ftkLS4AgxdNfDXVUB58z781HhaC9Xq27yYeuVGdW8OZI7Z0e_CThY0MguaY6kCPYMgfOnWK3qKaOrAod_881zMC_G61Cg6sUifIow0dVEAEMfZWzl_3obJfJEyORUNvoE3WRjsFi9c8zsErIwMZZfxMcy82wx0w5UV2Mw58VrPopQL8z_3-hF7vYrjkQD4f1q7cmuUieqMzD8107H-JGOqXPOlJMxwZs_tmA-0QCzWLcmTi92eOYvWT5ndDfdYsKaY7kTac74knSa9yaYPBhGH0v5BQEJNGZChyEo1gocWZaRCPD8B1RS23C6Oh5rLe5GLjL3WZShy1mcmWaSgCBIMbkLS7IUJJubfJJpAHkucjgyFz8iZS86WfjE-3vpuGGwWaK-Sk06NrShpo5WGEMn-IQnzWj9TbuqL1OED4eSXquI0Yzu4lKvmBwweNrHfBQF-AmPtD6CjgjuecWprsHKbxmjOC6_3gnNeVqU1Lmau9fZuMlhjxO-CqwPvXZOw_vW45ATP_A99nFYKnCcbgDftqLEMADoNJTA8Stec1pxtB69zXetPlA4N4JP6tmOCCdZnq3jFKH3audxU5xl33J0531JvnQkMqnWtK17p-BRpezE6WfX_Plm6ZW9ei-bN--4qK0khDn5gwn8LZ_6lh2bPoQoknFlyXovuECOtSE8xlHrt6D1cwgbDcz8jVhwMSh7mFYJKKhb2Z8rKCnklqFHfsG6gfPUHRWVtUqHTQXcIER92Gn6alNmSVNgioJws8DhdPv6SV72e4QfAoDyvYZ_B06hPbEjgEsCPIPUcGrKjaV_wnYDruqnJbKzhPW2rmvrYqWar7qtgNUqX0_8icamBfultuF_2XS4AG0s2Kz32_FDZbE7ac_1ZR0l7ADEX1jM1u4bVG1n4XRO7YVVcVLxRVSiVB0-_g8WdfJrT_YJzHD_9B-yKCHMmoHJPsOLlhlj1JAefHiAwmSHlxKmUzjO8Hu4VxyXdSteh2Wtn_hvai8LiYgQ2hQSTzzew1JE59jJnwfd5p5lmH--cxjzT3697qSFvnzhka5xWuezq791SeXd-5MuXEzTyj4b7K_A4MrkNCcfIQrz5KRuXiLWBbHcShvM84O-USwYuxytI2MS5903n4a3Dl5M-La03F27Tv5I09Yi81xOP4bW_QdXovsNqMHGJbqioJLyJ5TG4KjUuKICZTIRSPa6ncpzUm-CsihnqulHVX1JeT5Eb0eNZxIx_S9tG9xtdacFAf53Ps7ec1i_Vz-sWhUBW1Bj_juufp5tOZ9q_Jg9YbNhZRXZ99VVrK-A18R_YXcQ3ujCP_MyvC3WOzOWLcbcDoBq0mRUMyTYXHRtMGesUuZd55GxoPKfiuvkqYOFAQ3xbxXy8jMwdXWOmpIAfnnAZQEv44r_1joJrmDWzwAmql19XlngPwofdqvcBAVfgomLpPWMDZwnmQwwQxzv28DexoNqEL3SkrR-8gq9mbTNf2WdFBmCtRjpzCtNWn5ree8qAiqv8z4OUhXTuz6easQ1isl7UZJKTJf-rAQzgEnOAWVfCjGZO1SGw_KaxFtU8qY3i1vIAQTSnibjcq0QxJYFeQHNOwjlNzcJLZTzCpPGgyxkQPQf-phh0muHsBA17dExkHxHMkNeRK8MFbp5-zIYwCjyW_p1U8K_LrJwhIYFy7fbYx8bG_3CmXi6hvLSYf_Iz8aCeDhv5KrHDBEjEOwQ796PfOPaZ8zbZwktNk2HdQ01TNXr1u0Y2JgksgSiFFslA0WMtRjJGOhls9OoWHtBcQiOhh3ZaYxYiK-drk9e1hNTF-p24beL5y6PzzTVIJzX2zKIhIJBqjTQBt9ZIFOWAhAbdYAWOWUDsjNf8Z7CehhmfKYeldPtU_4ySK-ASxmgTzbn_i6V3ozy_S-CpOLibz-3k9MIV0kigc7Wfz9vXjl7k_qR75jr9ahIvV1fkq0yxaO7OsIKiJknQCaB55Xw-mEPt0RzDfhNXqm5s6O8rgtDw25-reAsCOaBi6LX9yhOBeVy65y0ZMsPJk9jfGZNXGDLOqMaZusKSy-W_BvAyLL4kdJF429tU6jW_Udm_nx8nJeH0BIK_w3lFlggBT-gqgufbQ7ciaV62Y_ZfBdrYIjtb_Y3zJBCx0ZDAGzlpfWrEl75WoEuEbnoc8-57ueDZ7LFOjIGk4nzCzxgw80Srj5ZC1jpYpVbgyg&cid=CAASFeRoGFzwVeDlHHL2ykUrsJyJn0uXVQ&rfl=1%2Chttps%253A%252F%252Fthedailyblog.co.nz%252F%240
Requested by
Host: thedailyblog.co.nz
URL: https://thedailyblog.co.nz/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a68d2fb183323e0cb518ea83604a099751c8451f454c1e8abc7c51f5643e3e1e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://84e95da076e33d3921ac34dbc2e8fe22.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 30 Nov 2021 19:41:13 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
14904
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame A3FD
42 B
173 B
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-BA_hFZOh1vm3gxp3idZSzbeHT4ge7MrWqpisEmnoboKxWVyUe_mnB-Usg8tgE38RxBwlZi7dkJwkZhi5CFCEiABCgenDCzcFD7BQKmCJPpIfrH7bA
Requested by
Host: 84e95da076e33d3921ac34dbc2e8fe22.safeframe.googlesyndication.com
URL: https://84e95da076e33d3921ac34dbc2e8fe22.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://84e95da076e33d3921ac34dbc2e8fe22.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 30 Nov 2021 19:41:14 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20211111/r20110914/client/ Frame A3FD
2 KB
1 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20211111/r20110914/client/window_focus_fy2019.js
Requested by
Host: 84e95da076e33d3921ac34dbc2e8fe22.safeframe.googlesyndication.com
URL: https://84e95da076e33d3921ac34dbc2e8fe22.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
36eb26e781bd5df368210633ce1197df38df32820e93c18e48afb04ad1cea627
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://84e95da076e33d3921ac34dbc2e8fe22.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Tue, 30 Nov 2021 19:40:06 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
67
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1332
x-xss-protection
0
server
cafe
etag
3351516697335751560
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 14 Dec 2021 19:40:06 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame A3FD
119 KB
36 KB
Script
General
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: 84e95da076e33d3921ac34dbc2e8fe22.safeframe.googlesyndication.com
URL: https://84e95da076e33d3921ac34dbc2e8fe22.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8aa335ad864ac08058c857f05f31cc4c1853a014859bd8ebff6d2a54e05813e8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://84e95da076e33d3921ac34dbc2e8fe22.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Tue, 30 Nov 2021 19:41:13 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
37119
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1636547677202025"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Tue, 30 Nov 2021 19:41:13 GMT
qs_click_protection_fy2019.js
tpc.googlesyndication.com/pagead/js/r20211111/r20110914/client/ Frame A3FD
15 KB
6 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20211111/r20110914/client/qs_click_protection_fy2019.js
Requested by
Host: 84e95da076e33d3921ac34dbc2e8fe22.safeframe.googlesyndication.com
URL: https://84e95da076e33d3921ac34dbc2e8fe22.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e7907336273196ef7b66c3c9377e5958d4c7e9691de3e67dca3a803138344a00
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://84e95da076e33d3921ac34dbc2e8fe22.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Tue, 30 Nov 2021 19:40:44 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
29
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6415
x-xss-protection
0
server
cafe
etag
16810888504096353422
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 14 Dec 2021 19:40:44 GMT
l
www.google.com/ads/measurement/ Frame A3FD
0
0
Image
General
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaT6EI71U8ogWkc5zvvAPt7KbR0tW9ukIWp4e2NHpWWoiUV1Lc2BsR8g7WqToGX8PO5N7zwVyHBvI8uIpKpOtkyRZET7ug
Requested by
Host: 84e95da076e33d3921ac34dbc2e8fe22.safeframe.googlesyndication.com
URL: https://84e95da076e33d3921ac34dbc2e8fe22.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://84e95da076e33d3921ac34dbc2e8fe22.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

0f17d601-81e9-4494-b434-b0f5ec9dda6e
https://thedailyblog.co.nz/ Frame A0E3
44 KB
0
Other
General
Full URL
blob:https://thedailyblog.co.nz/0f17d601-81e9-4494-b434-b0f5ec9dda6e
Requested by
Host: thedailyblog.co.nz
URL: https://thedailyblog.co.nz/
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
b29aaed9adc4ec2ddd131f9e65173f34be17e68efb348a675cb900942f9675c0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://thedailyblog.co.nz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Content-Length
45108
Content-Type
text/javascript
rum
dsum-sec.casalemedia.com/ Frame 53CC
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEADGRWgGDXqeQNmh5nKZu3Y&google_cver=1
43 B
894 B
Image
General
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEADGRWgGDXqeQNmh5nKZu3Y&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhCn9EsYtKK9lQEwAQ&v=APEucNUlpG4Tib0GGJ5Xlj79lvlubCjzRodl5dTfZKOZoVfa1Z9qo0CwakeQlB73AzS0zTGIXDCD48Mu4alrhh5bglyCuslrbghkb5viEJes4PcJ3HhrYwtv2J3ZFH7s3avfcWzg8FnRkmhdEY9Sw0hNedCe5lXDAzGAfVc0uraKosjKSVuEn-8
Protocol
HTTP/1.1
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 30 Nov 2021 19:41:14 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Tue, 30 Nov 2021 19:41:14 GMT

Redirect headers

pragma
no-cache
date
Tue, 30 Nov 2021 19:41:14 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEADGRWgGDXqeQNmh5nKZu3Y&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
rum
dsum-sec.casalemedia.com/ Frame 53CC
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
  • https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YaZ.Wp1Fd22iraeQB251TAAA
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEADGRWgGDXqeQNmh5nKZu3Y&google_cver=1&google_hm=2
43 B
894 B
Image
General
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEADGRWgGDXqeQNmh5nKZu3Y&google_cver=1&google_hm=2
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhCn9EsYtKK9lQEwAQ&v=APEucNUlpG4Tib0GGJ5Xlj79lvlubCjzRodl5dTfZKOZoVfa1Z9qo0CwakeQlB73AzS0zTGIXDCD48Mu4alrhh5bglyCuslrbghkb5viEJes4PcJ3HhrYwtv2J3ZFH7s3avfcWzg8FnRkmhdEY9Sw0hNedCe5lXDAzGAfVc0uraKosjKSVuEn-8
Protocol
HTTP/1.1
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 30 Nov 2021 19:41:14 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Tue, 30 Nov 2021 19:41:14 GMT

Redirect headers

pragma
no-cache
date
Tue, 30 Nov 2021 19:41:14 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEADGRWgGDXqeQNmh5nKZu3Y&google_cver=1&google_hm=2
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
329
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
setuid
ib.adnxs.com/ Frame 53CC
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
  • https://ib.adnxs.com/setuid?entity=101&code=CAESEOBWYQOn-yW3TNQA3TxWPNw&google_cver=1
43 B
1008 B
Image
General
Full URL
https://ib.adnxs.com/setuid?entity=101&code=CAESEOBWYQOn-yW3TNQA3TxWPNw&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhCn9EsYtKK9lQEwAQ&v=APEucNUlpG4Tib0GGJ5Xlj79lvlubCjzRodl5dTfZKOZoVfa1Z9qo0CwakeQlB73AzS0zTGIXDCD48Mu4alrhh5bglyCuslrbghkb5viEJes4PcJ3HhrYwtv2J3ZFH7s3avfcWzg8FnRkmhdEY9Sw0hNedCe5lXDAzGAfVc0uraKosjKSVuEn-8
Protocol
HTTP/1.1
Server
185.33.221.91 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
721.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 30 Nov 2021 19:41:14 GMT
X-Proxy-Origin
185.213.155.165; 185.213.155.165; 721.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid
14405579-d493-4c6d-85d8-1a7d8ba4c87f
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma
no-cache
date
Tue, 30 Nov 2021 19:41:14 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://ib.adnxs.com/setuid?entity=101&code=CAESEOBWYQOn-yW3TNQA3TxWPNw&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
290
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 53CC
Redirect Chain
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=Mzk1MTg5MzY4MDk2MzIxMjg0MQ%3D%3D
170 B
243 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=Mzk1MTg5MzY4MDk2MzIxMjg0MQ%3D%3D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhCn9EsYtKK9lQEwAQ&v=APEucNUlpG4Tib0GGJ5Xlj79lvlubCjzRodl5dTfZKOZoVfa1Z9qo0CwakeQlB73AzS0zTGIXDCD48Mu4alrhh5bglyCuslrbghkb5viEJes4PcJ3HhrYwtv2J3ZFH7s3avfcWzg8FnRkmhdEY9Sw0hNedCe5lXDAzGAfVc0uraKosjKSVuEn-8
Protocol
H2
Server
142.250.185.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 30 Nov 2021 19:41:14 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Tue, 30 Nov 2021 19:41:14 GMT
X-Proxy-Origin
185.213.155.165; 185.213.155.165; 721.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid
a4be6485-a90d-4d53-af1f-eeaeea9db163
Server
nginx/1.17.9
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=Mzk1MTg5MzY4MDk2MzIxMjg0MQ%3D%3D
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
abg_lite.js
pagead2.googlesyndication.com/pagead/js/r20211111/r20110914/ Frame A3FD
24 KB
10 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20211111/r20110914/abg_lite.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-Dz1I9XFI222RypnbgRUyagSY4nQmc45xrP1cqrmfwUOBbSyvILdVpZ5WZjwN3YVopiEwXgiO9YcfFXXxBMadwyBjmvlhnvnU2lBrC-H3OHUt72NTIHywiCi4FV1wAA_MQiG6RDc--uaq6ujODbNJ71Kay7Aw&cry=1&dbm_d=AKAmf-CjPKMcnphgB9tYnClSYd_3PjlWYKiitP0-33h_jnEGTSYmKfyPFZNHnQh9i2f7OrFKhBzQCgeKAXFDADRCsUWYsqaixAnAIMq1ZfMt1jr8rBaRhyMZPvqY7DEI5hXGIsRn6bmhv06GjRW3Hw74GDIsgxWATZAjU-uG-6wfdXWBLiYPjtlJC9KDO67LMBnW-O2Y4WKGc-XnO00gVLEBsGhETV5RgaC-ywyDB4xAk3u7UJdXtjnyDWwJBcbnAiOjsLE-0Dn6-eogrA5qozGOp9nldSbyCuv0b5U4ztOiVm7dogyIhH0QQZytZp4jiQUQqFXKCfbKeHomyZbNpuZ-xhkRcIruHHAMolH5nEzmzLQY0EjjxiXBwWfw_wSm6VjXtjsH9iRFD1MINEHFdU5Q1LZdCsBf9f92SAOQtVlRfsM7AQht8MRiiOoDldAOJQL1JmwvCASOqbrx7Z8-eIqeuNzbtFnxOd9BJT80JabL8sB6Wxn85MGmHpLFO_aG8pCJhDOnh5uQ3o5nLQqqZn-Y7zI5ObrLC64cX0Lx5yMVJNuede5kylBjKxbzj_DqjHfSR6dC0yLCmeOW_UyqdBnvIF16x1u-E7CqAJbobxLofvINN56kaYeb-JZwp1lCrN9or0hfA09i4quu8vs1hwonJsuzpzZj5NsbOIgdYgMZi_9vZwebDMxCumkYuCMehJd3niT9stkMyQ0TZ1FkaPSti3Q-AV_2EyC-C4gaxcLUqi5hBqpnXTSg31LqSeKfyTpDj0J-TbyO7r6UqbsiY29WnlHk7wddetA6rgg8DJAE1l_1SuA-j4thBCaC0dfw6z7wvVl1qMPICRDAhL6_P0CPbG8rz0afWlbMi9b0QT3TFcB13y5lCAO76PCzqwgq7NfetRE48l5p8SplXqn1FQRSXvoM_Jc7rrf13DrukDw6q0kvLDKRprdVJF9pjWUFsxx0mLFYn_VS45vu2ghf65fVbieGZJ9YeSG04lQKHytgVRdSwYI-ug-aH6VE1n1fDnAEj1dSgL0Iw-hjNoG4nkoldbJ3tY5VflLQwD1-npqzmHPQk3nh5kRS7t1wZqvU2xVCkj2EC4ftkLS4AgxdNfDXVUB58z781HhaC9Xq27yYeuVGdW8OZI7Z0e_CThY0MguaY6kCPYMgfOnWK3qKaOrAod_881zMC_G61Cg6sUifIow0dVEAEMfZWzl_3obJfJEyORUNvoE3WRjsFi9c8zsErIwMZZfxMcy82wx0w5UV2Mw58VrPopQL8z_3-hF7vYrjkQD4f1q7cmuUieqMzD8107H-JGOqXPOlJMxwZs_tmA-0QCzWLcmTi92eOYvWT5ndDfdYsKaY7kTac74knSa9yaYPBhGH0v5BQEJNGZChyEo1gocWZaRCPD8B1RS23C6Oh5rLe5GLjL3WZShy1mcmWaSgCBIMbkLS7IUJJubfJJpAHkucjgyFz8iZS86WfjE-3vpuGGwWaK-Sk06NrShpo5WGEMn-IQnzWj9TbuqL1OED4eSXquI0Yzu4lKvmBwweNrHfBQF-AmPtD6CjgjuecWprsHKbxmjOC6_3gnNeVqU1Lmau9fZuMlhjxO-CqwPvXZOw_vW45ATP_A99nFYKnCcbgDftqLEMADoNJTA8Stec1pxtB69zXetPlA4N4JP6tmOCCdZnq3jFKH3audxU5xl33J0531JvnQkMqnWtK17p-BRpezE6WfX_Plm6ZW9ei-bN--4qK0khDn5gwn8LZ_6lh2bPoQoknFlyXovuECOtSE8xlHrt6D1cwgbDcz8jVhwMSh7mFYJKKhb2Z8rKCnklqFHfsG6gfPUHRWVtUqHTQXcIER92Gn6alNmSVNgioJws8DhdPv6SV72e4QfAoDyvYZ_B06hPbEjgEsCPIPUcGrKjaV_wnYDruqnJbKzhPW2rmvrYqWar7qtgNUqX0_8icamBfultuF_2XS4AG0s2Kz32_FDZbE7ac_1ZR0l7ADEX1jM1u4bVG1n4XRO7YVVcVLxRVSiVB0-_g8WdfJrT_YJzHD_9B-yKCHMmoHJPsOLlhlj1JAefHiAwmSHlxKmUzjO8Hu4VxyXdSteh2Wtn_hvai8LiYgQ2hQSTzzew1JE59jJnwfd5p5lmH--cxjzT3697qSFvnzhka5xWuezq791SeXd-5MuXEzTyj4b7K_A4MrkNCcfIQrz5KRuXiLWBbHcShvM84O-USwYuxytI2MS5903n4a3Dl5M-La03F27Tv5I09Yi81xOP4bW_QdXovsNqMHGJbqioJLyJ5TG4KjUuKICZTIRSPa6ncpzUm-CsihnqulHVX1JeT5Eb0eNZxIx_S9tG9xtdacFAf53Ps7ec1i_Vz-sWhUBW1Bj_juufp5tOZ9q_Jg9YbNhZRXZ99VVrK-A18R_YXcQ3ujCP_MyvC3WOzOWLcbcDoBq0mRUMyTYXHRtMGesUuZd55GxoPKfiuvkqYOFAQ3xbxXy8jMwdXWOmpIAfnnAZQEv44r_1joJrmDWzwAmql19XlngPwofdqvcBAVfgomLpPWMDZwnmQwwQxzv28DexoNqEL3SkrR-8gq9mbTNf2WdFBmCtRjpzCtNWn5ree8qAiqv8z4OUhXTuz6easQ1isl7UZJKTJf-rAQzgEnOAWVfCjGZO1SGw_KaxFtU8qY3i1vIAQTSnibjcq0QxJYFeQHNOwjlNzcJLZTzCpPGgyxkQPQf-phh0muHsBA17dExkHxHMkNeRK8MFbp5-zIYwCjyW_p1U8K_LrJwhIYFy7fbYx8bG_3CmXi6hvLSYf_Iz8aCeDhv5KrHDBEjEOwQ796PfOPaZ8zbZwktNk2HdQ01TNXr1u0Y2JgksgSiFFslA0WMtRjJGOhls9OoWHtBcQiOhh3ZaYxYiK-drk9e1hNTF-p24beL5y6PzzTVIJzX2zKIhIJBqjTQBt9ZIFOWAhAbdYAWOWUDsjNf8Z7CehhmfKYeldPtU_4ySK-ASxmgTzbn_i6V3ozy_S-CpOLibz-3k9MIV0kigc7Wfz9vXjl7k_qR75jr9ahIvV1fkq0yxaO7OsIKiJknQCaB55Xw-mEPt0RzDfhNXqm5s6O8rgtDw25-reAsCOaBi6LX9yhOBeVy65y0ZMsPJk9jfGZNXGDLOqMaZusKSy-W_BvAyLL4kdJF429tU6jW_Udm_nx8nJeH0BIK_w3lFlggBT-gqgufbQ7ciaV62Y_ZfBdrYIjtb_Y3zJBCx0ZDAGzlpfWrEl75WoEuEbnoc8-57ueDZ7LFOjIGk4nzCzxgw80Srj5ZC1jpYpVbgyg&cid=CAASFeRoGFzwVeDlHHL2ykUrsJyJn0uXVQ&rfl=1%2Chttps%253A%252F%252Fthedailyblog.co.nz%252F%240
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
f93d6aac2996165254aceb217fd491b77cb5da8667b7bc90ba9f47242c98b91a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://84e95da076e33d3921ac34dbc2e8fe22.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Tue, 30 Nov 2021 19:33:41 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
453
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9475
x-xss-protection
0
server
cafe
etag
15988442915344899701
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 14 Dec 2021 19:33:41 GMT
UFYwWwmt.js
tpc.googlesyndication.com/sodar/ Frame A3FD
41 KB
15 KB
Script
General
Full URL
https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-Dz1I9XFI222RypnbgRUyagSY4nQmc45xrP1cqrmfwUOBbSyvILdVpZ5WZjwN3YVopiEwXgiO9YcfFXXxBMadwyBjmvlhnvnU2lBrC-H3OHUt72NTIHywiCi4FV1wAA_MQiG6RDc--uaq6ujODbNJ71Kay7Aw&cry=1&dbm_d=AKAmf-CjPKMcnphgB9tYnClSYd_3PjlWYKiitP0-33h_jnEGTSYmKfyPFZNHnQh9i2f7OrFKhBzQCgeKAXFDADRCsUWYsqaixAnAIMq1ZfMt1jr8rBaRhyMZPvqY7DEI5hXGIsRn6bmhv06GjRW3Hw74GDIsgxWATZAjU-uG-6wfdXWBLiYPjtlJC9KDO67LMBnW-O2Y4WKGc-XnO00gVLEBsGhETV5RgaC-ywyDB4xAk3u7UJdXtjnyDWwJBcbnAiOjsLE-0Dn6-eogrA5qozGOp9nldSbyCuv0b5U4ztOiVm7dogyIhH0QQZytZp4jiQUQqFXKCfbKeHomyZbNpuZ-xhkRcIruHHAMolH5nEzmzLQY0EjjxiXBwWfw_wSm6VjXtjsH9iRFD1MINEHFdU5Q1LZdCsBf9f92SAOQtVlRfsM7AQht8MRiiOoDldAOJQL1JmwvCASOqbrx7Z8-eIqeuNzbtFnxOd9BJT80JabL8sB6Wxn85MGmHpLFO_aG8pCJhDOnh5uQ3o5nLQqqZn-Y7zI5ObrLC64cX0Lx5yMVJNuede5kylBjKxbzj_DqjHfSR6dC0yLCmeOW_UyqdBnvIF16x1u-E7CqAJbobxLofvINN56kaYeb-JZwp1lCrN9or0hfA09i4quu8vs1hwonJsuzpzZj5NsbOIgdYgMZi_9vZwebDMxCumkYuCMehJd3niT9stkMyQ0TZ1FkaPSti3Q-AV_2EyC-C4gaxcLUqi5hBqpnXTSg31LqSeKfyTpDj0J-TbyO7r6UqbsiY29WnlHk7wddetA6rgg8DJAE1l_1SuA-j4thBCaC0dfw6z7wvVl1qMPICRDAhL6_P0CPbG8rz0afWlbMi9b0QT3TFcB13y5lCAO76PCzqwgq7NfetRE48l5p8SplXqn1FQRSXvoM_Jc7rrf13DrukDw6q0kvLDKRprdVJF9pjWUFsxx0mLFYn_VS45vu2ghf65fVbieGZJ9YeSG04lQKHytgVRdSwYI-ug-aH6VE1n1fDnAEj1dSgL0Iw-hjNoG4nkoldbJ3tY5VflLQwD1-npqzmHPQk3nh5kRS7t1wZqvU2xVCkj2EC4ftkLS4AgxdNfDXVUB58z781HhaC9Xq27yYeuVGdW8OZI7Z0e_CThY0MguaY6kCPYMgfOnWK3qKaOrAod_881zMC_G61Cg6sUifIow0dVEAEMfZWzl_3obJfJEyORUNvoE3WRjsFi9c8zsErIwMZZfxMcy82wx0w5UV2Mw58VrPopQL8z_3-hF7vYrjkQD4f1q7cmuUieqMzD8107H-JGOqXPOlJMxwZs_tmA-0QCzWLcmTi92eOYvWT5ndDfdYsKaY7kTac74knSa9yaYPBhGH0v5BQEJNGZChyEo1gocWZaRCPD8B1RS23C6Oh5rLe5GLjL3WZShy1mcmWaSgCBIMbkLS7IUJJubfJJpAHkucjgyFz8iZS86WfjE-3vpuGGwWaK-Sk06NrShpo5WGEMn-IQnzWj9TbuqL1OED4eSXquI0Yzu4lKvmBwweNrHfBQF-AmPtD6CjgjuecWprsHKbxmjOC6_3gnNeVqU1Lmau9fZuMlhjxO-CqwPvXZOw_vW45ATP_A99nFYKnCcbgDftqLEMADoNJTA8Stec1pxtB69zXetPlA4N4JP6tmOCCdZnq3jFKH3audxU5xl33J0531JvnQkMqnWtK17p-BRpezE6WfX_Plm6ZW9ei-bN--4qK0khDn5gwn8LZ_6lh2bPoQoknFlyXovuECOtSE8xlHrt6D1cwgbDcz8jVhwMSh7mFYJKKhb2Z8rKCnklqFHfsG6gfPUHRWVtUqHTQXcIER92Gn6alNmSVNgioJws8DhdPv6SV72e4QfAoDyvYZ_B06hPbEjgEsCPIPUcGrKjaV_wnYDruqnJbKzhPW2rmvrYqWar7qtgNUqX0_8icamBfultuF_2XS4AG0s2Kz32_FDZbE7ac_1ZR0l7ADEX1jM1u4bVG1n4XRO7YVVcVLxRVSiVB0-_g8WdfJrT_YJzHD_9B-yKCHMmoHJPsOLlhlj1JAefHiAwmSHlxKmUzjO8Hu4VxyXdSteh2Wtn_hvai8LiYgQ2hQSTzzew1JE59jJnwfd5p5lmH--cxjzT3697qSFvnzhka5xWuezq791SeXd-5MuXEzTyj4b7K_A4MrkNCcfIQrz5KRuXiLWBbHcShvM84O-USwYuxytI2MS5903n4a3Dl5M-La03F27Tv5I09Yi81xOP4bW_QdXovsNqMHGJbqioJLyJ5TG4KjUuKICZTIRSPa6ncpzUm-CsihnqulHVX1JeT5Eb0eNZxIx_S9tG9xtdacFAf53Ps7ec1i_Vz-sWhUBW1Bj_juufp5tOZ9q_Jg9YbNhZRXZ99VVrK-A18R_YXcQ3ujCP_MyvC3WOzOWLcbcDoBq0mRUMyTYXHRtMGesUuZd55GxoPKfiuvkqYOFAQ3xbxXy8jMwdXWOmpIAfnnAZQEv44r_1joJrmDWzwAmql19XlngPwofdqvcBAVfgomLpPWMDZwnmQwwQxzv28DexoNqEL3SkrR-8gq9mbTNf2WdFBmCtRjpzCtNWn5ree8qAiqv8z4OUhXTuz6easQ1isl7UZJKTJf-rAQzgEnOAWVfCjGZO1SGw_KaxFtU8qY3i1vIAQTSnibjcq0QxJYFeQHNOwjlNzcJLZTzCpPGgyxkQPQf-phh0muHsBA17dExkHxHMkNeRK8MFbp5-zIYwCjyW_p1U8K_LrJwhIYFy7fbYx8bG_3CmXi6hvLSYf_Iz8aCeDhv5KrHDBEjEOwQ796PfOPaZ8zbZwktNk2HdQ01TNXr1u0Y2JgksgSiFFslA0WMtRjJGOhls9OoWHtBcQiOhh3ZaYxYiK-drk9e1hNTF-p24beL5y6PzzTVIJzX2zKIhIJBqjTQBt9ZIFOWAhAbdYAWOWUDsjNf8Z7CehhmfKYeldPtU_4ySK-ASxmgTzbn_i6V3ozy_S-CpOLibz-3k9MIV0kigc7Wfz9vXjl7k_qR75jr9ahIvV1fkq0yxaO7OsIKiJknQCaB55Xw-mEPt0RzDfhNXqm5s6O8rgtDw25-reAsCOaBi6LX9yhOBeVy65y0ZMsPJk9jfGZNXGDLOqMaZusKSy-W_BvAyLL4kdJF429tU6jW_Udm_nx8nJeH0BIK_w3lFlggBT-gqgufbQ7ciaV62Y_ZfBdrYIjtb_Y3zJBCx0ZDAGzlpfWrEl75WoEuEbnoc8-57ueDZ7LFOjIGk4nzCzxgw80Srj5ZC1jpYpVbgyg&cid=CAASFeRoGFzwVeDlHHL2ykUrsJyJn0uXVQ&rfl=1%2Chttps%253A%252F%252Fthedailyblog.co.nz%252F%240
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://84e95da076e33d3921ac34dbc2e8fe22.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Tue, 30 Nov 2021 08:11:57 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
41357
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15207
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="adspam-signals-scs"
expires
Wed, 30 Nov 2022 08:11:57 GMT
Enqz_20U.html
tpc.googlesyndication.com/sodar/ Frame 8991
22 KB
8 KB
Document
General
Full URL
https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://84e95da076e33d3921ac34dbc2e8fe22.safeframe.googlesyndication.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy-report-only
same-origin; report-to="adspam-signals-scs"
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
timing-allow-origin
*
content-length
8395
date
Tue, 30 Nov 2021 16:54:31 GMT
expires
Wed, 30 Nov 2022 16:54:31 GMT
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, max-age=31536000
age
10003
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
npoee1nv94vs
hal9000.redintelligence.net/zone/ Frame A3FD
11 KB
4 KB
Script
General
Full URL
https://hal9000.redintelligence.net/zone/npoee1nv94vs?subid=&gdpr=-1&gdpr_consent=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCGx_VWX6mYZfRGdT77_UP4ZWb2AW1zfmDV8zeuavlDPAuEAEgot_RIGCV4pCCoAfIAQmpAmYnJL0kGLM-qAMBqgSVAk_QjBFRaOyzgJEFGaWJT8MHU7rtDJoNO4x2M7FyTNr9xoJKDNf01bESOtc5XgABprp7MWmDuywHMd0Y-hu_BP5SQllelbpEY87Eb5_dfUaZzwfVyExzoCGMHCBV6UyeBuWXJDfrQ-kxqrBakg_fPab7QebSoBvbuHQWRz3YA4r2bhb8LKf0tnLddoySNaz93z_9a2PShTFcIXHGH3K89x2JoV44RiVL5873J44KaV7lXDTlpOCHkFdFX89fysqHQDW7tUGdgYJAVatJH1VOkAhWWM-7OWW-SRy0n9eyUHP7_w2LoQkM_katdtaq9TJv7zP4g5CuUTJ9ThOpOCMVm1J09NrwwsIUNGQ7wk7JYfIMT3JQSDrABKqd_L7PAeAEA5AGAaAGTYAH6-foXqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB9XJG6gHpr4bqAfz0RuoB5bYG6gHqpuxAqgH35-xAtgHANIICQiI4YAQEAEYHYAKAZgLAcgLAYAMAbATwpraCtATANgTA9gUAdAVAYAXAQ%26ae%3D1%26num%3D1%26cid%3DCAASFeRoGFzwVeDlHHL2ykUrsJyJn0uXVQ%26sig%3DAOD64_36S9c5P60ZlcXY2OdneLZrHouSlQ%26client%3Dca-pub-6251155607275344%26dbm_c%3DAKAmf-AIgCa81hBlCWZC2L3hR3oUvKkjTADJAu00KFkKrVUKStzAqxe-xUgHsHQRAP5A8NrIPv0PhR9zKbE1uwrGiJjdQcdXq9ZUbhhkusgnU-voGtZ2cnHIpFD9jivdtArn225bYFSgNceHuPv5waYTWvnmnUt4yg%26cry%3D1%26dbm_d%3DAKAmf-A3N0EXQ2HtuJl2Mybsp0qXvcFBMcvEhZOh-uB2oUxjKElNas9PAIUvvCclepZ9wdoiNMiOH4qTY66cFxhA0T-4DS8eJ5c7bnGeaJP90_Aa-5RZO8ABdrwD8GpTbp9bgo0_lRbk4i-cX5BtHoWiJTqzgW64KpLuvuvGy-hlKHJ6zWPtxbMeEtjjwJylUrjr0-c0QuMfy1fL9IfGzduoTqFEtwPswD9Fk_Hh2VaR4_fNSkLO4JGcvDq7ZPHqgzz4WW-ojhzfIOnLj1y6ancfbqPT1tsaQoupSB4OeXAjKju2IhsceDunG81G7c_RG91ct1n16DUrdHEhWAvRfEiZtcA3M6aoX-1Cw-sxKfbDtOuypfUNEa6xBMPLEMGekJqCzxQFqWznobm2b21Bk6dy95OUsAbJS_ZNvrdGQGb4oDisTMoDZe1KmZMwtX4q3o8lte0UwriC%26adurl%3D
Requested by
Host: 84e95da076e33d3921ac34dbc2e8fe22.safeframe.googlesyndication.com
URL: https://84e95da076e33d3921ac34dbc2e8fe22.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
138.201.84.244 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.244.84.201.138.clients.your-server.de
Software
Apache /
Resource Hash
beb5c0640cf41c5bdd5d61aa7abc2d847a9fa97d6df69c1e6eed3631e8ef8255

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://84e95da076e33d3921ac34dbc2e8fe22.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date
Tue, 30 Nov 2021 19:41:14 GMT
Content-Encoding
gzip
Server
Apache
Connection
close
Content-Length
3941
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
request.php
hal90002.redintelligence.net/ Frame A3FD
Redirect Chain
  • https://hal90002.redintelligence.net/request.php?zone=npoee1nv94vs&nw=20&renderingType=javascript&namespace=33378dbaaf&subid=&uid=261f6f7dfdb32c77&screenSize=1600x1200&screenSizeAvail=1600x1200&cli...
  • https://hal90002.redintelligence.net/request.php?zone=npoee1nv94vs&nw=20&renderingType=javascript&namespace=33378dbaaf&subid=&uid=261f6f7dfdb32c77&screenSize=1600x1200&screenSizeAvail=1600x1200&cli...
4 KB
2 KB
Script
General
Full URL
https://hal90002.redintelligence.net/request.php?zone=npoee1nv94vs&nw=20&renderingType=javascript&namespace=33378dbaaf&subid=&uid=261f6f7dfdb32c77&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=300x250&scrollPos=0x0&extData[]=&envData=&gdpr=-1&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCGx_VWX6mYZfRGdT77_UP4ZWb2AW1zfmDV8zeuavlDPAuEAEgot_RIGCV4pCCoAfIAQmpAmYnJL0kGLM-qAMBqgSVAk_QjBFRaOyzgJEFGaWJT8MHU7rtDJoNO4x2M7FyTNr9xoJKDNf01bESOtc5XgABprp7MWmDuywHMd0Y-hu_BP5SQllelbpEY87Eb5_dfUaZzwfVyExzoCGMHCBV6UyeBuWXJDfrQ-kxqrBakg_fPab7QebSoBvbuHQWRz3YA4r2bhb8LKf0tnLddoySNaz93z_9a2PShTFcIXHGH3K89x2JoV44RiVL5873J44KaV7lXDTlpOCHkFdFX89fysqHQDW7tUGdgYJAVatJH1VOkAhWWM-7OWW-SRy0n9eyUHP7_w2LoQkM_katdtaq9TJv7zP4g5CuUTJ9ThOpOCMVm1J09NrwwsIUNGQ7wk7JYfIMT3JQSDrABKqd_L7PAeAEA5AGAaAGTYAH6-foXqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB9XJG6gHpr4bqAfz0RuoB5bYG6gHqpuxAqgH35-xAtgHANIICQiI4YAQEAEYHYAKAZgLAcgLAYAMAbATwpraCtATANgTA9gUAdAVAYAXAQ%26ae%3D1%26num%3D1%26cid%3DCAASFeRoGFzwVeDlHHL2ykUrsJyJn0uXVQ%26sig%3DAOD64_36S9c5P60ZlcXY2OdneLZrHouSlQ%26client%3Dca-pub-6251155607275344%26dbm_c%3DAKAmf-AIgCa81hBlCWZC2L3hR3oUvKkjTADJAu00KFkKrVUKStzAqxe-xUgHsHQRAP5A8NrIPv0PhR9zKbE1uwrGiJjdQcdXq9ZUbhhkusgnU-voGtZ2cnHIpFD9jivdtArn225bYFSgNceHuPv5waYTWvnmnUt4yg%26cry%3D1%26dbm_d%3DAKAmf-A3N0EXQ2HtuJl2Mybsp0qXvcFBMcvEhZOh-uB2oUxjKElNas9PAIUvvCclepZ9wdoiNMiOH4qTY66cFxhA0T-4DS8eJ5c7bnGeaJP90_Aa-5RZO8ABdrwD8GpTbp9bgo0_lRbk4i-cX5BtHoWiJTqzgW64KpLuvuvGy-hlKHJ6zWPtxbMeEtjjwJylUrjr0-c0QuMfy1fL9IfGzduoTqFEtwPswD9Fk_Hh2VaR4_fNSkLO4JGcvDq7ZPHqgzz4WW-ojhzfIOnLj1y6ancfbqPT1tsaQoupSB4OeXAjKju2IhsceDunG81G7c_RG91ct1n16DUrdHEhWAvRfEiZtcA3M6aoX-1Cw-sxKfbDtOuypfUNEa6xBMPLEMGekJqCzxQFqWznobm2b21Bk6dy95OUsAbJS_ZNvrdGQGb4oDisTMoDZe1KmZMwtX4q3o8lte0UwriC%26adurl%3D&documentReferer=https%3A%2F%2Fthedailyblog.co.nz%2F&ancestorOrigins=https%3A%2F%2Fthedailyblog.co.nz&random=5616217258290&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0&uidRedirect=1
Requested by
Host: 84e95da076e33d3921ac34dbc2e8fe22.safeframe.googlesyndication.com
URL: https://84e95da076e33d3921ac34dbc2e8fe22.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
HTTP/1.1
Server
46.4.10.47 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.47.10.4.46.clients.your-server.de
Software
Apache /
Resource Hash
8a4976aaa552e4588ae56d635078948327444020525c1a4a73a4eb24a5f49622

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://84e95da076e33d3921ac34dbc2e8fe22.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 30 Nov 2021 19:41:14 GMT
Content-Encoding
gzip
Server
Apache
Vary
Accept-Encoding
P3P
CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Cache-Control
no-store, no-cache, must-revalidate, max-age=0
X-NEORY-SubId
43926000204209700710616011794002
Connection
close
Content-Type
application/x-javascript; charset=utf-8
Content-Length
1306
Expires
Tue, 30 Nov 2021 19:41:14 +0100

Redirect headers

Pragma
no-cache
Date
Tue, 30 Nov 2021 19:41:14 GMT
Server
Apache
P3P
CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Location
request.php?zone=npoee1nv94vs&nw=20&renderingType=javascript&namespace=33378dbaaf&subid=&uid=261f6f7dfdb32c77&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=300x250&scrollPos=0x0&extData[]=&envData=&gdpr=-1&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCGx_VWX6mYZfRGdT77_UP4ZWb2AW1zfmDV8zeuavlDPAuEAEgot_RIGCV4pCCoAfIAQmpAmYnJL0kGLM-qAMBqgSVAk_QjBFRaOyzgJEFGaWJT8MHU7rtDJoNO4x2M7FyTNr9xoJKDNf01bESOtc5XgABprp7MWmDuywHMd0Y-hu_BP5SQllelbpEY87Eb5_dfUaZzwfVyExzoCGMHCBV6UyeBuWXJDfrQ-kxqrBakg_fPab7QebSoBvbuHQWRz3YA4r2bhb8LKf0tnLddoySNaz93z_9a2PShTFcIXHGH3K89x2JoV44RiVL5873J44KaV7lXDTlpOCHkFdFX89fysqHQDW7tUGdgYJAVatJH1VOkAhWWM-7OWW-SRy0n9eyUHP7_w2LoQkM_katdtaq9TJv7zP4g5CuUTJ9ThOpOCMVm1J09NrwwsIUNGQ7wk7JYfIMT3JQSDrABKqd_L7PAeAEA5AGAaAGTYAH6-foXqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB9XJG6gHpr4bqAfz0RuoB5bYG6gHqpuxAqgH35-xAtgHANIICQiI4YAQEAEYHYAKAZgLAcgLAYAMAbATwpraCtATANgTA9gUAdAVAYAXAQ%26ae%3D1%26num%3D1%26cid%3DCAASFeRoGFzwVeDlHHL2ykUrsJyJn0uXVQ%26sig%3DAOD64_36S9c5P60ZlcXY2OdneLZrHouSlQ%26client%3Dca-pub-6251155607275344%26dbm_c%3DAKAmf-AIgCa81hBlCWZC2L3hR3oUvKkjTADJAu00KFkKrVUKStzAqxe-xUgHsHQRAP5A8NrIPv0PhR9zKbE1uwrGiJjdQcdXq9ZUbhhkusgnU-voGtZ2cnHIpFD9jivdtArn225bYFSgNceHuPv5waYTWvnmnUt4yg%26cry%3D1%26dbm_d%3DAKAmf-A3N0EXQ2HtuJl2Mybsp0qXvcFBMcvEhZOh-uB2oUxjKElNas9PAIUvvCclepZ9wdoiNMiOH4qTY66cFxhA0T-4DS8eJ5c7bnGeaJP90_Aa-5RZO8ABdrwD8GpTbp9bgo0_lRbk4i-cX5BtHoWiJTqzgW64KpLuvuvGy-hlKHJ6zWPtxbMeEtjjwJylUrjr0-c0QuMfy1fL9IfGzduoTqFEtwPswD9Fk_Hh2VaR4_fNSkLO4JGcvDq7ZPHqgzz4WW-ojhzfIOnLj1y6ancfbqPT1tsaQoupSB4OeXAjKju2IhsceDunG81G7c_RG91ct1n16DUrdHEhWAvRfEiZtcA3M6aoX-1Cw-sxKfbDtOuypfUNEa6xBMPLEMGekJqCzxQFqWznobm2b21Bk6dy95OUsAbJS_ZNvrdGQGb4oDisTMoDZe1KmZMwtX4q3o8lte0UwriC%26adurl%3D&documentReferer=https%3A%2F%2Fthedailyblog.co.nz%2F&ancestorOrigins=https%3A%2F%2Fthedailyblog.co.nz&random=5616217258290&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0&uidRedirect=1
Cache-Control
no-store, no-cache, must-revalidate, max-age=0
Connection
close
Content-Type
text/html; charset=UTF-8
Content-Length
0
Expires
Tue, 30 Nov 2021 19:41:14 +0100
Ydwwnsiz0RrvfpNl89rQqoBRiFg6eVxNIdbgsmjvwYM.js
pagead2.googlesyndication.com/bg/ Frame 8991
35 KB
13 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/bg/Ydwwnsiz0RrvfpNl89rQqoBRiFg6eVxNIdbgsmjvwYM.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61dc309ec8b3d11aef7e9365f3dad0aa805188583a795c4d21d6e0b268efc183
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Mon, 29 Nov 2021 18:29:59 GMT
content-encoding
br
x-content-type-options
nosniff
age
90675
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13476
x-xss-protection
0
last-modified
Mon, 08 Nov 2021 11:58:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Tue, 29 Nov 2022 18:29:59 GMT
view.aspx
pb.media01.eu/ Frame 73BD
Redirect Chain
  • https://pv.medialead.de/trck/epv/e99aace94e6e5873830a7df8deda4aa6?subid=43926000204209700710616011794002&t=htlp
  • https://pb.media01.eu/view.aspx?trackid=529D4F146E3238B0FD87AE72E1190AD4&dt_subid1=52180&dt_subid2=43926000204209700710616011794002&actionid=731824&produktid=businessgiro&dt_url=
0
629 B
Document
General
Full URL
https://pb.media01.eu/view.aspx?trackid=529D4F146E3238B0FD87AE72E1190AD4&dt_subid1=52180&dt_subid2=43926000204209700710616011794002&actionid=731824&produktid=businessgiro&dt_url=
Requested by
Host: hal90002.redintelligence.net
URL: https://hal90002.redintelligence.net/request.php?zone=npoee1nv94vs&nw=20&renderingType=javascript&namespace=33378dbaaf&subid=&uid=261f6f7dfdb32c77&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=300x250&scrollPos=0x0&extData[]=&envData=&gdpr=-1&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCGx_VWX6mYZfRGdT77_UP4ZWb2AW1zfmDV8zeuavlDPAuEAEgot_RIGCV4pCCoAfIAQmpAmYnJL0kGLM-qAMBqgSVAk_QjBFRaOyzgJEFGaWJT8MHU7rtDJoNO4x2M7FyTNr9xoJKDNf01bESOtc5XgABprp7MWmDuywHMd0Y-hu_BP5SQllelbpEY87Eb5_dfUaZzwfVyExzoCGMHCBV6UyeBuWXJDfrQ-kxqrBakg_fPab7QebSoBvbuHQWRz3YA4r2bhb8LKf0tnLddoySNaz93z_9a2PShTFcIXHGH3K89x2JoV44RiVL5873J44KaV7lXDTlpOCHkFdFX89fysqHQDW7tUGdgYJAVatJH1VOkAhWWM-7OWW-SRy0n9eyUHP7_w2LoQkM_katdtaq9TJv7zP4g5CuUTJ9ThOpOCMVm1J09NrwwsIUNGQ7wk7JYfIMT3JQSDrABKqd_L7PAeAEA5AGAaAGTYAH6-foXqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB9XJG6gHpr4bqAfz0RuoB5bYG6gHqpuxAqgH35-xAtgHANIICQiI4YAQEAEYHYAKAZgLAcgLAYAMAbATwpraCtATANgTA9gUAdAVAYAXAQ%26ae%3D1%26num%3D1%26cid%3DCAASFeRoGFzwVeDlHHL2ykUrsJyJn0uXVQ%26sig%3DAOD64_36S9c5P60ZlcXY2OdneLZrHouSlQ%26client%3Dca-pub-6251155607275344%26dbm_c%3DAKAmf-AIgCa81hBlCWZC2L3hR3oUvKkjTADJAu00KFkKrVUKStzAqxe-xUgHsHQRAP5A8NrIPv0PhR9zKbE1uwrGiJjdQcdXq9ZUbhhkusgnU-voGtZ2cnHIpFD9jivdtArn225bYFSgNceHuPv5waYTWvnmnUt4yg%26cry%3D1%26dbm_d%3DAKAmf-A3N0EXQ2HtuJl2Mybsp0qXvcFBMcvEhZOh-uB2oUxjKElNas9PAIUvvCclepZ9wdoiNMiOH4qTY66cFxhA0T-4DS8eJ5c7bnGeaJP90_Aa-5RZO8ABdrwD8GpTbp9bgo0_lRbk4i-cX5BtHoWiJTqzgW64KpLuvuvGy-hlKHJ6zWPtxbMeEtjjwJylUrjr0-c0QuMfy1fL9IfGzduoTqFEtwPswD9Fk_Hh2VaR4_fNSkLO4JGcvDq7ZPHqgzz4WW-ojhzfIOnLj1y6ancfbqPT1tsaQoupSB4OeXAjKju2IhsceDunG81G7c_RG91ct1n16DUrdHEhWAvRfEiZtcA3M6aoX-1Cw-sxKfbDtOuypfUNEa6xBMPLEMGekJqCzxQFqWznobm2b21Bk6dy95OUsAbJS_ZNvrdGQGb4oDisTMoDZe1KmZMwtX4q3o8lte0UwriC%26adurl%3D&documentReferer=https%3A%2F%2Fthedailyblog.co.nz%2F&ancestorOrigins=https%3A%2F%2Fthedailyblog.co.nz&random=5616217258290&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
88.198.250.30 Schwaig, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.88-198-250-30.clients.your-server.de
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://84e95da076e33d3921ac34dbc2e8fe22.safeframe.googlesyndication.com/

Response headers

cache-control
no-cache, must-revalidate
pragma
no-cache
content-type
text/html; charset=UTF-8
expires
Mon, 26 Jul 1997 05:00:00 GMT
last-modified
Tue, 30 Nov 2021 08:41:14 GMT
server
Microsoft-IIS/10.0
p3p
policyref="https://pb.media01.eu/pb.media01.eu/p3p.xml", CP="NOI NID PSA OUR BUS NAV STA"
access-control-allow-origin
*
access-control-allow-credentials
true
x-xss-protection
1; mode=block
access-control-allow-methods
GET,POST
access-control-allow-headers
Content-Type, Content-Range, Content-Disposition, Content-Description, X-XSRF-TOKEN, X-Location
x-aspnet-version
4.0.30319
x-powered-by
ASP.NET
date
Tue, 30 Nov 2021 19:41:13 GMT
content-length
0

Redirect headers

Server
nginx/1.17.5
Date
Tue, 30 Nov 2021 19:41:14 GMT
Content-Type
text/html; charset=UTF-8
Transfer-Encoding
chunked
Keep-Alive
timeout=20
X-Powered-By
PHP/7.2.21
Access-Control-Allow-Origin
*
Access-Control-Allow-Methods
GET,PUT,POST,DELETE,OPTIONS
Access-Control-Allow-Headers
Origin, X-Requested-With, Content-Range, Content-Disposition, Content-Type, Authorization
Access-Control-Allow-Credentials
true
Location
https://pb.media01.eu/view.aspx?trackid=529D4F146E3238B0FD87AE72E1190AD4&dt_subid1=52180&dt_subid2=43926000204209700710616011794002&actionid=731824&produktid=businessgiro&dt_url=
Strict-Transport-Security
max-age=63072000;includeSubdomains;preload max-age=15768000
X-IPLB-Request-ID
B9D59BA5:B416_91EFC182:01BB_61A67E5A_FBA2359:2A262
X-IPLB-Instance
40028
Cache-control
private
/
adv.office-partner.de/ Frame 48D0
930 B
1 KB
Document
General
Full URL
https://adv.office-partner.de/?utm_source=webgains&utm_campaign=webgains
Requested by
Host: hal90002.redintelligence.net
URL: https://hal90002.redintelligence.net/request.php?zone=npoee1nv94vs&nw=20&renderingType=javascript&namespace=33378dbaaf&subid=&uid=261f6f7dfdb32c77&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=300x250&scrollPos=0x0&extData[]=&envData=&gdpr=-1&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCGx_VWX6mYZfRGdT77_UP4ZWb2AW1zfmDV8zeuavlDPAuEAEgot_RIGCV4pCCoAfIAQmpAmYnJL0kGLM-qAMBqgSVAk_QjBFRaOyzgJEFGaWJT8MHU7rtDJoNO4x2M7FyTNr9xoJKDNf01bESOtc5XgABprp7MWmDuywHMd0Y-hu_BP5SQllelbpEY87Eb5_dfUaZzwfVyExzoCGMHCBV6UyeBuWXJDfrQ-kxqrBakg_fPab7QebSoBvbuHQWRz3YA4r2bhb8LKf0tnLddoySNaz93z_9a2PShTFcIXHGH3K89x2JoV44RiVL5873J44KaV7lXDTlpOCHkFdFX89fysqHQDW7tUGdgYJAVatJH1VOkAhWWM-7OWW-SRy0n9eyUHP7_w2LoQkM_katdtaq9TJv7zP4g5CuUTJ9ThOpOCMVm1J09NrwwsIUNGQ7wk7JYfIMT3JQSDrABKqd_L7PAeAEA5AGAaAGTYAH6-foXqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB9XJG6gHpr4bqAfz0RuoB5bYG6gHqpuxAqgH35-xAtgHANIICQiI4YAQEAEYHYAKAZgLAcgLAYAMAbATwpraCtATANgTA9gUAdAVAYAXAQ%26ae%3D1%26num%3D1%26cid%3DCAASFeRoGFzwVeDlHHL2ykUrsJyJn0uXVQ%26sig%3DAOD64_36S9c5P60ZlcXY2OdneLZrHouSlQ%26client%3Dca-pub-6251155607275344%26dbm_c%3DAKAmf-AIgCa81hBlCWZC2L3hR3oUvKkjTADJAu00KFkKrVUKStzAqxe-xUgHsHQRAP5A8NrIPv0PhR9zKbE1uwrGiJjdQcdXq9ZUbhhkusgnU-voGtZ2cnHIpFD9jivdtArn225bYFSgNceHuPv5waYTWvnmnUt4yg%26cry%3D1%26dbm_d%3DAKAmf-A3N0EXQ2HtuJl2Mybsp0qXvcFBMcvEhZOh-uB2oUxjKElNas9PAIUvvCclepZ9wdoiNMiOH4qTY66cFxhA0T-4DS8eJ5c7bnGeaJP90_Aa-5RZO8ABdrwD8GpTbp9bgo0_lRbk4i-cX5BtHoWiJTqzgW64KpLuvuvGy-hlKHJ6zWPtxbMeEtjjwJylUrjr0-c0QuMfy1fL9IfGzduoTqFEtwPswD9Fk_Hh2VaR4_fNSkLO4JGcvDq7ZPHqgzz4WW-ojhzfIOnLj1y6ancfbqPT1tsaQoupSB4OeXAjKju2IhsceDunG81G7c_RG91ct1n16DUrdHEhWAvRfEiZtcA3M6aoX-1Cw-sxKfbDtOuypfUNEa6xBMPLEMGekJqCzxQFqWznobm2b21Bk6dy95OUsAbJS_ZNvrdGQGb4oDisTMoDZe1KmZMwtX4q3o8lte0UwriC%26adurl%3D&documentReferer=https%3A%2F%2Fthedailyblog.co.nz%2F&ancestorOrigins=https%3A%2F%2Fthedailyblog.co.nz&random=5616217258290&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a0b:4d07:101::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software
keycdn-engine /
Resource Hash
384179ee8fb1fd393558e28ea811532ea776e8cd69f9e94f379ddefb78948bd7

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://84e95da076e33d3921ac34dbc2e8fe22.safeframe.googlesyndication.com/

Response headers

server
keycdn-engine
date
Tue, 30 Nov 2021 19:41:14 GMT
content-type
text/html
content-length
930
last-modified
Thu, 06 May 2021 15:37:28 GMT
etag
"3a2-5c1ab16ba8ac4"
expires
Tue, 07 Dec 2021 19:41:14 GMT
cache-control
max-age=604800
link
<http://adv-srv.office-partner.de/?utm_source=webgains&utm_campaign=webgains>; rel="canonical"
x-cache
HIT
x-edge-location
defr
access-control-allow-origin
*
accept-ranges
bytes
link.html
track.webgains.com/ Frame A3FD
1 KB
2 KB
Script
General
Full URL
https://track.webgains.com/link.html?wglinkid=2513145&wgcampaignid=99582&js=1&viewref=43926000204209700710616011794002&nw=1
Requested by
Host: thedailyblog.co.nz
URL: https://thedailyblog.co.nz/
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_CBC
Server
46.236.13.147 , United Kingdom, ASN12703 (PULSANT-AS, GB),
Reverse DNS
46-236-13-147.servers.dedipower.net
Software
Apache /
Resource Hash
0fc1c182ca4b639cf2e6b8a1172c6e00f7c597e5d24ff191268f8f542104dfc6

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://84e95da076e33d3921ac34dbc2e8fe22.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 30 Nov 2021 19:41:14 GMT
Last-Modified
Tue, 30 Nov 2021 19:41:14 GMT
Server
Apache
P3P
policyref="http://www.webgains.com/w3c/p3p.xml", CP="NON DSP COR NID ADM DEV CURi OUR NOR COM NAV"
X-WG-cache
hit
Cache-Control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection
close
Content-Type
text/html;charset=utf-8
Content-Length
1233
Expires
Mon, 26 Jul 1997 05:00:00 GMT
activityi;dc_pre=CITK_uvrwPQCFcREHQkddTYD6A;src=8019191;type=invmedia;cat=1up4h04i;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=2794780153201.4395
8019191.fls.doubleclick.net/ Frame 6BFA
Redirect Chain
  • https://8019191.fls.doubleclick.net/activityi;src=8019191;type=invmedia;cat=1up4h04i;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=2794780153201.4395?
  • https://8019191.fls.doubleclick.net/activityi;dc_pre=CITK_uvrwPQCFcREHQkddTYD6A;src=8019191;type=invmedia;cat=1up4h04i;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=2794780153201.4395?
392 B
346 B
Document
General
Full URL
https://8019191.fls.doubleclick.net/activityi;dc_pre=CITK_uvrwPQCFcREHQkddTYD6A;src=8019191;type=invmedia;cat=1up4h04i;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=2794780153201.4395?
Requested by
Host: thedailyblog.co.nz
URL: https://thedailyblog.co.nz/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.74.198 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s02-in-f6.1e100.net
Software
cafe /
Resource Hash
5715ccce357c101474624bcb4f6950296f7db5d10d650939b01dfc4e6e759e9b
Security Headers
Name Value
Strict-Transport-Security max-age=21600
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://84e95da076e33d3921ac34dbc2e8fe22.safeframe.googlesyndication.com/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
date
Tue, 30 Nov 2021 19:41:14 GMT
expires
Tue, 30 Nov 2021 19:41:14 GMT
cache-control
private, max-age=0
strict-transport-security
max-age=21600
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
gzip
server
cafe
content-length
323
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

Redirect headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
date
Tue, 30 Nov 2021 19:41:14 GMT
pragma
no-cache
expires
Fri, 01 Jan 1990 00:00:00 GMT
cache-control
no-cache, must-revalidate
follow-only-when-prerender-shown
1
strict-transport-security
max-age=21600
location
https://8019191.fls.doubleclick.net/activityi;dc_pre=CITK_uvrwPQCFcREHQkddTYD6A;src=8019191;type=invmedia;cat=1up4h04i;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=2794780153201.4395?
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
server
cafe
content-length
0
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
request_content.php
hal90002.redintelligence.net/ Frame 182D
7 KB
2 KB
Document
General
Full URL
https://hal90002.redintelligence.net/request_content.php?s=43926000204209700710616011794002&a=14753bce
Requested by
Host: hal90002.redintelligence.net
URL: https://hal90002.redintelligence.net/request.php?zone=npoee1nv94vs&nw=20&renderingType=javascript&namespace=33378dbaaf&subid=&uid=261f6f7dfdb32c77&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=300x250&scrollPos=0x0&extData[]=&envData=&gdpr=-1&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCGx_VWX6mYZfRGdT77_UP4ZWb2AW1zfmDV8zeuavlDPAuEAEgot_RIGCV4pCCoAfIAQmpAmYnJL0kGLM-qAMBqgSVAk_QjBFRaOyzgJEFGaWJT8MHU7rtDJoNO4x2M7FyTNr9xoJKDNf01bESOtc5XgABprp7MWmDuywHMd0Y-hu_BP5SQllelbpEY87Eb5_dfUaZzwfVyExzoCGMHCBV6UyeBuWXJDfrQ-kxqrBakg_fPab7QebSoBvbuHQWRz3YA4r2bhb8LKf0tnLddoySNaz93z_9a2PShTFcIXHGH3K89x2JoV44RiVL5873J44KaV7lXDTlpOCHkFdFX89fysqHQDW7tUGdgYJAVatJH1VOkAhWWM-7OWW-SRy0n9eyUHP7_w2LoQkM_katdtaq9TJv7zP4g5CuUTJ9ThOpOCMVm1J09NrwwsIUNGQ7wk7JYfIMT3JQSDrABKqd_L7PAeAEA5AGAaAGTYAH6-foXqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB9XJG6gHpr4bqAfz0RuoB5bYG6gHqpuxAqgH35-xAtgHANIICQiI4YAQEAEYHYAKAZgLAcgLAYAMAbATwpraCtATANgTA9gUAdAVAYAXAQ%26ae%3D1%26num%3D1%26cid%3DCAASFeRoGFzwVeDlHHL2ykUrsJyJn0uXVQ%26sig%3DAOD64_36S9c5P60ZlcXY2OdneLZrHouSlQ%26client%3Dca-pub-6251155607275344%26dbm_c%3DAKAmf-AIgCa81hBlCWZC2L3hR3oUvKkjTADJAu00KFkKrVUKStzAqxe-xUgHsHQRAP5A8NrIPv0PhR9zKbE1uwrGiJjdQcdXq9ZUbhhkusgnU-voGtZ2cnHIpFD9jivdtArn225bYFSgNceHuPv5waYTWvnmnUt4yg%26cry%3D1%26dbm_d%3DAKAmf-A3N0EXQ2HtuJl2Mybsp0qXvcFBMcvEhZOh-uB2oUxjKElNas9PAIUvvCclepZ9wdoiNMiOH4qTY66cFxhA0T-4DS8eJ5c7bnGeaJP90_Aa-5RZO8ABdrwD8GpTbp9bgo0_lRbk4i-cX5BtHoWiJTqzgW64KpLuvuvGy-hlKHJ6zWPtxbMeEtjjwJylUrjr0-c0QuMfy1fL9IfGzduoTqFEtwPswD9Fk_Hh2VaR4_fNSkLO4JGcvDq7ZPHqgzz4WW-ojhzfIOnLj1y6ancfbqPT1tsaQoupSB4OeXAjKju2IhsceDunG81G7c_RG91ct1n16DUrdHEhWAvRfEiZtcA3M6aoX-1Cw-sxKfbDtOuypfUNEa6xBMPLEMGekJqCzxQFqWznobm2b21Bk6dy95OUsAbJS_ZNvrdGQGb4oDisTMoDZe1KmZMwtX4q3o8lte0UwriC%26adurl%3D&documentReferer=https%3A%2F%2Fthedailyblog.co.nz%2F&ancestorOrigins=https%3A%2F%2Fthedailyblog.co.nz&random=5616217258290&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
46.4.10.47 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.47.10.4.46.clients.your-server.de
Software
Apache /
Resource Hash
f8fcaf54764f74d91dcdad1570ed73d9746d389f6bd46767bc1ce6d2a575bd42

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://84e95da076e33d3921ac34dbc2e8fe22.safeframe.googlesyndication.com/

Response headers

Date
Tue, 30 Nov 2021 19:41:14 GMT
Server
Apache
Cache-Control
no-store, no-cache, must-revalidate, max-age=0
Expires
Tue, 30 Nov 2021 19:41:14 +0100
Pragma
no-cache
P3P
CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Vary
Accept-Encoding
Content-Encoding
gzip
Content-Length
2047
Connection
close
Content-Type
text/html; charset=utf-8
native.png
ad-server.eu/wm/pb/ Frame A3FD
Redirect Chain
  • https://pv.medialead.de/trck/eview/e99aace94e6e5873830a7df8deda4aa6?subid=43926000204209700710616011794002
  • https://ad-server.eu/wm/pb/native.png
68 B
312 B
Image
General
Full URL
https://ad-server.eu/wm/pb/native.png
Requested by
Host: 84e95da076e33d3921ac34dbc2e8fe22.safeframe.googlesyndication.com
URL: https://84e95da076e33d3921ac34dbc2e8fe22.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
HTTP/1.1
Server
54.76.176.197 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-76-176-197.eu-west-1.compute.amazonaws.com
Software
nginx/1.4.6 (Ubuntu) /
Resource Hash
93ae7d494fad0fb30cbf3ae746a39c4bc7a0f8bbf87fbb587a3f3c01f3c5ce20

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://84e95da076e33d3921ac34dbc2e8fe22.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date
Tue, 30 Nov 2021 19:45:43 GMT
Last-Modified
Sat, 21 Dec 2019 23:06:59 GMT
Server
nginx/1.4.6 (Ubuntu)
ETag
"5dfea593-44"
Content-Type
image/png
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
68

Redirect headers

Date
Tue, 30 Nov 2021 19:41:14 GMT
Server
nginx/1.19.7
X-IPLB-Request-ID
B9D59BA5:B414_91EFC182:01BB_61A67E5A_FB60DD4:627B
X-Powered-By
PHP/7.2.34
X-IPLB-Instance
40027
Strict-Transport-Security
max-age=63072000;includeSubdomains;preload, max-age=15768000
Content-Type
text/html; charset=UTF-8
Location
https://ad-server.eu/wm/pb/native.png
Cache-control
private
Transfer-Encoding
chunked
Keep-Alive
timeout=20
cshow.php
www.awin1.com/ Frame A3FD
43 B
704 B
Image
General
Full URL
https://www.awin1.com/cshow.php?s=2601051&v=18332&q=376776&r=296283&pref1=43926000204209700710616011794002&pv=1
Requested by
Host: 84e95da076e33d3921ac34dbc2e8fe22.safeframe.googlesyndication.com
URL: https://84e95da076e33d3921ac34dbc2e8fe22.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.92.94.3 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-92-94-3.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://84e95da076e33d3921ac34dbc2e8fe22.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 30 Nov 2021 19:41:14 GMT
Strict-Transport-Security
max-age=86400
P3P
policyref="http://www.awin1.com/w3c/p3p.xml", CP="NOI NID CURa ADMa PSAa HISa OUR IND UNI PUR COM NAV"
Cache-Control
no-store, no-cache, max-age=0, must-revalidate
Awin-Akamai-Rule-Set
default
Node
Helix
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
0
gen_204
pagead2.googlesyndication.com/pagead/ Frame A3FD
0
0
Fetch
General
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=av-js&type=extra&rnd=8299265
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://84e95da076e33d3921ac34dbc2e8fe22.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 30 Nov 2021 19:41:14 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame A3FD
0
0
Fetch
General
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=av-js&type=extra&rnd=7468637
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://84e95da076e33d3921ac34dbc2e8fe22.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 30 Nov 2021 19:41:14 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
truncated
/ Frame A3FD
214 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
631b3dae83647389ba77b86999a8aeaf4e86637c6e3ca966c3c7914beb9317ec

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Content-Type
image/png
gen_204
pagead2.googlesyndication.com/pagead/ Frame 8991
0
20 B
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=Bx1WNWX6mYdSlO8CM7_UP-LWCmAsAAAAAOAHgBAI&bg=!b2ylbCjNAAZQLpa_UC47ACkAdvg8Woi-BmgmIOoiqccZBnBtgnKHnNb_ECsOZl0_FpJbP0Ux_35xcwIAAABDUgAAAApoAQcKAKYhiCba6X4KIvkMy7Q7jN9KVnOOsLSRpBtiruc3T_BVMk8XHhy7R4lB4RkILgJewjWXTpDiPZtKj7GcBtD-2xvrFC9nA0jtFFSHZzXx2G5AeFbhvtudkPXWfcFwhAWnQ6yYYbwUsV8UZcN4nLy89_do70zzJo7smACtJ9neLbY__KwlH0XolmzfN_co0EivwM614aNtOoH8plZKZUFOTpYpLfyOo4pPmQLTPX09rTmxzIq67GQWgfnpsrK3SWMFp-TuFEO5MT6dSv-tIUiUY8esdsCQa7qt-hS_x_syuvrUzv5F2iqi99XNB6tPlGzCKyJOpT8rAgAVg-I4KBM8QiQxzrW3wdj4kbJcSnBFRp7WDWYNEc9HNjeRHZ-JnCYl61UMTsKNzj-9MptjaReaU0B_Z_v8Dx3-eVnGEOru-QV_Lsh1mrui8fLSyFwCUfd67Z43O9JiPSpBXT5f9nwkwSUPyZArX79y7nJFyQiTiPjPp-9CD3FIqogGpv3vsUbaSqDGE9b-OPBQyEe9sorkxolmAKMjgTvX1LuYxGHM4SQmMwfZ5ihwYhkFCghP7Kjw5Wx_sNrClqaXFLGAuxyVeaUEU85FS0twcIMgXI_dmDICWu27i-RptrWosagCZu6aY754YlG95cAkmbUnB04a3BXKJHUgejnHmRCoWHM5u_6jsgQRNchePnBBgFWAtAOkqK3B_RNCt18gLc3B-SD5KeyAeKezaE0ngGEqjj97-fM9cpL8PIc0QeJkBlAsR0vPbnbEV_0YTxtA4uHUs3WWIrHBmvhVm9KkDNUwBLiK30DRZ0i33DDCHnETcQlQzg2F2A02_v4dQMLopHshhE55COJl9-dlgmTRdP7k49YFIYEc-ENijgJ15mRYgDHruwwpEBJsywRFmJnHIsDkNBLnXtPFxJNfUXjV0Bmu0scyjTlsG1RINTK_SkznOzRIxkMdPJ0Y2PpBEqLYMaGDB8Ubj3zS5GT5FLlZ1xe9ucj3GkZK0jYTwstBb9V4MBteATfe3UEG6hs9_gPuvbGY3Sok_lX4HwNMVJ4SGIhu_VSWdYiib5haTKPpvNQzXtWHyTuFE4FDkW_a57DTkFQQQUZjTFJ2reBS7tRbcvN233MN2D88s7V2MF-HYHxphvUAjHfBv223SvFK1ZYTyAZPRGnhnL9_DnBd9iX4So595OqI
Requested by
Host: 84e95da076e33d3921ac34dbc2e8fe22.safeframe.googlesyndication.com
URL: https://84e95da076e33d3921ac34dbc2e8fe22.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 30 Nov 2021 19:41:14 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
84e95da076e33d3921ac34dbc2e8fe22.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 27AE
6 KB
3 KB
Document
General
Full URL
https://84e95da076e33d3921ac34dbc2e8fe22.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021111701.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://thedailyblog.co.nz/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin
*
content-length
3108
date
Tue, 30 Nov 2021 19:41:12 GMT
expires
Wed, 30 Nov 2022 19:41:12 GMT
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, immutable, max-age=31536000
age
2
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
css
fonts.googleapis.com/ Frame 182D
4 KB
649 B
Stylesheet
General
Full URL
https://fonts.googleapis.com/css?family=Source+Sans+Pro:400,600
Requested by
Host: hal90002.redintelligence.net
URL: https://hal90002.redintelligence.net/request_content.php?s=43926000204209700710616011794002&a=14753bce
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
ad246d47536dacf0256646042ec184678bfc630fcb638d9199bd66cf8cb5e457
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://hal90002.redintelligence.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Tue, 30 Nov 2021 18:05:48 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Tue, 30 Nov 2021 19:41:14 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Tue, 30 Nov 2021 19:41:14 GMT
/
hal9000.redintelligence.net/scale/ Frame 182D
16 KB
16 KB
Image
General
Full URL
https://hal9000.redintelligence.net/scale/?nw=20&mode=bb&width=120&height=60&url=https://cdn.contentspread.net/24i/advertiser/6383/creativesup/pb_goldschmied_1200x627.jpg
Requested by
Host: hal90002.redintelligence.net
URL: https://hal90002.redintelligence.net/request_content.php?s=43926000204209700710616011794002&a=14753bce
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
138.201.84.244 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.244.84.201.138.clients.your-server.de
Software
Apache /
Resource Hash
081a76be5cfc9a0b3d862570c8c3dccca4142348d07ee36b239027fef5d20eef

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://hal90002.redintelligence.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date
Tue, 30 Nov 2021 19:41:14 GMT
Content-Encoding
gzip
Server
Apache
Connection
close
Content-Length
16464
Vary
Accept-Encoding
Content-Type
image/png
/
hal9000.redintelligence.net/scale/ Frame 182D
16 KB
16 KB
Image
General
Full URL
https://hal9000.redintelligence.net/scale/?nw=20&mode=bb&width=120&height=60&url=https://cdn.contentspread.net/24i/advertiser/30229/creativesup/1200x627_Office-Partner.jpg
Requested by
Host: hal90002.redintelligence.net
URL: https://hal90002.redintelligence.net/request_content.php?s=43926000204209700710616011794002&a=14753bce
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
138.201.84.244 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.244.84.201.138.clients.your-server.de
Software
Apache /
Resource Hash
367066087d5c480312745a1f35b64c2391cb7bb76f1a0da3db9ff669a21b4813

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://hal90002.redintelligence.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date
Tue, 30 Nov 2021 19:41:14 GMT
Content-Encoding
gzip
Server
Apache
Connection
close
Content-Length
16531
Vary
Accept-Encoding
Content-Type
image/png
/
hal9000.redintelligence.net/scale/ Frame 182D
15 KB
15 KB
Image
General
Full URL
https://hal9000.redintelligence.net/scale/?nw=20&mode=bb&width=120&height=60&url=https://cdn.contentspread.net/24i/advertiser/52343/creativesup/1200x627_2.jpg
Requested by
Host: hal90002.redintelligence.net
URL: https://hal90002.redintelligence.net/request_content.php?s=43926000204209700710616011794002&a=14753bce
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
138.201.84.244 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.244.84.201.138.clients.your-server.de
Software
Apache /
Resource Hash
c2fcc178cc00a442c558b4b319cc2a7c3b7a0c0237458d99f4fa91cc1b1e850f

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://hal90002.redintelligence.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date
Tue, 30 Nov 2021 19:41:14 GMT
Content-Encoding
gzip
Server
Apache
Connection
close
Content-Length
15250
Vary
Accept-Encoding
Content-Type
image/png
548bdb63b969e5c27f75e62faf543d70.js
www.gstatic.com/mysidia/ Frame 27AE
7 KB
3 KB
Script
General
Full URL
https://www.gstatic.com/mysidia/548bdb63b969e5c27f75e62faf543d70.js?tag=client_fast_engine_2019
Requested by
Host: 84e95da076e33d3921ac34dbc2e8fe22.safeframe.googlesyndication.com
URL: https://84e95da076e33d3921ac34dbc2e8fe22.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
541a22e85f3238899f2589d44b9390a8d6d6e193a5d436c10e8ec9ce7b256e76
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://84e95da076e33d3921ac34dbc2e8fe22.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Tue, 23 Nov 2021 21:03:01 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
599893
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3286
x-xss-protection
0
last-modified
Tue, 16 Nov 2021 04:29:01 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="mysidia"
vary
Accept-Encoding
report-to
{"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type
text/javascript
cache-control
public, max-age=7776000
accept-ranges
bytes
expires
Mon, 21 Feb 2022 21:03:01 GMT
e896defd9da58cd70544d59688f4a346.js
www.gstatic.com/mysidia/ Frame 27AE
11 KB
5 KB
Script
General
Full URL
https://www.gstatic.com/mysidia/e896defd9da58cd70544d59688f4a346.js?tag=pingback
Requested by
Host: 84e95da076e33d3921ac34dbc2e8fe22.safeframe.googlesyndication.com
URL: https://84e95da076e33d3921ac34dbc2e8fe22.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
67e6599b9fd28869eb047c72fd7486c191b54a661ec61accdf9b2de87f246ce9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://84e95da076e33d3921ac34dbc2e8fe22.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Wed, 24 Nov 2021 21:25:22 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
512152
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4792
x-xss-protection
0
last-modified
Tue, 16 Nov 2021 04:29:01 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="mysidia"
vary
Accept-Encoding
report-to
{"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type
text/javascript
cache-control
public, max-age=7776000
accept-ranges
bytes
expires
Tue, 22 Feb 2022 21:25:22 GMT
css
fonts.googleapis.com/ Frame 27AE
2 KB
532 B
Stylesheet
General
Full URL
https://fonts.googleapis.com/css?family=Google%20Sans%20Display%3A400
Requested by
Host: 84e95da076e33d3921ac34dbc2e8fe22.safeframe.googlesyndication.com
URL: https://84e95da076e33d3921ac34dbc2e8fe22.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
e89a316ebf1c63ea09e2b7b5889fb55e1ffb326c7b2b172027da0948f5709f6a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://84e95da076e33d3921ac34dbc2e8fe22.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Tue, 30 Nov 2021 17:53:30 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Tue, 30 Nov 2021 19:41:14 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Tue, 30 Nov 2021 19:41:14 GMT
load_preloaded_resource_fy2019.js
tpc.googlesyndication.com/pagead/js/r20211111/r20110914/client/ Frame 27AE
1 KB
890 B
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20211111/r20110914/client/load_preloaded_resource_fy2019.js
Requested by
Host: 84e95da076e33d3921ac34dbc2e8fe22.safeframe.googlesyndication.com
URL: https://84e95da076e33d3921ac34dbc2e8fe22.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
b4a25f11fbb1e2b547eaf848472f9c048824e307a945f3a0417aac7b09d0456e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://84e95da076e33d3921ac34dbc2e8fe22.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Tue, 30 Nov 2021 19:40:12 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
62
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
853
x-xss-protection
0
server
cafe
etag
7170004918125193417
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 14 Dec 2021 19:40:12 GMT
b85b9965a6c1d8af98ff0fb9e6466ad8.js
www.gstatic.com/mysidia/ Frame 27AE
6 KB
2 KB
Script
General
Full URL
https://www.gstatic.com/mysidia/b85b9965a6c1d8af98ff0fb9e6466ad8.js?tag=analytics_pingback_2019
Requested by
Host: 84e95da076e33d3921ac34dbc2e8fe22.safeframe.googlesyndication.com
URL: https://84e95da076e33d3921ac34dbc2e8fe22.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
64e62b6ed84c308d8011efc4a92b313480ca230a7c2df6e3992aec36d300de37
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://84e95da076e33d3921ac34dbc2e8fe22.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Tue, 30 Nov 2021 17:02:58 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
9496
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2518
x-xss-protection
0
last-modified
Tue, 16 Nov 2021 04:29:01 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="mysidia"
vary
Accept-Encoding
report-to
{"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type
text/javascript
cache-control
public, max-age=7776000
accept-ranges
bytes
expires
Mon, 28 Feb 2022 17:02:58 GMT
abg_lite_fy2019.js
tpc.googlesyndication.com/pagead/js/r20211111/r20110914/ Frame 27AE
19 KB
8 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20211111/r20110914/abg_lite_fy2019.js
Requested by
Host: 84e95da076e33d3921ac34dbc2e8fe22.safeframe.googlesyndication.com
URL: https://84e95da076e33d3921ac34dbc2e8fe22.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
65623c8434f7dadaba113a4521a101729ee3e6635e4412f2ccc99fbe6412d15e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://84e95da076e33d3921ac34dbc2e8fe22.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Tue, 30 Nov 2021 19:39:58 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
76
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7840
x-xss-protection
0
server
cafe
etag
9525834815172239946
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 14 Dec 2021 19:39:58 GMT
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20211111/r20110914/client/ Frame 27AE
2 KB
1 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20211111/r20110914/client/window_focus_fy2019.js
Requested by
Host: 84e95da076e33d3921ac34dbc2e8fe22.safeframe.googlesyndication.com
URL: https://84e95da076e33d3921ac34dbc2e8fe22.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
36eb26e781bd5df368210633ce1197df38df32820e93c18e48afb04ad1cea627
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://84e95da076e33d3921ac34dbc2e8fe22.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Tue, 30 Nov 2021 19:40:06 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
68
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1332
x-xss-protection
0
server
cafe
etag
3351516697335751560
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 14 Dec 2021 19:40:06 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 27AE
119 KB
36 KB
Script
General
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: 84e95da076e33d3921ac34dbc2e8fe22.safeframe.googlesyndication.com
URL: https://84e95da076e33d3921ac34dbc2e8fe22.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8aa335ad864ac08058c857f05f31cc4c1853a014859bd8ebff6d2a54e05813e8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://84e95da076e33d3921ac34dbc2e8fe22.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Tue, 30 Nov 2021 19:41:14 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
37119
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1636547677202025"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Tue, 30 Nov 2021 19:41:14 GMT
qs_click_protection_fy2019.js
tpc.googlesyndication.com/pagead/js/r20211111/r20110914/client/ Frame 27AE
15 KB
6 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20211111/r20110914/client/qs_click_protection_fy2019.js
Requested by
Host: 84e95da076e33d3921ac34dbc2e8fe22.safeframe.googlesyndication.com
URL: https://84e95da076e33d3921ac34dbc2e8fe22.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e7907336273196ef7b66c3c9377e5958d4c7e9691de3e67dca3a803138344a00
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://84e95da076e33d3921ac34dbc2e8fe22.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Tue, 30 Nov 2021 19:40:44 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
30
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6415
x-xss-protection
0
server
cafe
etag
16810888504096353422
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 14 Dec 2021 19:40:44 GMT
l
www.google.com/ads/measurement/ Frame 27AE
0
0
Image
General
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaTMJC-3C3SM09Jx57OGnaDY-hp3J22wk6slSJ4nFEl-NlkWVokddkZSF_3VjhqzeVWQeQVRJA5B44c7uLzxSGC-Fkld1w
Requested by
Host: 84e95da076e33d3921ac34dbc2e8fe22.safeframe.googlesyndication.com
URL: https://84e95da076e33d3921ac34dbc2e8fe22.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://84e95da076e33d3921ac34dbc2e8fe22.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

163b3e9c260ab6fd774ac5b5c6fd1d76.js
www.gstatic.com/mysidia/ Frame 27AE
27 KB
11 KB
Script
General
Full URL
https://www.gstatic.com/mysidia/163b3e9c260ab6fd774ac5b5c6fd1d76.js?tag=mysidia_one_click_handler_one_afma_2019
Requested by
Host: 84e95da076e33d3921ac34dbc2e8fe22.safeframe.googlesyndication.com
URL: https://84e95da076e33d3921ac34dbc2e8fe22.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
de418fdfa1d02a219d049bb1cd8562182c4201c67f6b9d0e2f67f21a476e1096
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://84e95da076e33d3921ac34dbc2e8fe22.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Tue, 30 Nov 2021 16:53:57 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
10037
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11360
x-xss-protection
0
last-modified
Tue, 16 Nov 2021 04:29:01 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="mysidia"
vary
Accept-Encoding
report-to
{"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type
text/javascript
cache-control
public, max-age=7776000
accept-ranges
bytes
expires
Mon, 28 Feb 2022 16:53:57 GMT
viewability
hal90002.redintelligence.net/ Frame 182D
0
150 B
Script
General
Full URL
https://hal90002.redintelligence.net/viewability?s=43926000204209700710616011794002&a=eb2457ed&vb=m
Requested by
Host: hal90002.redintelligence.net
URL: https://hal90002.redintelligence.net/request_content.php?s=43926000204209700710616011794002&a=14753bce
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
46.4.10.47 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.47.10.4.46.clients.your-server.de
Software
Apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://hal90002.redintelligence.net/request_content.php?s=43926000204209700710616011794002&a=14753bce
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date
Tue, 30 Nov 2021 19:41:14 GMT
Server
Apache
Connection
close
Content-Length
0
Content-Type
text/html; charset=UTF-8
6xKydSBYKcSV-LCoeQqfX1RYOo3i54rwlxdu.woff2
fonts.gstatic.com/s/sourcesanspro/v18/ Frame 182D
13 KB
13 KB
Font
General
Full URL
https://fonts.gstatic.com/s/sourcesanspro/v18/6xKydSBYKcSV-LCoeQqfX1RYOo3i54rwlxdu.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Source+Sans+Pro:400,600
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
72dbd696f7961daf9049faacc868865d959f3d126f40d5271f48d5d9a0ccc652
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://hal90002.redintelligence.net
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Mon, 29 Nov 2021 21:39:33 GMT
x-content-type-options
nosniff
age
79301
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13072
x-xss-protection
0
last-modified
Wed, 10 Nov 2021 18:17:36 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Tue, 29 Nov 2022 21:39:33 GMT
6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7l.woff2
fonts.gstatic.com/s/sourcesanspro/v18/ Frame 182D
13 KB
13 KB
Font
General
Full URL
https://fonts.gstatic.com/s/sourcesanspro/v18/6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7l.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Source+Sans+Pro:400,600
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
428f1eb7935944229430ac0fdce0033f05d9b8c1c020b87c681dd7a78ab4dd19
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://hal90002.redintelligence.net
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Wed, 24 Nov 2021 14:56:27 GMT
x-content-type-options
nosniff
age
535487
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13080
x-xss-protection
0
last-modified
Wed, 10 Nov 2021 18:10:26 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Thu, 24 Nov 2022 14:56:27 GMT
shopping
encrypted-tbn0.gstatic.com/ Frame 27AE
36 KB
37 KB
Image
General
Full URL
https://encrypted-tbn0.gstatic.com/shopping?q=tbn:ANd9GcRd13SC1clhMLOj4YxmrM8oBL0hCiRom02wDiTp_0BQVTosTvSpCucWCPL8fg&usqp=CAI
Requested by
Host: 84e95da076e33d3921ac34dbc2e8fe22.safeframe.googlesyndication.com
URL: https://84e95da076e33d3921ac34dbc2e8fe22.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f9c03055751bda88bf3b63a684f4ac960d54dfe1ec6d2bf80932e579ab0051c7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://84e95da076e33d3921ac34dbc2e8fe22.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Sun, 28 Nov 2021 10:24:44 GMT
x-content-type-options
nosniff
age
206190
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
37159
x-xss-protection
0
last-modified
Wed, 22 Sep 2021 02:37:28 GMT
server
sffe
report-to
{"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type
image/jpeg
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="images-tbn"
expires
Mon, 28 Nov 2022 10:24:44 GMT
shopping
encrypted-tbn2.gstatic.com/ Frame 27AE
30 KB
31 KB
Image
General
Full URL
https://encrypted-tbn2.gstatic.com/shopping?q=tbn:ANd9GcTd9Q6p4ZhSzXw4sztVjxEBPELSGXJBGSgs-4nfFuh-JiBw3xRjRgaLiuIpqYI&usqp=CAI
Requested by
Host: 84e95da076e33d3921ac34dbc2e8fe22.safeframe.googlesyndication.com
URL: https://84e95da076e33d3921ac34dbc2e8fe22.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
2cd7a95730591cfef472bb448ede01d404fb9342555cbc6246bebff399477622
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://84e95da076e33d3921ac34dbc2e8fe22.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Sat, 27 Nov 2021 18:08:49 GMT
x-content-type-options
nosniff
age
264745
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
31137
x-xss-protection
0
last-modified
Sat, 28 Aug 2021 13:24:46 GMT
server
sffe
report-to
{"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type
image/jpeg
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="images-tbn"
expires
Sun, 27 Nov 2022 18:08:49 GMT
shopping
encrypted-tbn2.gstatic.com/ Frame 27AE
34 KB
34 KB
Image
General
Full URL
https://encrypted-tbn2.gstatic.com/shopping?q=tbn:ANd9GcQEp6AXW5C2GAVO21Jej8CGlyGWUq5OithbBOtfZaL63SUsFw&usqp=CAI
Requested by
Host: 84e95da076e33d3921ac34dbc2e8fe22.safeframe.googlesyndication.com
URL: https://84e95da076e33d3921ac34dbc2e8fe22.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8bf199d1c59dbe0ebb318374f67f7e5c1c55b0f82e179b1978774c3583d35b4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://84e95da076e33d3921ac34dbc2e8fe22.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Thu, 25 Nov 2021 15:04:30 GMT
x-content-type-options
nosniff
age
448604
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35114
x-xss-protection
0
last-modified
Tue, 19 Oct 2021 10:05:09 GMT
server
sffe
report-to
{"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type
image/jpeg
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="images-tbn"
expires
Fri, 25 Nov 2022 15:04:30 GMT
shopping
encrypted-tbn1.gstatic.com/ Frame 27AE
23 KB
24 KB
Image
General
Full URL
https://encrypted-tbn1.gstatic.com/shopping?q=tbn:ANd9GcTboPqCfNfjk9GFD8Ej7J-69eK3yb5MU5HpMzJCRyzs18jvu801_QbPgpdmBd4&usqp=CAI
Requested by
Host: 84e95da076e33d3921ac34dbc2e8fe22.safeframe.googlesyndication.com
URL: https://84e95da076e33d3921ac34dbc2e8fe22.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1fd819fb7acd22b23e4fb5b8029ff301a74c7d9803aa8a1f5c5c50bb1aac7eab
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://84e95da076e33d3921ac34dbc2e8fe22.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Wed, 24 Nov 2021 04:41:16 GMT
x-content-type-options
nosniff
age
572398
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
23741
x-xss-protection
0
last-modified
Sun, 13 Jun 2021 11:14:48 GMT
server
sffe
report-to
{"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type
image/jpeg
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="images-tbn"
expires
Thu, 24 Nov 2022 04:41:16 GMT
shopping
encrypted-tbn0.gstatic.com/ Frame 27AE
28 KB
28 KB
Image
General
Full URL
https://encrypted-tbn0.gstatic.com/shopping?q=tbn:ANd9GcRZNjk66jSeq1z379lMrn4LsQ-47BIhchl5O8pEDk34u_fCx5u_gBeJPh8xRA&usqp=CAI
Requested by
Host: 84e95da076e33d3921ac34dbc2e8fe22.safeframe.googlesyndication.com
URL: https://84e95da076e33d3921ac34dbc2e8fe22.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f8ddfc546b9bc7954137e92e16a27d0d980607b37194229312b2f89496dfccc9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://84e95da076e33d3921ac34dbc2e8fe22.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Wed, 24 Nov 2021 13:56:06 GMT
x-content-type-options
nosniff
age
539108
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
28455
x-xss-protection
0
last-modified
Tue, 28 Sep 2021 08:34:22 GMT
server
sffe
report-to
{"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type
image/jpeg
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="images-tbn"
expires
Thu, 24 Nov 2022 13:56:06 GMT
shopping
encrypted-tbn2.gstatic.com/ Frame 27AE
20 KB
20 KB
Image
General
Full URL
https://encrypted-tbn2.gstatic.com/shopping?q=tbn:ANd9GcSqifwUnYJ8iWnfVqFyamd_hSNkvB4NUlDaLimd-aaKeaWAcPYIJu6-fRDWVig&usqp=CAI
Requested by
Host: 84e95da076e33d3921ac34dbc2e8fe22.safeframe.googlesyndication.com
URL: https://84e95da076e33d3921ac34dbc2e8fe22.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8607e1dba8e292c8dcd8bbb94e341f726b410cf61fa1bccf5dc3637b79b1b02e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://84e95da076e33d3921ac34dbc2e8fe22.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Thu, 25 Nov 2021 20:09:13 GMT
x-content-type-options
nosniff
age
430321
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20006
x-xss-protection
0
last-modified
Fri, 20 Nov 2020 23:37:34 GMT
server
sffe
report-to
{"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type
image/jpeg
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="images-tbn"
expires
Fri, 25 Nov 2022 20:09:13 GMT
shopping
encrypted-tbn2.gstatic.com/ Frame 27AE
21 KB
21 KB
Image
General
Full URL
https://encrypted-tbn2.gstatic.com/shopping?q=tbn:ANd9GcS5av6GPv5JuCOK_krvk21ZXtjWqd1C9lJPaoR-xXqZvjAiSdCZAEk4QJ4qqxw&usqp=CAI
Requested by
Host: 84e95da076e33d3921ac34dbc2e8fe22.safeframe.googlesyndication.com
URL: https://84e95da076e33d3921ac34dbc2e8fe22.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f31ca53bcf23097920090516e35a88f95d38c2bf3170e0e209e6383df25031f8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://84e95da076e33d3921ac34dbc2e8fe22.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Tue, 30 Nov 2021 15:59:40 GMT
x-content-type-options
nosniff
age
13294
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
21694
x-xss-protection
0
last-modified
Sat, 26 Dec 2020 07:30:55 GMT
server
sffe
report-to
{"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type
image/jpeg
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="images-tbn"
expires
Wed, 30 Nov 2022 15:59:40 GMT
shopping
encrypted-tbn0.gstatic.com/ Frame 27AE
25 KB
25 KB
Image
General
Full URL
https://encrypted-tbn0.gstatic.com/shopping?q=tbn:ANd9GcRqbeC0nADzhNXLhwi4M0ZgZ_9-SVnsalYq9l9nKRnEISwH6hzKrqC2WlCl5sU&usqp=CAI
Requested by
Host: 84e95da076e33d3921ac34dbc2e8fe22.safeframe.googlesyndication.com
URL: https://84e95da076e33d3921ac34dbc2e8fe22.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1095cbc869aa37c70e64e526342033b0260704548ef331cf1cf218f427a144bc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://84e95da076e33d3921ac34dbc2e8fe22.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Tue, 30 Nov 2021 13:44:25 GMT
x-content-type-options
nosniff
age
21409
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
25733
x-xss-protection
0
last-modified
Fri, 27 Nov 2020 08:40:35 GMT
server
sffe
report-to
{"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type
image/jpeg
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="images-tbn"
expires
Wed, 30 Nov 2022 13:44:25 GMT
shopping
encrypted-tbn2.gstatic.com/ Frame 27AE
9 KB
9 KB
Image
General
Full URL
https://encrypted-tbn2.gstatic.com/shopping?q=tbn:ANd9GcRtRC4Dlp5T4P_vZELKblL49j1Uo4XLl2Oj16PJeZjRuag2vnTR&usqp=CAI
Requested by
Host: 84e95da076e33d3921ac34dbc2e8fe22.safeframe.googlesyndication.com
URL: https://84e95da076e33d3921ac34dbc2e8fe22.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
81ab60093a572306ea4faeb5763d2640593e2f9960ed82b0a231cc75db9953bb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://84e95da076e33d3921ac34dbc2e8fe22.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Wed, 24 Nov 2021 09:55:02 GMT
x-content-type-options
nosniff
age
553572
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
8961
x-xss-protection
0
last-modified
Fri, 10 Jul 2020 08:37:31 GMT
server
sffe
report-to
{"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type
image/png
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="images-tbn"
expires
Thu, 24 Nov 2022 09:55:02 GMT
adview
securepubads.g.doubleclick.net/pagead/ Frame 27AE
0
0
Fetch
General
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=CEGmHWX6mYaiaMLTX7_UPtMOKmAHo0-7oZoH8lfWdDtrK3cXZKRABIKLf0SBgleKQgqAHoAHrzcH7AcgBCeACAKgDAcgDmwSqBKkCT9ABfXST8k7I6YGtM0f6pQwUcmj2ZxZaOAoue4udHlXicQPscEuwRFMQ08DTj_N628YUy8iKzuK4OlbDwL79gFVwo9dO9Ii5CW3yri8-uEA1U_sxcplxVsSp7beDk5CCeQqo66zEQsCN6zItlHw27oAFXAiu7bKEQO4p7HWSS2awRQrcW4r8CoANdRZj0r-PNdK0Tko7P-Fc2NgNYmhpibEmCjS8hT0E4WrNxc6JbyPw5Hfx7uPF-T2ls2Ec_cEqk-W5zqm27irUiH4_MyZx-56YTLJjDoqqJgXZqs1dLlr-4AP4jGTgvNVJFb-zz3vjwqEa0ujdlUTKNlNXVXRFP4oArBgcd5THHuOA_B0katuUizB8HLuUUu5fyI-l8MVidVoOZZsBdAHDwASr9OTu5gPgBAGSBQQIBBgBkgUECAUYBJIFBAgFGBiSBQUIBRioAaAGLoAHze2u5wKoB47OG6gHk9gbqAfulrECqAf-nrECqAemvhvYBwDyBwQQ8-ID0ggJCIjhgBAQARgdgAoByAsB2BMO0BUBgBcBshceChwIABIUcHViLTYyNTExNTU2MDcyNzUzNDQY8vQU&sigh=WZjV-klwePo&uach_m=[UACH]&template_id=494
Requested by
Host: 84e95da076e33d3921ac34dbc2e8fe22.safeframe.googlesyndication.com
URL: https://84e95da076e33d3921ac34dbc2e8fe22.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
/
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://84e95da076e33d3921ac34dbc2e8fe22.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

gtm.js
www.googletagmanager.com/ Frame 48D0
81 KB
31 KB
Script
General
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-TBMT2SF
Requested by
Host: adv.office-partner.de
URL: https://adv.office-partner.de/?utm_source=webgains&utm_campaign=webgains
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
d53996bb9cbdd1c2856522faccc16250a296942fecc92f8dde81109c7547aa7c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://adv.office-partner.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Tue, 30 Nov 2021 19:41:14 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
32169
x-xss-protection
0
last-modified
Tue, 30 Nov 2021 18:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Tue, 30 Nov 2021 19:41:14 GMT
truncated
/ Frame 27AE
213 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
3711272b4e0b88a53fd70a9833516e0df726443df4d5303e85d31de28d6a1fae

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Content-Type
image/png
pvClk.min.js
analytics.webgains.io/ Frame A3FD
51 KB
51 KB
Script
General
Full URL
https://analytics.webgains.io/pvClk.min.js
Requested by
Host: track.webgains.com
URL: https://track.webgains.com/link.html?wglinkid=2513145&wgcampaignid=99582&js=1&viewref=43926000204209700710616011794002&nw=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.248.39 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
c6ce2b47cde7cf913a3c34ddce355fa9c75012577dd34c35928add8676cb7fa0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://84e95da076e33d3921ac34dbc2e8fe22.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-amz-version-id
wvDglZsFnxZ0eZ1mUErJkFMo1VNidWYJ
via
1.1 63d9e08bce2adee06986125b699b4cec.cloudfront.net (CloudFront)
last-modified
Tue, 09 Nov 2021 11:05:10 GMT
server
AmazonS3
age
52109
etag
"ec0ced40cbb5211db06b8a36f209e442"
x-cache
Hit from cloudfront
content-type
application/javascript
date
Tue, 30 Nov 2021 05:12:46 GMT
x-amz-cf-pop
DUS51-P1
accept-ranges
bytes
content-length
51794
x-amz-cf-id
gtd6exl6-GLl0tYZs5hjH4N2cU5otR9KyXPZ0srqxa2dAZc23Od5OQ==
link.html
track.webgains.com/ Frame A3FD
3 KB
3 KB
Image
General
Full URL
https://track.webgains.com/link.html?wgcampaignid=99582&viewref=20132000203074000710616011794022&wglinkid=2513145
Requested by
Host: 84e95da076e33d3921ac34dbc2e8fe22.safeframe.googlesyndication.com
URL: https://84e95da076e33d3921ac34dbc2e8fe22.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_CBC
Server
46.236.13.147 , United Kingdom, ASN12703 (PULSANT-AS, GB),
Reverse DNS
46-236-13-147.servers.dedipower.net
Software
Apache /
Resource Hash
232d3fbf590a584138bb563319747dbef0c9e41db91f19ff45d41e785a5f4f98

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://84e95da076e33d3921ac34dbc2e8fe22.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 30 Nov 2021 19:41:14 GMT
Last-Modified
Tue, 30 Nov 2021 19:41:14 GMT
Server
Apache
P3P
policyref="http://www.webgains.com/w3c/p3p.xml", CP="NON DSP COR NID ADM DEV CURi OUR NOR COM NAV"
X-WG-cache
hit
Cache-Control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection
close
Content-Type
image/png
Content-Length
2808
Expires
Mon, 26 Jul 1997 05:00:00 GMT
dc_pre=CITK_uvrwPQCFcREHQkddTYD6A;src=8019191;type=invmedia;cat=1up4h04i;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=2794780153201.4395
adservice.google.com/ddm/fls/z/ Frame 6BFA
42 B
63 B
Image
General
Full URL
https://adservice.google.com/ddm/fls/z/dc_pre=CITK_uvrwPQCFcREHQkddTYD6A;src=8019191;type=invmedia;cat=1up4h04i;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=2794780153201.4395
Requested by
Host: 8019191.fls.doubleclick.net
URL: https://8019191.fls.doubleclick.net/activityi;dc_pre=CITK_uvrwPQCFcREHQkddTYD6A;src=8019191;type=invmedia;cat=1up4h04i;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=2794780153201.4395?
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://8019191.fls.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 30 Nov 2021 19:41:14 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 27AE
0
20 B
Ping
General
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=mys&d=CgcIByoDd2ViCgcICCoDbHRyChEIASoNdG93ZXIyLXNxdWFyZQoKCAIqBnNlcnZlcgotCAQqKW15c2lkaWFfYW5hbHl0aWNzX2V4cDMscmRhX3B1Yl9jbG9zZV90ZXh0Cg0QKyEAAAAAAAA4QDAECg0QAyEAAAAwM5NfQDAECg0QCiEAAAAAzcz8PzAECg0QDSEAAAAAAAAAADAECg0QHioHMzAweDYwMDAECg0QGSoHMzAweDYwMDAECg0QDiEAAAAAAAAAADAECg0QBCEAAABmZhZgQDAECg0QDyEAAAAAAAAAADAECg0QKyEAAAAAAAA8QDAECg0QBSEAAACYmRlgQDAECg0QECEAAAAAAKCqQDAECg0QESEAAAAAgAPNQDAECg0QEiEAAAAAAAAUQDAECg0QEyEAAAAAAAAIQDAECg0QFyEAAAAyM6NiQDAEEhpDT2lxMXV2cndQUUNGYlRydXdnZHRLRUNFdyISZ3BhL21heGltYWxfdjFfb2NoKAw=
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/mysidia/e896defd9da58cd70544d59688f4a346.js?tag=pingback
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://84e95da076e33d3921ac34dbc2e8fe22.safeframe.googlesyndication.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Tue, 30 Nov 2021 19:41:14 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame B6F2
42 B
64 B
Fetch
General
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjst3uPTOkKODuOcW7YwkLzMbhJg4cjG6Ak-W337jbRDEBtYx6UhkZYYtIQDmh7LUqyAHVtF3PaZ5hszDIwqAIfFedFdO5et3j9SO59IEcX5lNXqE3xjI&sig=Cg0ArKJSzApxVeUpg2_TEAE&id=lidar2&mcvt=1000&p=56,606,146,1334&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20211110&bin=7&avms=nio&bs=1600,1200&mc=1&app=0&itpl=3&adk=3305512707&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0%3D&vs=4&r=v&rst=1638301273560&rpt=156&isd=0&lsd=0&met=mue&wmsd=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://thedailyblog.co.nz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 30 Nov 2021 19:41:14 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ea8FacM9Wef3EJPWRrHjgE4B6CnlZxHVDv79oQ.woff2
fonts.gstatic.com/s/googlesansdisplay/v15/ Frame 27AE
20 KB
20 KB
Font
General
Full URL
https://fonts.gstatic.com/s/googlesansdisplay/v15/ea8FacM9Wef3EJPWRrHjgE4B6CnlZxHVDv79oQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%20Display%3A400
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
475700259e64d480d1a70023e14741bb298a025e338bb608552e2472d4505a65
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://84e95da076e33d3921ac34dbc2e8fe22.safeframe.googlesyndication.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Wed, 24 Nov 2021 09:49:59 GMT
x-content-type-options
nosniff
age
553875
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20900
x-xss-protection
0
last-modified
Mon, 19 Apr 2021 22:53:16 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Thu, 24 Nov 2022 09:49:59 GMT
sodar
pagead2.googlesyndication.com/getconfig/
12 KB
9 KB
XHR
General
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2021111701&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021111701.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
47869a51a42b38b3af59eabcb26553fea0373fa1e0a6155e2a1ed11d2ecfbd7b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://thedailyblog.co.nz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 30 Nov 2021 19:41:14 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9232
x-xss-protection
0
sodar2.js
tpc.googlesyndication.com/sodar/
17 KB
6 KB
Script
General
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021111701.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a5ead9037af4a0e749e217f63b25a25493a7705e17d98f04b336ab1370a353db
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://thedailyblog.co.nz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Tue, 30 Nov 2021 19:41:14 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1624308425655142"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6467
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="adspam-signals-scs"
expires
Tue, 30 Nov 2021 19:41:14 GMT
container.html
84e95da076e33d3921ac34dbc2e8fe22.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame B756
6 KB
3 KB
Document
General
Full URL
https://84e95da076e33d3921ac34dbc2e8fe22.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021111701.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://thedailyblog.co.nz/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin
*
content-length
3108
date
Tue, 30 Nov 2021 19:41:12 GMT
expires
Wed, 30 Nov 2022 19:41:12 GMT
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, immutable, max-age=31536000
age
2
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
runner.html
tpc.googlesyndication.com/sodar/sodar2/224/ Frame A1F2
12 KB
5 KB
Document
General
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4fa0156d693856f79289525c8e4db988a188d55ce0283351c96d811c7ce3e2c3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://thedailyblog.co.nz/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy-report-only
same-origin; report-to="adspam-signals-scs"
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-length
5029
date
Tue, 30 Nov 2021 19:17:14 GMT
expires
Wed, 30 Nov 2022 19:17:14 GMT
last-modified
Wed, 02 Jun 2021 17:09:45 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, max-age=31536000
age
1440
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
aframe
www.google.com/recaptcha/api2/ Frame DC6B
783 B
535 B
Document
General
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
9be859d5d10da790bbc506d3987dceb1dbd9b7f9210d9fa0abec298e58893275
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-PbVGc/1jK+elk9LrkADh7A' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://thedailyblog.co.nz/

Response headers

cross-origin-resource-policy
cross-origin
cross-origin-embedder-policy
require-corp
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
expires
Tue, 30 Nov 2021 19:41:14 GMT
date
Tue, 30 Nov 2021 19:41:14 GMT
cache-control
private, max-age=300
content-type
text/html; charset=utf-8
content-security-policy
script-src 'report-sample' 'nonce-PbVGc/1jK+elk9LrkADh7A' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding
gzip
x-content-type-options
nosniff
x-xss-protection
1; mode=block
content-length
513
server
GSE
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
css
fonts.googleapis.com/ Frame B756
2 KB
532 B
Stylesheet
General
Full URL
https://fonts.googleapis.com/css?family=Google%20Sans%20Display%3A400
Requested by
Host: 84e95da076e33d3921ac34dbc2e8fe22.safeframe.googlesyndication.com
URL: https://84e95da076e33d3921ac34dbc2e8fe22.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
e89a316ebf1c63ea09e2b7b5889fb55e1ffb326c7b2b172027da0948f5709f6a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://84e95da076e33d3921ac34dbc2e8fe22.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Tue, 30 Nov 2021 17:45:36 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Tue, 30 Nov 2021 19:41:14 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Tue, 30 Nov 2021 19:41:14 GMT
load_preloaded_resource_fy2019.js
tpc.googlesyndication.com/pagead/js/r20211111/r20110914/client/ Frame B756
1 KB
890 B
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20211111/r20110914/client/load_preloaded_resource_fy2019.js
Requested by
Host: 84e95da076e33d3921ac34dbc2e8fe22.safeframe.googlesyndication.com
URL: https://84e95da076e33d3921ac34dbc2e8fe22.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
b4a25f11fbb1e2b547eaf848472f9c048824e307a945f3a0417aac7b09d0456e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://84e95da076e33d3921ac34dbc2e8fe22.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Tue, 30 Nov 2021 19:40:12 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
62
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
853
x-xss-protection
0
server
cafe
etag
7170004918125193417
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 14 Dec 2021 19:40:12 GMT
adview
securepubads.g.doubleclick.net/pagead/ Frame B756
0
0
Fetch
General
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=C83oKWn6mYbHIEZmf7_UPuYyluAvBjK3qZtz5l-yBDtrK3cXZKRABIKLf0SBgleKQgqAHoAHrzcH7AcgBCeACAKgDAcgDmwSqBJ0CT9BY-6zGBYS_awFUgbsiJ1MlmDRmL9JEQtMz_RKDhXApqyefeKKKkWZuXT3ivnBBAjG5ZgjrygDB_AIjPHtUQKfS-C6ojmEhuvb0PY2UqM08SL6IU_I_rUnfcIocUFPx-qfry_32PELGoqj9Wn2WePQKppAQWLrwLc7KdXmnEXwuw0vLiPGZM1Sw09u44VknzYCi_2yaI8j5a1FEEoju8ujEgpwV0Q1tb0rempZTlFj65ohv5ttPfp8GWyLeCwx1TPGD8i-JZ_k0YiNjmDBYP7nmbWc26lmhpcb6z-1nP0bhvDAHQn0Q8tC8A4vDErDF6mLf7C-X3W8ms__ZLBm4jiPsuQP6PP3ZPS46tQ0KTkUfwe-0Ual9ad0AmkxXwATB78f61QPgBAGSBQQIBBgBkgUECAUYBJIFBAgFGBiSBQUIBRioAaAGLoAHze2u5wKoB47OG6gHk9gbqAfulrECqAf-nrECqAemvhvYBwDyBwQQ1bwE0ggJCIjhgBAQARgdgAoByAsB2BMO0BUBgBcBshceChwIABIUcHViLTYyNTExNTU2MDcyNzUzNDQY8vQU&sigh=6jbzEGERs_0&uach_m=[UACH]&template_id=494
Requested by
Host: thedailyblog.co.nz
URL: https://thedailyblog.co.nz/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
/
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://84e95da076e33d3921ac34dbc2e8fe22.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

abg_lite_fy2019.js
tpc.googlesyndication.com/pagead/js/r20211111/r20110914/ Frame B756
19 KB
8 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20211111/r20110914/abg_lite_fy2019.js
Requested by
Host: 84e95da076e33d3921ac34dbc2e8fe22.safeframe.googlesyndication.com
URL: https://84e95da076e33d3921ac34dbc2e8fe22.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
65623c8434f7dadaba113a4521a101729ee3e6635e4412f2ccc99fbe6412d15e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://84e95da076e33d3921ac34dbc2e8fe22.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Tue, 30 Nov 2021 19:39:58 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
76
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7840
x-xss-protection
0
server
cafe
etag
9525834815172239946
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 14 Dec 2021 19:39:58 GMT
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20211111/r20110914/client/ Frame B756
2 KB
1 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20211111/r20110914/client/window_focus_fy2019.js
Requested by
Host: 84e95da076e33d3921ac34dbc2e8fe22.safeframe.googlesyndication.com
URL: https://84e95da076e33d3921ac34dbc2e8fe22.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
36eb26e781bd5df368210633ce1197df38df32820e93c18e48afb04ad1cea627
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://84e95da076e33d3921ac34dbc2e8fe22.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Tue, 30 Nov 2021 19:40:06 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
68
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1332
x-xss-protection
0
server
cafe
etag
3351516697335751560
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 14 Dec 2021 19:40:06 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame B756
119 KB
36 KB
Script
General
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: 84e95da076e33d3921ac34dbc2e8fe22.safeframe.googlesyndication.com
URL: https://84e95da076e33d3921ac34dbc2e8fe22.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8aa335ad864ac08058c857f05f31cc4c1853a014859bd8ebff6d2a54e05813e8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://84e95da076e33d3921ac34dbc2e8fe22.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Tue, 30 Nov 2021 19:41:14 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
37119
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1636547677202025"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Tue, 30 Nov 2021 19:41:14 GMT
qs_click_protection_fy2019.js
tpc.googlesyndication.com/pagead/js/r20211111/r20110914/client/ Frame B756
15 KB
6 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20211111/r20110914/client/qs_click_protection_fy2019.js
Requested by
Host: 84e95da076e33d3921ac34dbc2e8fe22.safeframe.googlesyndication.com
URL: https://84e95da076e33d3921ac34dbc2e8fe22.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e7907336273196ef7b66c3c9377e5958d4c7e9691de3e67dca3a803138344a00
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://84e95da076e33d3921ac34dbc2e8fe22.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Tue, 30 Nov 2021 19:40:44 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
30
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6415
x-xss-protection
0
server
cafe
etag
16810888504096353422
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 14 Dec 2021 19:40:44 GMT
163b3e9c260ab6fd774ac5b5c6fd1d76.js
www.gstatic.com/mysidia/ Frame B756
27 KB
11 KB
Script
General
Full URL
https://www.gstatic.com/mysidia/163b3e9c260ab6fd774ac5b5c6fd1d76.js?tag=mysidia_one_click_handler_one_afma_2019
Requested by
Host: 84e95da076e33d3921ac34dbc2e8fe22.safeframe.googlesyndication.com
URL: https://84e95da076e33d3921ac34dbc2e8fe22.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
de418fdfa1d02a219d049bb1cd8562182c4201c67f6b9d0e2f67f21a476e1096
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://84e95da076e33d3921ac34dbc2e8fe22.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Tue, 30 Nov 2021 16:53:57 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
10037
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11360
x-xss-protection
0
last-modified
Tue, 16 Nov 2021 04:29:01 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="mysidia"
vary
Accept-Encoding
report-to
{"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type
text/javascript
cache-control
public, max-age=7776000
accept-ranges
bytes
expires
Mon, 28 Feb 2022 16:53:57 GMT
shopping
encrypted-tbn2.gstatic.com/ Frame B756
27 KB
27 KB
Image
General
Full URL
https://encrypted-tbn2.gstatic.com/shopping?q=tbn:ANd9GcTknpWYO9yAAr5lIZ8gxgutoXZs2ykLYZE_jOuBiYlbxVKbS2V5495Xel6df1c&usqp=CAI
Requested by
Host: 84e95da076e33d3921ac34dbc2e8fe22.safeframe.googlesyndication.com
URL: https://84e95da076e33d3921ac34dbc2e8fe22.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f3032aa2e11e011c57a42b15acd7f194bd22b6bcc23a8332c32b12fb7edf6100
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://84e95da076e33d3921ac34dbc2e8fe22.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Thu, 25 Nov 2021 10:55:47 GMT
x-content-type-options
nosniff
age
463527
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
27202
x-xss-protection
0
last-modified
Sun, 24 Oct 2021 02:09:11 GMT
server
sffe
report-to
{"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type
image/jpeg
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="images-tbn"
expires
Fri, 25 Nov 2022 10:55:47 GMT
shopping
encrypted-tbn3.gstatic.com/ Frame B756
20 KB
20 KB
Image
General
Full URL
https://encrypted-tbn3.gstatic.com/shopping?q=tbn:ANd9GcRi_eIxA3LS_ergiO-2U_ug7qN1SenUphSG3LEwGCCXZVFXfqkDHm6qc_Lbm3w&usqp=CAI
Requested by
Host: 84e95da076e33d3921ac34dbc2e8fe22.safeframe.googlesyndication.com
URL: https://84e95da076e33d3921ac34dbc2e8fe22.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f122e1f3ea83bac5fea8db8fdd7af1f80f5bce1570eae99ed71c85ff746e07f3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://84e95da076e33d3921ac34dbc2e8fe22.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 26 Nov 2021 18:06:33 GMT
x-content-type-options
nosniff
age
351281
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20767
x-xss-protection
0
last-modified
Thu, 21 Oct 2021 10:38:42 GMT
server
sffe
report-to
{"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type
image/jpeg
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="images-tbn"
expires
Sat, 26 Nov 2022 18:06:33 GMT
shopping
encrypted-tbn2.gstatic.com/ Frame B756
34 KB
34 KB
Image
General
Full URL
https://encrypted-tbn2.gstatic.com/shopping?q=tbn:ANd9GcSuboKwciQC3d6rLA6QyIyBtgU6uhiFvY-Djis0Li72F_O2OHqEZiNPVLYVE-M&usqp=CAI
Requested by
Host: 84e95da076e33d3921ac34dbc2e8fe22.safeframe.googlesyndication.com
URL: https://84e95da076e33d3921ac34dbc2e8fe22.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0af876e881d62be795f61e9546668851e1f8959d1186a1d06e7bade17558f8b0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://84e95da076e33d3921ac34dbc2e8fe22.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Thu, 25 Nov 2021 16:23:22 GMT
x-content-type-options
nosniff
age
443872
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
34639
x-xss-protection
0
last-modified
Tue, 28 Sep 2021 08:50:39 GMT
server
sffe
report-to
{"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type
image/jpeg
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="images-tbn"
expires
Fri, 25 Nov 2022 16:23:22 GMT
shopping
encrypted-tbn1.gstatic.com/ Frame B756
36 KB
36 KB
Image
General
Full URL
https://encrypted-tbn1.gstatic.com/shopping?q=tbn:ANd9GcRJ5qpl_tTf2vSzS27OZGOGzsbTJ4Bdjrv4Y9_n5k_w1G76rqPjNlXoDA6PQ2g&usqp=CAI
Requested by
Host: 84e95da076e33d3921ac34dbc2e8fe22.safeframe.googlesyndication.com
URL: https://84e95da076e33d3921ac34dbc2e8fe22.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c15dc602c7f26db362b306eb32adbfc51a1472752095059b748bc8e3fff59661
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://84e95da076e33d3921ac34dbc2e8fe22.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Sat, 27 Nov 2021 11:29:39 GMT
x-content-type-options
nosniff
age
288695
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
37076
x-xss-protection
0
last-modified
Sun, 14 Nov 2021 01:35:29 GMT
server
sffe
report-to
{"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type
image/jpeg
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="images-tbn"
expires
Sun, 27 Nov 2022 11:29:39 GMT
shopping
encrypted-tbn3.gstatic.com/ Frame B756
15 KB
15 KB
Image
General
Full URL
https://encrypted-tbn3.gstatic.com/shopping?q=tbn:ANd9GcRM4ApgmkG6fDGe7YMlVC3nZXntVeCfleoae5MT90P4Fl6HVpVNLWvub-J16Q&usqp=CAI
Requested by
Host: 84e95da076e33d3921ac34dbc2e8fe22.safeframe.googlesyndication.com
URL: https://84e95da076e33d3921ac34dbc2e8fe22.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b014d8cb57db6f068a5005f39ab92efb138a9c3b11f30016effe7bbd9d4c3ef7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://84e95da076e33d3921ac34dbc2e8fe22.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Wed, 24 Nov 2021 19:11:21 GMT
x-content-type-options
nosniff
age
520193
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15560
x-xss-protection
0
last-modified
Wed, 08 Sep 2021 19:14:33 GMT
server
sffe
report-to
{"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type
image/jpeg
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="images-tbn"
expires
Thu, 24 Nov 2022 19:11:21 GMT
shopping
encrypted-tbn0.gstatic.com/ Frame B756
19 KB
19 KB
Image
General
Full URL
https://encrypted-tbn0.gstatic.com/shopping?q=tbn:ANd9GcTQx82cxGXhMUT6QUydhZh5a5ZhrWRQvqeDHKoIA5ozgJossRfk77EI_RBeZg&usqp=CAI
Requested by
Host: 84e95da076e33d3921ac34dbc2e8fe22.safeframe.googlesyndication.com
URL: https://84e95da076e33d3921ac34dbc2e8fe22.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a80193f67e5045f2bb3bd3f002cdddd1a0ed75889381a590ff8379a57afba564
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://84e95da076e33d3921ac34dbc2e8fe22.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Tue, 30 Nov 2021 16:00:56 GMT
x-content-type-options
nosniff
age
13218
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
19672
x-xss-protection
0
last-modified
Thu, 05 Aug 2021 11:20:17 GMT
server
sffe
report-to
{"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type
image/jpeg
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="images-tbn"
expires
Wed, 30 Nov 2022 16:00:56 GMT
shopping
encrypted-tbn2.gstatic.com/ Frame B756
9 KB
9 KB
Image
General
Full URL
https://encrypted-tbn2.gstatic.com/shopping?q=tbn:ANd9GcRtRC4Dlp5T4P_vZELKblL49j1Uo4XLl2Oj16PJeZjRuag2vnTR&usqp=CAI
Requested by
Host: 84e95da076e33d3921ac34dbc2e8fe22.safeframe.googlesyndication.com
URL: https://84e95da076e33d3921ac34dbc2e8fe22.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
81ab60093a572306ea4faeb5763d2640593e2f9960ed82b0a231cc75db9953bb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://84e95da076e33d3921ac34dbc2e8fe22.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Wed, 24 Nov 2021 09:55:02 GMT
x-content-type-options
nosniff
age
553572
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
8961
x-xss-protection
0
last-modified
Fri, 10 Jul 2020 08:37:31 GMT
server
sffe
report-to
{"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type
image/png
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="images-tbn"
expires
Thu, 24 Nov 2022 09:55:02 GMT
Ydwwnsiz0RrvfpNl89rQqoBRiFg6eVxNIdbgsmjvwYM.js
pagead2.googlesyndication.com/bg/ Frame A1F2
35 KB
13 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/bg/Ydwwnsiz0RrvfpNl89rQqoBRiFg6eVxNIdbgsmjvwYM.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61dc309ec8b3d11aef7e9365f3dad0aa805188583a795c4d21d6e0b268efc183
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Mon, 29 Nov 2021 18:29:59 GMT
content-encoding
br
x-content-type-options
nosniff
age
90675
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13476
x-xss-protection
0
last-modified
Mon, 08 Nov 2021 11:58:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Tue, 29 Nov 2022 18:29:59 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame DC6B
0
0
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=224&li=gpt_2021111701&jk=2771262642247056&rc=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

gen_204
pagead2.googlesyndication.com/pagead/ Frame 27AE
0
20 B
Ping
General
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=mys&d=CgcIByoDd2ViCgcICCoDbHRyChEIASoNdG93ZXIyLXNxdWFyZQoKCAIqBnNlcnZlcgotCAQqKW15c2lkaWFfYW5hbHl0aWNzX2V4cDMscmRhX3B1Yl9jbG9zZV90ZXh0Cg0QFCEAAAAAAAPSQDAECg0QFSEAAAAAAAA1QDAECg0QFiEAAAAAAAAwQDAECg0QGCEAAAAAAHB3QDAEEhpDT2lxMXV2cndQUUNGYlRydXdnZHRLRUNFdyISZ3BhL21heGltYWxfdjFfb2NoKAw=
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/mysidia/e896defd9da58cd70544d59688f4a346.js?tag=pingback
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://84e95da076e33d3921ac34dbc2e8fe22.safeframe.googlesyndication.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Tue, 30 Nov 2021 19:41:14 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
log_event
www.youtube.com/youtubei/v1/ Frame CD20
28 B
54 B
XHR
General
Full URL
https://www.youtube.com/youtubei/v1/log_event?alt=json&key=AIzaSyAO_FJ2SlqU8Q4STEHLGCilw_Y9_11qcW8
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/10df06bb/www-embed-player.vflset/www-embed-player.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
scaffolding on HTTPServer2 /
Resource Hash
d7d5e54ad1e33d7ab49c664323ced79cb9723ff15e9764cd0edc3e15208e8336
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type
application/json
X-YouTube-Utc-Offset
0
X-YouTube-Client-Name
56
Referer
https://www.youtube.com/embed/mG3nm_a0D0U
X-YouTube-Client-Version
1.20211121.00.02
X-YouTube-Time-Zone
Etc/Unknown
X-Goog-Visitor-Id
Cgs0T0JlTVFJaXkyNCjX_JmNBg%3D%3D
X-YouTube-Ad-Signals
dt=1638301272338&flash=0&frm=2&u_tz&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&bc=31&bih=-12245933&biw=-12245933&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C250%2C141&vis=1&wgl=true&ca_type=image&bid=ANyPxKrlQ2k6MXO5mhKiQA-m6yoUax5s1Iy11wMsm-F1ttYdgdKyq0TXAXuglUkrwgm5h4xsDvgYq0D2QnCALndQsUQVUw8EOQ

Response headers

date
Tue, 30 Nov 2021 19:41:14 GMT
content-encoding
br
x-content-type-options
nosniff
server
scaffolding on HTTPServer2
x-frame-options
SAMEORIGIN
vary
Origin, X-Origin, Referer
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control
private
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
31
x-xss-protection
0
expires
Tue, 30 Nov 2021 19:41:14 GMT
truncated
/ Frame B756
216 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
50568b5ea04f2c1cee70034645cf9b46ded5eebe3fbbb96fec6db860946e2efc

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Content-Type
image/png
ea8FacM9Wef3EJPWRrHjgE4B6CnlZxHVDv79oQ.woff2
fonts.gstatic.com/s/googlesansdisplay/v15/ Frame B756
20 KB
20 KB
Font
General
Full URL
https://fonts.gstatic.com/s/googlesansdisplay/v15/ea8FacM9Wef3EJPWRrHjgE4B6CnlZxHVDv79oQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%20Display%3A400
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
475700259e64d480d1a70023e14741bb298a025e338bb608552e2472d4505a65
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://84e95da076e33d3921ac34dbc2e8fe22.safeframe.googlesyndication.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Wed, 24 Nov 2021 09:49:59 GMT
x-content-type-options
nosniff
age
553876
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20900
x-xss-protection
0
last-modified
Mon, 19 Apr 2021 22:53:16 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Thu, 24 Nov 2022 09:49:59 GMT
log_event
www.youtube.com/youtubei/v1/ Frame C51A
28 B
55 B
XHR
General
Full URL
https://www.youtube.com/youtubei/v1/log_event?alt=json&key=AIzaSyAO_FJ2SlqU8Q4STEHLGCilw_Y9_11qcW8
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/10df06bb/www-embed-player.vflset/www-embed-player.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
scaffolding on HTTPServer2 /
Resource Hash
d7d5e54ad1e33d7ab49c664323ced79cb9723ff15e9764cd0edc3e15208e8336
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type
application/json
X-YouTube-Utc-Offset
0
X-YouTube-Client-Name
56
Referer
https://www.youtube.com/embed/cvga01tHYRc?autoplay=0&enablejsapi=1&origin=https%3A%2F%2Fthedailyblog.co.nz&widgetid=1
X-YouTube-Client-Version
1.20211121.00.02
X-YouTube-Time-Zone
Etc/Unknown
X-Goog-Visitor-Id
Cgs0T0JlTVFJaXkyNCjY_JmNBg%3D%3D
X-YouTube-Ad-Signals
dt=1638301272677&flash=0&frm=2&u_tz&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&bc=31&bih=-12245933&biw=-12245933&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C409&vis=1&wgl=true&ca_type=image&bid=ANyPxKr2kYCiPA59CGXYfo81bIKuJ1jB57o3jvkGZucFtAfJbxw50BczRJmwjnZpnNT2qWZkG2dVeagUspCST6LFQWoeXg8xew

Response headers

date
Tue, 30 Nov 2021 19:41:15 GMT
content-encoding
br
x-content-type-options
nosniff
server
scaffolding on HTTPServer2
x-frame-options
SAMEORIGIN
vary
Origin, X-Origin, Referer
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control
private
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
31
x-xss-protection
0
expires
Tue, 30 Nov 2021 19:41:15 GMT
tracking-event
api.webgains.io/ Frame A3FD
16 B
232 B
Fetch
General
Full URL
https://api.webgains.io/tracking-event
Requested by
Host: analytics.webgains.io
URL: https://analytics.webgains.io/pvClk.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.247.11.162 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-247-11-162.eu-west-1.compute.amazonaws.com
Software
nginx / PHP/7.4.25
Resource Hash
c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://84e95da076e33d3921ac34dbc2e8fe22.safeframe.googlesyndication.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type
application/json

Response headers

date
Tue, 30 Nov 2021 19:41:15 GMT
x-content-type-options
nosniff
server
nginx
x-powered-by
PHP/7.4.25
x-frame-options
SAMEORIGIN
content-type
application/json
access-control-allow-origin
*
cache-control
no-cache, private
x-xss-protection
1; mode=block
tracking-event
api.webgains.io/ Frame
0
0
Preflight
General
Full URL
https://api.webgains.io/tracking-event
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.247.11.162 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-247-11-162.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type
Origin
https://84e95da076e33d3921ac34dbc2e8fe22.safeframe.googlesyndication.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

date
Tue, 30 Nov 2021 19:41:15 GMT
server
nginx
access-control-allow-origin
*
access-control-allow-headers
Content-Type
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
gen_204
pagead2.googlesyndication.com/pagead/
0
20 B
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=224&t=2&li=gpt_2021111701&jk=2771262642247056&bg=!w8ClwITNAAZQLpa_UC47ACkAdvg8Wuh-8bPQzn1b77YrI7IkRDgEiLVZh1BxXdh0UE5WBKSALvNImAIAAABiUgAAALdoAQcKAMuGqbeGKFL9jDkMXaAXOQYxAOF3JSypKMRODHSq15bML2SuIVnDl50GgZgjzcr8vQ2VWVV9zg_VFENp2wPGbR20GAEFD3XYEUA6D6iWiRPE2QHiT8jruGD8iBnaLqHZJc8MkgqkxxvABRkb1im3wYNLPV6uWPE6vKCkmRIBwPmd1NysCAeDyEI8kAU8tl4_yX5uXyFhP1KY1CCLo7OJMEBbzhRhRAvIm2EtUPQrBRvdXW2c-GWhb5mJNJc8iTfUT-_saa4RL7pjuzh7DJkChaydd5N_d1cmiEF6Ge0VHNso2_LG8CNEbekRfTmKgQHitrBHzWI0Lvqv8svsF87aTbM2U4di3GXxLLphBhUV3ndqRzxryRjlHyrLfIquOlZY_TUL6oKTRGX3w-Rq6gvHrRJPvc12pNGYtLyTMWPCqDXKQI45YRUb7OFo4a8mJvsUrpnkamP1AXgeNjoiFIt3PQlxBEMDuzcGeyz_MAzTf56YBjFWaq0zTpI5W-0nBgiZVNu_osNYnSl5Re3KKoFN1Qfxup2dy2hOQ36YLp4zjrJaXF1AzTFDKoNwNaEsdVmp4qrKeFVXW4Op29fQq2dxxPC5iMkC_h55MdJ4XBPPHqFp1QNFgGgTyQjoxl7DzHEpgvxSb-DoiTM28OqYo7lwpPziRj0pLz5vzHYX1vdrmAGFsyGyXN3eMLxDOwjx1qmpuh9Bzw2f0pCZVv2hdFj41qVcSEmHPr6FZaYru9ec6lti6vGVMHM8TGIWJt_6akrG2kre_19It6D5dupPZwZKFn2Xdo1xdWbAyL4ZW4zxTFATnPRBrNhYEIF4j9iGdNvWah-Hy7Vv2jo5QharV9kU5nIv79vbbmXyKSZrqdMZzC3bWmKFUh3eP2OmifWTw_0lPOWjkplZyxmcdYFPE3M2va_Q3AC5sp29HVePUga6D8lJJTxMpxEL0jwI3DEm-VFPK2XhPOe8fvH3p2qqSi6rD9tAMszvJdyHwNYzGVyngrJvKwTjbPO5Rqaazi8TcBCIbkEiqD6C1IhCXTcJHQTP3vWOE0heODHNwJlagTQCp9HsnjA8V3hqm7nezkExEH4WfzuaX6GlM-pxtSMKh7SzWqdf8w0SIByzINc92AtyePjZcQyFvw
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://thedailyblog.co.nz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 30 Nov 2021 19:41:15 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
84e95da076e33d3921ac34dbc2e8fe22.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame D222
6 KB
3 KB
Document
General
Full URL
https://84e95da076e33d3921ac34dbc2e8fe22.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021111701.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://thedailyblog.co.nz/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin
*
content-length
3108
date
Tue, 30 Nov 2021 19:41:12 GMT
expires
Wed, 30 Nov 2022 19:41:12 GMT
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, immutable, max-age=31536000
age
3
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
css
fonts.googleapis.com/ Frame D222
2 KB
532 B
Stylesheet
General
Full URL
https://fonts.googleapis.com/css?family=Google%20Sans%20Display%3A400
Requested by
Host: 84e95da076e33d3921ac34dbc2e8fe22.safeframe.googlesyndication.com
URL: https://84e95da076e33d3921ac34dbc2e8fe22.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
e89a316ebf1c63ea09e2b7b5889fb55e1ffb326c7b2b172027da0948f5709f6a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://84e95da076e33d3921ac34dbc2e8fe22.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Tue, 30 Nov 2021 17:53:24 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Tue, 30 Nov 2021 19:41:15 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Tue, 30 Nov 2021 19:41:15 GMT
load_preloaded_resource_fy2019.js
tpc.googlesyndication.com/pagead/js/r20211111/r20110914/client/ Frame D222
1 KB
890 B
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20211111/r20110914/client/load_preloaded_resource_fy2019.js
Requested by
Host: 84e95da076e33d3921ac34dbc2e8fe22.safeframe.googlesyndication.com
URL: https://84e95da076e33d3921ac34dbc2e8fe22.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
b4a25f11fbb1e2b547eaf848472f9c048824e307a945f3a0417aac7b09d0456e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://84e95da076e33d3921ac34dbc2e8fe22.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Tue, 30 Nov 2021 19:40:12 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
63
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
853
x-xss-protection
0
server
cafe
etag
7170004918125193417
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 14 Dec 2021 19:40:12 GMT
adview
securepubads.g.doubleclick.net/pagead/ Frame D222
0
0
Fetch
General
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=Csl-LWn6mYbf0Lu-e7_UPkOm0uAqY15GcZt_qv5D7DZHOuM2UHRABIKLf0SBgleKQgqAHoAH7lJXKA8gBCakCokL3i4Hfsj7gAgCoAwHIA5sEqgSmAk_Q4863HosdYnjOpNMTNagZHS1wU2oBwC4Ss2gnhhcD2QV__UMpkRN5TrzEZ7iuDfQF79dRNZ0qKL6mr1abCy6U8n_xOtJUsf7DoAdlvCk6kchf3XDtBPLIORkuRhCXu4a0UcY9XObaUC9EmOBbjBf8toENNVFJFEf_CfS9O-riKPQmutfYWs7qpv9G9bt7RyrIsrwOfR9J8O_fd-oSvNQQgeWh5wSfAm8JfNpLVaminQk6i38-Fo1qLXvodZN7Nsg11uEiGM4NGJHjJwBPYFEFrHrCQX3kivTRkQ_JFXTOMzMCS2GdWBKwd71ODbQfk5qfD51MRNgR0LF1pw2_KnHKX9agNQDKcgNUTg65m6idOP2PW-Ju3A33Ssnbl46VC-xkXpgSccAE0JngjMwD4AQBkgUECAQYAZIFBAgFGASSBQQIBRgYkgUFCAUYqAGgBi6AB7_mpoEBqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpr4b2AcA8gcDELpm0ggJCIDhgBAQARgdgAoByAsB2BMC0BUBgBcBshceChwIABIUcHViLTYyNTExNTU2MDcyNzUzNDQY8vQU&sigh=84FnvUZj9V4&uach_m=[UACH]&template_id=494
Requested by
Host: thedailyblog.co.nz
URL: https://thedailyblog.co.nz/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
/
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://84e95da076e33d3921ac34dbc2e8fe22.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

abg_lite_fy2019.js
tpc.googlesyndication.com/pagead/js/r20211111/r20110914/ Frame D222
19 KB
8 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20211111/r20110914/abg_lite_fy2019.js
Requested by
Host: 84e95da076e33d3921ac34dbc2e8fe22.safeframe.googlesyndication.com
URL: https://84e95da076e33d3921ac34dbc2e8fe22.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
65623c8434f7dadaba113a4521a101729ee3e6635e4412f2ccc99fbe6412d15e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://84e95da076e33d3921ac34dbc2e8fe22.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Tue, 30 Nov 2021 19:39:58 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
77
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7840
x-xss-protection
0
server
cafe
etag
9525834815172239946
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 14 Dec 2021 19:39:58 GMT
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20211111/r20110914/client/ Frame D222
2 KB
1 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20211111/r20110914/client/window_focus_fy2019.js
Requested by
Host: 84e95da076e33d3921ac34dbc2e8fe22.safeframe.googlesyndication.com
URL: https://84e95da076e33d3921ac34dbc2e8fe22.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
36eb26e781bd5df368210633ce1197df38df32820e93c18e48afb04ad1cea627
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://84e95da076e33d3921ac34dbc2e8fe22.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Tue, 30 Nov 2021 19:40:06 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
69
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1332
x-xss-protection
0
server
cafe
etag
3351516697335751560
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 14 Dec 2021 19:40:06 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame D222
119 KB
36 KB
Script
General
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: 84e95da076e33d3921ac34dbc2e8fe22.safeframe.googlesyndication.com
URL: https://84e95da076e33d3921ac34dbc2e8fe22.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8aa335ad864ac08058c857f05f31cc4c1853a014859bd8ebff6d2a54e05813e8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://84e95da076e33d3921ac34dbc2e8fe22.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Tue, 30 Nov 2021 19:41:15 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
37119
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1636547677202025"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Tue, 30 Nov 2021 19:41:15 GMT
qs_click_protection_fy2019.js
tpc.googlesyndication.com/pagead/js/r20211111/r20110914/client/ Frame D222
15 KB
6 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20211111/r20110914/client/qs_click_protection_fy2019.js
Requested by
Host: 84e95da076e33d3921ac34dbc2e8fe22.safeframe.googlesyndication.com
URL: https://84e95da076e33d3921ac34dbc2e8fe22.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e7907336273196ef7b66c3c9377e5958d4c7e9691de3e67dca3a803138344a00
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://84e95da076e33d3921ac34dbc2e8fe22.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Tue, 30 Nov 2021 19:40:44 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
31
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6415
x-xss-protection
0
server
cafe
etag
16810888504096353422
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 14 Dec 2021 19:40:44 GMT
163b3e9c260ab6fd774ac5b5c6fd1d76.js
www.gstatic.com/mysidia/ Frame D222
27 KB
11 KB
Script
General
Full URL
https://www.gstatic.com/mysidia/163b3e9c260ab6fd774ac5b5c6fd1d76.js?tag=mysidia_one_click_handler_one_afma_2019
Requested by
Host: 84e95da076e33d3921ac34dbc2e8fe22.safeframe.googlesyndication.com
URL: https://84e95da076e33d3921ac34dbc2e8fe22.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
de418fdfa1d02a219d049bb1cd8562182c4201c67f6b9d0e2f67f21a476e1096
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://84e95da076e33d3921ac34dbc2e8fe22.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Tue, 30 Nov 2021 16:53:57 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
10038
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11360
x-xss-protection
0
last-modified
Tue, 16 Nov 2021 04:29:01 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="mysidia"
vary
Accept-Encoding
report-to
{"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type
text/javascript
cache-control
public, max-age=7776000
accept-ranges
bytes
expires
Mon, 28 Feb 2022 16:53:57 GMT
shopping
encrypted-tbn2.gstatic.com/ Frame D222
25 KB
25 KB
Image
General
Full URL
https://encrypted-tbn2.gstatic.com/shopping?q=tbn:ANd9GcSMYxn-ukHdPxM_t2qogTClSpfthTka4r9RsTspBSKxrl8xxINkIG_ovPz4YA&usqp=CAI
Requested by
Host: 84e95da076e33d3921ac34dbc2e8fe22.safeframe.googlesyndication.com
URL: https://84e95da076e33d3921ac34dbc2e8fe22.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7cd6b5e8baba806a56b9fa768eb0c147729255c9acf4e199f4c5df15b92aabef
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://84e95da076e33d3921ac34dbc2e8fe22.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 26 Nov 2021 12:42:50 GMT
x-content-type-options
nosniff
age
370705
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
25428
x-xss-protection
0
last-modified
Thu, 30 Sep 2021 03:08:37 GMT
server
sffe
report-to
{"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type
image/jpeg
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="images-tbn"
expires
Sat, 26 Nov 2022 12:42:50 GMT
shopping
encrypted-tbn0.gstatic.com/ Frame D222
20 KB
20 KB
Image
General
Full URL
https://encrypted-tbn0.gstatic.com/shopping?q=tbn:ANd9GcQlhzw4Wp0WSsq54jwHPy_2LgD8XIMIOB_BczWI0tfqAbt9Ak3A&usqp=CAI
Requested by
Host: 84e95da076e33d3921ac34dbc2e8fe22.safeframe.googlesyndication.com
URL: https://84e95da076e33d3921ac34dbc2e8fe22.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8d12edc3eede1beec1941e7319d5a2694f911f0452e4ce1b8ee57e2deeb2f18d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://84e95da076e33d3921ac34dbc2e8fe22.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Wed, 24 Nov 2021 13:34:41 GMT
x-content-type-options
nosniff
age
540394
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20240
x-xss-protection
0
last-modified
Tue, 28 Sep 2021 05:15:57 GMT
server
sffe
report-to
{"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type
image/jpeg
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="images-tbn"
expires
Thu, 24 Nov 2022 13:34:41 GMT
shopping
encrypted-tbn2.gstatic.com/ Frame D222
15 KB
15 KB
Image
General
Full URL
https://encrypted-tbn2.gstatic.com/shopping?q=tbn:ANd9GcQ0xR_THeq2yy1HceF5cdQVXDPOL_gDZpV1T89lKyicm6JB0loRxfXkF03JOEw&usqp=CAI
Requested by
Host: 84e95da076e33d3921ac34dbc2e8fe22.safeframe.googlesyndication.com
URL: https://84e95da076e33d3921ac34dbc2e8fe22.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
57fff2e67384eebfe73b23ddb1e4ac2fe67dd0a729649dd24479b8f47e14dca0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://84e95da076e33d3921ac34dbc2e8fe22.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Wed, 24 Nov 2021 07:49:30 GMT
x-content-type-options
nosniff
age
561105
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15151
x-xss-protection
0
last-modified
Thu, 22 Jul 2021 03:37:00 GMT
server
sffe
report-to
{"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type
image/jpeg
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="images-tbn"
expires
Thu, 24 Nov 2022 07:49:30 GMT
shopping
encrypted-tbn3.gstatic.com/ Frame D222
31 KB
31 KB
Image
General
Full URL
https://encrypted-tbn3.gstatic.com/shopping?q=tbn:ANd9GcRiO-5Y3rwtXvyYZZHBlXAKyaE0ZiYqi2JMmi-REH3mUYGNp0a6&usqp=CAI
Requested by
Host: 84e95da076e33d3921ac34dbc2e8fe22.safeframe.googlesyndication.com
URL: https://84e95da076e33d3921ac34dbc2e8fe22.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5d3b03926e895eaf46db8840e888a6381fdb0d702c8281ba4781b54676bb542d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://84e95da076e33d3921ac34dbc2e8fe22.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Wed, 24 Nov 2021 07:06:09 GMT
x-content-type-options
nosniff
age
563706
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
31900
x-xss-protection
0
last-modified
Sat, 30 Oct 2021 05:50:34 GMT
server
sffe
report-to
{"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type
image/jpeg
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="images-tbn"
expires
Thu, 24 Nov 2022 07:06:09 GMT
shopping
encrypted-tbn0.gstatic.com/ Frame D222
12 KB
13 KB
Image
General
Full URL
https://encrypted-tbn0.gstatic.com/shopping?q=tbn:ANd9GcQU25XtmKfcxT6EVkFsTZJGxyb7reRcHdNF99ZQMr4OuwtbtJbi&usqp=CAI
Requested by
Host: 84e95da076e33d3921ac34dbc2e8fe22.safeframe.googlesyndication.com
URL: https://84e95da076e33d3921ac34dbc2e8fe22.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
97eb51452679a00c6d004c9a11922a33087716842674c405b3fa9d0148d90ed0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://84e95da076e33d3921ac34dbc2e8fe22.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Tue, 23 Nov 2021 23:20:54 GMT
x-content-type-options
nosniff
age
591621
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
12788
x-xss-protection
0
last-modified
Thu, 26 Aug 2021 06:07:41 GMT
server
sffe
report-to
{"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type
image/jpeg
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="images-tbn"
expires
Wed, 23 Nov 2022 23:20:54 GMT
shopping
encrypted-tbn0.gstatic.com/ Frame D222
19 KB
19 KB
Image
General
Full URL
https://encrypted-tbn0.gstatic.com/shopping?q=tbn:ANd9GcQPteOK5AIoOTcJD8YXQWJw2GARSuEKAI92eGeK-1sQpv7EgUY_VYedRNJHDvA&usqp=CAI
Requested by
Host: 84e95da076e33d3921ac34dbc2e8fe22.safeframe.googlesyndication.com
URL: https://84e95da076e33d3921ac34dbc2e8fe22.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
90e248089b9165829f5a4109317958c23e334486b8929a745fbf208eba06efb1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://84e95da076e33d3921ac34dbc2e8fe22.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Wed, 24 Nov 2021 18:00:57 GMT
x-content-type-options
nosniff
age
524418
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
19564
x-xss-protection
0
last-modified
Thu, 22 Jul 2021 04:04:45 GMT
server
sffe
report-to
{"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type
image/jpeg
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="images-tbn"
expires
Thu, 24 Nov 2022 18:00:57 GMT
shopping
encrypted-tbn0.gstatic.com/ Frame D222
18 KB
18 KB
Image
General
Full URL
https://encrypted-tbn0.gstatic.com/shopping?q=tbn:ANd9GcSAF2jcDRmjRfskWPXh58UySwnxhcbkRLyoFQ_MH7SJEbZS02vJLuEpvrcygQ&usqp=CAI
Requested by
Host: 84e95da076e33d3921ac34dbc2e8fe22.safeframe.googlesyndication.com
URL: https://84e95da076e33d3921ac34dbc2e8fe22.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1893bedd62c4bd644d1a8dd10a8b33e9895930c6fa9fa29aea8d9b1e56d87adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://84e95da076e33d3921ac34dbc2e8fe22.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Wed, 24 Nov 2021 20:08:34 GMT
x-content-type-options
nosniff
age
516761
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
18153
x-xss-protection
0
last-modified
Wed, 01 Sep 2021 21:27:21 GMT
server
sffe
report-to
{"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type
image/jpeg
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="images-tbn"
expires
Thu, 24 Nov 2022 20:08:34 GMT
shopping
encrypted-tbn2.gstatic.com/ Frame D222
19 KB
19 KB
Image
General
Full URL
https://encrypted-tbn2.gstatic.com/shopping?q=tbn:ANd9GcQ7-VHw4n5XngY1ddrrkLveeg3We3Ecq0Za1g6ycRY5ySl6uHvBKQx-5-9mzw&usqp=CAI
Requested by
Host: 84e95da076e33d3921ac34dbc2e8fe22.safeframe.googlesyndication.com
URL: https://84e95da076e33d3921ac34dbc2e8fe22.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a233e2da3d86d92eb7ff798f64725be18ab7e9dc4b4795fba575ae1abfb0b97e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://84e95da076e33d3921ac34dbc2e8fe22.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Wed, 24 Nov 2021 18:38:38 GMT
x-content-type-options
nosniff
age
522157
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
19114
x-xss-protection
0
last-modified
Sun, 12 Sep 2021 01:41:34 GMT
server
sffe
report-to
{"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type
image/jpeg
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="images-tbn"
expires
Thu, 24 Nov 2022 18:38:38 GMT
3218002549567218547
tpc.googlesyndication.com/simgad/ Frame D222
Redirect Chain
  • https://tpc.googlesyndication.com/pageadimg/imgad?id=CICAgKC7wqyMOBCcChicCjIIWCv19vqeVug
  • https://tpc.googlesyndication.com/simgad/3218002549567218547
95 KB
95 KB
Image
General
Full URL
https://tpc.googlesyndication.com/simgad/3218002549567218547
Requested by
Host: 84e95da076e33d3921ac34dbc2e8fe22.safeframe.googlesyndication.com
URL: https://84e95da076e33d3921ac34dbc2e8fe22.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8a97ff2fde111556c2b1aab69d8186de7cde04292070318d622466cbd6e10d7c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://84e95da076e33d3921ac34dbc2e8fe22.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Tue, 30 Nov 2021 07:52:42 GMT
x-content-type-options
nosniff
age
42513
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
97322
x-xss-protection
0
last-modified
Wed, 23 Jan 2019 14:44:40 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Wed, 30 Nov 2022 07:52:42 GMT

Redirect headers

timing-allow-origin
*
date
Mon, 29 Nov 2021 21:31:45 GMT
x-content-type-options
nosniff
server
cafe
age
79770
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
location
https://tpc.googlesyndication.com/simgad/3218002549567218547
cache-control
public, max-age=2592000
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Wed, 29 Dec 2021 21:31:45 GMT
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame 3D5D
1 KB
749 B
Document
General
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: 84e95da076e33d3921ac34dbc2e8fe22.safeframe.googlesyndication.com
URL: https://84e95da076e33d3921ac34dbc2e8fe22.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://84e95da076e33d3921ac34dbc2e8fe22.safeframe.googlesyndication.com/

Response headers

p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
vary
Accept-Encoding
date
Tue, 30 Nov 2021 05:53:44 GMT
expires
Wed, 01 Dec 2021 05:53:44 GMT
content-type
text/html; charset=UTF-8
etag
48472445140208031
x-content-type-options
nosniff
content-encoding
gzip
server
cafe
content-length
724
x-xss-protection
0
age
49651
cache-control
public, max-age=86400
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
truncated
/ Frame D222
221 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
caa8efea9f14d7ff08c51de7969f59948a2d127417b29b42d13a84c012602f9d

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Content-Type
image/png
ea8FacM9Wef3EJPWRrHjgE4B6CnlZxHVDv79oQ.woff2
fonts.gstatic.com/s/googlesansdisplay/v15/ Frame D222
20 KB
20 KB
Font
General
Full URL
https://fonts.gstatic.com/s/googlesansdisplay/v15/ea8FacM9Wef3EJPWRrHjgE4B6CnlZxHVDv79oQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%20Display%3A400
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
475700259e64d480d1a70023e14741bb298a025e338bb608552e2472d4505a65
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://84e95da076e33d3921ac34dbc2e8fe22.safeframe.googlesyndication.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Wed, 24 Nov 2021 09:49:59 GMT
x-content-type-options
nosniff
age
553876
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20900
x-xss-protection
0
last-modified
Mon, 19 Apr 2021 22:53:16 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Thu, 24 Nov 2022 09:49:59 GMT
dpixel
cms.quantserve.com/ Frame 3D5D
35 B
463 B
Image
General
Full URL
https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEJ_5YmsA0nfHAs1tAIKUCdo&google_cver=1&google_push=AYg5qPIJkgmie2vqEt9wtmi2qN032QqAgy1smMGG0vg6d_0x13L4TsX3UU2hS7IQB3OtxmUFWhuX2hNfnu78FtfvAGZNRoA43l3RDg
Requested by
Host: 84e95da076e33d3921ac34dbc2e8fe22.safeframe.googlesyndication.com
URL: https://84e95da076e33d3921ac34dbc2e8fe22.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:116:800d:21:ee05:6a01:4b41:8c89 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 30 Nov 2021 19:41:15 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
cache-control
private, no-cache, no-store, proxy-revalidate
content-type
image/gif
content-length
35
expires
Fri, 04 Aug 1978 12:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 3D5D
Redirect Chain
  • https://d.agkn.com/pixel/2175/?google_gid=CAESECH8cPvClIJ7e3X3u364h28&google_cver=1&google_push=AYg5qPLirjcWh8ZXhcLP3y-OgaEfuPYKfLwhCTjTNdQAb1H7GjssQGlG7jZx-hM9NcNfYS0tBA6i9xqzlPVL9_JjPk3m3uhp9Spf
  • https://cm.g.doubleclick.net/pixel?google_nid=ak_dmp&google_push=AYg5qPLirjcWh8ZXhcLP3y-OgaEfuPYKfLwhCTjTNdQAb1H7GjssQGlG7jZx-hM9NcNfYS0tBA6i9xqzlPVL9_JjPk3m3uhp9Spf&google_hm=Q0FFU0VDSDhjUHZDbElKN...
170 B
188 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=ak_dmp&google_push=AYg5qPLirjcWh8ZXhcLP3y-OgaEfuPYKfLwhCTjTNdQAb1H7GjssQGlG7jZx-hM9NcNfYS0tBA6i9xqzlPVL9_JjPk3m3uhp9Spf&google_hm=Q0FFU0VDSDhjUHZDbElKN2UzWDN1MzY0aDI4
Protocol
H3
Server
142.250.185.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 30 Nov 2021 19:41:15 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Tue, 30 Nov 2021 19:41:14 GMT
Server
Apache-Coyote/1.1
P3P
CP="NOI DSP COR CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Location
https://cm.g.doubleclick.net/pixel?google_nid=ak_dmp&google_push=AYg5qPLirjcWh8ZXhcLP3y-OgaEfuPYKfLwhCTjTNdQAb1H7GjssQGlG7jZx-hM9NcNfYS0tBA6i9xqzlPVL9_JjPk3m3uhp9Spf&google_hm=Q0FFU0VDSDhjUHZDbElKN2UzWDN1MzY0aDI4
Cache-Control
no-cache, must-revalidate
Connection
keep-alive
Content-Length
0
Expires
Sat, 01 Jan 2000 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 3D5D
Redirect Chain
  • https://e.dlx.addthis.com/e/a-1189/s-3614?redirect_provider_id=3614&ru=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Ddatalogix_dmp%26google_hm%3D%3CNA_ID%3E%26google_push%3DAYg5qPLtIB1k...
  • https://e.dlx.addthis.com/e/a-1189/s-3614?redirect_provider_id=3614&ru=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Ddatalogix_dmp%26google_hm%3D%3CNA_ID%3E%26google_push%3DAYg5qPLtIB1k...
  • https://cm.g.doubleclick.net/pixel?google_nid=datalogix_dmp&google_hm=MjAyMTExMzAxOTQxMTUwMDA5MjU0MTc0MDkyOQ%3D%3D&google_push=AYg5qPLtIB1kKjzPfLs42kJHoO5w-y3OTNztBo6lhyNPWtMXPvx2KbMh-KfixzL7109Kva...
170 B
188 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=datalogix_dmp&google_hm=MjAyMTExMzAxOTQxMTUwMDA5MjU0MTc0MDkyOQ%3D%3D&google_push=AYg5qPLtIB1kKjzPfLs42kJHoO5w-y3OTNztBo6lhyNPWtMXPvx2KbMh-KfixzL7109Kva8ZhNo7bIrjMO4F6gBzX3EpWTlrmucyAQ
Protocol
H3
Server
142.250.185.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 30 Nov 2021 19:41:15 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=datalogix_dmp&google_hm=MjAyMTExMzAxOTQxMTUwMDA5MjU0MTc0MDkyOQ%3D%3D&google_push=AYg5qPLtIB1kKjzPfLs42kJHoO5w-y3OTNztBo6lhyNPWtMXPvx2KbMh-KfixzL7109Kva8ZhNo7bIrjMO4F6gBzX3EpWTlrmucyAQ
pragma
no-cache
date
Tue, 30 Nov 2021 19:41:15 GMT
cache-control
max-age=0, no-cache, no-store
content-length
0
strict-transport-security
max-age=2628000
expires
Tue, 30 Nov 2021 19:41:15 GMT
dds
rtb.openx.net/sync/ Frame 3D5D
43 B
351 B
Image
General
Full URL
https://rtb.openx.net/sync/dds?google_gid=CAESEIzp9c8PJSRr7ScBgcM7qQY&google_cver=1&google_push=AYg5qPKDxPWb1UaNtP508uQv3vuNWVW29DOlM32aAGenWWQQ1VrvZzps1Txcr_AR8hcGLdN5DL9fY7kpYAQzL1Yx2DhTRooMWZz_Ug
Requested by
Host: 84e95da076e33d3921ac34dbc2e8fe22.safeframe.googlesyndication.com
URL: https://84e95da076e33d3921ac34dbc2e8fe22.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.227.252.103 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
103.252.227.35.bc.googleusercontent.com
Software
Cowboy /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 30 Nov 2021 19:41:14 GMT
via
1.1 google
server
Cowboy
vary
Origin
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
null
access-control-expose-headers
cache-control
private, max-age=0, no-cache, must-revalidate
access-control-allow-credentials
true
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
x-request-id
udqjsaqud5gm343cfjeaao5qtufbnphd
pixel
cm.g.doubleclick.net/ Frame 3D5D
Redirect Chain
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=MqzQGjbOTq20vnoO20RrqA%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mp...
170 B
188 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=MqzQGjbOTq20vnoO20RrqA%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AYg5qPJXgB3ZDX2rClrv_zGEixEGGdNaAxqZCTYuD-uFf3N7PFRU-PFaK-tQ-KNHXEBWvCv6oO9kvnT57ZY9mOksGYWo25P19Aul-g
Protocol
H3
Server
142.250.185.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 30 Nov 2021 19:41:15 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=MqzQGjbOTq20vnoO20RrqA%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AYg5qPJXgB3ZDX2rClrv_zGEixEGGdNaAxqZCTYuD-uFf3N7PFRU-PFaK-tQ-KNHXEBWvCv6oO9kvnT57ZY9mOksGYWo25P19Aul-g
date
Tue, 30 Nov 2021 19:41:15 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
0
content-type
text/html; charset=UTF-8
pixel
cm.g.doubleclick.net/ Frame 3D5D
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEE6Qy1_HMQaLeglqqT5NkfA&google_cver=1&google_push=AYg5qPKdaIUcNpxNHHQBIeThvDn2DXYPps8wK4NRaTTcWR8BQvzBL84W1P_WhRTFbyV74oEoqIn...
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1dNSUEyU1otMUItSDlVRA==&google_push=AYg5qPKdaIUcNpxNHHQBIeThvDn2DXYPps8wK4NRaTTcWR8BQvzBL84W1P_WhRTFbyV74oEoqIn5zEi6f36SSskoCgCeAXDj8kUYTA
170 B
188 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1dNSUEyU1otMUItSDlVRA==&google_push=AYg5qPKdaIUcNpxNHHQBIeThvDn2DXYPps8wK4NRaTTcWR8BQvzBL84W1P_WhRTFbyV74oEoqIn5zEi6f36SSskoCgCeAXDj8kUYTA
Protocol
H3
Server
142.250.185.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 30 Nov 2021 19:41:15 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Location
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1dNSUEyU1otMUItSDlVRA==&google_push=AYg5qPKdaIUcNpxNHHQBIeThvDn2DXYPps8wK4NRaTTcWR8BQvzBL84W1P_WhRTFbyV74oEoqIn5zEi6f36SSskoCgCeAXDj8kUYTA
Cache-Control
no-cache,no-store,must-revalidate
Content-Type
text/html
content-length
0
X-RPHost
84e0f527cd81a00b0210e20b4ee7ed94
Expires
0
pixel
cm.g.doubleclick.net/ Frame 3D5D
Redirect Chain
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEJ-a5JhwGwrkXty8BXtCmFk&google_cver=1&googl...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YaZ-Wp1Fd22iraeQB251TAAABE0AAAIB&google_push=AYg5qPIuCQCGiXvinzT5FwZYa_9Cboz8wSjY7tT1c57Q9FVdMlB0DBiFip3kaBPhssVPPBr6fpCO2p3qCk68deiieL...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YaZ-Wp1Fd22iraeQB251TAAABE0AAAIB&google_push=AYg5qPIuCQCGiXvinzT5FwZYa_9Cboz8wSjY7tT1c57Q9FVdMlB0DBiFip3kaBPhssVPPBr6fpCO2p3qCk68deiieL...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YaZ-Wp1Fd22iraeQB251TAAABE0AAAIB&google_push=AYg5qPIuCQCGiXvinzT5FwZYa_9Cboz8wSjY7tT1c57Q9FVdMlB0DBiFip3kaBPhssVPPBr6fpCO2p3qCk68deiieL...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YaZ-Wp1Fd22iraeQB251TAAABE0AAAIB&google_push=AYg5qPIuCQCGiXvinzT5FwZYa_9Cboz8wSjY7tT1c57Q9FVdMlB0DBiFip3kaBPhssVPPBr6fpCO2p3qCk68deiieL...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YaZ-Wp1Fd22iraeQB251TAAABE0AAAIB&google_push=AYg5qPIuCQCGiXvinzT5FwZYa_9Cboz8wSjY7tT1c57Q9FVdMlB0DBiFip3kaBPhssVPPBr6fpCO2p3qCk68deiieL...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YaZ-Wp1Fd22iraeQB251TAAABE0AAAIB&google_push=AYg5qPIuCQCGiXvinzT5FwZYa_9Cboz8wSjY7tT1c57Q9FVdMlB0DBiFip3kaBPhssVPPBr6fpCO2p3qCk68deiieL...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YaZ-Wp1Fd22iraeQB251TAAABE0AAAIB&google_push=AYg5qPIuCQCGiXvinzT5FwZYa_9Cboz8wSjY7tT1c57Q9FVdMlB0DBiFip3kaBPhssVPPBr6fpCO2p3qCk68deiieL...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YaZ-Wp1Fd22iraeQB251TAAABE0AAAIB&google_push=AYg5qPIuCQCGiXvinzT5FwZYa_9Cboz8wSjY7tT1c57Q9FVdMlB0DBiFip3kaBPhssVPPBr6fpCO2p3qCk68deiieL...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YaZ-Wp1Fd22iraeQB251TAAABE0AAAIB&google_push=AYg5qPIuCQCGiXvinzT5FwZYa_9Cboz8wSjY7tT1c57Q9FVdMlB0DBiFip3kaBPhssVPPBr6fpCO2p3qCk68deiieL...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YaZ-Wp1Fd22iraeQB251TAAABE0AAAIB&google_push=AYg5qPIuCQCGiXvinzT5FwZYa_9Cboz8wSjY7tT1c57Q9FVdMlB0DBiFip3kaBPhssVPPBr6fpCO2p3qCk68deiieL...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YaZ-Wp1Fd22iraeQB251TAAABE0AAAIB&google_push=AYg5qPIuCQCGiXvinzT5FwZYa_9Cboz8wSjY7tT1c57Q9FVdMlB0DBiFip3kaBPhssVPPBr6fpCO2p3qCk68deiieL...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YaZ-Wp1Fd22iraeQB251TAAABE0AAAIB&google_push=AYg5qPIuCQCGiXvinzT5FwZYa_9Cboz8wSjY7tT1c57Q9FVdMlB0DBiFip3kaBPhssVPPBr6fpCO2p3qCk68deiieL...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YaZ-Wp1Fd22iraeQB251TAAABE0AAAIB&google_push=AYg5qPIuCQCGiXvinzT5FwZYa_9Cboz8wSjY7tT1c57Q9FVdMlB0DBiFip3kaBPhssVPPBr6fpCO2p3qCk68deiieL...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YaZ-Wp1Fd22iraeQB251TAAABE0AAAIB&google_push=AYg5qPIuCQCGiXvinzT5FwZYa_9Cboz8wSjY7tT1c57Q9FVdMlB0DBiFip3kaBPhssVPPBr6fpCO2p3qCk68deiieL...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YaZ-Wp1Fd22iraeQB251TAAABE0AAAIB&google_push=AYg5qPIuCQCGiXvinzT5FwZYa_9Cboz8wSjY7tT1c57Q9FVdMlB0DBiFip3kaBPhssVPPBr6fpCO2p3qCk68deiieL...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YaZ-Wp1Fd22iraeQB251TAAABE0AAAIB&google_push=AYg5qPIuCQCGiXvinzT5FwZYa_9Cboz8wSjY7tT1c57Q9FVdMlB0DBiFip3kaBPhssVPPBr6fpCO2p3qCk68deiieL...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YaZ-Wp1Fd22iraeQB251TAAABE0AAAIB&google_push=AYg5qPIuCQCGiXvinzT5FwZYa_9Cboz8wSjY7tT1c57Q9FVdMlB0DBiFip3kaBPhssVPPBr6fpCO2p3qCk68deiieL...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YaZ-Wp1Fd22iraeQB251TAAABE0AAAIB&google_push=AYg5qPIuCQCGiXvinzT5FwZYa_9Cboz8wSjY7tT1c57Q9FVdMlB0DBiFip3kaBPhssVPPBr6fpCO2p3qCk68deiieL...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YaZ-Wp1Fd22iraeQB251TAAABE0AAAIB&google_push=AYg5qPIuCQCGiXvinzT5FwZYa_9Cboz8wSjY7tT1c57Q9FVdMlB0DBiFip3kaBPhssVPPBr6fpCO2p3qCk68deiieL...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YaZ-Wp1Fd22iraeQB251TAAABE0AAAIB&google_push=AYg5qPIuCQCGiXvinzT5FwZYa_9Cboz8wSjY7tT1c57Q9FVdMlB0DBiFip3kaBPhssVPPBr6fpCO2p3qCk68deiieL...
0
0

attr
cm.g.doubleclick.net/pixel/ Frame 3D5D
0
12 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13JQHsQ3ptAzcATAHj0CMstj5qiOyYsEnVio4Su6eyvFsfLeXIy8HxjcbRtbBLP2Mp4O7IHe
Requested by
Host: 84e95da076e33d3921ac34dbc2e8fe22.safeframe.googlesyndication.com
URL: https://84e95da076e33d3921ac34dbc2e8fe22.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Tue, 30 Nov 2021 19:41:15 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
content-type
text/html
container.html
84e95da076e33d3921ac34dbc2e8fe22.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame F9AC
6 KB
3 KB
Document
General
Full URL
https://84e95da076e33d3921ac34dbc2e8fe22.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021111701.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://thedailyblog.co.nz/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin
*
content-length
3108
date
Tue, 30 Nov 2021 19:41:12 GMT
expires
Wed, 30 Nov 2022 19:41:12 GMT
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, immutable, max-age=31536000
age
4
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
css
fonts.googleapis.com/ Frame F9AC
2 KB
532 B
Stylesheet
General
Full URL
https://fonts.googleapis.com/css?family=Google%20Sans%20Display%3A400
Requested by
Host: 84e95da076e33d3921ac34dbc2e8fe22.safeframe.googlesyndication.com
URL: https://84e95da076e33d3921ac34dbc2e8fe22.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
e89a316ebf1c63ea09e2b7b5889fb55e1ffb326c7b2b172027da0948f5709f6a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://84e95da076e33d3921ac34dbc2e8fe22.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Tue, 30 Nov 2021 17:51:53 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Tue, 30 Nov 2021 19:41:16 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Tue, 30 Nov 2021 19:41:16 GMT
load_preloaded_resource_fy2019.js
tpc.googlesyndication.com/pagead/js/r20211111/r20110914/client/ Frame F9AC
1 KB
890 B
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20211111/r20110914/client/load_preloaded_resource_fy2019.js
Requested by
Host: 84e95da076e33d3921ac34dbc2e8fe22.safeframe.googlesyndication.com
URL: https://84e95da076e33d3921ac34dbc2e8fe22.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
b4a25f11fbb1e2b547eaf848472f9c048824e307a945f3a0417aac7b09d0456e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://84e95da076e33d3921ac34dbc2e8fe22.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Tue, 30 Nov 2021 19:40:12 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
64
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
853
x-xss-protection
0
server
cafe
etag
7170004918125193417
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 14 Dec 2021 19:40:12 GMT
adview
securepubads.g.doubleclick.net/pagead/ Frame F9AC
0
0
Fetch
General
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=C7OHJW36mYf3nJKSl9u8Pu66w-AHBjK3qZtz5l-yBDtrK3cXZKRABIKLf0SBgleKQgqAHoAHrzcH7AcgBCeACAKgDAcgDmwSqBKkCT9BH3P5kPZy8-VUxqZRU-CghTR_xj7l7GLY2t4rXDkykLgaREwH1SwyHivFRCSr4NEghrCUmrbL1lvI1knrVWtl41eOepqL0uvx_7LsTwsRCoOb7E00pjtW0JAUO2jJBZf8DXncV5eWjTo0elG_dcOPxbBHp2ytldYYMrR7c0g03j6PYtwODdNUFLnGJPlcKQ58JvWV4m3Nq9PCJ-CxGEdSPUUgVNMblzJJjRPDyHzsSitcsDd4JxF7yQLA3h2Rt9SLprYh0Fy2A0AVakhFJGdgNdLr3uhzpl6oXl1_P7tONmlchSVc_mz97KrlOwEfN4lRaTgj8uQ9Gnbvmossb3Kfpkq8qgPrgUUdKqOLdNnxB4eM-MOE3NWA-3c-bQWh37pPDwau_LegZwATB78f61QPgBAGSBQQIBBgBkgUECAUYBJIFBAgFGBiSBQUIBRioAaAGLoAHze2u5wKoB47OG6gHk9gbqAfulrECqAf-nrECqAemvhvYBwDyBwMQvmzSCAkIgOGAEBABGB2ACgHICwHYEw7QFQGAFwGyFx4KHAgAEhRwdWItNjI1MTE1NTYwNzI3NTM0NBjy9BQ&sigh=j0kQ5JaoFOw&uach_m=[UACH]&template_id=494
Requested by
Host: thedailyblog.co.nz
URL: https://thedailyblog.co.nz/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
/
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://84e95da076e33d3921ac34dbc2e8fe22.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

abg_lite_fy2019.js
tpc.googlesyndication.com/pagead/js/r20211111/r20110914/ Frame F9AC
19 KB
8 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20211111/r20110914/abg_lite_fy2019.js
Requested by
Host: 84e95da076e33d3921ac34dbc2e8fe22.safeframe.googlesyndication.com
URL: https://84e95da076e33d3921ac34dbc2e8fe22.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
65623c8434f7dadaba113a4521a101729ee3e6635e4412f2ccc99fbe6412d15e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://84e95da076e33d3921ac34dbc2e8fe22.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Tue, 30 Nov 2021 19:39:58 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
78
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7840
x-xss-protection
0
server
cafe
etag
9525834815172239946
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 14 Dec 2021 19:39:58 GMT
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20211111/r20110914/client/ Frame F9AC
2 KB
1 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20211111/r20110914/client/window_focus_fy2019.js
Requested by
Host: 84e95da076e33d3921ac34dbc2e8fe22.safeframe.googlesyndication.com
URL: https://84e95da076e33d3921ac34dbc2e8fe22.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
36eb26e781bd5df368210633ce1197df38df32820e93c18e48afb04ad1cea627
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://84e95da076e33d3921ac34dbc2e8fe22.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Tue, 30 Nov 2021 19:40:06 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
70
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1332
x-xss-protection
0
server
cafe
etag
3351516697335751560
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 14 Dec 2021 19:40:06 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame F9AC
119 KB
36 KB
Script
General
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: 84e95da076e33d3921ac34dbc2e8fe22.safeframe.googlesyndication.com
URL: https://84e95da076e33d3921ac34dbc2e8fe22.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8aa335ad864ac08058c857f05f31cc4c1853a014859bd8ebff6d2a54e05813e8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://84e95da076e33d3921ac34dbc2e8fe22.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Tue, 30 Nov 2021 19:41:16 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
37119
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1636547677202025"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Tue, 30 Nov 2021 19:41:16 GMT
qs_click_protection_fy2019.js
tpc.googlesyndication.com/pagead/js/r20211111/r20110914/client/ Frame F9AC
15 KB
6 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20211111/r20110914/client/qs_click_protection_fy2019.js
Requested by
Host: 84e95da076e33d3921ac34dbc2e8fe22.safeframe.googlesyndication.com
URL: https://84e95da076e33d3921ac34dbc2e8fe22.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e7907336273196ef7b66c3c9377e5958d4c7e9691de3e67dca3a803138344a00
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://84e95da076e33d3921ac34dbc2e8fe22.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Tue, 30 Nov 2021 19:40:44 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
32
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6415
x-xss-protection
0
server
cafe
etag
16810888504096353422
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 14 Dec 2021 19:40:44 GMT
163b3e9c260ab6fd774ac5b5c6fd1d76.js
www.gstatic.com/mysidia/ Frame F9AC
27 KB
11 KB
Script
General
Full URL
https://www.gstatic.com/mysidia/163b3e9c260ab6fd774ac5b5c6fd1d76.js?tag=mysidia_one_click_handler_one_afma_2019
Requested by
Host: 84e95da076e33d3921ac34dbc2e8fe22.safeframe.googlesyndication.com
URL: https://84e95da076e33d3921ac34dbc2e8fe22.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
de418fdfa1d02a219d049bb1cd8562182c4201c67f6b9d0e2f67f21a476e1096
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://84e95da076e33d3921ac34dbc2e8fe22.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Tue, 30 Nov 2021 16:53:57 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
10039
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11360
x-xss-protection
0
last-modified
Tue, 16 Nov 2021 04:29:01 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="mysidia"
vary
Accept-Encoding
report-to
{"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type
text/javascript
cache-control
public, max-age=7776000
accept-ranges
bytes
expires
Mon, 28 Feb 2022 16:53:57 GMT
shopping
encrypted-tbn2.gstatic.com/ Frame F9AC
34 KB
34 KB
Image
General
Full URL
https://encrypted-tbn2.gstatic.com/shopping?q=tbn:ANd9GcSuboKwciQC3d6rLA6QyIyBtgU6uhiFvY-Djis0Li72F_O2OHqEZiNPVLYVE-M&usqp=CAI
Requested by
Host: 84e95da076e33d3921ac34dbc2e8fe22.safeframe.googlesyndication.com
URL: https://84e95da076e33d3921ac34dbc2e8fe22.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0af876e881d62be795f61e9546668851e1f8959d1186a1d06e7bade17558f8b0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://84e95da076e33d3921ac34dbc2e8fe22.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Thu, 25 Nov 2021 16:23:22 GMT
x-content-type-options
nosniff
age
443874
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
34639
x-xss-protection
0
last-modified
Tue, 28 Sep 2021 08:50:39 GMT
server
sffe
report-to
{"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type
image/jpeg
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="images-tbn"
expires
Fri, 25 Nov 2022 16:23:22 GMT
shopping
encrypted-tbn2.gstatic.com/ Frame F9AC
27 KB
27 KB
Image
General
Full URL
https://encrypted-tbn2.gstatic.com/shopping?q=tbn:ANd9GcTknpWYO9yAAr5lIZ8gxgutoXZs2ykLYZE_jOuBiYlbxVKbS2V5495Xel6df1c&usqp=CAI
Requested by
Host: 84e95da076e33d3921ac34dbc2e8fe22.safeframe.googlesyndication.com
URL: https://84e95da076e33d3921ac34dbc2e8fe22.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f3032aa2e11e011c57a42b15acd7f194bd22b6bcc23a8332c32b12fb7edf6100
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://84e95da076e33d3921ac34dbc2e8fe22.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Thu, 25 Nov 2021 10:55:47 GMT
x-content-type-options
nosniff
age
463529
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
27202
x-xss-protection
0
last-modified
Sun, 24 Oct 2021 02:09:11 GMT
server
sffe
report-to
{"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type
image/jpeg
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="images-tbn"
expires
Fri, 25 Nov 2022 10:55:47 GMT
shopping
encrypted-tbn0.gstatic.com/ Frame F9AC
19 KB
19 KB
Image
General
Full URL
https://encrypted-tbn0.gstatic.com/shopping?q=tbn:ANd9GcTQx82cxGXhMUT6QUydhZh5a5ZhrWRQvqeDHKoIA5ozgJossRfk77EI_RBeZg&usqp=CAI
Requested by
Host: 84e95da076e33d3921ac34dbc2e8fe22.safeframe.googlesyndication.com
URL: https://84e95da076e33d3921ac34dbc2e8fe22.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a80193f67e5045f2bb3bd3f002cdddd1a0ed75889381a590ff8379a57afba564
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://84e95da076e33d3921ac34dbc2e8fe22.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Tue, 30 Nov 2021 16:00:56 GMT
x-content-type-options
nosniff
age
13220
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
19672
x-xss-protection
0
last-modified
Thu, 05 Aug 2021 11:20:17 GMT
server
sffe
report-to
{"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type
image/jpeg
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="images-tbn"
expires
Wed, 30 Nov 2022 16:00:56 GMT
shopping
encrypted-tbn2.gstatic.com/ Frame F9AC
32 KB
32 KB
Image
General
Full URL
https://encrypted-tbn2.gstatic.com/shopping?q=tbn:ANd9GcSoelBE6JPFboPzrX4G2bUAemN1A-EKxwKw5c4EBxhxvdRCBUwtkWG5JZ2j0tM&usqp=CAI
Requested by
Host: 84e95da076e33d3921ac34dbc2e8fe22.safeframe.googlesyndication.com
URL: https://84e95da076e33d3921ac34dbc2e8fe22.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3db64adca2ce673f54d6fb8ce6d30114a2b69b47d59042179a708503799f9290
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://84e95da076e33d3921ac34dbc2e8fe22.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Tue, 23 Nov 2021 19:42:23 GMT
x-content-type-options
nosniff
age
604733
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
33208
x-xss-protection
0
last-modified
Tue, 07 Sep 2021 23:46:57 GMT
server
sffe
report-to
{"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type
image/jpeg
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="images-tbn"
expires
Wed, 23 Nov 2022 19:42:23 GMT
shopping
encrypted-tbn3.gstatic.com/ Frame F9AC
20 KB
20 KB
Image
General
Full URL
https://encrypted-tbn3.gstatic.com/shopping?q=tbn:ANd9GcRi_eIxA3LS_ergiO-2U_ug7qN1SenUphSG3LEwGCCXZVFXfqkDHm6qc_Lbm3w&usqp=CAI
Requested by
Host: 84e95da076e33d3921ac34dbc2e8fe22.safeframe.googlesyndication.com
URL: https://84e95da076e33d3921ac34dbc2e8fe22.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f122e1f3ea83bac5fea8db8fdd7af1f80f5bce1570eae99ed71c85ff746e07f3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://84e95da076e33d3921ac34dbc2e8fe22.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 26 Nov 2021 18:06:33 GMT
x-content-type-options
nosniff
age
351283
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20767
x-xss-protection
0
last-modified
Thu, 21 Oct 2021 10:38:42 GMT
server
sffe
report-to
{"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type
image/jpeg
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="images-tbn"
expires
Sat, 26 Nov 2022 18:06:33 GMT
shopping
encrypted-tbn1.gstatic.com/ Frame F9AC
36 KB
36 KB
Image
General
Full URL
https://encrypted-tbn1.gstatic.com/shopping?q=tbn:ANd9GcRJ5qpl_tTf2vSzS27OZGOGzsbTJ4Bdjrv4Y9_n5k_w1G76rqPjNlXoDA6PQ2g&usqp=CAI
Requested by
Host: 84e95da076e33d3921ac34dbc2e8fe22.safeframe.googlesyndication.com
URL: https://84e95da076e33d3921ac34dbc2e8fe22.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c15dc602c7f26db362b306eb32adbfc51a1472752095059b748bc8e3fff59661
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://84e95da076e33d3921ac34dbc2e8fe22.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Sat, 27 Nov 2021 11:29:39 GMT
x-content-type-options
nosniff
age
288697
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
37076
x-xss-protection
0
last-modified
Sun, 14 Nov 2021 01:35:29 GMT
server
sffe
report-to
{"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type
image/jpeg
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="images-tbn"
expires
Sun, 27 Nov 2022 11:29:39 GMT
shopping
encrypted-tbn2.gstatic.com/ Frame F9AC
9 KB
9 KB
Image
General
Full URL
https://encrypted-tbn2.gstatic.com/shopping?q=tbn:ANd9GcRtRC4Dlp5T4P_vZELKblL49j1Uo4XLl2Oj16PJeZjRuag2vnTR&usqp=CAI
Requested by
Host: 84e95da076e33d3921ac34dbc2e8fe22.safeframe.googlesyndication.com
URL: https://84e95da076e33d3921ac34dbc2e8fe22.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
81ab60093a572306ea4faeb5763d2640593e2f9960ed82b0a231cc75db9953bb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://84e95da076e33d3921ac34dbc2e8fe22.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Wed, 24 Nov 2021 09:55:02 GMT
x-content-type-options
nosniff
age
553574
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
8961
x-xss-protection
0
last-modified
Fri, 10 Jul 2020 08:37:31 GMT
server
sffe
report-to
{"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type
image/png
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="images-tbn"
expires
Thu, 24 Nov 2022 09:55:02 GMT
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame 5F52
1 KB
749 B
Document
General
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: 84e95da076e33d3921ac34dbc2e8fe22.safeframe.googlesyndication.com
URL: https://84e95da076e33d3921ac34dbc2e8fe22.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://84e95da076e33d3921ac34dbc2e8fe22.safeframe.googlesyndication.com/

Response headers

p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
vary
Accept-Encoding
date
Tue, 30 Nov 2021 05:53:44 GMT
expires
Wed, 01 Dec 2021 05:53:44 GMT
content-type
text/html; charset=UTF-8
etag
48472445140208031
x-content-type-options
nosniff
content-encoding
gzip
server
cafe
content-length
724
x-xss-protection
0
age
49652
cache-control
public, max-age=86400
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
truncated
/ Frame F9AC
215 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
ea6aed5bb5cf0c5236d929830e4fb2cbf14e723e8a6655e9008accb48fd18769

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Content-Type
image/png
ea8FacM9Wef3EJPWRrHjgE4B6CnlZxHVDv79oQ.woff2
fonts.gstatic.com/s/googlesansdisplay/v15/ Frame F9AC
20 KB
20 KB
Font
General
Full URL
https://fonts.gstatic.com/s/googlesansdisplay/v15/ea8FacM9Wef3EJPWRrHjgE4B6CnlZxHVDv79oQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%20Display%3A400
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
475700259e64d480d1a70023e14741bb298a025e338bb608552e2472d4505a65
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://84e95da076e33d3921ac34dbc2e8fe22.safeframe.googlesyndication.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Wed, 24 Nov 2021 09:49:59 GMT
x-content-type-options
nosniff
age
553877
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20900
x-xss-protection
0
last-modified
Mon, 19 Apr 2021 22:53:16 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Thu, 24 Nov 2022 09:49:59 GMT
pixel
cm.g.doubleclick.net/ Frame 5F52
Redirect Chain
  • https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEGayuP6X5gr_ON-40SAM8r0&google_cver=1&google_push=AYg5qPK-ZxZa46-n5Y8oPd-EtUcWNyC2c-EzqWEySeLaxLrrK9fAAr5Vqn...
  • https://cm.g.doubleclick.net/pixel?gdpr=1&google_nid=B765081F39B1F7&google_push=AYg5qPK-ZxZa46-n5Y8oPd-EtUcWNyC2c-EzqWEySeLaxLrrK9fAAr5VqnH_yh3tqrEi54GHxDRF314qXZU2c3sqP1pmqswVQAQ&google_hm=RA4O_Lo...
170 B
188 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel?gdpr=1&google_nid=B765081F39B1F7&google_push=AYg5qPK-ZxZa46-n5Y8oPd-EtUcWNyC2c-EzqWEySeLaxLrrK9fAAr5VqnH_yh3tqrEi54GHxDRF314qXZU2c3sqP1pmqswVQAQ&google_hm=RA4O_LoN8ckncZND0oWWrA
Requested by
Host: 84e95da076e33d3921ac34dbc2e8fe22.safeframe.googlesyndication.com
URL: https://84e95da076e33d3921ac34dbc2e8fe22.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Server
142.250.185.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 30 Nov 2021 19:41:16 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?gdpr=1&google_nid=B765081F39B1F7&google_push=AYg5qPK-ZxZa46-n5Y8oPd-EtUcWNyC2c-EzqWEySeLaxLrrK9fAAr5VqnH_yh3tqrEi54GHxDRF314qXZU2c3sqP1pmqswVQAQ&google_hm=RA4O_LoN8ckncZND0oWWrA
pragma
no-cache
date
Tue, 30 Nov 2021 19:41:16 GMT
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
0
strict-transport-security
max-age=86400
expires
Fri, 04 Aug 1978 12:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 5F52
Redirect Chain
  • https://pixel.everesttech.net/1/m?url=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Deverest%26google_hm%3D__EFGSURFER_USB64__%26google_push%3DAYg5qPIYW2SD3TA40TKBk-khoJEwi12jWaebhQQG_iM...
  • https://cm.g.doubleclick.net/pixel?google_nid=everest&google_hm=WWFaQFhBQUFCWVRVbUZlaw&google_push=AYg5qPIYW2SD3TA40TKBk-khoJEwi12jWaebhQQG_iM3ecwv3AohNIkw1UKiTBqS0xb3ZNqNh4VwB9hbsd_kWx3H1EWMpsy1El8
170 B
188 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=everest&google_hm=WWFaQFhBQUFCWVRVbUZlaw&google_push=AYg5qPIYW2SD3TA40TKBk-khoJEwi12jWaebhQQG_iM3ecwv3AohNIkw1UKiTBqS0xb3ZNqNh4VwB9hbsd_kWx3H1EWMpsy1El8
Protocol
H3
Server
142.250.185.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 30 Nov 2021 19:41:16 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=everest&google_hm=WWFaQFhBQUFCWVRVbUZlaw&google_push=AYg5qPIYW2SD3TA40TKBk-khoJEwi12jWaebhQQG_iM3ecwv3AohNIkw1UKiTBqS0xb3ZNqNh4VwB9hbsd_kWx3H1EWMpsy1El8
Date
Tue, 30 Nov 2021 19:41:16 GMT
Server
Apache
Connection
keep-alive
Content-Length
390
Content-Type
text/html; charset=iso-8859-1
dds
rtb.openx.net/sync/ Frame 5F52
43 B
64 B
Image
General
Full URL
https://rtb.openx.net/sync/dds?google_gid=CAESEJcg0mKyZ9YNR3zQlTEIVhk&google_cver=1&google_push=AYg5qPJ6l81zG-46yhPLnAlTFy66gMoJ8viJe3CZGIr4vzRLDkm2SAvlStoqcbhZvbdJdVT2lguIGoKq2Tgt9_QrP8dGCGng1b8
Requested by
Host: 84e95da076e33d3921ac34dbc2e8fe22.safeframe.googlesyndication.com
URL: https://84e95da076e33d3921ac34dbc2e8fe22.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.227.252.103 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
103.252.227.35.bc.googleusercontent.com
Software
Cowboy /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 30 Nov 2021 19:41:15 GMT
via
1.1 google
server
Cowboy
vary
Origin
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
null
access-control-expose-headers
cache-control
private, max-age=0, no-cache, must-revalidate
access-control-allow-credentials
true
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
x-request-id
7p0n6uop33b55o8kun68d36epnnggutj
pixel
cm.g.doubleclick.net/ Frame 5F52
Redirect Chain
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=MqzQGjbOTq20vnoO20RrqA%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mp...
170 B
188 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=MqzQGjbOTq20vnoO20RrqA%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AYg5qPIHSHBlk69GL7ClxBedeNZEaw_LbZR330qpkFDs0ZkdUWs-iZXN_DpZqOBXWq0VV-tquKqFNrtSkQvH1ivwd3iJ7UC04w
Requested by
Host: 84e95da076e33d3921ac34dbc2e8fe22.safeframe.googlesyndication.com
URL: https://84e95da076e33d3921ac34dbc2e8fe22.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Server
142.250.185.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 30 Nov 2021 19:41:16 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=MqzQGjbOTq20vnoO20RrqA%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AYg5qPIHSHBlk69GL7ClxBedeNZEaw_LbZR330qpkFDs0ZkdUWs-iZXN_DpZqOBXWq0VV-tquKqFNrtSkQvH1ivwd3iJ7UC04w
date
Tue, 30 Nov 2021 19:41:16 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
0
content-type
text/html; charset=UTF-8
pixel
cm.g.doubleclick.net/ Frame 5F52
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEIa6pI3soUWQoWTJXu8xNIE&google_cver=1&google_push=AYg5qPLDZEhaaPXLQ6-hGu7X5LxlJS-234qLU5o01sI437U6qkLGELzw_G1bSYdvxjNbJgEqnF3...
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1dNSUEzNkUtMVotNlJQSA==&google_push=AYg5qPLDZEhaaPXLQ6-hGu7X5LxlJS-234qLU5o01sI437U6qkLGELzw_G1bSYdvxjNbJgEqnF3nHqFnaR-PjQtxiCH6eEzU2D0
170 B
188 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1dNSUEzNkUtMVotNlJQSA==&google_push=AYg5qPLDZEhaaPXLQ6-hGu7X5LxlJS-234qLU5o01sI437U6qkLGELzw_G1bSYdvxjNbJgEqnF3nHqFnaR-PjQtxiCH6eEzU2D0
Protocol
H3
Server
142.250.185.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 30 Nov 2021 19:41:16 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Location
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1dNSUEzNkUtMVotNlJQSA==&google_push=AYg5qPLDZEhaaPXLQ6-hGu7X5LxlJS-234qLU5o01sI437U6qkLGELzw_G1bSYdvxjNbJgEqnF3nHqFnaR-PjQtxiCH6eEzU2D0
Cache-Control
no-cache,no-store,must-revalidate
Content-Type
text/html
content-length
0
X-RPHost
d3682eda7e5cb79782b1d5475f50e8fc
Expires
0
pixel
cm.g.doubleclick.net/ Frame 5F52
Redirect Chain
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEH7xNOwSZmI7z55j1XDEGOI&google_cver=1&googl...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YaZ-Wp1Fd22iraeQB251TAAABE0AAAIB&google_cver=1&google_gid=CAESEH7xNOwSZmI7z55j1XDEGOI&google_push=AYg5qPK-z5sl0As4tkFo43vZN5mUw6ieLjcex...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YaZ-Wp1Fd22iraeQB251TAAABE0AAAIB&google_cver=1&google_gid=CAESEH7xNOwSZmI7z55j1XDEGOI&google_push=AYg5qPK-z5sl0As4tkFo43vZN5mUw6ieLjcex...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YaZ-Wp1Fd22iraeQB251TAAABE0AAAIB&google_cver=1&google_gid=CAESEH7xNOwSZmI7z55j1XDEGOI&google_push=AYg5qPK-z5sl0As4tkFo43vZN5mUw6ieLjcex...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YaZ-Wp1Fd22iraeQB251TAAABE0AAAIB&google_cver=1&google_gid=CAESEH7xNOwSZmI7z55j1XDEGOI&google_push=AYg5qPK-z5sl0As4tkFo43vZN5mUw6ieLjcex...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YaZ-Wp1Fd22iraeQB251TAAABE0AAAIB&google_cver=1&google_gid=CAESEH7xNOwSZmI7z55j1XDEGOI&google_push=AYg5qPK-z5sl0As4tkFo43vZN5mUw6ieLjcex...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YaZ-Wp1Fd22iraeQB251TAAABE0AAAIB&google_cver=1&google_gid=CAESEH7xNOwSZmI7z55j1XDEGOI&google_push=AYg5qPK-z5sl0As4tkFo43vZN5mUw6ieLjcex...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YaZ-Wp1Fd22iraeQB251TAAABE0AAAIB&google_cver=1&google_gid=CAESEH7xNOwSZmI7z55j1XDEGOI&google_push=AYg5qPK-z5sl0As4tkFo43vZN5mUw6ieLjcex...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YaZ-Wp1Fd22iraeQB251TAAABE0AAAIB&google_cver=1&google_gid=CAESEH7xNOwSZmI7z55j1XDEGOI&google_push=AYg5qPK-z5sl0As4tkFo43vZN5mUw6ieLjcex...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YaZ-Wp1Fd22iraeQB251TAAABE0AAAIB&google_cver=1&google_gid=CAESEH7xNOwSZmI7z55j1XDEGOI&google_push=AYg5qPK-z5sl0As4tkFo43vZN5mUw6ieLjcex...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YaZ-Wp1Fd22iraeQB251TAAABE0AAAIB&google_cver=1&google_gid=CAESEH7xNOwSZmI7z55j1XDEGOI&google_push=AYg5qPK-z5sl0As4tkFo43vZN5mUw6ieLjcex...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YaZ-Wp1Fd22iraeQB251TAAABE0AAAIB&google_cver=1&google_gid=CAESEH7xNOwSZmI7z55j1XDEGOI&google_push=AYg5qPK-z5sl0As4tkFo43vZN5mUw6ieLjcex...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YaZ-Wp1Fd22iraeQB251TAAABE0AAAIB&google_cver=1&google_gid=CAESEH7xNOwSZmI7z55j1XDEGOI&google_push=AYg5qPK-z5sl0As4tkFo43vZN5mUw6ieLjcex...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YaZ-Wp1Fd22iraeQB251TAAABE0AAAIB&google_cver=1&google_gid=CAESEH7xNOwSZmI7z55j1XDEGOI&google_push=AYg5qPK-z5sl0As4tkFo43vZN5mUw6ieLjcex...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YaZ-Wp1Fd22iraeQB251TAAABE0AAAIB&google_cver=1&google_gid=CAESEH7xNOwSZmI7z55j1XDEGOI&google_push=AYg5qPK-z5sl0As4tkFo43vZN5mUw6ieLjcex...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YaZ-Wp1Fd22iraeQB251TAAABE0AAAIB&google_cver=1&google_gid=CAESEH7xNOwSZmI7z55j1XDEGOI&google_push=AYg5qPK-z5sl0As4tkFo43vZN5mUw6ieLjcex...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YaZ-Wp1Fd22iraeQB251TAAABE0AAAIB&google_cver=1&google_gid=CAESEH7xNOwSZmI7z55j1XDEGOI&google_push=AYg5qPK-z5sl0As4tkFo43vZN5mUw6ieLjcex...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YaZ-Wp1Fd22iraeQB251TAAABE0AAAIB&google_cver=1&google_gid=CAESEH7xNOwSZmI7z55j1XDEGOI&google_push=AYg5qPK-z5sl0As4tkFo43vZN5mUw6ieLjcex...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YaZ-Wp1Fd22iraeQB251TAAABE0AAAIB&google_cver=1&google_gid=CAESEH7xNOwSZmI7z55j1XDEGOI&google_push=AYg5qPK-z5sl0As4tkFo43vZN5mUw6ieLjcex...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YaZ-Wp1Fd22iraeQB251TAAABE0AAAIB&google_cver=1&google_gid=CAESEH7xNOwSZmI7z55j1XDEGOI&google_push=AYg5qPK-z5sl0As4tkFo43vZN5mUw6ieLjcex...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YaZ-Wp1Fd22iraeQB251TAAABE0AAAIB&google_cver=1&google_gid=CAESEH7xNOwSZmI7z55j1XDEGOI&google_push=AYg5qPK-z5sl0As4tkFo43vZN5mUw6ieLjcex...
0
0

trk
ag.innovid.com/ Frame 5F52
43 B
297 B
Image
General
Full URL
https://ag.innovid.com/trk?tid=11711&google_gid=CAESEMS3aY6RJPCagNW46WZ_q7Q&google_cver=1&google_push=AYg5qPKZu3Yz1gw0YKYI0klXUKIVigN55T7CKIohR5gQ_EuSJhhju1hcK40ZPxXGVa-SEbgNLLh23JC-EHOnh8rBLKZZCr5r57E
Requested by
Host: 84e95da076e33d3921ac34dbc2e8fe22.safeframe.googlesyndication.com
URL: https://84e95da076e33d3921ac34dbc2e8fe22.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a05:d01c:1d8:8102:a212:76ab:db1a:a790 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 30 Nov 2021 19:41:16 GMT
cache-control
no-cache
content-type
image/gif
content-length
43
request-time
0
expires
-1
attr
cm.g.doubleclick.net/pixel/ Frame 5F52
0
12 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13Kj9Mo4CEVfysKNpYtvhAwAYKmZgt9-IWh2iHRp4wd9sTmeqRDRNxwicjkkk8SFb2TBiTGs
Requested by
Host: 84e95da076e33d3921ac34dbc2e8fe22.safeframe.googlesyndication.com
URL: https://84e95da076e33d3921ac34dbc2e8fe22.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Tue, 30 Nov 2021 19:41:16 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
content-type
text/html

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
cm.g.doubleclick.net
URL
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YaZ-Wp1Fd22iraeQB251TAAABE0AAAIB&google_push=AYg5qPIuCQCGiXvinzT5FwZYa_9Cboz8wSjY7tT1c57Q9FVdMlB0DBiFip3kaBPhssVPPBr6fpCO2p3qCk68deiieLHPB6gDrI9-bA&google_gid=CAESEJ-a5JhwGwrkXty8BXtCmFk&google_cver=1
Domain
cm.g.doubleclick.net
URL
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YaZ-Wp1Fd22iraeQB251TAAABE0AAAIB&google_cver=1&google_gid=CAESEH7xNOwSZmI7z55j1XDEGOI&google_push=AYg5qPK-z5sl0As4tkFo43vZN5mUw6ieLjcexQ-p50E0gRMAn5LmCdfDso0NlJUzRABTG4J100LGLLfBr_bwFGOVcEaWGd3BNkE

Verdicts & Comments Add Verdict or Comment

205 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 object| 9 object| 10 object| 11 object| 12 object| 13 object| 14 object| 15 object| 16 object| onbeforexrselect function| reportError boolean| originAgentCluster object| scheduler object| _wpemojiSettings undefined| $ function| jQuery object| tdb_globals object| tdwGlobal object| tdBlocksArray function| tdBlock object| tdLocalCache string| tds_login_sing_in_widget object| td_viewport_interval_list string| tds_general_modal_image string| tdc_is_installed string| td_ajax_url string| td_get_template_directory_uri string| tds_snap_menu string| tds_logo_on_sticky string| tds_header_style string| td_please_wait string| td_email_user_pass_incorrect string| td_email_user_incorrect string| td_email_incorrect string| tds_more_articles_on_post_enable string| tds_more_articles_on_post_time_to_wait number| tds_more_articles_on_post_pages_distance_from_top string| tds_theme_color_site_wide string| tds_smart_sidebar string| tdThemeName string| td_magnific_popup_translation_tPrev string| td_magnific_popup_translation_tNext string| td_magnific_popup_translation_tCounter string| td_magnific_popup_translation_ajax_tError string| td_magnific_popup_translation_image_tError string| tdBlockNonce string| tdsDateFormat object| tdDateNamesI18n string| td_ad_background_click_link string| td_ad_background_click_target function| gtag object| dataLayer object| googletag object| block_td_uid_5_61a67ad80d278 object| block_td_uid_6_61a67ad853421 object| block_td_uid_9_61a67ad85fc4c object| block_td_uid_10_61a67ad87867e object| block_td_uid_11_61a67ad89118b object| block_td_uid_12_61a67ad89eda7 object| block_td_uid_13_61a67ad8aa5fe object| block_td_uid_14_61a67ad8b34d2 object| block_td_uid_15_61a67ad8ca02c object| ggeac object| google_js_reporting_queue object| google_tag_manager object| google_tag_data string| GoogleAnalyticsObject function| ga undefined| google_measure_js_timing object| googleToken object| googleIMState function| processGoogleToken number| google_unique_id object| gaGlobal object| td_youtube_list_ids object| twemoji object| wp object| block_td_uid_40_61a67ad97ea4f object| gaplugins object| gaData object| block_td_uid_43_61a67adb3a6ba number| sc_project string| sc_security string| scJsHost function| _statcounter function| _ object| tdbAutoload object| tdAnalytics object| tdDetect object| tdViewport object| tdMenu object| tdUtil object| tdAffix function| td_smart_list_dropdown object| td_more_articles_box undefined| td_resize_timer_id function| td_done_resizing function| td_resize_videos function| td_mobile_menu function| td_mobile_menu_toogle function| td_retina function| td_read_site_cookie function| td_set_cookies_life boolean| tdIsScrollingAnimation boolean| td_mouse_wheel_or_touch_moved boolean| td_scroll_to_top_is_visible function| td_events_scroll_scroll_to_top function| td_post_template_6_title function| td_smart_lists_magnific_popup function| td_get_document_width function| td_get_document_height function| setMenuMinHeight function| td_comments_form_validation function| td_scroll_to_class function| td_helper_scroll_to_class object| tdLoadingBox object| tdAjaxSearch string| tdModalImageLastEl object| tdBlocks object| tdLogin object| tdLoginMob object| tdDemoMenu object| tdTrendingNow object| td_history object| tdSmartSidebar object| tdInfiniteLoader function| Froogaloop object| tdCustomEvents object| tdEvents object| tdHeader object| tdAjaxCount object| tdYoutubePlayers object| tdVimeoPlayers function| td_resize_smartlist_slides function| td_resize_smartlist_sliders_and_update function| td_resize_normal_slide function| td_resize_normal_slide_and_update object| tdPullDown object| td_fps object| tdAnimationScroll object| tdHomepageFull object| tdBackstr object| tdAnimationStack object| td_backstretch_items function| td_compute_parallax_background function| td_compute_backstretch_item object| tdAjaxLoop object| tdWeather object| tdAnimationSprite function| td_date_i18n object| tdSocialSharing function| tdModalImage function| $f object| addComment object| tdbMenu object| tdbMenuItemPullDown object| tdbSearch object| aec_frontend object| EXPORTED_SYMBOLS function| AtDCore function| TokenIterator object| AtD object| CSSHttpRequest function| date function| onYouTubePlayerAPIReady function| $j object| scriptUrl object| ttPolicy object| YT object| YTConfig function| onYTReady object| yt function| ytDomDomGetNextId object| ytEventsEventsListeners object| ytEventsEventsCounter object| ytPubsubPubsubInstance object| ytPubsubPubsubTopicToKeys object| ytPubsubPubsubIsSynchronous object| ytPubsubPubsubSubscribedKeys object| ytLoggingTransportGELQueue_ object| ytLoggingTransportGELProtoQueue_ object| ytLoggingTransportTokensToCttTargetIds_ object| ytLoggingTransportTokensToJspbCttTargetIds_ object| ytLoggingGelSequenceIdObj_ object| ytglobal object| ytPubsub2Pubsub2Instance object| ytPubsub2Pubsub2SubscribedKeys object| ytPubsub2Pubsub2TopicToKeys object| ytPubsub2Pubsub2IsAsync object| ytPubsub2Pubsub2SkipSubKey object| ytNetworklessLoggingInitializationOptions object| ampInaboxPositionObserver object| ampInaboxFrameOverlayManager object| ampInaboxIframes object| ampInaboxPendingMessages object| GoogleGcLKhOms object| google_image_requests

41 Cookies

Domain/Path Name / Value
.youtube.com/ Name: YSC
Value: Sp2p2G3NQDM
.youtube.com/ Name: VISITOR_INFO1_LIVE
Value: 4OBeMQIiy24
.thedailyblog.co.nz/ Name: _ga
Value: GA1.3.1271377222.1638301272
.thedailyblog.co.nz/ Name: _gid
Value: GA1.3.113896429.1638301272
.thedailyblog.co.nz/ Name: _gat_gtag_UA_41539225_10
Value: 1
.thedailyblog.co.nz/ Name: sc_is_visitor_unique
Value: rx11553132.1638301272.9385628C54634F5DCF09C56971DC6A94.1.1.1.1.1.1.1.1.1
.statcounter.com/ Name: is_unique
Value: sc11553132.1638301272.0
.statcounter.com/ Name: is_visitor_unique
Value: 1638301272307785454
.doubleclick.net/ Name: DSID
Value: NO_DATA
.casalemedia.com/ Name: CMID
Value: YaZ.Wp1Fd22iraeQB251TAAA
.casalemedia.com/ Name: CMPS
Value: 3270
.adnxs.com/ Name: uuid2
Value: 3951893680963212841
.casalemedia.com/ Name: CMPRO
Value: 1101
.casalemedia.com/ Name: CMRUM3
Value: 2d61a67e5a2760CAESEADGRWgGDXqeQNmh5nKZu3Y
.adnxs.com/ Name: anj
Value: dTM7k!M41.D>6NRF']wIg2GVLpR8t3!]tbPl1M>e)ZlrFUfJ+tGXxpW?l?nKN#GSma<iA6XZLOy:@oBnaaTA64SMj$*bpRz*qF1`*b_cl*.bJh
.redintelligence.net/ Name: 8lcfmzhxc8d6_uid
Value: 4e179b04b943fbbb
.awin1.com/ Name: awpv18332
Value: 296283|1638301274|7a779190-5215-11ec-a546-22340e667dce
.awin1.com/ Name: AWSESS
Value: 376776:2601051
.medialead.de/ Name: trscj
Value: MTYzODMwMTI3NHxMM1J5WTJzdlpYQjJMMlU1T1dGaFkyVTVOR1UyWlRVNE56TTRNekJoTjJSbU9HUmxaR0UwWVdFMlAzTjFZbWxrUFRRek9USTJNREF3TWpBME1qQTVOekF3TnpFd05qRTJNREV4TnprME1EQXlKblE5YUhSc2NBPT18YUhSMGNITTZMeTg0TkdVNU5XUmhNRGMyWlRNelpETTVNakZoWXpNMFpHSmpNbVU0Wm1VeU1pNXpZV1psWm5KaGJXVXVaMjl2WjJ4bGMzbHVaR2xqWVhScGIyNHVZMjl0THc9PQ%3D%3D
pb.media01.eu/ Name: ASP.NET_SessionId
Value: uxpf55222ycqp3plx4ow2ui1
pb.media01.eu/ Name: DTU
Value: 5BD35D4874543CE8112B5F4938CDBDA1
.office-partner.de/ Name: source
Value: {"webgains_webgains":{"timestamp":1638301274652,"clickCookie":false}}
.quantserve.com/ Name: d
Value: EFABCQHsJIEA
.quantserve.com/ Name: mc
Value: 61a67e5b-81998-d0256-5fa5a
.agkn.com/ Name: ab
Value: 0001%3A9afvYViivIlJzICFuTi9UlOpgTTWIBzd
.agkn.com/ Name: u
Value: C|0CEApOTrbKTk62wAAAAAAAQ13AQCAAQpAAAAAAA
.pubmatic.com/ Name: KTPCACOOKIE
Value: YES
.pubmatic.com/ Name: KADUSERCOOKIE
Value: 32ACD01A-36CE-4EAD-B4BE-7A0EDB446BA8
.thedailyblog.co.nz/ Name: __gads
Value: ID=b9c062c731419ff1:T=1638301271:S=ALNI_MYZHwFCMgvhzq44SKrE9dPDIVGlrA
.e.dlx.addthis.com/ Name: na_tc
Value: Y
.addthis.com/ Name: na_id
Value: 2021113019411500092541740929
.addthis.com/ Name: na_tc
Value: Y
.addthis.com/ Name: uid
Value: 61a67e5b23354068
.addthis.com/ Name: ouid
Value: 61a67e5b00010b778d54db93b1bc567f87f1eff7d495e806bd6c
.dlx.addthis.com/ Name: na_rn
Value: 0
.dlx.addthis.com/ Name: na_sr
Value: 20211130
.dlx.addthis.com/ Name: na_srp
Value: 3614
.dlx.addthis.com/ Name: na_sc_e
Value: 0
.doubleclick.net/ Name: IDE
Value: AHWqTUkiGF-Gfdm7gV1b8pcFcRLnYXnQbL7gbZeT2OWB0jEzD9glET7Ob2oUvMUzFaY
.casalemedia.com/ Name: CMST
Value: YaZ+WmGmflwA
.innovid.com/ Name: uuid
Value: 5b045e5e-64ad-416d-90e7-faf0f33586b6-20211130 14:41:16

7 Console Messages

Source Level URL
Text
javascript warning URL: https://www.googletagservices.com/tag/js/gpt.js(Line 9)
Message:
A parser-blocking, cross site (i.e. different eTLD+1) script, https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021111701.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript warning URL: https://www.googletagservices.com/tag/js/gpt.js(Line 9)
Message:
A parser-blocking, cross site (i.e. different eTLD+1) script, https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021111701.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript warning URL: https://thedailyblog.co.nz/(Line 3298)
Message:
A parser-blocking, cross site (i.e. different eTLD+1) script, https://secure.statcounter.com/counter/counter.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript warning URL: https://thedailyblog.co.nz/(Line 3298)
Message:
A parser-blocking, cross site (i.e. different eTLD+1) script, https://secure.statcounter.com/counter/counter.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
other warning URL: https://cdn.ampproject.org/rtv/012111011823000/v0/amp-ad-exit-0.1.mjs(Line 2)
Message:
Unrecognized feature: 'attribution-reporting'.
network error URL: https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YaZ-Wp1Fd22iraeQB251TAAABE0AAAIB&google_push=AYg5qPIuCQCGiXvinzT5FwZYa_9Cboz8wSjY7tT1c57Q9FVdMlB0DBiFip3kaBPhssVPPBr6fpCO2p3qCk68deiieLHPB6gDrI9-bA&google_gid=CAESEJ-a5JhwGwrkXty8BXtCmFk&google_cver=1
Message:
Failed to load resource: net::ERR_TOO_MANY_REDIRECTS
network error URL: https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YaZ-Wp1Fd22iraeQB251TAAABE0AAAIB&google_cver=1&google_gid=CAESEH7xNOwSZmI7z55j1XDEGOI&google_push=AYg5qPK-z5sl0As4tkFo43vZN5mUw6ieLjcexQ-p50E0gRMAn5LmCdfDso0NlJUzRABTG4J100LGLLfBr_bwFGOVcEaWGd3BNkE
Message:
Failed to load resource: net::ERR_TOO_MANY_REDIRECTS

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

8019191.fls.doubleclick.net
84e95da076e33d3921ac34dbc2e8fe22.safeframe.googlesyndication.com
ad-server.eu
adservice.google.com
adservice.google.de
adv.office-partner.de
ag.innovid.com
analytics.webgains.io
api.webgains.io
apple-resources.s3.amazonaws.com
c.statcounter.com
cdn.ampproject.org
cm.g.doubleclick.net
cms.quantserve.com
d.agkn.com
dsum-sec.casalemedia.com
e.dlx.addthis.com
encrypted-tbn0.gstatic.com
encrypted-tbn1.gstatic.com
encrypted-tbn2.gstatic.com
encrypted-tbn3.gstatic.com
eveningreport.nz
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
hal9000.redintelligence.net
hal90002.redintelligence.net
i.ytimg.com
ib.adnxs.com
image6.pubmatic.com
img.youtube.com
pagead2.googlesyndication.com
pb.media01.eu
pixel.everesttech.net
pixel.rubiconproject.com
pv.medialead.de
rtb.openx.net
secure.statcounter.com
securepubads.g.doubleclick.net
static.doubleclick.net
stats.g.doubleclick.net
thedailyblog.co.nz
tools.applemediaservices.com
tpc.googlesyndication.com
track.webgains.com
www.awin1.com
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
www.youtube.com
yt3.ggpht.com
cm.g.doubleclick.net
104.111.215.191
104.20.228.67
104.92.94.3
138.201.84.244
142.250.185.194
142.250.186.66
142.250.74.198
145.239.193.130
18.66.248.39
185.33.221.91
185.64.190.78
2.18.234.21
210.5.53.72
2620:116:800d:21:ee05:6a01:4b41:8c89
2a00:1450:4001:802::2003
2a00:1450:4001:810::2002
2a00:1450:4001:810::2008
2a00:1450:4001:810::200e
2a00:1450:4001:811::200a
2a00:1450:4001:812::2002
2a00:1450:4001:813::2001
2a00:1450:4001:813::2004
2a00:1450:4001:813::200e
2a00:1450:4001:813::2016
2a00:1450:4001:829::2001
2a00:1450:4001:82a::2002
2a00:1450:4001:82b::2001
2a00:1450:4001:82b::2003
2a00:1450:4001:82b::2006
2a00:1450:4001:82b::200e
2a00:1450:4001:82f::2002
2a00:1450:4001:831::2001
2a00:1450:4001:831::2002
2a00:1450:4001:831::200e
2a00:1450:400c:c06::9c
2a05:d01c:1d8:8102:a212:76ab:db1a:a790
2a0b:4d07:101::1
34.247.11.162
35.156.157.11
35.227.252.103
46.236.13.147
46.4.10.47
52.18.11.109
52.216.101.139
54.76.176.197
69.173.151.100
75.101.226.202
88.198.250.30
01fa6d2ca5c5a9c10141c53387fbb2f0a72c0e77cceea23edac17c300314863f
029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300
037a1f8c14829784d3d6b6eb8889da5c955e253440c8f587ea65a14451dc1549
03966f855eacb7ab58e5d814869ce127bc956a6d8c96d8adaeb7182a75e5e7e3
0637f3a500b413b8352bc0e576e8de4150daf55a6d99a744f4e1eebd42ad605f
0746e2ef32ef6d5f9cad7e09128c601ac30419895f90a55ad774f50726eafa29
081a76be5cfc9a0b3d862570c8c3dccca4142348d07ee36b239027fef5d20eef
08f9cfe799c314f157fe6a88446be906373859e57a66ece7e866582e129622f2
090bfccf24b07e5178fe468500964411acd65badb135d0953c42743df50d41d4
0913125a85710095ce4e31d77f2a9a9917e2a7a9f3cf2575f74308b14c22b579
0a175bce85730a96d2facacbcc6c6bf0c2ea2744dd519ee6089225cdfb88ca25
0af876e881d62be795f61e9546668851e1f8959d1186a1d06e7bade17558f8b0
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0beadc559ed158412d3e2c05023e3d81b622f831cd2398748f5ad38dc3c909a3
0d53e53662547ba7d7a2b5b82a2546ed1836fd30c1234f949d52218e31337859
0eaeadb58e6995ba85eccb6198aaef77eeb1d4b66699e4e1f3fc10eb6adfcdb9
0f74eda5ca917f0146ec28a71e0602f7a3b9dae063acfeecfe6549bdb165d47a
0fc1c182ca4b639cf2e6b8a1172c6e00f7c597e5d24ff191268f8f542104dfc6
1095cbc869aa37c70e64e526342033b0260704548ef331cf1cf218f427a144bc
110e64beb89f1827af4da07190ed859bb6ffd5d090cd43879c9bdc96cf678508
112cd63fd5ea29884b8bfb783298e9b62dfbb6957f72f6c314c319be19da7fd4
1191e5ba707655a4efca2e0939a4557c33d74e8a009135fba789878bd2244cbb
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
143ce443c390db3b8598f951de20bd04623859a581a15b8cde43ebfa1f8ec103
15f408dbe95ea982498c273a0f8b5bb62663e63d05003b0b0a3cf3b921cd3656
162391f51ebd58aebb4215fe9c90db931c4514f37004742c29f1421edb42f71c
17fb87c96fb0c8607ca806340880caf12c3f64ef820aa46ad83f442c58bd8ae5
1893bedd62c4bd644d1a8dd10a8b33e9895930c6fa9fa29aea8d9b1e56d87adb
1abc5469f1235e85489ca1062a07fe18c7f449e3ba039d3de0da07fbb3c5892d
1f1dad5118af2904b6baebf68ca6812accaa29e6e6991545c0c85952993b7955
1fd819fb7acd22b23e4fb5b8029ff301a74c7d9803aa8a1f5c5c50bb1aac7eab
21837485e10c6b663c4eec4b3bc5d9a2276632ba28d60feff08eb2fd0e66c5f7
232d3fbf590a584138bb563319747dbef0c9e41db91f19ff45d41e785a5f4f98
25fcfee1ad623c5654d6a20d5936f56999688ce944da13f9ea606cf4b9fc18d5
28d1a6730ff05f9e14ba04cfa7e6cdb813e2fac5b1200a301bf03341428852a0
29a6d5ddf0b6b4ce05fa86a77f46e23fa0469595b5a94e2e496fb66c9b309a97
2b9a9e20a2087fbfe29c5ad841151f560719560927aab480b578abb759e3dacf
2cd7a95730591cfef472bb448ede01d404fb9342555cbc6246bebff399477622
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
2e48e1678c508bc7a9fc6eaacdd41f084266964cef2376dc9cd86b95ec4ad9dc
2f3d6f4f8120e43546823b135b11f38d90777f826669db7a4a4965e0fe51138e
2f9026bfd34af089ef174d86c7c4d3a7ca9162b22216b544e518d462e5f60e90
3026fe5d8b3c29b1505450207f48e80cb4b358cf0c9d8b42d691c9d7c2134454
3030cd165935e13129a538d05355e4cab04a5291003e37ecec8245cc513bcb8c
32b5c88160bab78ae20a39de4a8abe015f4f4c5d48be8300a6686d32a570ccfb
342ef537e7c4b83126b6c082466ec18d3fb17c994e6079a537f7ebd3fc2ba1ad
35042c496581e1d0b6f8b29ce448b35444c90cf4616a80b70331429aaa2166e7
353dd6889e2b035cfcc5f805e5422819a218a618f8b6ce7380c1ae1f2c2e0d18
36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1
367066087d5c480312745a1f35b64c2391cb7bb76f1a0da3db9ff669a21b4813
36eb26e781bd5df368210633ce1197df38df32820e93c18e48afb04ad1cea627
3711272b4e0b88a53fd70a9833516e0df726443df4d5303e85d31de28d6a1fae
374fefdcddee55c37ce66bdc2f94c29d95089daf20eafd8a12c6e1e36eba4f4e
384179ee8fb1fd393558e28ea811532ea776e8cd69f9e94f379ddefb78948bd7
38aea16b938dcd7510429cb96ea3e845f2451485538bc9dd9d40929dfb9fafcd
39ba78bb21ee97e4a8dfbffe40468ca376f3888a4eba366ddda4bc4126fb0660
3b79552b464a6cae059926b71822dc20c7eeabec6336b43b6d3074f00561a9e7
3c55743b58d342599d6de2048f24e73a34db12343acaf87b41083cb90d35304f
3d76ab4ac854cafef51bbbb5177ea75816df90e3c775294991a016404f2b6bb5
3db64adca2ce673f54d6fb8ce6d30114a2b69b47d59042179a708503799f9290
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
41c1c14d4949e2fe0d0f378f46800961b24b9a7cd8f515fd67727af809006245
428f1eb7935944229430ac0fdce0033f05d9b8c1c020b87c681dd7a78ab4dd19
452a41553aeea0a8b6a20a9610abbb8d1d3e1f57e77737b45defb8b43865a8e9
45f42a9e2401a2f382dd98f2bb8b0ad3a8f108b48cea1583c234374f819e4ecd
46375ee9192c1e0f6eabe4d32b2a48b996b93037f7b4beb970df5b87359548fd
475700259e64d480d1a70023e14741bb298a025e338bb608552e2472d4505a65
47869a51a42b38b3af59eabcb26553fea0373fa1e0a6155e2a1ed11d2ecfbd7b
4ade01c43a6a30c054628dabd4b086ca6566c6421ed69ccb37af29c642cc50c6
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4c4c2eaae069dd0c09b851c857f29774befad4241330ba685296d256435ea3cd
4d9b4c9c0fb4555dc93155778ce71c918f42a46e212d1e1358eeca27df4135c2
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4e5da5ddf83a42ab5f30c5f474011805d1f84f859a10ddc6b5478556a33c4c81
4fa0156d693856f79289525c8e4db988a188d55ce0283351c96d811c7ce3e2c3
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
50568b5ea04f2c1cee70034645cf9b46ded5eebe3fbbb96fec6db860946e2efc
51d8b554bc4b79dac28be002c0774228f4797702851be15a3c4dab20ab322492
5241d3458a6081971613b26af579e3e5bb320d399bd699bf0b943f72f10271ef
541a22e85f3238899f2589d44b9390a8d6d6e193a5d436c10e8ec9ce7b256e76
545c4f635d9b7adc66a5d435227d5982d2cf1722cd19be7652d7d35da7f9298b
54f22aa5e8ca501f9a326bb2bfd66cda703af49194cbca042413ce710855d662
56e804210fd89a6c96bd70419ae26b19bed0629a143bb9b8f3aeffc28a4050ec
5715ccce357c101474624bcb4f6950296f7db5d10d650939b01dfc4e6e759e9b
57fff2e67384eebfe73b23ddb1e4ac2fe67dd0a729649dd24479b8f47e14dca0
58a0a3b8704ec1e1d8f37d3148cde822c6e7b3e7f38feb38dc196ebf34e5c2de
58abc50280b1ab8b51dbfba47cc6f29716891240da58dc367c4df680af13b8c9
59eea5789a6787902ce1ec6a71b34f32808d75f6a0be489cd4f5910d7bed804b
5b278d4956a05c098c4470ebc4e8eef09f6cc0603aec285b99f2390a549fcb53
5be614bce53f767993a5f5f14a6badd6aae6bf3af7cbdbf4d31520de49e27991
5c5213ae9607e223883edb6fc2e766c15e2de3916e76855a226f8b539cce6b2b
5d3b03926e895eaf46db8840e888a6381fdb0d702c8281ba4781b54676bb542d
5d54dcd77074f01887904d8c513df01f4263607b438f5a98a3366f192b908d75
5dacc86b8a64742e60d70192353e5643da219a3f84c0b26cf6116b06b67fff32
60f95df4a5e754f8d84e603841febc8b7b8cb5a0ae14a7440ef20d5dc804c840
61dc309ec8b3d11aef7e9365f3dad0aa805188583a795c4d21d6e0b268efc183
631b3dae83647389ba77b86999a8aeaf4e86637c6e3ca966c3c7914beb9317ec
64e62b6ed84c308d8011efc4a92b313480ca230a7c2df6e3992aec36d300de37
65623c8434f7dadaba113a4521a101729ee3e6635e4412f2ccc99fbe6412d15e
65f6185cfe1cf88fa7981160dd6fa443e111887215b72953718ea70f8e2ba9f2
67e6599b9fd28869eb047c72fd7486c191b54a661ec61accdf9b2de87f246ce9
67ea46bc3d15351067faccb3613bd833dd3f15137a4b4a09f2e873fd41d024d2
6a928910f082e0c86d86100dca7cd9e10cd517eb1ebd2fc54bde6c64e56b6d93
6abd20d7799972da16c835c68da65121bc4722c77bb62b0a4d4c62cc87f205dd
6b471e3e0fe243d81bde212bfa10b56236464e52c9c84864b32fc392ff8c2290
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6c43f80bf3ca6ced6a071c779581cf3f2d0b15347cc26cdc9259e20c3b69d856
6ca1978797374f9bfac40e1129dea601e2efb1ed6c28c608528bcc84505b1071
6cc9f7888aa74f17e27205ad59ecf79db56b25123b30aa7913b5a6617206b58a
6f5bb2c93033629733463ca6445e17b5e6d1978a4d62ed5910216f7c598337d5
6fdf2e738abfdce14ffdf46869ac63a03b357c9eeeed6a02411a68bb7714a0dc
705ab96fffcb6271b575e41f5a56f29302e9062742c472755b5ff67d4560bc3d
71b955427b418dd287d9fdeff8a28c0533181c79f0275d821c6056c98e1a90b3
72dbd696f7961daf9049faacc868865d959f3d126f40d5271f48d5d9a0ccc652
7414c20598c02f964afbaa5f423af72885050a7aa71a363711b1c0a49fb37bfa
74774e29f34f591648d77455e2f2aa70bcc72eb4ecef7d06e76bc155989f86f6
749b1c397eff7ebda926c547943bae2e1f0d12b9dc5c30c60e095402080f705c
7b228b131f5265f370bf12a87c6a517aaa06fcd9f53adce94ecf5805fe3d0b60
7baeed670b9dfe277223ef349839f35391de32a5c4df26f241c90c1d878a30fd
7bc2c48f13ebfcc7698e88eac7e5bf3b4a8ef162830496e8eb849917753c76aa
7bc56885b54f01152ef604104f28278df6209a546216f0e2c133a81ff5999e06
7cd6b5e8baba806a56b9fa768eb0c147729255c9acf4e199f4c5df15b92aabef
7d6e6199c851602282d6bec87bf88a1f9a4aea35aa228937da59f520e354d705
7dadf41d55487432b3b4f5db5e8ed8a757ad7d295b1570567d2d2fc6929bd24f
7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b
80a9c29d12d183d279ae773c6552e674ed68a456b380476d13c47ee4eee8cc66
81ab60093a572306ea4faeb5763d2640593e2f9960ed82b0a231cc75db9953bb
81e5f11f8a2a8947ccb6cb8693b42f6d2acbeea99c44ae4b45917956b5ad7053
8607e1dba8e292c8dcd8bbb94e341f726b410cf61fa1bccf5dc3637b79b1b02e
872c97ba4a0520a75ad0e159768f93c47220ace2f07978ed667101a88b17774e
87d4eaf643585cc24cd1c85fa47a4ebdbd1afb6feba82d87a7ccb248432952be
88915cdc03fc5b9a20aec966fe93ee38aa3fd76bfef296e41d305271b3541c96
8a4976aaa552e4588ae56d635078948327444020525c1a4a73a4eb24a5f49622
8a97ff2fde111556c2b1aab69d8186de7cde04292070318d622466cbd6e10d7c
8aa335ad864ac08058c857f05f31cc4c1853a014859bd8ebff6d2a54e05813e8
8bf199d1c59dbe0ebb318374f67f7e5c1c55b0f82e179b1978774c3583d35b4a
8d12edc3eede1beec1941e7319d5a2694f911f0452e4ce1b8ee57e2deeb2f18d
8d8aa9c2c3798099cba43890c7808bfb34b70dbc853177ef287b50bc28161911
8f6f1c01204988c94493b7611c3dfb5ca706efc0a0a2b20e75bb3a189bc54881
90e248089b9165829f5a4109317958c23e334486b8929a745fbf208eba06efb1
9110fc122dda3067c424d9b8ff7747e2030b0bd9298f69a3683d399ad3373a6a
93ae7d494fad0fb30cbf3ae746a39c4bc7a0f8bbf87fbb587a3f3c01f3c5ce20
93ca0c9eb6a8c20f5c4c91c7791891bfbdb74199ecf15e352dfee1b300b37072
96c07c7efb7f667f57918d51a6eecbe397fffb0bfdd1b7c1dd6a6d9de4280ba9
97bb377e81d07773db24552f566e2d1d99763837fb5ce826513d80c417f2012e
97eb51452679a00c6d004c9a11922a33087716842674c405b3fa9d0148d90ed0
98ba8f881333898d751dabe4f8b4cacc4489a9f5b6b4fd1fc67c571dbfec95cf
9a630b852e94f20cb8140704fd830bf40bfea0a2effaa67d06a0eadafbf3d508
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9b5623b4ad4e21e08825566ea685829f4a8a5b570ce1709a75f27e0a35d5967f
9be859d5d10da790bbc506d3987dceb1dbd9b7f9210d9fa0abec298e58893275
9e003d0a9b6e48625f2545c1c244c1fd60c90365a9ca4644d34f33f0c9565f6c
9e97fc43ecd2f16948c3a8d2de65e0e5483db4ed5ab174058c178ca1c8665d0b
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a233e2da3d86d92eb7ff798f64725be18ab7e9dc4b4795fba575ae1abfb0b97e
a28365cd282903fb5fffd8bad185af709326623d32def1f3613f594cb05083d6
a2f4e82889c321379d880ffccb70876e454cf53351ff4777a9905a37b12a9b98
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a4b423bd3e84385d2bb624a55cddfaafe863235df9791628cb4fc0a9472d3f76
a5ead9037af4a0e749e217f63b25a25493a7705e17d98f04b336ab1370a353db
a68d2fb183323e0cb518ea83604a099751c8451f454c1e8abc7c51f5643e3e1e
a701d12a41eefbeca1b94b18cb069f4923885dd86c72f2d132127d2eeb201115
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
a80193f67e5045f2bb3bd3f002cdddd1a0ed75889381a590ff8379a57afba564
a8acd6db992817ef0230b22e01b4772a59ef1e151112cbb039ad79a8d9260565
aa1cab67f2ce2f4fed626d0c140bae547db6dd55802e480438fd635ed7b1b5aa
aca2df4cadce191ac1a3971f0992dacdfe74bd91fac4be65bf44f50501fd090e
ad10bbf847525ba6a67fb1e619a42cd49e5b3aef41c6b3aae291fb7530b04d21
ad1e34304ab814ab8d6f79ed77db2ec72d8a445efe2cbace2dbef7065512151c
ad246d47536dacf0256646042ec184678bfc630fcb638d9199bd66cf8cb5e457
b014d8cb57db6f068a5005f39ab92efb138a9c3b11f30016effe7bbd9d4c3ef7
b0c275307b8e5e416916a37725bb7a8561bc98648534ebeabfe2c5402957e23b
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b29aaed9adc4ec2ddd131f9e65173f34be17e68efb348a675cb900942f9675c0
b326ea6de03ce4cf0e65d5f84d46bd3061e061f68b56b53189fa18b2f0bd6a2a
b40f986a9ddb9cc58ee58d4132eb20e89b1cc160f6ad4747a1d9a14af9047edf
b4a25f11fbb1e2b547eaf848472f9c048824e307a945f3a0417aac7b09d0456e
b56eecd25900ad77097a6c08f96c9ef7826cde9d8fbd64b5a5067f4bb2be0fe2
b5b703eeaf5065d45ab4bf9f4a256e2ebf791e0d4d6a82da4e7367cbe03ef30f
b5f671e0af697ecab4baa111def1d10fc177a156542554c954adc63c33ba9ea8
b67941a710bc007120fa919bf7feebe922b2e8835ff033cb4ae578745eef93eb
b8d672580b2905758e845bc540e20fa872e990610e21f2f60408a8bfae76abcb
babc40630140b5468e7d2f5ebe92b26f409e9b52d79a8ae0d176f58f2de9f5c7
bb46ed079c3dd3c39af5051b4ada48f29f49151dad4fa218117bad2fdb5e616f
bd4de6a3fc0fb68d6f76ba7b93514b96a92e585c295b5351c31ad92a4b0777ea
beb5c0640cf41c5bdd5d61aa7abc2d847a9fa97d6df69c1e6eed3631e8ef8255
bfc68292dce3d30b4560f474533c284e190e30ab44adfec151584e409814b52c
c12b5a0cd92c9c7b2dc1eb27e61f457f3aea8a63efdb8730379b69b5699760f5
c15dc602c7f26db362b306eb32adbfc51a1472752095059b748bc8e3fff59661
c240a5146daf94f9fa762825b3d88545b0b8301b261ff0782b22016c17fc8add
c2fcc178cc00a442c558b4b319cc2a7c3b7a0c0237458d99f4fa91cc1b1e850f
c31d2b1c4652ec5a7c8e5c412fffe63773e5542ae9849ea5bbfe9c9dc597382d
c4e702a8b29fb467c446adbc495051fafd5446f9782ecc630e25ac15a9abee66
c55eebd9845964c111ecdbe7e583ed00ff47536f13c46a7e9c70430cc7ea091f
c5a310590b84ddb8c45b12b32267c95961a7fc4f7bbd13828113d00abfdd24b4
c61a9f345c53f349e9cd65bdb793219f3313f6123e4a853d8816cb21c748974c
c6ce2b47cde7cf913a3c34ddce355fa9c75012577dd34c35928add8676cb7fa0
c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97
c9616efe33dcade754cca2b451c6fa9b65c28f2a717c7d4bbc076e3ae11d5992
caa8efea9f14d7ff08c51de7969f59948a2d127417b29b42d13a84c012602f9d
cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca
cdc5c77fe8175f57d1dfab4cfb8085616d8134bc78125aef0ad20e94eabea2f5
cf5185f75e3a887c7f312005d9d59a29893e6f964d8a351bd9d2c5ec0d983d70
cf929e11b42b085a4f5d5385314f7b7104d2e260a10691955ab6eed27f5c241f
d0d63bf5491efdf119ff9c1fccdb8361c8d05b3ae2add05305ce5a3668ac49a4
d1edac4e8b9235b20c47addd67ecf8d14815edc475cc1761be60d06c82efda94
d39565761da81a7a99fd66a537eeb7250c9bf5fe52529be9a6a91e67ad1ad46d
d4852779df5e8c22392d7581b7ebb1fa5d1933ddbd04cc30da0fd4caf9862577
d53996bb9cbdd1c2856522faccc16250a296942fecc92f8dde81109c7547aa7c
d7056c0a72648ef2f7dc77f9ba194755c45df5c9f7cc31eb6cbaa465f15c4945
d7d5e54ad1e33d7ab49c664323ced79cb9723ff15e9764cd0edc3e15208e8336
ddca68622fef19ca9794aecf8a9b9566a3838d5892a5138bf5f0e1a3d56b5c92
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
de418fdfa1d02a219d049bb1cd8562182c4201c67f6b9d0e2f67f21a476e1096
de6c4ffa2bd9fd283610e28d0db2ec48607aab39d213a51aef248673a0a7e980
def5de6254be138b8b35d680d1fdd8b07827d03b8626daebfeeb4157ec330ea7
df9cf65cf8eeda243962715c134e21678d4c1ac8e5a90d96dd003b8352d57727
e20e81b00213976f21f87de80297a2047f24eb9c7702a74f17cb0d32d7931504
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e3bbdc376b0d9f6584950084b59e7fffc02ca3da87ea543bafe19d4a5e1b9f0e
e64ecccb52fdb8676562da8fec80716ca7138b6d139422adfce24eec42c4eab0
e7907336273196ef7b66c3c9377e5958d4c7e9691de3e67dca3a803138344a00
e89a316ebf1c63ea09e2b7b5889fb55e1ffb326c7b2b172027da0948f5709f6a
e9573e931158bcc83146a7882d6c298c1adf3828b6c785af7cbb9fd9d25ad884
ea6aed5bb5cf0c5236d929830e4fb2cbf14e723e8a6655e9008accb48fd18769
ebf941cf3b118bbe070e35c2ff116f3285eaf846ff87bb4b5119c8a496b683f5
ed6c2370e3d2a5e1a2ec2da2964b71b9f4ad159d5688cf3851958ac56278206f
ed783dc04a12297851b6cb79308338d982d19de35aaa3de92766ef8a57f33cae
ee147e859ad0f09aa50367974e38ab53e7c7054c4a51d400a7f45b0eb251454f
eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9
eef15e0f5b63223c06167149d13e65daa91155531c57c7672a2d60949031c87b
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef841e92bcd2666d84e1f14b07e8b04e1040b82b4442edc2a2650769294ca0de
f11e712f5ba6206d7a0d18f722e4432541c83f305a4487df0221c177a77d82cf
f122e1f3ea83bac5fea8db8fdd7af1f80f5bce1570eae99ed71c85ff746e07f3
f2d6800181f55473a31864c278c85c544d8e7b0c07fd00206f82ebbce177d6e6
f3032aa2e11e011c57a42b15acd7f194bd22b6bcc23a8332c32b12fb7edf6100
f31ca53bcf23097920090516e35a88f95d38c2bf3170e0e209e6383df25031f8
f57a038a716263766ff4d7f7d8a6ea13b22701ae6fc91e8b1b52fd8784844d23
f6287abfc98a913c318b4348a67f84a2d5432ee57f2ece29904a76fb4eff1167
f67468353051bd55e02f4851f957e9ee695c3f1e5a6b5353503ca548d2a62bd4
f8ddfc546b9bc7954137e92e16a27d0d980607b37194229312b2f89496dfccc9
f8fcaf54764f74d91dcdad1570ed73d9746d389f6bd46767bc1ce6d2a575bd42
f93d6aac2996165254aceb217fd491b77cb5da8667b7bc90ba9f47242c98b91a
f9c03055751bda88bf3b63a684f4ac960d54dfe1ec6d2bf80932e579ab0051c7