urlscan.io logo urlscan.io
SecurityTrails logo

www.publinews.gt Open in urlscan Pro
49.12.125.168  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://www.publinews.gt/
Effective URL: https://www.publinews.gt/gt/
Submission: On August 31 via api from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 102 IPs in 10 countries across 79 domains to perform 587 HTTP transactions. The main IP is 49.12.125.168, located in Germany and belongs to HETZNER-AS, DE. The main domain is www.publinews.gt. The Cisco Umbrella rank of the primary domain is 283104.
TLS certificate: Issued by R3 on June 24th 2022. Valid for: 3 months.
This is the only time www.publinews.gt was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
71 184 49.12.125.168 24940 (HETZNER-AS)
2 2a00:1450:400... 15169 (GOOGLE)
10 2a00:1450:400... 15169 (GOOGLE)
5 2.18.232.7 16625 (AKAMAI-AS)
3 64.227.27.145 14061 (DIGITALOC...)
33 2a00:1450:400... 15169 (GOOGLE)
18 2a00:1450:400... 15169 (GOOGLE)
1 18.66.127.89 16509 (AMAZON-02)
17 2606:2800:234... 15133 (EDGECAST)
10 2606:4700:1::... 13335 (CLOUDFLAR...)
6 2a00:1450:400... 15169 (GOOGLE)
1 18.66.97.24 16509 (AMAZON-02)
2 52.84.106.61 16509 (AMAZON-02)
6 2a00:1450:400... 15169 (GOOGLE)
6 2.21.185.49 16625 (AKAMAI-AS)
7 2a00:1450:400... 15169 (GOOGLE)
1 172.217.16.198 15169 (GOOGLE)
1 2.21.185.80 16625 (AKAMAI-AS)
4 2001:4860:480... 15169 (GOOGLE)
8 2a00:1450:400... 15169 (GOOGLE)
6 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
3 2a00:1450:400... 15169 (GOOGLE)
5 2a00:1450:400... 15169 (GOOGLE)
10 2a00:1450:400... 15169 (GOOGLE)
3 18.66.122.112 16509 (AMAZON-02)
15 144.76.115.197 24940 (HETZNER-AS)
2 54.78.253.158 16509 (AMAZON-02)
1 2606:4700::68... 13335 (CLOUDFLAR...)
1 13.32.14.70 16509 (AMAZON-02)
9 2a00:1450:400... 15169 (GOOGLE)
17 2a00:1450:400... 15169 (GOOGLE)
1 142.250.186.66 15169 (GOOGLE)
22 2a00:1450:400... 15169 (GOOGLE)
1 2a02:26f0:350... 20940 (AKAMAI-ASN1)
4 104.244.42.136 13414 (TWITTER)
8 31 142.250.186.34 15169 (GOOGLE)
5 9 104.18.18.126 13335 (CLOUDFLAR...)
3 5 185.89.210.20 29990 (ASN-APPNEX)
6 2a02:26f0:350... 20940 (AKAMAI-ASN1)
8 34.226.74.25 14618 (AMAZON-AES)
2 2600:1901:0:7... 15169 (GOOGLE)
24 2606:4700:20:... 13335 (CLOUDFLAR...)
1 138.201.220.30 24940 (HETZNER-AS)
2 2 18.194.203.249 16509 (AMAZON-02)
3 3 2a05:d018:24:... 16509 (AMAZON-02)
2 2 37.157.2.234 198622 (ADFORM)
1 35.186.253.211 15169 (GOOGLE)
2 3 216.52.2.30 32475 (SINGLEHOP...)
1 185.86.137.107 201081 (SMARTADSE...)
1 5 46.4.10.47 24940 (HETZNER-AS)
2 2606:4700:20:... 13335 (CLOUDFLAR...)
3 3 145.239.193.130 16276 (OVH)
2 88.198.250.30 24940 (HETZNER-AS)
1 2620:116:800d... 16509 (AMAZON-02)
2 2 69.192.160.219 16625 (AKAMAI-AS)
3 185.64.190.78 62713 (AS-PUBMATIC)
8 9 69.173.144.139 26667 (RUBICONPR...)
1 2a05:d01c:1d8... 16509 (AMAZON-02)
2 142.250.185.194 15169 (GOOGLE)
1 2 52.28.54.44 16509 (AMAZON-02)
4 2606:4700:20:... 13335 (CLOUDFLAR...)
1 3.224.43.174 14618 (AMAZON-AES)
1 2a00:1450:400... 15169 (GOOGLE)
1 54.76.176.197 16509 (AMAZON-02)
1 1 34.211.82.183 16509 (AMAZON-02)
3 3 3.127.13.200 16509 (AMAZON-02)
2 2 52.17.151.21 16509 (AMAZON-02)
1 1 2600:9000:223... 16509 (AMAZON-02)
4 4 213.19.147.45 26120 (RHYTHMONE)
1 34.96.105.8 15169 (GOOGLE)
1 8 51.38.120.206 16276 (OVH)
3 4 92.123.17.141 16625 (AKAMAI-AS)
1 148.251.139.77 24940 (HETZNER-AS)
4 2606:4700:1::... 13335 (CLOUDFLAR...)
3 3.11.195.34 16509 (AMAZON-02)
1 2606:2800:233... 15133 (EDGECAST)
34 2a04:4e42:41:... 54113 (FASTLY)
12 104.244.43.131 54113 (FASTLY)
3 2.21.184.200 16625 (AKAMAI-AS)
4 54.208.23.128 14618 (AMAZON-AES)
2 2 54.154.103.240 16509 (AMAZON-02)
1 1 2606:4700::68... 13335 (CLOUDFLAR...)
1 1 198.148.27.139 19189 (PULSEPOINT)
1 34.98.64.218 15169 (GOOGLE)
2 2 104.103.108.241 16625 (AKAMAI-AS)
2 18.158.81.117 16509 (AMAZON-02)
1 54.77.56.172 16509 (AMAZON-02)
2 99.84.88.32 16509 (AMAZON-02)
1 18.66.147.95 16509 (AMAZON-02)
1 2606:4700::68... 13335 (CLOUDFLAR...)
4 18.156.195.47 16509 (AMAZON-02)
3 7 2.18.79.136 20940 (AKAMAI-ASN1)
2 18.184.57.192 16509 (AMAZON-02)
2 34.107.148.139 15169 (GOOGLE)
2 185.64.189.112 62713 (AS-PUBMATIC)
2 213.19.147.42 3356 (LEVEL3)
2 185.86.138.121 201081 (SMARTADSE...)
1 2606:4700:10:... 13335 (CLOUDFLAR...)
2 4 2a02:2638:1::13 44788 (ASN-CRITE...)
4 178.250.0.157 44788 (ASN-CRITE...)
1 162.19.138.83 16276 (OVH)
2 141.95.98.67 16276 (OVH)
4 52.56.221.73 16509 (AMAZON-02)
2 104.96.145.246 16625 (AKAMAI-AS)
1 184.51.8.30 16625 (AKAMAI-AS)
1 1 154.54.250.48 26558 (FREEWHEEL)
3 35.71.131.137 16509 (AMAZON-02)
2 3 52.95.126.138 16509 (AMAZON-02)
2 3 52.46.130.91 16509 (AMAZON-02)
1 2a00:1288:80:... 203220 (YAHOO-DEB)
1 2620:1ec:22::14 8068 (MICROSOFT...)
1 2606:4700:10:... 13335 (CLOUDFLAR...)
1 52.30.61.76 16509 (AMAZON-02)
1 173.194.76.155 ()
2 2a00:1450:400... ()
587 102
184    49.12.125.168 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.168.125.12.49.clients.your-server.de
www.publinews.gt
static.publinews.gt
2    2a00:1450:4001:813::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
10    2a00:1450:4001:806::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
5    2.18.232.7 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-232-7.deploy.static.akamaitechnologies.com
a.teads.tv
3    64.227.27.145 (North Bergen, United States)

ASN14061 (DIGITALOCEAN-ASN, US)
adserver.latinon.com
33    2a00:1450:4001:82a::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
pagead2.googlesyndication.com
www.googletagservices.com
18    2a00:1450:4001:830::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
securepubads.g.doubleclick.net
1    18.66.127.89 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-127-89.fra60.r.cloudfront.net
cdn-images.mailchimp.com
17    2606:2800:234:59:254c:406:2366:268c (United States)

ASN15133 (EDGECAST, US)
platform.twitter.com
10    2606:4700:1::6813:884e (United States)

ASN13335 (CLOUDFLARENET, US)
jsc.mgid.com
c.mgid.com
cdn.mgid.com
servicer.mgid.com
cm.mgid.com
6    2a00:1450:4001:800::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.gstatic.com
1    18.66.97.24 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-97-24.fra56.r.cloudfront.net
ecdn.analysis.fi
2    52.84.106.61 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-84-106-61.bud50.r.cloudfront.net
ecdn.firstimpression.io
6    2a00:1450:4001:813::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
6    2.21.185.49 (Vienna, Austria)

ASN16625 (AKAMAI-AS, US)
PTR: a2-21-185-49.deploy.static.akamaitechnologies.com
at.teads.tv
t.teads.tv
sync.teads.tv
7    2a00:1450:4001:806::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
1    172.217.16.198 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s65-in-f6.1e100.net
ad.doubleclick.net
1    2.21.185.80 (Vienna, Austria)

ASN16625 (AKAMAI-AS, US)
PTR: a2-21-185-80.deploy.static.akamaitechnologies.com
widgets.outbrain.com
4    2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)
region1.analytics.google.com
8    2a00:1450:400c:c09::9c (Brussels, Belgium)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
6    2a00:1450:4001:80e::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.de
1    2a00:1450:4001:82f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.de
3    2a00:1450:4001:802::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.com
5    2a00:1450:4001:831::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
b646121064d0d0dec321ab1288f34722.safeframe.googlesyndication.com
10    2a00:1450:4001:811::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net
adservice.google.de
3    18.66.122.112 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-122-112.fra60.r.cloudfront.net
cdn.firstimpression.io
15    144.76.115.197 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.197.115.76.144.clients.your-server.de
ads.emisorasunidas.com
2    54.78.253.158 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-78-253-158.eu-west-1.compute.amazonaws.com
tag.escalated.io
1    2606:4700::6810:5614 (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.jsdelivr.net
1    13.32.14.70 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-14-70.vie50.r.cloudfront.net
c.amazon-adsystem.com
9    2a00:1450:4001:801::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
17    2a00:1450:4001:810::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
s0.2mdn.net
1    142.250.186.66 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s05-in-f2.1e100.net
partner.googleadservices.com
22    2a00:1450:4001:810::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
tpc.googlesyndication.com
1    2a02:26f0:3500:58c::2c79 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
tg1.aniview.com
4    104.244.42.136 (United States)

ASN13414 (TWITTER, US)
syndication.twitter.com
31    142.250.186.34 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s04-in-f2.1e100.net
cm.g.doubleclick.net
9    104.18.18.126 (None, )

ASN13335 (CLOUDFLARENET, US)
dsum-sec.casalemedia.com
ssum-sec.casalemedia.com
5    185.89.210.20 (Frankfurt am Main, Germany)

ASN29990 (ASN-APPNEX, US)
PTR: 944.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
ib.adnxs.com
6    2a02:26f0:3500:595::2c79 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
player.aniview.com
8    34.226.74.25 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-226-74-25.compute-1.amazonaws.com
track1.aniview.com
2    2600:1901:0:76b9:: (Kansas City, United States)

ASN15169 (GOOGLE, US)
prod-rtb.ad4mat.net
24    2606:4700:20::681a:bd1 (United States)

ASN13335 (CLOUDFLARENET, US)
as.ad4m.at
ad4m.at
assets.ad4m.at
1    138.201.220.30 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.30.220.201.138.clients.your-server.de
hal9000.redintelligence.net
2    18.194.203.249 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-194-203-249.eu-central-1.compute.amazonaws.com
pm.w55c.net
3    2a05:d018:24:b001:c788:1149:4a:eff7 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
sync.tidaltv.com
2    37.157.2.234 (Denmark)

ASN198622 (ADFORM, DK)
c1.adform.net
1    35.186.253.211 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 211.253.186.35.bc.googleusercontent.com
rtb.openx.net
3    216.52.2.30 (United States)

ASN32475 (SINGLEHOP-LLC, US)
ap.lijit.com
1    185.86.137.107 (France)

ASN201081 (SMARTADSERVER, FR)
ssbsync.smartadserver.com
5    46.4.10.47 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.47.10.4.46.clients.your-server.de
hal90002.redintelligence.net
2    2606:4700:20::681a:61b (United States)

ASN13335 (CLOUDFLARENET, US)
static-de.ad4mat.net
3    145.239.193.130 (France)

ASN16276 (OVH, FR)
pv.medialead.de
2    88.198.250.30 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.88-198-250-30.clients.your-server.de
pb.media01.eu
1    2620:116:800d:21:e365:4988:e8a7:3270 (United States)

ASN16509 (AMAZON-02, US)
cms.quantserve.com
2    69.192.160.219 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a69-192-160-219.deploy.static.akamaitechnologies.com
e.dlx.addthis.com
3    185.64.190.78 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
image6.pubmatic.com
9    69.173.144.139 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)
pixel.rubiconproject.com
token.rubiconproject.com
1    2a05:d01c:1d8:8102:d09f:4639:d8c6:6199 (London, United Kingdom)

ASN16509 (AMAZON-02, US)
ag.innovid.com
2    142.250.185.194 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s52-in-f2.1e100.net
googleads4.g.doubleclick.net
2    52.28.54.44 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-28-54-44.eu-central-1.compute.amazonaws.com
d.adtriba.com
4    2606:4700:20::ac43:4a81 (United States)

ASN13335 (CLOUDFLARENET, US)
ad4m.at
1    3.224.43.174 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-224-43-174.compute-1.amazonaws.com
go1.aniview.com
1    2a00:1450:4001:80e::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
ajax.googleapis.com
1    54.76.176.197 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-76-176-197.eu-west-1.compute.amazonaws.com
ad-server.eu
1    34.211.82.183 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-211-82-183.us-west-2.compute.amazonaws.com
pixel.everesttech.net
3    3.127.13.200 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-127-13-200.eu-central-1.compute.amazonaws.com
x.bidswitch.net
2    52.17.151.21 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-17-151-21.eu-west-1.compute.amazonaws.com
ads.avct.cloud
1    2600:9000:223f:7600:1b:5138:8a40:93a1 (United States)

ASN16509 (AMAZON-02, US)
s.ad.smaato.net
4    213.19.147.45 (Beverwijk, Netherlands)

ASN26120 (RHYTHMONE, US)
sync.1rx.io
sync.targeting.unrulymedia.com
1    34.96.105.8 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 8.105.96.34.bc.googleusercontent.com
tr.blismedia.com
8    51.38.120.206 (France)

ASN16276 (OVH, FR)
PTR: ip206.ip-51-38-120.eu
onetag-sys.com
4    92.123.17.141 (Vienna, Austria)

ASN16625 (AKAMAI-AS, US)
PTR: a92-123-17-141.deploy.static.akamaitechnologies.com
www.awin1.com
www.zenaps.com
1    148.251.139.77 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.77.139.251.148.clients.your-server.de
banner.congstar.de
4    2606:4700:1::6813:844e (United States)

ASN13335 (CLOUDFLARENET, US)
s-img.mgid.com
3    3.11.195.34 (London, United Kingdom)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-11-195-34.eu-west-2.compute.amazonaws.com
track.webgains.com
1    2606:2800:233:8173:898f:63b3:95c3:79d2 (United States)

ASN15133 (EDGECAST, US)
abs.twimg.com
34    2a04:4e42:41::159 (Vienna, Austria)

ASN54113 (FASTLY, US)
pbs.twimg.com
12    104.244.43.131 (United States)

ASN54113 (FASTLY, US)
abs-0.twimg.com
3    2.21.184.200 (Vienna, Austria)

ASN16625 (AKAMAI-AS, US)
PTR: a2-21-184-200.deploy.static.akamaitechnologies.com
ads.pubmatic.com
4    54.208.23.128 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-208-23-128.compute-1.amazonaws.com
sync.aniview.com
2    54.154.103.240 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-154-103-240.eu-west-1.compute.amazonaws.com
ad.360yield.com
1    2606:4700::6813:ac6c (United States)

ASN13335 (CLOUDFLARENET, US)
csync.loopme.me
1    198.148.27.139 (New York, United States)

ASN19189 (PULSEPOINT, US)
bh.contextweb.com
1    34.98.64.218 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 218.64.98.34.bc.googleusercontent.com
u.openx.net
2    104.103.108.241 (Vienna, Austria)

ASN16625 (AKAMAI-AS, US)
PTR: a104-103-108-241.deploy.static.akamaitechnologies.com
video-ads.rubiconproject.com
2    18.158.81.117 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-158-81-117.eu-central-1.compute.amazonaws.com
optimized-by.rubiconproject.com
1    54.77.56.172 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-77-56-172.eu-west-1.compute.amazonaws.com
ice.360yield.com
2    99.84.88.32 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-99-84-88-32.muc50.r.cloudfront.net
analytics.webgains.io
1    18.66.147.95 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-147-95.fra60.r.cloudfront.net
cdn.track.production.webgains.team
1    2606:4700::6812:7e05 (United States)

ASN13335 (CLOUDFLARENET, US)
www.conrad.de
4    18.156.195.47 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-156-195-47.eu-central-1.compute.amazonaws.com
c2shb.pubgw.yahoo.com
7    2.18.79.136 (Vienna, Austria)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a2-18-79-136.deploy.static.akamaitechnologies.com
ads.stickyadstv.com
2    18.184.57.192 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-184-57-192.eu-central-1.compute.amazonaws.com
prebid-server.rubiconproject.com
2    34.107.148.139 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 139.148.107.34.bc.googleusercontent.com
prebid.media.net
2    185.64.189.112 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
hbopenbid.pubmatic.com
2    213.19.147.42 (Beverwijk, Netherlands)

ASN3356 (LEVEL3, US)
tag.1rx.io
2    185.86.138.121 (France)

ASN201081 (SMARTADSERVER, FR)
prg.smartadserver.com
1    2606:4700:10::6816:3556 (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.id5-sync.com
4    2a02:2638:1::13 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
gum.criteo.com
4    178.250.0.157 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
mug.criteo.com
1    162.19.138.83 (France)

ASN16276 (OVH, FR)
PTR: ns31532338.ip-162-19-138.eu
lb.eu-1-id5-sync.com
2    141.95.98.67 (France)

ASN16276 (OVH, FR)
PTR: ns3216533.ip-141-95-98.eu
id5-sync.com
4    52.56.221.73 (London, United Kingdom)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-56-221-73.eu-west-2.compute.amazonaws.com
api.webgains.io
2    104.96.145.246 (Vienna, Austria)

ASN16625 (AKAMAI-AS, US)
PTR: a104-96-145-246.deploy.static.akamaitechnologies.com
eus.rubiconproject.com
1    184.51.8.30 (Vienna, Austria)

ASN16625 (AKAMAI-AS, US)
PTR: a184-51-8-30.deploy.static.akamaitechnologies.com
contextual.media.net
1    154.54.250.48 (United States)

ASN26558 (FREEWHEEL, US)
1f2e7.v.fwmrm.net
3    35.71.131.137 (United States)

ASN16509 (AMAZON-02, US)
PTR: a6370ebea231e0c9a.awsglobalaccelerator.com
match.adsrvr.org
3    52.95.126.138 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
aax-eu.amazon-adsystem.com
3    52.46.130.91 (Ashburn, United States)

ASN16509 (AMAZON-02, US)
s.amazon-adsystem.com
1    2a00:1288:80:807::2 (United Kingdom)

ASN203220 (YAHOO-DEB, GB)
ads.yahoo.com
1    2620:1ec:22::14 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
px.ads.linkedin.com
1    2606:4700:10::6816:1957 (United States)

ASN13335 (CLOUDFLARENET, US)
content.zeotap.com
1    52.30.61.76 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-30-61-76.eu-west-1.compute.amazonaws.com
id.crwdcntrl.net
1    173.194.76.155 (None, )

ASN- ()
bid.g.doubleclick.net
2    2a00:1450:400e:811::200a (None, )

ASN- ()
imasdk.googleapis.com
Apex Domain
Subdomains		 Transfer
184 publinews.gt
www.publinews.gt — Cisco Umbrella Rank: 283104
static.publinews.gt — Cisco Umbrella Rank: 331313
3 MB
69 doubleclick.net
securepubads.g.doubleclick.net — Cisco Umbrella Rank: 184
ad.doubleclick.net — Cisco Umbrella Rank: 196
stats.g.doubleclick.net — Cisco Umbrella Rank: 85
googleads.g.doubleclick.net — Cisco Umbrella Rank: 44
cm.g.doubleclick.net — Cisco Umbrella Rank: 210
googleads4.g.doubleclick.net — Cisco Umbrella Rank: 293
bid.g.doubleclick.net
326 KB
53 googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 112
b646121064d0d0dec321ab1288f34722.safeframe.googlesyndication.com
tpc.googlesyndication.com — Cisco Umbrella Rank: 145
579 KB
47 twimg.com
abs.twimg.com — Cisco Umbrella Rank: 1791
pbs.twimg.com — Cisco Umbrella Rank: 703
abs-0.twimg.com — Cisco Umbrella Rank: 2150
399 KB
28 ad4m.at
as.ad4m.at — Cisco Umbrella Rank: 30472
ad4m.at — Cisco Umbrella Rank: 2138
assets.ad4m.at — Cisco Umbrella Rank: 39315
2 MB
21 twitter.com
platform.twitter.com — Cisco Umbrella Rank: 700
syndication.twitter.com — Cisco Umbrella Rank: 963
791 KB
20 aniview.com
tg1.aniview.com — Cisco Umbrella Rank: 10580
player.aniview.com — Cisco Umbrella Rank: 1720
track1.aniview.com — Cisco Umbrella Rank: 1917
go1.aniview.com — Cisco Umbrella Rank: 5038
sync.aniview.com — Cisco Umbrella Rank: 2438
252 KB
17 rubiconproject.com
pixel.rubiconproject.com — Cisco Umbrella Rank: 319
video-ads.rubiconproject.com — Cisco Umbrella Rank: 8293
optimized-by.rubiconproject.com — Cisco Umbrella Rank: 4726
prebid-server.rubiconproject.com — Cisco Umbrella Rank: 993
eus.rubiconproject.com — Cisco Umbrella Rank: 551
token.rubiconproject.com — Cisco Umbrella Rank: 686
22 KB
17 2mdn.net
s0.2mdn.net — Cisco Umbrella Rank: 264
305 KB
16 google.com
region1.analytics.google.com — Cisco Umbrella Rank: 6141
adservice.google.com — Cisco Umbrella Rank: 78
www.google.com — Cisco Umbrella Rank: 2
3 KB
15 emisorasunidas.com
ads.emisorasunidas.com
1 MB
14 mgid.com
jsc.mgid.com — Cisco Umbrella Rank: 7557
c.mgid.com — Cisco Umbrella Rank: 5185
cdn.mgid.com — Cisco Umbrella Rank: 9606
servicer.mgid.com — Cisco Umbrella Rank: 7656
s-img.mgid.com — Cisco Umbrella Rank: 4427
cm.mgid.com — Cisco Umbrella Rank: 2052
151 KB
12 gstatic.com
www.gstatic.com
fonts.gstatic.com
161 KB
11 teads.tv
a.teads.tv — Cisco Umbrella Rank: 1269
at.teads.tv — Cisco Umbrella Rank: 4226
t.teads.tv — Cisco Umbrella Rank: 2460
sync.teads.tv — Cisco Umbrella Rank: 1059
139 KB
10 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 66
545 KB
9 casalemedia.com
dsum-sec.casalemedia.com — Cisco Umbrella Rank: 515
ssum-sec.casalemedia.com — Cisco Umbrella Rank: 430
8 KB
9 google.de
www.google.de — Cisco Umbrella Rank: 6487
adservice.google.de — Cisco Umbrella Rank: 9270
2 KB
8 criteo.com
gum.criteo.com — Cisco Umbrella Rank: 387
mug.criteo.com — Cisco Umbrella Rank: 2794
3 KB
8 onetag-sys.com
onetag-sys.com — Cisco Umbrella Rank: 749
3 KB
8 pubmatic.com
image6.pubmatic.com — Cisco Umbrella Rank: 606
ads.pubmatic.com — Cisco Umbrella Rank: 448
hbopenbid.pubmatic.com — Cisco Umbrella Rank: 442
137 KB
7 stickyadstv.com
ads.stickyadstv.com — Cisco Umbrella Rank: 681
7 KB
7 amazon-adsystem.com
c.amazon-adsystem.com — Cisco Umbrella Rank: 275
aax-eu.amazon-adsystem.com — Cisco Umbrella Rank: 1254
s.amazon-adsystem.com — Cisco Umbrella Rank: 269
46 KB
7 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 37
20 KB
7 googletagservices.com
www.googletagservices.com — Cisco Umbrella Rank: 192
291 KB
6 webgains.io
analytics.webgains.io — Cisco Umbrella Rank: 22472
api.webgains.io — Cisco Umbrella Rank: 58879
170 KB
6 redintelligence.net
hal9000.redintelligence.net — Cisco Umbrella Rank: 43625
hal90002.redintelligence.net — Cisco Umbrella Rank: 261259
11 KB
5 yahoo.com
c2shb.pubgw.yahoo.com — Cisco Umbrella Rank: 879
ads.yahoo.com — Cisco Umbrella Rank: 2202
434 B
5 1rx.io
sync.1rx.io — Cisco Umbrella Rank: 538
tag.1rx.io — Cisco Umbrella Rank: 1370
2 KB
5 adnxs.com
ib.adnxs.com — Cisco Umbrella Rank: 225
5 KB
5 firstimpression.io
ecdn.firstimpression.io — Cisco Umbrella Rank: 19924
cdn.firstimpression.io — Cisco Umbrella Rank: 20075
202 KB
5 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 43
ajax.googleapis.com — Cisco Umbrella Rank: 279
imasdk.googleapis.com
176 KB
4 ad4mat.net
prod-rtb.ad4mat.net — Cisco Umbrella Rank: 117168
static-de.ad4mat.net — Cisco Umbrella Rank: 158244
8 KB
3 adsrvr.org
match.adsrvr.org — Cisco Umbrella Rank: 336
919 B
3 id5-sync.com
cdn.id5-sync.com — Cisco Umbrella Rank: 1167
id5-sync.com — Cisco Umbrella Rank: 471
15 KB
3 media.net
prebid.media.net — Cisco Umbrella Rank: 1082
contextual.media.net — Cisco Umbrella Rank: 534
9 KB
3 360yield.com
ad.360yield.com — Cisco Umbrella Rank: 670
ice.360yield.com — Cisco Umbrella Rank: 1968
968 B
3 webgains.com
track.webgains.com — Cisco Umbrella Rank: 48447
52 KB
3 awin1.com
www.awin1.com — Cisco Umbrella Rank: 16722
2 KB
3 bidswitch.net
x.bidswitch.net — Cisco Umbrella Rank: 288
2 KB
3 medialead.de
pv.medialead.de — Cisco Umbrella Rank: 48437
2 KB
3 smartadserver.com
ssbsync.smartadserver.com — Cisco Umbrella Rank: 875
prg.smartadserver.com — Cisco Umbrella Rank: 1411
1 KB
3 lijit.com
ap.lijit.com — Cisco Umbrella Rank: 619
1 KB
3 tidaltv.com
sync.tidaltv.com — Cisco Umbrella Rank: 1259
1014 B
3 latinon.com
adserver.latinon.com — Cisco Umbrella Rank: 114837
7 KB
2 avct.cloud
ads.avct.cloud — Cisco Umbrella Rank: 2648
890 B
2 adtriba.com
d.adtriba.com — Cisco Umbrella Rank: 61298
757 B
2 addthis.com
e.dlx.addthis.com — Cisco Umbrella Rank: 1958
1 KB
2 media01.eu
pb.media01.eu — Cisco Umbrella Rank: 47180
665 B
2 openx.net
rtb.openx.net — Cisco Umbrella Rank: 1493
u.openx.net — Cisco Umbrella Rank: 655
655 B
2 adform.net
c1.adform.net — Cisco Umbrella Rank: 614
1 KB
2 w55c.net
pm.w55c.net — Cisco Umbrella Rank: 736
2 KB
2 escalated.io
tag.escalated.io — Cisco Umbrella Rank: 26387
40 KB
1 crwdcntrl.net
id.crwdcntrl.net — Cisco Umbrella Rank: 1446
338 B
1 zeotap.com
content.zeotap.com — Cisco Umbrella Rank: 18590
19 KB
1 linkedin.com
px.ads.linkedin.com — Cisco Umbrella Rank: 370
707 B
1 fwmrm.net
1f2e7.v.fwmrm.net — Cisco Umbrella Rank: 2855
532 B
1 eu-1-id5-sync.com
lb.eu-1-id5-sync.com — Cisco Umbrella Rank: 1441
330 B
1 conrad.de
www.conrad.de — Cisco Umbrella Rank: 87033
654 B
1 zenaps.com
www.zenaps.com — Cisco Umbrella Rank: 21328
698 B
1 webgains.team
cdn.track.production.webgains.team — Cisco Umbrella Rank: 69717
85 KB
1 contextweb.com
bh.contextweb.com — Cisco Umbrella Rank: 519
509 B
1 loopme.me
csync.loopme.me — Cisco Umbrella Rank: 889
382 B
1 congstar.de
banner.congstar.de — Cisco Umbrella Rank: 83827
518 B
1 blismedia.com
tr.blismedia.com — Cisco Umbrella Rank: 2500
173 B
1 unrulymedia.com
sync.targeting.unrulymedia.com — Cisco Umbrella Rank: 1000
576 B
1 smaato.net
s.ad.smaato.net — Cisco Umbrella Rank: 690
438 B
1 everesttech.net
pixel.everesttech.net — Cisco Umbrella Rank: 3267
378 B
1 ad-server.eu
ad-server.eu — Cisco Umbrella Rank: 97857
49 KB
1 innovid.com
ag.innovid.com — Cisco Umbrella Rank: 1517
296 B
1 quantserve.com
cms.quantserve.com — Cisco Umbrella Rank: 1015
464 B
1 googleadservices.com
partner.googleadservices.com — Cisco Umbrella Rank: 872
476 B
1 jsdelivr.net
cdn.jsdelivr.net — Cisco Umbrella Rank: 384
10 KB
1 outbrain.com
widgets.outbrain.com — Cisco Umbrella Rank: 1278
3 KB
1 analysis.fi
ecdn.analysis.fi — Cisco Umbrella Rank: 23020
5 KB
1 mailchimp.com
cdn-images.mailchimp.com — Cisco Umbrella Rank: 5133
1 KB
0 rlcdn.com Failed
api.rlcdn.com Failed
0 advertising.com Failed
sync.adaptv.advertising.com Failed
0 gemius.pl Failed
googlecm.hit.gemius.pl Failed
0 netmng.com Failed
google2waycm.netmng.com Failed
587 79
Domain Requested by
106 www.publinews.gt 71 redirects www.publinews.gt
78 static.publinews.gt www.publinews.gt
34 pbs.twimg.com syndication.twitter.com
platform.twitter.com
31 cm.g.doubleclick.net 8 redirects googleads.g.doubleclick.net
b646121064d0d0dec321ab1288f34722.safeframe.googlesyndication.com
www.publinews.gt
26 pagead2.googlesyndication.com www.publinews.gt
pagead2.googlesyndication.com
b646121064d0d0dec321ab1288f34722.safeframe.googlesyndication.com
googleads.g.doubleclick.net
tpc.googlesyndication.com
www.googletagservices.com
www.gstatic.com
securepubads.g.doubleclick.net
22 tpc.googlesyndication.com b646121064d0d0dec321ab1288f34722.safeframe.googlesyndication.com
googleads.g.doubleclick.net
tpc.googlesyndication.com
securepubads.g.doubleclick.net
18 securepubads.g.doubleclick.net www.publinews.gt
www.googletagservices.com
securepubads.g.doubleclick.net
17 s0.2mdn.net ads.emisorasunidas.com
www.publinews.gt
s0.2mdn.net
b646121064d0d0dec321ab1288f34722.safeframe.googlesyndication.com
17 platform.twitter.com www.publinews.gt
platform.twitter.com
syndication.twitter.com
15 ads.emisorasunidas.com www.publinews.gt
ads.emisorasunidas.com
12 abs-0.twimg.com syndication.twitter.com
platform.twitter.com
12 assets.ad4m.at as.ad4m.at
10 www.googletagmanager.com www.publinews.gt
www.googletagmanager.com
9 www.google.com www.publinews.gt
b646121064d0d0dec321ab1288f34722.safeframe.googlesyndication.com
googleads.g.doubleclick.net
tpc.googlesyndication.com
8 onetag-sys.com 1 redirects player.aniview.com
8 ad4m.at as.ad4m.at
ad4m.at
8 as.ad4m.at b646121064d0d0dec321ab1288f34722.safeframe.googlesyndication.com
as.ad4m.at
ad4m.at
8 track1.aniview.com www.publinews.gt
player.aniview.com
8 googleads.g.doubleclick.net pagead2.googlesyndication.com
b646121064d0d0dec321ab1288f34722.safeframe.googlesyndication.com
www.publinews.gt
googleads.g.doubleclick.net
player.aniview.com
8 stats.g.doubleclick.net www.googletagmanager.com
www.google-analytics.com
7 ads.stickyadstv.com 3 redirects player.aniview.com
7 dsum-sec.casalemedia.com 3 redirects googleads.g.doubleclick.net
7 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
7 www.googletagservices.com www.publinews.gt
securepubads.g.doubleclick.net
b646121064d0d0dec321ab1288f34722.safeframe.googlesyndication.com
googleads.g.doubleclick.net
6 player.aniview.com tg1.aniview.com
player.aniview.com
6 www.google.de www.publinews.gt
6 fonts.gstatic.com fonts.googleapis.com
6 www.gstatic.com www.publinews.gt
googleads.g.doubleclick.net
5 pixel.rubiconproject.com 4 redirects
5 hal90002.redintelligence.net 1 redirects b646121064d0d0dec321ab1288f34722.safeframe.googlesyndication.com
hal90002.redintelligence.net
5 ib.adnxs.com 3 redirects googleads.g.doubleclick.net
5 b646121064d0d0dec321ab1288f34722.safeframe.googlesyndication.com securepubads.g.doubleclick.net
5 a.teads.tv www.publinews.gt
a.teads.tv
4 token.rubiconproject.com 4 redirects
4 api.webgains.io analytics.webgains.io
4 mug.criteo.com www.publinews.gt
4 gum.criteo.com 2 redirects
4 c2shb.pubgw.yahoo.com player.aniview.com
4 sync.aniview.com player.aniview.com
4 s-img.mgid.com www.publinews.gt
4 t.teads.tv www.publinews.gt
4 syndication.twitter.com platform.twitter.com
www.publinews.gt
syndication.twitter.com
4 region1.analytics.google.com www.googletagmanager.com
3 s.amazon-adsystem.com 2 redirects
3 aax-eu.amazon-adsystem.com 2 redirects
3 match.adsrvr.org ads.pubmatic.com
3 ads.pubmatic.com player.aniview.com
jsc.mgid.com
3 track.webgains.com as.ad4m.at
3 www.awin1.com 2 redirects as.ad4m.at
3 sync.1rx.io 3 redirects
3 x.bidswitch.net 3 redirects
3 image6.pubmatic.com googleads.g.doubleclick.net
b646121064d0d0dec321ab1288f34722.safeframe.googlesyndication.com
ads.pubmatic.com
3 pv.medialead.de 3 redirects
3 c.mgid.com jsc.mgid.com
www.publinews.gt
3 ap.lijit.com 2 redirects player.aniview.com
3 sync.tidaltv.com 3 redirects
3 cdn.firstimpression.io ecdn.firstimpression.io
3 adservice.google.com securepubads.g.doubleclick.net
3 adservice.google.de securepubads.g.doubleclick.net
3 adserver.latinon.com www.publinews.gt
adserver.latinon.com
2 imasdk.googleapis.com player.aniview.com
imasdk.googleapis.com
2 eus.rubiconproject.com player.aniview.com
eus.rubiconproject.com
2 id5-sync.com cdn.id5-sync.com
ads.pubmatic.com
2 prg.smartadserver.com player.aniview.com
2 tag.1rx.io player.aniview.com
2 hbopenbid.pubmatic.com player.aniview.com
2 prebid.media.net player.aniview.com
2 prebid-server.rubiconproject.com player.aniview.com
2 cm.mgid.com jsc.mgid.com
2 analytics.webgains.io track.webgains.com
2 optimized-by.rubiconproject.com www.publinews.gt
2 video-ads.rubiconproject.com 2 redirects
2 ad.360yield.com 2 redirects
2 ads.avct.cloud 2 redirects
2 d.adtriba.com 1 redirects b646121064d0d0dec321ab1288f34722.safeframe.googlesyndication.com
2 googleads4.g.doubleclick.net www.publinews.gt
2 ssum-sec.casalemedia.com 2 redirects
2 e.dlx.addthis.com 2 redirects
2 pb.media01.eu hal90002.redintelligence.net
as.ad4m.at
2 cdn.mgid.com www.publinews.gt
2 static-de.ad4mat.net as.ad4m.at
2 c1.adform.net 2 redirects
2 pm.w55c.net 2 redirects
2 prod-rtb.ad4mat.net www.publinews.gt
2 tag.escalated.io ecdn.firstimpression.io
tag.escalated.io
2 ecdn.firstimpression.io www.publinews.gt
ecdn.firstimpression.io
2 jsc.mgid.com www.publinews.gt
jsc.mgid.com
2 fonts.googleapis.com www.publinews.gt
googleads.g.doubleclick.net
1 bid.g.doubleclick.net player.aniview.com
1 id.crwdcntrl.net ads.pubmatic.com
1 content.zeotap.com ads.pubmatic.com
1 px.ads.linkedin.com
1 ads.yahoo.com
1 1f2e7.v.fwmrm.net 1 redirects
1 contextual.media.net player.aniview.com
1 lb.eu-1-id5-sync.com cdn.id5-sync.com
1 cdn.id5-sync.com jsc.mgid.com
1 www.conrad.de as.ad4m.at
1 www.zenaps.com 1 redirects
1 cdn.track.production.webgains.team as.ad4m.at
1 ice.360yield.com player.aniview.com
1 u.openx.net player.aniview.com
1 bh.contextweb.com 1 redirects
1 csync.loopme.me 1 redirects
1 abs.twimg.com platform.twitter.com
1 banner.congstar.de as.ad4m.at
1 sync.teads.tv b646121064d0d0dec321ab1288f34722.safeframe.googlesyndication.com
1 tr.blismedia.com b646121064d0d0dec321ab1288f34722.safeframe.googlesyndication.com
1 sync.targeting.unrulymedia.com 1 redirects
1 s.ad.smaato.net 1 redirects
1 pixel.everesttech.net 1 redirects
1 ad-server.eu hal90002.redintelligence.net
1 ajax.googleapis.com hal90002.redintelligence.net
1 go1.aniview.com player.aniview.com
1 ag.innovid.com googleads.g.doubleclick.net
1 cms.quantserve.com googleads.g.doubleclick.net
1 servicer.mgid.com jsc.mgid.com
1 ssbsync.smartadserver.com b646121064d0d0dec321ab1288f34722.safeframe.googlesyndication.com
1 rtb.openx.net b646121064d0d0dec321ab1288f34722.safeframe.googlesyndication.com
1 hal9000.redintelligence.net b646121064d0d0dec321ab1288f34722.safeframe.googlesyndication.com
1 tg1.aniview.com adserver.latinon.com
1 partner.googleadservices.com pagead2.googlesyndication.com
1 c.amazon-adsystem.com ecdn.firstimpression.io
1 cdn.jsdelivr.net ecdn.firstimpression.io
1 widgets.outbrain.com www.publinews.gt
1 ad.doubleclick.net www.publinews.gt
1 at.teads.tv a.teads.tv
1 ecdn.analysis.fi www.publinews.gt
1 cdn-images.mailchimp.com www.publinews.gt
0 api.rlcdn.com Failed ads.pubmatic.com
0 sync.adaptv.advertising.com Failed b646121064d0d0dec321ab1288f34722.safeframe.googlesyndication.com
0 googlecm.hit.gemius.pl Failed googleads.g.doubleclick.net
0 google2waycm.netmng.com Failed b646121064d0d0dec321ab1288f34722.safeframe.googlesyndication.com
587 133
Subject Issuer Validity Valid
www.publinews.gt
R3		 2022-06-24 -
2022-09-22		 3 months crt.sh
upload.video.google.com
GTS CA 1C3		 2022-08-08 -
2022-10-31		 3 months crt.sh
*.google-analytics.com
GTS CA 1C3		 2022-08-08 -
2022-10-31		 3 months crt.sh
teads.tv
R3		 2022-08-17 -
2022-11-15		 3 months crt.sh
adserver.latinon.com
R3		 2022-07-21 -
2022-10-19		 3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2022-08-08 -
2022-10-31		 3 months crt.sh
cdn-images.mailchimp.com
Amazon		 2022-07-06 -
2023-08-03		 a year crt.sh
*.twimg.com
DigiCert TLS RSA SHA256 2020 CA1		 2021-10-20 -
2022-10-19		 a year crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2022-05-11 -
2023-05-11		 a year crt.sh
*.gstatic.com
GTS CA 1C3		 2022-08-15 -
2022-11-07		 3 months crt.sh
analysis.fi
Amazon		 2021-12-04 -
2023-01-01		 a year crt.sh
*.firstimpression.io
Sectigo RSA Domain Validation Secure Server CA		 2021-11-21 -
2022-12-05		 a year crt.sh
*.doubleclick.net
GTS CA 1C3		 2022-08-08 -
2022-10-31		 3 months crt.sh
*.outbrain.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-04-03 -
2023-04-04		 a year crt.sh
www.google.de
GTS CA 1C3		 2022-08-15 -
2022-11-07		 3 months crt.sh
*.google.de
GTS CA 1C3		 2022-08-08 -
2022-10-31		 3 months crt.sh
*.google.com
GTS CA 1C3		 2022-08-08 -
2022-10-31		 3 months crt.sh
static.publinews.gt
R3		 2022-06-24 -
2022-09-22		 3 months crt.sh
ads.emisorasunidas.com
R3		 2022-08-21 -
2022-11-19		 3 months crt.sh
*.escalated.io
Go Daddy Secure Certificate Authority - G2		 2022-01-03 -
2023-02-04		 a year crt.sh
c.amazon-adsystem.com
Amazon		 2022-05-09 -
2023-04-18		 a year crt.sh
www.google.com
GTS CA 1C3		 2022-08-08 -
2022-10-31		 3 months crt.sh
*.googleadservices.com
GTS CA 1C3		 2022-08-08 -
2022-10-31		 3 months crt.sh
tpc.googlesyndication.com
GTS CA 1C3		 2022-08-08 -
2022-10-31		 3 months crt.sh
*.aniview.com
DigiCert SHA2 Secure Server CA		 2021-12-30 -
2023-01-03		 a year crt.sh
syndication.twitter.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-03-07 -
2023-03-06		 a year crt.sh
prod-rtb.ad4mat.net
GTS CA 1D4		 2022-08-16 -
2022-11-14		 3 months crt.sh
redintelligence.net
R3		 2022-08-02 -
2022-10-31		 3 months crt.sh
*.openx.net
GeoTrust RSA CA 2018		 2022-07-21 -
2023-08-21		 a year crt.sh
*.smartadserver.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-01-25 -
2023-01-25		 a year crt.sh
*.media01.eu
RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1		 2022-05-20 -
2023-05-21		 a year crt.sh
*.quantserve.com
DigiCert TLS RSA SHA256 2020 CA1		 2021-09-22 -
2022-09-21		 a year crt.sh
*.pubmatic.com
DigiCert Baltimore TLS RSA SHA256 2020 CA1		 2022-06-13 -
2023-07-14		 a year crt.sh
*.innovid.com
RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1		 2022-03-15 -
2023-04-15		 a year crt.sh
tr.blismedia.com
GTS CA 1D4		 2022-08-18 -
2022-11-16		 3 months crt.sh
*.webgains.com
Amazon		 2022-06-14 -
2023-07-13		 a year crt.sh
*.lijit.com
Go Daddy Secure Certificate Authority - G2		 2022-06-27 -
2023-06-05		 a year crt.sh
*.onetag-sys.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-01-10 -
2023-01-03		 a year crt.sh
*.360yield.com
Amazon		 2022-06-28 -
2023-07-27		 a year crt.sh
*.webgains.io
Amazon		 2022-08-23 -
2023-09-21		 a year crt.sh
cdn.track.production.webgains.team
Amazon		 2022-08-08 -
2023-09-06		 a year crt.sh
www.awin1.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-04-18 -
2023-04-19		 a year crt.sh
web.ssp.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2022-08-02 -
2023-01-25		 6 months crt.sh
*.ads.stickyadstv.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-06-14 -
2023-06-16		 a year crt.sh
*.rubiconproject.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-03-08 -
2023-04-04		 a year crt.sh
*.media.net
Sectigo RSA Domain Validation Secure Server CA		 2022-04-06 -
2023-05-04		 a year crt.sh
*.1rx.io
Sectigo RSA Domain Validation Secure Server CA		 2022-06-28 -
2023-07-29		 a year crt.sh
*.criteo.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-08-27 -
2022-11-22		 3 months crt.sh
*.eu-1-id5-sync.com
R3		 2022-08-18 -
2022-11-16		 3 months crt.sh
*.id5-sync.com
R3		 2022-08-18 -
2022-11-16		 3 months crt.sh
*.adsrvr.org
GlobalSign GCC R3 DV TLS CA 2020		 2022-03-31 -
2023-05-02		 a year crt.sh
*.crwdcntrl.net
Go Daddy Secure Certificate Authority - G2		 2022-05-01 -
2023-06-02		 a year crt.sh

This page contains 48 frames:

Primary Page: https://www.publinews.gt/gt/
Frame ID: 63ABE1A84CA669AD6461D4F3437777A0
Requests: 290 HTTP requests in this frame

Frame: https://b646121064d0d0dec321ab1288f34722.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: EF66B042914C6BA5191C0FD88D184D79
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20220829/r20190131/zrt_lookup.html
Frame ID: 0FB537B13765CAE1D8DDF1A913A165EC
Requests: 1 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssZ7Y6RZ-bIhqs3GDW1dE_j3ZNE3ZktpQ4fG8AoOv2GyCzJJ-i5gt8N1EAlDG0MZxqJSL9RQNbKP-6nnb8HRjUIxYPquw1nbT5-Dnc-ZgU4M6VE7zf7Ch2-vskPznr__mdkoccTeZxiGJCZEIRwjsZkj3wYKr6hoErtZuOF6_9yOvOev-EIvRhnxR79eAWDRS1xPbQ5ToGY73H-m31OrbU_y8WWdTnvM98YkHK9CpIl0HonmiFgGlQ76CajT-d5m094CZjE7XdNj0IlHDVdYGLkAayr6hfF9BELXArDyL-jW0x_fWQTwZmk3atyHtm0kzPkx0rSL5xeKyHohIGCJmdbRTrxFAwv&sai=AMfl-YRUEnUsRJHw4HPISBcz_gkhyhOe5JwoBUM0i1s6Gg_7xnfs2z_WcFkiDPhSbl4DFeQM-ordzJU6ut_U5zH8NCMTH8X6aGxd-J01twi_EJzdajWbOLgedXbbupaLJgp_Bg&sig=Cg0ArKJSzC1sXFa0URy6EAE&uach_m=[UACH]&urlfix=1&adurl=
Frame ID: A312B0DF57BEC35C783BF5C274B52F4E
Requests: 6 HTTP requests in this frame

Frame: https://ads.emisorasunidas.com/2022/08/upa/layerdk/index.html
Frame ID: 713B25964C225F24467F467F9E44C41C
Requests: 6 HTTP requests in this frame

Frame: https://ads.emisorasunidas.com/2022/08/upa/layerdk/index.html
Frame ID: 90CA6D01A487BD380E1EF25837AED698
Requests: 6 HTTP requests in this frame

Frame: https://ads.emisorasunidas.com/2022/08/upa/layerdk/index.html
Frame ID: 029591EA78D08571546C75F30925B4E1
Requests: 6 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6383764698994707&output=html&adk=1812271804&adf=1573534164&lmt=1661962582&plat=2%3A16777216%2C9%3A32904%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fwww.publinews.gt%2Fgt%2F&ea=0&pra=5&wgl=1&easpf=1&easpi=0&asntp=0&asntpv=0&asntpl=0&asntpm=0&asntpc=0&asna=0&asnd=0&asnp=0&asns=0&asmat=1&asptt=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1661962582246&bpp=4&bdt=605&idt=385&shv=r20220829&mjsv=m202208250101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D3e919791225ba04a-22279d160fce002a%3AT%3D1661962582%3AS%3DALNI_Ma962-5CeT1YBQGE3h12GnrP9tFJQ&nras=1&correlator=7758249439997&frm=20&pv=2&ga_vid=691347407.1661962582&ga_sid=1661962582&ga_hid=1812898241&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31069217%2C44772915%2C31062931&oid=2&pvsid=370390444806995&tmod=117887328&uas=0&nvt=1&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=4&uci=a!4&fsb=1&dtd=398
Frame ID: 9D069138EBB6FBBED97EAF71FA59C173
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6383764698994707&output=html&h=280&slotname=3742502606&adk=174841845&adf=2764318805&pi=t.ma~as.3742502606&w=1200&fwrn=4&fwrnh=100&lmt=1661962582&rafmt=1&psa=0&format=1200x280&url=https%3A%2F%2Fwww.publinews.gt%2Fgt%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1661962582593&bpp=3&bdt=951&idt=79&shv=r20220829&mjsv=m202208250101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D3e919791225ba04a-22279d160fce002a%3AT%3D1661962582%3AS%3DALNI_Ma962-5CeT1YBQGE3h12GnrP9tFJQ&prev_fmts=0x0&nras=1&correlator=7758249439997&frm=20&pv=1&ga_vid=691347407.1661962582&ga_sid=1661962582&ga_hid=1812898241&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=120&ady=3882&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31069217%2C44772915%2C31062931&oid=2&pvsid=370390444806995&tmod=117887328&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7ClEebr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=8&uci=a!8&btvi=1&fsb=1&xpc=g4YKPmXyTo&p=https%3A//www.publinews.gt&dtd=86
Frame ID: ADB5881F5B04A66980C527E7DE07EB25
Requests: 21 HTTP requests in this frame

Frame: https://b646121064d0d0dec321ab1288f34722.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 229535862077A6176BD6B6F2E1312EF0
Requests: 13 HTTP requests in this frame

Frame: https://platform.twitter.com/widgets/widget_iframe.9d00f3a022654eb8edfbc3190e981f9d.html?origin=https%3A%2F%2Fwww.publinews.gt
Frame ID: 30B1A9B2FB15501A71B9C38987A557B4
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhCn9EsYkeKpXTAB&v=APEucNXRzBwmJfkTmy14Wy4dUm7-GVYubjbz9iVWeyITr1HW1s9o6a3kcFu5Ag73t2dQ7n8wwVaoKivh0X3Ls-ij1k0sYUcD6fit70MtgtTb0VK1gg9tZN-Dhm8FUt6NjEUvyK5GrxDT3nuWDto-kHoREV1D6LyxrzXX1zXUJxMa6EdixmJzWEY
Frame ID: D7D2DE170687F9C31EAAE60790D605FF
Requests: 5 HTTP requests in this frame

Frame: https://b646121064d0d0dec321ab1288f34722.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 068186D9C758EA342244FDDFE1B78AB4
Requests: 9 HTTP requests in this frame

Frame: https://as.ad4m.at/ad/dr?ed=1gvyhcpkj2rxmc89tf0dqka9sk70jpp0n2skms53tqpya2zb3gz9jkb620bevjgp8b9pqzrd2mv1fkamg3kyxjskb3a0ex8p53xz5ejnwpe9bhmcen8b4vsfnxc8maj7e54ap06ff9f4vgj728vs6anpz2g3x8qcsrp685dp7r6e18zqfezxe1r43av39d9hszedxkzbbb7krppx9t7tms4kek7wbkrgee5sc0ybs8m0t4bfjjwxmdkj0k76px8v4q1t2set1s4jkjpz719yyvfsgmwy83q9agkx41702ptjstt195mbefh6311z9aw900qhchghn61m42neqd9v5bdya72w2r3e3p4th3zj53x7gxjzw9m5vbes4armv70fy49cawwyeaqt1nmsybwv67pjjxd6m5ar6m&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCX5LxVokPY4DtJMTtgQeEg6H4AZDhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTQ5MjI5NTQzOTQ1ODQ2NjWgAcKu6N0DyAEJqQKLyfoBn8qwPuACAKgDAaoElAJP0HiLrnkivyadFVGiFcalUA72NXlrnWxFvxIAh0-6l-1xkihUJsB9GRIGfEUbzpxxa21zZ1K-orfX6D-UyZKU_QocCojREOaHHW_oEITVOM57ZT9UcaiXbd0VPetUH9jQZnY_P3bA6U05SnkCuKZ_OtRKSZ7cuHwAvIIg2jKAss8Ox2jLf15AaHByWj7P9prLeEHGHvf-iZBLArml2q7ckhVeNy3o_952I7VmO7mzeiBNaMK_vuONY_DPJvIJYNa_m4Re4C7QedQYfHjGSee-xMMkirCKusGto7MP-t8onkpZxKTMiLFcAbQZigJVUg6gQlxGVkpfrK0Bq9ACv4LBZgp_pk9V89aaALT60f5b_zLMeOHgBAGABuPMp6eF8Y2wSqAGIagHipixAqgHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_26JN6B9s3jbrknJI8aorEoKy2UJQ%26client%3Dca-pub-4922954394584665%26adurl%3D
Frame ID: B7848D1294AA16E7D88C317351D4E9B6
Requests: 5 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 02EA376B209FB4C104061B6DF3404AC6
Requests: 9 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 6EFE60A1D84E454DFE90DC0A46CC5FDE
Requests: 3 HTTP requests in this frame

Frame: https://b646121064d0d0dec321ab1288f34722.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 85EA21DC0FAC24F822822085504D16B1
Requests: 15 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLfi9QIQ0YXj8wEYtY7FwwEwAQ&v=APEucNVIvcP4MraefIYEf0igkgpdw1E_eWWIzQsPb9JL0fONSM8d2NZsYmKlNWj7FXLE8_rtYgpuI2Yg3cDeba7dgbxSGim-irSoMHCu-SNLZM0EF6ENKFTIccDzVNLT6C8XsacNxHpA7oi8EwtIvyVXBdoht_d7ebz7C-sYuucIPtsaYs0FDGE
Frame ID: 41612C59A26F167093BF2A7C18DA1E72
Requests: 5 HTTP requests in this frame

Frame: https://syndication.twitter.com/srv/timeline-profile/screen-name/PublinewsGT?dnt=false&embedId=twitter-widget-0&frame=false&lang=es&maxHeight=600&origin=https%3A%2F%2Fwww.publinews.gt%2Fgt%2F&sessionId=147a02f0d19ff09125b09e9c7a4d047b596aa85a&showHeader=true&showReplies=false&siteScreenName=PublinewsGT&widgetsVersion=31f0cdc1eaa0f%3A1660602114609
Frame ID: 9C560A34AF269456BDCF7E59DC619FA2
Requests: 63 HTTP requests in this frame

Frame: https://ad4m.at/frame.html
Frame ID: A9618EC143CDF00607478F6696418F96
Requests: 1 HTTP requests in this frame

Frame: https://b646121064d0d0dec321ab1288f34722.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 359B5076A9ACC83800B06990A5E4B7F7
Requests: 8 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 371053AF44FBE1FB1EEB161E7CFB3B59
Requests: 9 HTTP requests in this frame

Frame: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5d31fb2628a06116ff22aef3
Frame ID: F4DFD974521C70BE1CB0DB618BC025EB
Requests: 6 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 2FDB1273AF8B5BAFA7BBF3F491C8D88E
Requests: 9 HTTP requests in this frame

Frame: https://as.ad4m.at/ad/dr?ed=1g0v40230c0n8d1564xeqdx28h7z65jw06mhnsbccs7hwzena23ft2p0mhtempw42sxmyrh3cnjkzbse9rq8rn2qda1rdsw9jdjrvw3ya09sd32h71aycevk8b9g11y55vx5f5qb62nbwx13y66q7p3w3b32ny1w74tq5jwcafvrk4015v33n6ct409ypbngvhf2sgns9q3g5bjadzcq975q4cj3qw9p4h12mqxqw4qs9qm0kzn182v62pk9thv37k01b8mbhbtcg5b97bkt7stgmpyjtwwrbeewsrrx084e88g5yzvt4a6fc4vk6706qdszm8cp5a0gsxqd8j67nsz7jr07ytve2g08s57cn73sacs356q4ws4wktm26262xj4srkessc2ww3hx2f1avrvf1d742skdq0&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC8cfAV4kPY9jADqqMx_AP2bS1oASQ4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi00OTIyOTU0Mzk0NTg0NjY1oAHCrujdA8gBCakCi8n6AZ_KsD7gAgCoAwGqBJQCT9AiQxi8xUFH8psh-I_uWJSRwHzXA7V1KgJbQ7UbRV_TYfAJySzttm_M--Pdahre2QrXBbdSdaLOUmzeaL2Ca7PznMCXInEURnvBid9EGdace6OpLRIo1CDoruGOF7QAHojTGqIOlretTXYMv1aQIo0Nre1wNTWA1tgYboYKTUBSdPKEOgU2wL4pWrFoYYbcLjZrpxeEj5-4CNSC6L8yN3phxkdDYSmjU4NkfL1BbQGfcMwLX-xu-jueX2bs3oDfPtI4WB459WvUPGW1V6C2R4DAvXItlAfJZyqGDXxROL69YKA5POD346r1v4Q9RF3mon-39c_2CZZIxpRT7DtHg6PnOHKrRZ0HbabSCkoGHHkadWfj4AQBgAbxur7BzIOftfwBoAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_20siNFLgsAMdtpW4dXNdS0tC44eg%26client%3Dca-pub-4922954394584665%26adurl%3D
Frame ID: BD179CA0244C3E2AE1B78CCFCE5D5E4B
Requests: 5 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: AD89D1ACDD7D939F3FE126A6D7415E41
Requests: 9 HTTP requests in this frame

Frame: https://pb.media01.eu/view.aspx?trackid=529D4F146E3238B0FD87AE72E1190AD4&dt_subid1=52180&dt_subid2=50921200115005400757589012068002&actionid=981741&produktid=&dt_url=
Frame ID: DE7BA70D2A6D0BC7432A9E1674A63130
Requests: 1 HTTP requests in this frame

Frame: https://hal90002.redintelligence.net/request_content.php?s=50921200115005400757589012068002&a=be0f3559
Frame ID: 7ECFEFAC2102892A595227BE3F65029B
Requests: 6 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/7739233682091568744/index.html
Frame ID: 87677427B6F7D89E61DC8AE4BA88693E
Requests: 11 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 73DD277E46FCD30F1E302EC6FAB570E5
Requests: 3 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/ppzs-o_oDTLysEGEkZroIB51IgxzANAUgUjK_Y8VX9I.js
Frame ID: AF11F55470029AA6AE9C04F397553088
Requests: 1 HTTP requests in this frame

Frame: https://as.ad4m.at/ad/rar?a=196438%2C24673%2C34817&b=GjeTBfpfXwx9UKHeHGtPt31dHZSYTeA9tE%2C4rehEf5fRAzhGH9HdtAtmJAsbSpTr6XuK%2Cr2GcQf9fwMQUAH7HjtqtgdXaYS8TKxdhd&f=Vx7fwfmfDjJEfVHbHAtXC8j4cBSzTzQkTQ%2Cr2GcQf9fd3jTAH7HjtJCBwxuYS8TKxdhd%2CPxefBfbfG17F9HjHbtgCrD6tJS9TPM7Fp&c=300&d=600&e=&g=ea4d1e2242c4cccaa937fb57af9526dd%2F5045102898133266633&i=25174%2C20430%2C27788&j=16%2C21%2C22&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&r=1661962584011&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1g7wwmgwvwhb06g0gmkc30zdataskx208qfknckm8bns7zr54rp58gaqsdeb8sfrwf72j74vyc7166yxbyab5mehfsxss37fja8w6swj71hhep869jt0x66t8jnr4qy2mhc56853hbsapqvbs4jqrknb9q48s30xzax8a0bxm87zw1rxbda93cq5ys0f2jcshp9n7fztyrrkc4h3k42kkaamdv4kxtq1wgxxy5pe05px20n3e9p5x8t00nce091phb3fjaz2mnexj%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCX5LxVokPY4DtJMTtgQeEg6H4AZDhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTQ5MjI5NTQzOTQ1ODQ2NjWgAcKu6N0DyAEJqQKLyfoBn8qwPuACAKgDAaoElAJP0HiLrnkivyadFVGiFcalUA72NXlrnWxFvxIAh0-6l-1xkihUJsB9GRIGfEUbzpxxa21zZ1K-orfX6D-UyZKU_QocCojREOaHHW_oEITVOM57ZT9UcaiXbd0VPetUH9jQZnY_P3bA6U05SnkCuKZ_OtRKSZ7cuHwAvIIg2jKAss8Ox2jLf15AaHByWj7P9prLeEHGHvf-iZBLArml2q7ckhVeNy3o_952I7VmO7mzeiBNaMK_vuONY_DPJvIJYNa_m4Re4C7QedQYfHjGSee-xMMkirCKusGto7MP-t8onkpZxKTMiLFcAbQZigJVUg6gQlxGVkpfrK0Bq9ACv4LBZgp_pk9V89aaALT60f5b_zLMeOHgBAGABuPMp6eF8Y2wSqAGIagHipixAqgHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_26JN6B9s3jbrknJI8aorEoKy2UJQ%2526client%253Dca-pub-4922954394584665%2526adurl%253D&y=1&s=&z=0
Frame ID: 087160EEE3A4A90BF90704AD06BFA25E
Requests: 14 HTTP requests in this frame

Frame: https://ad4m.at/frame.html
Frame ID: 14CB898071F3FC4AB38B107A30B7DBB8
Requests: 1 HTTP requests in this frame

Frame: https://ap.lijit.com/pixel?us_privacy=1---&gdpr=1&gdpr_consent=&redir=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1661962584249-915558184916-007205-002-006677%26biddername%3D18%26key%3D%24UID
Frame ID: 30E78A4CC51483C84849834BBEDADF79
Requests: 1 HTTP requests in this frame

Frame: https://sync.aniview.com/cookiesyncendpoint?auid=1661962584249-915558184916-007205-002-006677&biddername=200&key=OPTOUT
Frame ID: 58AA5D115584528A5D5871433D54CA99
Requests: 1 HTTP requests in this frame

Frame: https://sync.aniview.com/cookiesyncendpoint?auid=1661962584249-915558184916-007205-002-006677&biddername=22&key=6585fe84-1325-496b-b805-3da3a97c944c
Frame ID: CDD92BAE426781445FB1AA39BE4C7996
Requests: 1 HTTP requests in this frame

Frame: https://sync.aniview.com/cookiesyncendpoint?auid=1661962584249-915558184916-007205-002-006677&biddername=56&pid=59c9148628a0612da3689288&key=8054a25d-7ff0-4918-b275-d01f1afe9208
Frame ID: D8FA5F8D65F741567FC5B11335EE8185
Requests: 1 HTTP requests in this frame

Frame: https://sync.aniview.com/cookiesyncendpoint?auid=1661962584249-915558184916-007205-002-006677&biddername=10&pid=59c9148628a0612da3689288&key=Z6T4uN2keg3N&ev=1&us_privacy=${us_privacy}&pid=562704
Frame ID: E828B9FECFA241E835BAF3CC70523B2E
Requests: 1 HTTP requests in this frame

Frame: https://u.openx.net/w/1.0/cm?id=ec4c2ec9-18b8-454e-98be-3ee1e6bfea65&gdpr=1&gdpr_consent=&r=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1661962584249-915558184916-007205-002-006677%26biddername%3D23%26key%3D
Frame ID: 81A9293877DEF908E0D424CCBAB57079
Requests: 1 HTTP requests in this frame

Frame: https://as.ad4m.at/ad/rar?a=14019%2C183975%2C14044&b=Rx6fgfQfZx7TkHwH3tQtdWgf9SzTmqbF7%2Ce7RC3fVfrkRMajHZHet1t4jXTwSQTx8Ja1%2CXxVfzfrfqw7U6H4HetqtxD7UQSkTXKPfJ&f=Qxef4fjfbV7txH5HYt9CZekh6S4T5qBcV%2CDjeT3fwfGA3rF3HmH9twCZ3kTxSmTk8rFV%2Ce7RC3fVfxBVcjHZHet2CeW3swSQTx8Ja1&c=300&d=250&e=&g=8510404f2dc1b2020e3829f2b1854606%2F9244079190627054995&i=21596%2C20597%2C25007&j=16%2C21%2C16&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&r=1661962584354&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1jjzb52rqscb4zwhmk39htfm5z4yy77fqdkx5ckkd0z5mq3r9n7y9qq5h49hb6ja5h4hnk00wv75ksrgn27bdb73s3bg53v38b7z9x7a1430gpfkgfb0m2mq75n0xx9vy35hrcpsm596e5tx432vthe5xxe9zm21v061kx65hj8p35dg9p4vpjj3e8bn2t6p5esr4nfc7ct3djhwacse32a9njh3sss5x6wzz26z2bcn76b4ermpgrptg91sr5kp25nq86r252bz0%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DC8cfAV4kPY9jADqqMx_AP2bS1oASQ4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi00OTIyOTU0Mzk0NTg0NjY1oAHCrujdA8gBCakCi8n6AZ_KsD7gAgCoAwGqBJQCT9AiQxi8xUFH8psh-I_uWJSRwHzXA7V1KgJbQ7UbRV_TYfAJySzttm_M--Pdahre2QrXBbdSdaLOUmzeaL2Ca7PznMCXInEURnvBid9EGdace6OpLRIo1CDoruGOF7QAHojTGqIOlretTXYMv1aQIo0Nre1wNTWA1tgYboYKTUBSdPKEOgU2wL4pWrFoYYbcLjZrpxeEj5-4CNSC6L8yN3phxkdDYSmjU4NkfL1BbQGfcMwLX-xu-jueX2bs3oDfPtI4WB459WvUPGW1V6C2R4DAvXItlAfJZyqGDXxROL69YKA5POD346r1v4Q9RF3mon-39c_2CZZIxpRT7DtHg6PnOHKrRZ0HbabSCkoGHHkadWfj4AQBgAbxur7BzIOftfwBoAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_20siNFLgsAMdtpW4dXNdS0tC44eg%2526client%253Dca-pub-4922954394584665%2526adurl%253D&y=1&s=&z=0
Frame ID: 16F5E0F211F066403484B83BE0EB1E7E
Requests: 14 HTTP requests in this frame

Frame: https://cm.mgid.com/i-noref.js?cbuster=1661962585718206304159
Frame ID: DD2A170D71F823F349F04EFF9EBC5E5C
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html
Frame ID: 83522CBD4F2837B345F5BFDE2E8129CF
Requests: 10 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=161774
Frame ID: 88DC43709B01E1F2EEDB9D21816B1234
Requests: 2 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?cb=1661962585736
Frame ID: E423F73C525E2B19E0EE1AD0656CD1D8
Requests: 1 HTTP requests in this frame

Frame: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUK67P42&prvid=99%2C77%2C56%2C2034%2C2031%2C2030%2C175%2C157%2C2028%2C2027%2C4%2C159%2C10000%2C80%2C9%2C109%2C82%2C97&itype=PREBID&purpose1=1&gdprconsent=0&gdpr=1&coppa=0&usp_status=0&usp_consent=1
Frame ID: FC14A1D8DD233E8FA8590F5E10136BF1
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 3F86277FDAFED5406777C870FBCEA07B
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: B8934542A1A9802C7408AA83ADC538D2
Requests: 2 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/sdkloader/vpaid_adapter.js
Frame ID: D482781F2D5554185FE5F6F9F4A0B2EA
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Noticias, Deportes y Espectáculos de Guatemala y el Mundo | Publinews

Page URL History Show full URLs

  1. http://www.publinews.gt/ HTTP 301
    https://www.publinews.gt/ HTTP 301
    https://www.publinews.gt/gt/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
  • /wp-(?:content|includes)/
  • wp-embed\.min\.js\?ver=([\d.]+)
Overall confidence: 100%
Detected patterns
  • /firebasejs/([\d.]+)/firebase
Overall confidence: 100%
Detected patterns
  • adnxs\.(?:net|com)
Overall confidence: 100%
Detected patterns
  • tpc\.googlesyndication\.com/safeframe
Overall confidence: 100%
Detected patterns
  • 2mdn\.net
Overall confidence: 100%
Detected patterns
  • googletagservices\.com/tag/js/gpt(?:_mobile)?\.js
Overall confidence: 100%
Detected patterns
  • /flickity(?:\.pkgd)?(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
  • 2mdn\.net
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtm\.js
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • cdn-images\.mailchimp\.com/[^>]*\.css
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.openx\.net
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.pubmatic\.com
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.rubiconproject\.com
Overall confidence: 100%
Detected patterns
  • //platform\.twitter\.com/widgets\.js
Overall confidence: 100%
Detected patterns
  • underscore.*\.js(?:\?ver=([\d.]+))?
Overall confidence: 100%
Detected patterns
  • analytics\.webgains\.io
Overall confidence: 100%
Detected patterns
  • /([\d.]+)/jquery(?:\.min)?\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Overall confidence: 100%
Detected patterns
  • jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?
Overall confidence: 100%
Detected patterns
  • //cdn\.jsdelivr\.net/

Page Statistics

587
Requests

80 %
HTTPS

36 %
IPv6

79
Domains

133
Subdomains

102
IPs

10
Countries

10821 kB
Transfer

20134 kB
Size

103
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://www.publinews.gt/ HTTP 301
    https://www.publinews.gt/ HTTP 301
    https://www.publinews.gt/gt/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 25
  • https://www.publinews.gt/gt/wp-content/uploads/2020/06/svgpublinews.svg HTTP 301
  • https://static.publinews.gt/2020/06/svgpublinews.svg
Request Chain 89
  • https://www.publinews.gt/gt/wp-content/uploads/2020/10/previa-quinta-etapa-vuelta-ciclistica-a-guatemala-2020-publinews-1-300x300.png HTTP 301
  • https://static.publinews.gt/2020/10/previa-quinta-etapa-vuelta-ciclistica-a-guatemala-2020-publinews-1-300x300.png
Request Chain 90
  • https://www.publinews.gt/gt/wp-content/uploads/2022/08/manifestacion-en-contra-de-suspencion-de-los-estatutos-del-COG-3-300x168.jpg HTTP 301
  • https://static.publinews.gt/2022/08/manifestacion-en-contra-de-suspencion-de-los-estatutos-del-COG-3-300x168.jpg
Request Chain 99
  • https://www.publinews.gt/gt/wp-content/uploads/2022/08/accidente-de-transito-300x168.jpg HTTP 301
  • https://static.publinews.gt/2022/08/accidente-de-transito-300x168.jpg
Request Chain 100
  • https://www.publinews.gt/gt/wp-content/uploads/2022/08/accidente-de-transito-trailer-volcado-periferico-31-agosto-2022-pmt-300x168.jpg HTTP 301
  • https://static.publinews.gt/2022/08/accidente-de-transito-trailer-volcado-periferico-31-agosto-2022-pmt-300x168.jpg
Request Chain 101
  • https://www.publinews.gt/gt/wp-content/uploads/2022/08/nelson-carreras-publinews-300x168.jpg HTTP 301
  • https://static.publinews.gt/2022/08/nelson-carreras-publinews-300x168.jpg
Request Chain 102
  • https://www.publinews.gt/gt/wp-content/uploads/2021/09/hospital-san-juan-de-dios-pandemia-covid-19-coronavirus-guatemala-1-de-septiembre-2021-publinews-edwin-bercian-7-300x168.jpg HTTP 301
  • https://static.publinews.gt/2021/09/hospital-san-juan-de-dios-pandemia-covid-19-coronavirus-guatemala-1-de-septiembre-2021-publinews-edwin-bercian-7-300x168.jpg
Request Chain 103
  • https://www.publinews.gt/gt/wp-content/uploads/2022/07/laboratorio-movil-hisopados-pruebas-covid-19-coronavirus-guatemala-julio-2022-3-foto-ministerio-de-salud-187x140.jpg HTTP 301
  • https://static.publinews.gt/2022/07/laboratorio-movil-hisopados-pruebas-covid-19-coronavirus-guatemala-julio-2022-3-foto-ministerio-de-salud-187x140.jpg
Request Chain 104
  • https://www.publinews.gt/gt/wp-content/uploads/2022/07/pruebas-covid-19-hisopados-plaza-constitucion-publinews5-187x140.jpg HTTP 301
  • https://static.publinews.gt/2022/07/pruebas-covid-19-hisopados-plaza-constitucion-publinews5-187x140.jpg
Request Chain 105
  • https://www.publinews.gt/gt/wp-content/uploads/2022/08/corea-norte-reporta-4-posibles-nuevos-casos-covid-19-publinews-187x140.jpg HTTP 301
  • https://static.publinews.gt/2022/08/corea-norte-reporta-4-posibles-nuevos-casos-covid-19-publinews-187x140.jpg
Request Chain 114
  • https://www.publinews.gt/gt/wp-content/uploads/2022/01/pacientes-en-el-hospital-roosevelt-en-guatemala-dan-positivo-a-pruebas-de-covid-19-pandemia-coronavirus-31-de-enero-de-2022-fotos-publinews-300x300.jpg HTTP 301
  • https://static.publinews.gt/2022/01/pacientes-en-el-hospital-roosevelt-en-guatemala-dan-positivo-a-pruebas-de-covid-19-pandemia-coronavirus-31-de-enero-de-2022-fotos-publinews-300x300.jpg
Request Chain 115
  • https://www.publinews.gt/gt/wp-content/uploads/2022/02/jornada-vacunacion-contra-la-covid-coronavirus-en-paseo-la-sexta-avenida-guatemala-zona-1-7-de-febrero-2022-foto-edwin-bercian-publinews-emisoras-unidas-4-300x300.jpg HTTP 301
  • https://static.publinews.gt/2022/02/jornada-vacunacion-contra-la-covid-coronavirus-en-paseo-la-sexta-avenida-guatemala-zona-1-7-de-febrero-2022-foto-edwin-bercian-publinews-emisoras-unidas-4-300x300.jpg
Request Chain 116
  • https://www.publinews.gt/gt/wp-content/uploads/2022/08/jeringa-vacuna-300x300.jpg HTTP 301
  • https://static.publinews.gt/2022/08/jeringa-vacuna-300x300.jpg
Request Chain 117
  • https://www.publinews.gt/gt/wp-content/uploads/2022/08/Candidoilegalidades-300x168.jpg HTTP 301
  • https://static.publinews.gt/2022/08/Candidoilegalidades-300x168.jpg
Request Chain 118
  • https://www.publinews.gt/gt/wp-content/uploads/2022/08/omar-franco-extitular-sat-300x300.jpg HTTP 301
  • https://static.publinews.gt/2022/08/omar-franco-extitular-sat-300x300.jpg
Request Chain 119
  • https://www.publinews.gt/gt/wp-content/uploads/2022/08/inauguran-edificio-atencion-animal-santa-catarina-pinula-187x140.jpg HTTP 301
  • https://static.publinews.gt/2022/08/inauguran-edificio-atencion-animal-santa-catarina-pinula-187x140.jpg
Request Chain 120
  • https://www.publinews.gt/gt/wp-content/uploads/2022/08/heart-intercambio-medicos-eeuu-guatemala-187x140.jpg HTTP 301
  • https://static.publinews.gt/2022/08/heart-intercambio-medicos-eeuu-guatemala-187x140.jpg
Request Chain 129
  • https://www.publinews.gt/gt/wp-content/uploads/2022/08/centinelas-oracion-juventud-congreso-6-187x140.jpg HTTP 301
  • https://static.publinews.gt/2022/08/centinelas-oracion-juventud-congreso-6-187x140.jpg
Request Chain 130
  • https://www.publinews.gt/gt/wp-content/uploads/2022/08/nina-muere-golpeada-granizo-tormenta-espana-publinews-300x168.jpeg HTTP 301
  • https://static.publinews.gt/2022/08/nina-muere-golpeada-granizo-tormenta-espana-publinews-300x168.jpeg
Request Chain 131
  • https://www.publinews.gt/gt/wp-content/uploads/2022/08/murio-expresidente-sovietico-mijail-gorbachov-publinews-187x140.jpg HTTP 301
  • https://static.publinews.gt/2022/08/murio-expresidente-sovietico-mijail-gorbachov-publinews-187x140.jpg
Request Chain 132
  • https://www.publinews.gt/gt/wp-content/uploads/2022/08/murio-camilo-guevara-march-hijo-che-guevara-publinews-187x140.png HTTP 301
  • https://static.publinews.gt/2022/08/murio-camilo-guevara-march-hijo-che-guevara-publinews-187x140.png
Request Chain 133
  • https://www.publinews.gt/gt/wp-content/uploads/2022/08/murio-hombre-mas-solitario-mundo-amazonia-brasilena-publinews-187x140.png HTTP 301
  • https://static.publinews.gt/2022/08/murio-hombre-mas-solitario-mundo-amazonia-brasilena-publinews-187x140.png
Request Chain 134
  • https://www.publinews.gt/gt/wp-content/uploads/2022/08/soldado-ruso-que-muestra-el-cra%CC%81neo-de-un-ucraniano-300x300.jpg HTTP 301
  • https://static.publinews.gt/2022/08/soldado-ruso-que-muestra-el-cra%CC%81neo-de-un-ucraniano-300x300.jpg
Request Chain 137
  • https://www.publinews.gt/gt/wp-content/uploads/2022/08/aplazan-lanzamiento-mision-artemis-i-nasa-problema-motor-publinews-187x140.png HTTP 301
  • https://static.publinews.gt/2022/08/aplazan-lanzamiento-mision-artemis-i-nasa-problema-motor-publinews-187x140.png
Request Chain 138
  • https://www.publinews.gt/gt/wp-content/uploads/2022/08/debate-presidencial-bolsonaro-lula-187x140.jpg HTTP 301
  • https://static.publinews.gt/2022/08/debate-presidencial-bolsonaro-lula-187x140.jpg
Request Chain 139
  • https://www.publinews.gt/gt/wp-content/uploads/2022/08/hillary-clinton-187x140.jpg HTTP 301
  • https://static.publinews.gt/2022/08/hillary-clinton-187x140.jpg
Request Chain 140
  • https://www.publinews.gt/gt/wp-content/uploads/2022/08/Al-menos-12-heridos-dejo%CC%81-un-accidente-en-una-montan%CC%83a-rusa-300x168.jpg HTTP 301
  • https://static.publinews.gt/2022/08/Al-menos-12-heridos-dejo%CC%81-un-accidente-en-una-montan%CC%83a-rusa-300x168.jpg
Request Chain 184
  • https://www.publinews.gt/gt/wp-content/uploads/2020/06/opinion-chechapaiz-150x150.jpg HTTP 301
  • https://static.publinews.gt/2020/06/opinion-chechapaiz-150x150.jpg
Request Chain 185
  • https://www.publinews.gt/gt/wp-content/uploads/2020/06/opinion-giovannifratti.jpg HTTP 301
  • https://static.publinews.gt/2020/06/opinion-giovannifratti.jpg
Request Chain 186
  • https://www.publinews.gt/gt/wp-content/uploads/2020/06/opinion-josesanabria.jpg HTTP 301
  • https://static.publinews.gt/2020/06/opinion-josesanabria.jpg
Request Chain 187
  • https://www.publinews.gt/gt/wp-content/uploads/2020/06/opinion-julissamartinez-150x150.jpg HTTP 301
  • https://static.publinews.gt/2020/06/opinion-julissamartinez-150x150.jpg
Request Chain 188
  • https://www.publinews.gt/gt/wp-content/uploads/2020/06/opinion-luisvalenzuela.jpg HTTP 301
  • https://static.publinews.gt/2020/06/opinion-luisvalenzuela.jpg
Request Chain 189
  • https://www.publinews.gt/gt/wp-content/uploads/2020/06/opinion-mariaace%C3%B1a.jpg HTTP 301
  • https://static.publinews.gt/2020/06/opinion-mariaace%C3%B1a.jpg
Request Chain 190
  • https://www.publinews.gt/gt/wp-content/uploads/2020/06/opinion-nelsonleal-150x150.jpg HTTP 301
  • https://static.publinews.gt/2020/06/opinion-nelsonleal-150x150.jpg
Request Chain 191
  • https://www.publinews.gt/gt/wp-content/uploads/2020/06/opinion-paolarivano.jpg HTTP 301
  • https://static.publinews.gt/2020/06/opinion-paolarivano.jpg
Request Chain 192
  • https://www.publinews.gt/gt/wp-content/uploads/2022/08/NIN%CC%83O-CREA-SU-PROPIO-A%CC%81LBUM-DEL-MUNDIAL-640x576.jpg HTTP 301
  • https://static.publinews.gt/2022/08/NIN%CC%83O-CREA-SU-PROPIO-A%CC%81LBUM-DEL-MUNDIAL-640x576.jpg
Request Chain 193
  • https://www.publinews.gt/gt/wp-content/uploads/2022/08/aparicio-lynner-414x232.jpg HTTP 301
  • https://static.publinews.gt/2022/08/aparicio-lynner-414x232.jpg
Request Chain 194
  • https://www.publinews.gt/gt/wp-content/uploads/2022/08/visita-de-infantino-a-Guatemala-1-414x232.jpeg HTTP 301
  • https://static.publinews.gt/2022/08/visita-de-infantino-a-Guatemala-1-414x232.jpeg
Request Chain 195
  • https://www.publinews.gt/gt/wp-content/uploads/2022/08/gianni-infantino-presidente-fifa-anima-guatemala-clasificar-mundial-publinews--414x232.jpg HTTP 301
  • https://static.publinews.gt/2022/08/gianni-infantino-presidente-fifa-anima-guatemala-clasificar-mundial-publinews--414x232.jpg
Request Chain 196
  • https://www.publinews.gt/gt/wp-content/uploads/2022/08/visita-de-infantino-a-Guatemala-1-640x640.jpeg HTTP 301
  • https://static.publinews.gt/2022/08/visita-de-infantino-a-Guatemala-1-640x640.jpeg
Request Chain 197
  • https://www.publinews.gt/gt/wp-content/uploads/2022/08/gianni-infantino-presidente-de-FIFA-visita-guatemala-publinews--414x232.jpg HTTP 301
  • https://static.publinews.gt/2022/08/gianni-infantino-presidente-de-FIFA-visita-guatemala-publinews--414x232.jpg
Request Chain 198
  • https://www.publinews.gt/gt/wp-content/uploads/2022/08/eugenio-derbez-comediante-300x168.jpg HTTP 301
  • https://static.publinews.gt/2022/08/eugenio-derbez-comediante-300x168.jpg
Request Chain 199
  • https://www.publinews.gt/gt/wp-content/uploads/2022/08/Presentador-de-La-Academia-acciona-contra-mujer-que-lo-acusa-de-abuso-sexual-187x140.jpg HTTP 301
  • https://static.publinews.gt/2022/08/Presentador-de-La-Academia-acciona-contra-mujer-que-lo-acusa-de-abuso-sexual-187x140.jpg
Request Chain 200
  • https://www.publinews.gt/gt/wp-content/uploads/2022/08/yailin-la-mas-viral-publinews-1-187x140.jpg HTTP 301
  • https://static.publinews.gt/2022/08/yailin-la-mas-viral-publinews-1-187x140.jpg
Request Chain 201
  • https://www.publinews.gt/gt/wp-content/uploads/2022/08/georgina-rodriguez-publinews-1-1-187x140.jpg HTTP 301
  • https://static.publinews.gt/2022/08/georgina-rodriguez-publinews-1-1-187x140.jpg
Request Chain 202
  • https://www.publinews.gt/gt/wp-content/uploads/2022/08/Van-Gogh-Suen%CC%83o-Inmersivo-publinews-1-300x300.jpg HTTP 301
  • https://static.publinews.gt/2022/08/Van-Gogh-Suen%CC%83o-Inmersivo-publinews-1-300x300.jpg
Request Chain 203
  • https://www.publinews.gt/gt/wp-content/uploads/2022/08/Cesia-y-Andre%CC%81s-187x140.jpg HTTP 301
  • https://static.publinews.gt/2022/08/Cesia-y-Andre%CC%81s-187x140.jpg
Request Chain 204
  • https://www.publinews.gt/gt/wp-content/uploads/2019/12/24/eugenioderbezyal-03e2ad4f6af7ed3584aa69493660eb43-187x140.jpg HTTP 301
  • https://static.publinews.gt/2019/12/24/eugenioderbezyal-03e2ad4f6af7ed3584aa69493660eb43-187x140.jpg
Request Chain 205
  • https://www.publinews.gt/gt/wp-content/uploads/2018/01/17/ashleygrahamencienderedessexybailelenceria-cf27fce9cade7c55f7f799b5bdaf1214-187x140.jpg HTTP 301
  • https://static.publinews.gt/2018/01/17/ashleygrahamencienderedessexybailelenceria-cf27fce9cade7c55f7f799b5bdaf1214-187x140.jpg
Request Chain 206
  • https://www.publinews.gt/gt/wp-content/uploads/2017/08/23/laura-flores-300x168.jpg HTTP 301
  • https://static.publinews.gt/2017/08/23/laura-flores-300x168.jpg
Request Chain 207
  • https://www.publinews.gt/gt/wp-content/uploads/2022/08/Clara-Chia-Marti-y-Gerard-Pique-414x232.jpg HTTP 301
  • https://static.publinews.gt/2022/08/Clara-Chia-Marti-y-Gerard-Pique-414x232.jpg
Request Chain 208
  • https://www.publinews.gt/gt/wp-content/uploads/2022/08/Robert-Lupone-los-soprano-187x140.png HTTP 301
  • https://static.publinews.gt/2022/08/Robert-Lupone-los-soprano-187x140.png
Request Chain 209
  • https://www.publinews.gt/gt/wp-content/uploads/2022/08/eugenio-derbez-comediante-187x140.jpg HTTP 301
  • https://static.publinews.gt/2022/08/eugenio-derbez-comediante-187x140.jpg
Request Chain 210
  • https://www.publinews.gt/gt/wp-content/uploads/2022/08/arturo-lopez-gavito-publinews-1-414x232.jpg HTTP 301
  • https://static.publinews.gt/2022/08/arturo-lopez-gavito-publinews-1-414x232.jpg
Request Chain 211
  • https://www.publinews.gt/gt/wp-content/uploads/2022/08/House-Of-the-Drago%CC%81n-publinews--187x140.png HTTP 301
  • https://static.publinews.gt/2022/08/House-Of-the-Drago%CC%81n-publinews--187x140.png
Request Chain 212
  • https://www.publinews.gt/gt/wp-content/uploads/2022/08/danna-paola-publinews--187x140.jpg HTTP 301
  • https://static.publinews.gt/2022/08/danna-paola-publinews--187x140.jpg
Request Chain 213
  • https://www.publinews.gt/gt/wp-content/uploads/2022/08/PORTADA-PUBLINEWS-31-AGOSTO-2022.jpg HTTP 301
  • https://static.publinews.gt/2022/08/PORTADA-PUBLINEWS-31-AGOSTO-2022.jpg
Request Chain 214
  • https://www.publinews.gt/gt/wp-content/uploads/2022/08/espacio-ocupacional-restaurante-quetzaltenango-300x300.jpg HTTP 301
  • https://static.publinews.gt/2022/08/espacio-ocupacional-restaurante-quetzaltenango-300x300.jpg
Request Chain 215
  • https://www.publinews.gt/gt/wp-content/uploads/2022/08/El-Chavo-del-8-don-Ramo%CC%81n-y-la-Chilindrina-se-lucieron-con-un-gran-show.--300x168.png HTTP 301
  • https://static.publinews.gt/2022/08/El-Chavo-del-8-don-Ramo%CC%81n-y-la-Chilindrina-se-lucieron-con-un-gran-show.--300x168.png
Request Chain 216
  • https://www.publinews.gt/gt/wp-content/uploads/2022/08/Reunio%CC%81n-escolar-termina-en-pelea-campal--187x140.png HTTP 301
  • https://static.publinews.gt/2022/08/Reunio%CC%81n-escolar-termina-en-pelea-campal--187x140.png
Request Chain 217
  • https://www.publinews.gt/gt/wp-content/uploads/2022/08/Se-hace-viral-un-extran%CC%83o-animal-con-apariencia-de-perro-187x140.png HTTP 301
  • https://static.publinews.gt/2022/08/Se-hace-viral-un-extran%CC%83o-animal-con-apariencia-de-perro-187x140.png
Request Chain 218
  • https://www.publinews.gt/gt/wp-content/uploads/2022/08/Maestra-reprueba-a-alumna-por-entregar-tarea-con-lenguaje-inclusivo22--187x140.jpg HTTP 301
  • https://static.publinews.gt/2022/08/Maestra-reprueba-a-alumna-por-entregar-tarea-con-lenguaje-inclusivo22--187x140.jpg
Request Chain 219
  • https://www.publinews.gt/gt/wp-content/uploads/2022/08/Nin%CC%83a-de-2-an%CC%83os-mata-a-mordidas-a-una-serpiente-que-la-mordio%CC%81-primero-300x300.png HTTP 301
  • https://static.publinews.gt/2022/08/Nin%CC%83a-de-2-an%CC%83os-mata-a-mordidas-a-una-serpiente-que-la-mordio%CC%81-primero-300x300.png
Request Chain 220
  • https://www.publinews.gt/gt/wp-content/uploads/2022/08/Conductor-impacto%CC%81-su-auto-contra-vivienda-y-llego%CC%81-hasta-la-cocina-300x300.jpg HTTP 301
  • https://static.publinews.gt/2022/08/Conductor-impacto%CC%81-su-auto-contra-vivienda-y-llego%CC%81-hasta-la-cocina-300x300.jpg
Request Chain 221
  • https://www.publinews.gt/gt/wp-content/uploads/2022/08/descubre-mcdonalandia-mcdonalds-zona-juegos-amenidades-naranjo-mall-publinews-1-300x300.jpeg HTTP 301
  • https://static.publinews.gt/2022/08/descubre-mcdonalandia-mcdonalds-zona-juegos-amenidades-naranjo-mall-publinews-1-300x300.jpeg
Request Chain 222
  • https://www.publinews.gt/gt/wp-content/uploads/2022/08/comex-llena-de-color-mirador-las-nubes-solola-emisoras-unidas-publinews-1-300x168.jpg HTTP 301
  • https://static.publinews.gt/2022/08/comex-llena-de-color-mirador-las-nubes-solola-emisoras-unidas-publinews-1-300x168.jpg
Request Chain 223
  • https://www.publinews.gt/gt/wp-content/uploads/2022/08/participa-la-ruta-al-bienestar-financiero-bam-museo-ferrocarril-guatemala-publinews-11-300x168.png HTTP 301
  • https://static.publinews.gt/2022/08/participa-la-ruta-al-bienestar-financiero-bam-museo-ferrocarril-guatemala-publinews-11-300x168.png
Request Chain 224
  • https://www.publinews.gt/gt/wp-content/uploads/2022/08/anuncian-la-decima-edicion-del-training-day-en-guatemala-publinews-emisoras-unidas-1-1-300x168.jpg HTTP 301
  • https://static.publinews.gt/2022/08/anuncian-la-decima-edicion-del-training-day-en-guatemala-publinews-emisoras-unidas-1-1-300x168.jpg
Request Chain 225
  • https://www.publinews.gt/gt/wp-content/uploads/2022/08/tarjetas-cuscatlan-presenta-multipuntos-nuevo-programa-lealtad-emisoras-unidas-publinews-3-300x168.jpg HTTP 301
  • https://static.publinews.gt/2022/08/tarjetas-cuscatlan-presenta-multipuntos-nuevo-programa-lealtad-emisoras-unidas-publinews-3-300x168.jpg
Request Chain 240
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEBlwHZeid5Gxjcc26PRS-yU&google_cver=1
Request Chain 241
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
  • https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=Yw.JV2VdAdTCKpuRnEKM-AAA HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEJ4lR5yZuGZjQULyilTr5rg&google_cver=1&google_hm=2
Request Chain 242
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
  • https://ib.adnxs.com/setuid?entity=101&code=CAESEF3CPL3hy5q9qvBOlMqIiR4&google_cver=1
Request Chain 243
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NjM0Mzc5NTgyMTk5OTA1NzM0OQ%3D%3D
Request Chain 273
  • https://pm.w55c.net/ping_match.gif?ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEKCYmF7dpLDkfyNhpNCq6GQ&google_cver=1&google_push=AehlK4D7ZlaNjzEpyoA3z7cg_RK8JrLRG0ExMyOrjLSDA35wiebIJB3tnlCIncLjGAdGxYUJWacSh-_Zh5o41NHB2vdkctr3e6Wz HTTP 302
  • https://pm.w55c.net/ping_match.gif?scc=1&ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEKCYmF7dpLDkfyNhpNCq6GQ&google_cver=1&google_push=AehlK4D7ZlaNjzEpyoA3z7cg_RK8JrLRG0ExMyOrjLSDA35wiebIJB3tnlCIncLjGAdGxYUJWacSh-_Zh5o41NHB2vdkctr3e6Wz HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=QldQMjl0QzgxT3Rxbzc1&google_gid=CAESEKCYmF7dpLDkfyNhpNCq6GQ&google_cver=1&google_push=AehlK4D7ZlaNjzEpyoA3z7cg_RK8JrLRG0ExMyOrjLSDA35wiebIJB3tnlCIncLjGAdGxYUJWacSh-_Zh5o41NHB2vdkctr3e6Wz
Request Chain 274
  • https://sync.tidaltv.com/genericusersync.ashx?dpid=glrdr&google_gid=CAESEFXyDjgN9USbnevsIoq2PWo&google_cver=1&google_push=AehlK4A5CUSnCOT-Eg3Zf8imHoeDhfkfvASPvEHVN_R37bFF422wRe3VSEmOY2ftyPeGl4I5cxGxwL6VNMaeLaGnT6njv6wk9YQ HTTP 302
  • https://sync.tidaltv.com/genericusersync.ashx?dpid=glrdr&google_gid=CAESEFXyDjgN9USbnevsIoq2PWo&google_cver=1&google_push=AehlK4A5CUSnCOT-Eg3Zf8imHoeDhfkfvASPvEHVN_R37bFF422wRe3VSEmOY2ftyPeGl4I5cxGxwL6VNMaeLaGnT6njv6wk9YQ&s_h=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=lucid1&google_push&google_hm=CLkWK5PsTXqknZk9LTBYEw&gdpr=1&gdpr_consent=
Request Chain 275
  • https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEBcSkvxAYmyc320V5-3Cweg&google_cver=1&google_push=AehlK4BeredGkMKic0SPPzdWOysaEheP8eeXBhNiUXCY_Eu7Q1WSYRnmARg0MB34cMR-mihBLFwnJPIYx5IsHFReApCZ9Xyxq1M HTTP 302
  • https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESEBcSkvxAYmyc320V5-3Cweg&google_cver=1&google_push=AehlK4BeredGkMKic0SPPzdWOysaEheP8eeXBhNiUXCY_Eu7Q1WSYRnmARg0MB34cMR-mihBLFwnJPIYx5IsHFReApCZ9Xyxq1M HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NDY0NTAxODIyMjg4MjU3OTU5Mg&google_push=AehlK4BeredGkMKic0SPPzdWOysaEheP8eeXBhNiUXCY_Eu7Q1WSYRnmARg0MB34cMR-mihBLFwnJPIYx5IsHFReApCZ9Xyxq1M
Request Chain 277
  • https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESEDVoYlOxbN9BZq3uC9giKdM&google_cver=1&google_push=AehlK4CrZMj4kduqtcAumrCE_jyH6fz0pglGVmrxM4MbCqqruALf8HjdtKNQH1IExzIKFJIpYPCUoCuVvFjPgcjSXLiPZh0hWuZV HTTP 307
  • https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESEDVoYlOxbN9BZq3uC9giKdM&google_cver=1&google_push=AehlK4CrZMj4kduqtcAumrCE_jyH6fz0pglGVmrxM4MbCqqruALf8HjdtKNQH1IExzIKFJIpYPCUoCuVvFjPgcjSXLiPZh0hWuZV&sovrn_retry=true HTTP 307
  • https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=AehlK4CrZMj4kduqtcAumrCE_jyH6fz0pglGVmrxM4MbCqqruALf8HjdtKNQH1IExzIKFJIpYPCUoCuVvFjPgcjSXLiPZh0hWuZV&google_hm=FPRwuGZHrS58B9CrSf-mfroY
Request Chain 289
  • https://hal90002.redintelligence.net/request.php?zone=4as54di69f4s&nw=20&renderingType=javascript&namespace=9e402249d7&subid=&uid=9aea150153057ab1&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=300x250&scrollPos=0x0&extData[]=&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCUonQVokPY77iEo2ygAe1qaTYDt2t6Khgu4_f1IgK8C4QASDm3vh9YJXikIKgB8gBCakCojANkwrIsD6oAwGqBJgCT9CjDcVg09uQqBv4xvk__UTVPHL5pvCx8Jh_RBUpdav5qv3geswrlq1zXNj221bVb8Nnu-UZ8r-o57v7OZvWVBGH-mSNhpssd5TPA7RduPefg9RkxgTcUomqHUH-vnAy_UVDTpndYsvEBuG7PE1_JBkxjwpNOyQQrMSj-oetxCJdxCF6kojhKzY3D1Cts2B6QO4nxde1wR0e7BqHiINoeV1tpaYFnW4Iw3IhOeDCQ33AFgoRWs48vmx7eHxIcE9JvDHjMnh47_onFnv3Z-920QWh1pLGJ4tHLuPPk9lkg_cFOTDgT-tQwFaUsTjf10bxulFE86nnqmDlFzkGIdR4J7gr81yJZwmuUNzMdolSYwjR-d359R0_ecAEzo67sZYC4AQDkAYBoAZNgAfr5-heqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgH35-xAtgHANIIEgiI4YAQEAEYHTIDqoIBOgKAQIAKA5gLAcgLAYAMAbATms3oDdATANgTA4gUAdgUAdAVAfgWAYAXAQ%26ae%3D1%26num%3D1%26cid%3DCAASKORo1ZdXs_-CgFo2R_bb0sZPRHXa9aAQzmxP-9QWQw2TFSstvOX_I8s%26sig%3DAOD64_3w8Fteqf3Xc3Y9hxTlIq2J8z7Ang%26client%3Dca-pub-4922954394584665%26dbm_c%3DAKAmf-BNLtYooUwo1UjHCmPwdjQiWfUzsiVGRrL2Q8tMA82WdIZnSWN_c4z2BnZM21CahHU1tNt_dEsfanf9pSEgbtQGgpdb_iFuxQdnC0ehlYvTHuTEXSW8c_dlPVXdQgN3CREPNtwjM8iYC4a2PhJD0bRqdXg8sw%26cry%3D1%26dbm_d%3DAKAmf-BId5PRRG_ZdeUGgYE-LgxEKYI9bnnmTI2xGTw2b_ixDx3smJUx6uA4CEXlu5B2gu5OsYEfy-eO-w5LdR0aMGOowE9uK9PYUsI_iafZUMVE-S4BT4fxutHhxvwNKK65pa0UYdm_GRH6nGjBKyLZf3_AEmAGrhNE2SKTRFprnDEfct692AGAb28dewSba-qb4glRw-g0eXfq75n0UvN33OBhMXqXTE_Bqdn5ol8bsOfo0usFefMx___NX-iLDiuVUCDMHP9Vw_9ZUnaTEMFBA0pLUU3OKnjXldsE17TTZEQq1bsN5BwQhKZcg-bfSEsyP8eShcan2NJ3Tj62tDiZx1fLWba9lqx2lZHL_x_GQ1Le6dpdIXIxK4Mid4Ntr1WVrKO9bg_VoDUosVevn7biBrVwrq_xQqveYiP6Yfe0GKqQ95lezd7kpPilMOP2fTruLonCCtY4cvNtQUQ8Mirf23omHc2WDt_l_VQiLrhLllufDB-nEidd2A1Bnmq2BKu5jeLjvw4SQNFk1W2bPffkjpIZwc9Oew%26adurl%3D&documentReferer=https%3A%2F%2Fwww.publinews.gt%2F&ancestorOrigins=https%3A%2F%2Fwww.publinews.gt&random=9769128962088&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0 HTTP 302
  • https://hal90002.redintelligence.net/request.php?zone=4as54di69f4s&nw=20&renderingType=javascript&namespace=9e402249d7&subid=&uid=9aea150153057ab1&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=300x250&scrollPos=0x0&extData[]=&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCUonQVokPY77iEo2ygAe1qaTYDt2t6Khgu4_f1IgK8C4QASDm3vh9YJXikIKgB8gBCakCojANkwrIsD6oAwGqBJgCT9CjDcVg09uQqBv4xvk__UTVPHL5pvCx8Jh_RBUpdav5qv3geswrlq1zXNj221bVb8Nnu-UZ8r-o57v7OZvWVBGH-mSNhpssd5TPA7RduPefg9RkxgTcUomqHUH-vnAy_UVDTpndYsvEBuG7PE1_JBkxjwpNOyQQrMSj-oetxCJdxCF6kojhKzY3D1Cts2B6QO4nxde1wR0e7BqHiINoeV1tpaYFnW4Iw3IhOeDCQ33AFgoRWs48vmx7eHxIcE9JvDHjMnh47_onFnv3Z-920QWh1pLGJ4tHLuPPk9lkg_cFOTDgT-tQwFaUsTjf10bxulFE86nnqmDlFzkGIdR4J7gr81yJZwmuUNzMdolSYwjR-d359R0_ecAEzo67sZYC4AQDkAYBoAZNgAfr5-heqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgH35-xAtgHANIIEgiI4YAQEAEYHTIDqoIBOgKAQIAKA5gLAcgLAYAMAbATms3oDdATANgTA4gUAdgUAdAVAfgWAYAXAQ%26ae%3D1%26num%3D1%26cid%3DCAASKORo1ZdXs_-CgFo2R_bb0sZPRHXa9aAQzmxP-9QWQw2TFSstvOX_I8s%26sig%3DAOD64_3w8Fteqf3Xc3Y9hxTlIq2J8z7Ang%26client%3Dca-pub-4922954394584665%26dbm_c%3DAKAmf-BNLtYooUwo1UjHCmPwdjQiWfUzsiVGRrL2Q8tMA82WdIZnSWN_c4z2BnZM21CahHU1tNt_dEsfanf9pSEgbtQGgpdb_iFuxQdnC0ehlYvTHuTEXSW8c_dlPVXdQgN3CREPNtwjM8iYC4a2PhJD0bRqdXg8sw%26cry%3D1%26dbm_d%3DAKAmf-BId5PRRG_ZdeUGgYE-LgxEKYI9bnnmTI2xGTw2b_ixDx3smJUx6uA4CEXlu5B2gu5OsYEfy-eO-w5LdR0aMGOowE9uK9PYUsI_iafZUMVE-S4BT4fxutHhxvwNKK65pa0UYdm_GRH6nGjBKyLZf3_AEmAGrhNE2SKTRFprnDEfct692AGAb28dewSba-qb4glRw-g0eXfq75n0UvN33OBhMXqXTE_Bqdn5ol8bsOfo0usFefMx___NX-iLDiuVUCDMHP9Vw_9ZUnaTEMFBA0pLUU3OKnjXldsE17TTZEQq1bsN5BwQhKZcg-bfSEsyP8eShcan2NJ3Tj62tDiZx1fLWba9lqx2lZHL_x_GQ1Le6dpdIXIxK4Mid4Ntr1WVrKO9bg_VoDUosVevn7biBrVwrq_xQqveYiP6Yfe0GKqQ95lezd7kpPilMOP2fTruLonCCtY4cvNtQUQ8Mirf23omHc2WDt_l_VQiLrhLllufDB-nEidd2A1Bnmq2BKu5jeLjvw4SQNFk1W2bPffkjpIZwc9Oew%26adurl%3D&documentReferer=https%3A%2F%2Fwww.publinews.gt%2F&ancestorOrigins=https%3A%2F%2Fwww.publinews.gt&random=9769128962088&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0&uidRedirect=1
Request Chain 297
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEJ4lR5yZuGZjQULyilTr5rg&google_cver=1
Request Chain 298
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=Yw.JV2VdAdTCKpuRnEKM-AAA HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEJ4lR5yZuGZjQULyilTr5rg&google_cver=1&google_hm=2
Request Chain 299
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
  • https://ib.adnxs.com/setuid?entity=101&code=CAESEN_5Wqu3FT5vusPpgxQ0xRM&google_cver=1
Request Chain 300
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NjM0Mzc5NTgyMTk5OTA1NzM0OQ%3D%3D
Request Chain 325
  • https://pv.medialead.de/trck/epv/e99aace94e6e5873e8585f37a737853a?subid=50921200115005400757589012068002&t=htlp HTTP 302
  • https://pb.media01.eu/view.aspx?trackid=529D4F146E3238B0FD87AE72E1190AD4&dt_subid1=52180&dt_subid2=50921200115005400757589012068002&actionid=981741&produktid=&dt_url=
Request Chain 331
  • https://e.dlx.addthis.com/e/a-1189/s-3614?redirect_provider_id=3614&ru=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Ddatalogix_dmp%26google_hm%3D%3CNA_ID%3E%26google_push%3DAehlK4Ab1lLGepcqR2ke74nZqfKmpY3fRPk8WbLxdkkEZjaTO0IvCUtx2kgoDbA0YhY7Ou2U3bEq4LAtqZ12a80kprMNipcnhgI&google_gid=CAESEPz7E7rBwseHUH0YSMgSjWE&google_cver=1 HTTP 302
  • https://e.dlx.addthis.com/e/a-1189/s-3614?redirect_provider_id=3614&ru=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Ddatalogix_dmp%26google_hm%3D%3CNA_ID%3E%26google_push%3DAehlK4Ab1lLGepcqR2ke74nZqfKmpY3fRPk8WbLxdkkEZjaTO0IvCUtx2kgoDbA0YhY7Ou2U3bEq4LAtqZ12a80kprMNipcnhgI&google_gid=CAESEPz7E7rBwseHUH0YSMgSjWE&google_cver=1&rd=Y HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=datalogix_dmp&google_hm=MjAyMjA4MzExNjE2MjQwMDA5NDgwODY0MTA2Ng%3D%3D&google_push=AehlK4Ab1lLGepcqR2ke74nZqfKmpY3fRPk8WbLxdkkEZjaTO0IvCUtx2kgoDbA0YhY7Ou2U3bEq4LAtqZ12a80kprMNipcnhgI
Request Chain 333
  • https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESELep0oPrCbym58w7RggwKBU&google_cver=1&google_push=AehlK4B0m5Hg1UrCYkk-bfDUznTSHVjhYWLVL5yo9Eua3IQ9DCg8weFhEJV8xQAQ_f7rXW7or3upKlpSXP2VkcvSI-iESLEypgU HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDdIVE0wWVItMVctOElOVQ==&google_push=AehlK4B0m5Hg1UrCYkk-bfDUznTSHVjhYWLVL5yo9Eua3IQ9DCg8weFhEJV8xQAQ_f7rXW7or3upKlpSXP2VkcvSI-iESLEypgU
Request Chain 334
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEFXBx1nPUboS6h0L4h-aXhY&google_cver=1&google_push=AehlK4AJW_WprqGyS61w-gi8K0_ASe4HBj8N-eD0Rdfdc0rzt1e03IwrM5VTUZo-W7O4RUGMeJglc4YlWl-UJWWzjobFVXsUfBw HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEFXBx1nPUboS6h0L4h-aXhY&google_hm=Yw-JV2VdAdTCKpuRnEKM_AAABLEAAAIB&google_nid=index&google_push=AehlK4AJW_WprqGyS61w-gi8K0_ASe4HBj8N-eD0Rdfdc0rzt1e03IwrM5VTUZo-W7O4RUGMeJglc4YlWl-UJWWzjobFVXsUfBw
Request Chain 343
  • https://d.adtriba.com/collect?atb_ptid=f65079e0&atb_dcaid=202202_es_ukraine_dv_pros_330033546&atb_dpuid=di_dv&gdpr=&gdpr_consent= HTTP 302
  • https://d.adtriba.com/px.gif
Request Chain 363
  • https://pv.medialead.de/trck/eview/e99aace94e6e5873e8585f37a737853a?subid=50921200115005400757589012068002 HTTP 302
  • https://ad-server.eu/wm/pb/Depot/pb_Depot_300x250.gif
Request Chain 364
  • https://pixel.everesttech.net/1/m?url=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Deverest%26google_hm%3D__EFGSURFER_USB64__%26google_push%3DAehlK4CYq9YBvOG_XqTaVCUTeR8pH57HjoJkawdeAZguZknhqydtmjpoxwx5-c7YoDozCHSht01OYAitsNVhXPnjaLuoXBdz_-PzPg&google_gid=CAESELS3M_UGoTPEm2h4M4lw-ec&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=everest&google_hm=WXdASldBQUFBVjFITDFpMQ&google_push=AehlK4CYq9YBvOG_XqTaVCUTeR8pH57HjoJkawdeAZguZknhqydtmjpoxwx5-c7YoDozCHSht01OYAitsNVhXPnjaLuoXBdz_-PzPg
Request Chain 365
  • https://x.bidswitch.net/sync?ssp=google&google_gid=CAESEIUFbLn1da8Z6FD6-WRGiyo&google_cver=1&google_push=AehlK4DofEj3g_6bgXwvemHf5ZrfxHhGqGlN7Ccy_hW5ZwRvMzZBagTd82qDadDczIwpVxusc5OlGJXqQgVzewyLe8UrqhRnzi1R HTTP 302
  • https://x.bidswitch.net/ul_cb/sync?ssp=google&google_gid=CAESEIUFbLn1da8Z6FD6-WRGiyo&google_cver=1&google_push=AehlK4DofEj3g_6bgXwvemHf5ZrfxHhGqGlN7Ccy_hW5ZwRvMzZBagTd82qDadDczIwpVxusc5OlGJXqQgVzewyLe8UrqhRnzi1R HTTP 302
  • https://ads.avct.cloud/getuid?url=%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D59%26user_id%3D%7B%7BUUID%7D%7D%26ssp%3Dgoogle HTTP 307
  • https://ads.avct.cloud/getuid?bounce=true&url=%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D59%26user_id%3D%7B%7BUUID%7D%7D%26ssp%3Dgoogle HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=59&user_id=6be379e6-f32c-4af3-8ea1-21ff24ddc501&ssp=google HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=AehlK4DofEj3g_6bgXwvemHf5ZrfxHhGqGlN7Ccy_hW5ZwRvMzZBagTd82qDadDczIwpVxusc5OlGJXqQgVzewyLe8UrqhRnzi1R&google_hm=VE5DhysXTHmNYeGINsiiBQ==
Request Chain 369
  • https://s.ad.smaato.net/c/n///-?adNetInit=g&google_gid=CAESEL6eEaaNObWOGVsOcsdtuoU&google_cver=1&google_push=AehlK4ClOrEVMYfbFLbObKFbJTofrwR6DWFmng1RzZxMtpXs8XL0rnskn4eZALidO9NYOmeyUQ1dtJLTZtor9_-vKOMdA2auYth5 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=smaato&google_push=AehlK4ClOrEVMYfbFLbObKFbJTofrwR6DWFmng1RzZxMtpXs8XL0rnskn4eZALidO9NYOmeyUQ1dtJLTZtor9_-vKOMdA2auYth5
Request Chain 370
  • https://sync.1rx.io/usersync2/rmpssp?sub=google&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3D%5BRX_SPD%5D%26google_hm%3D%5BRX_UUID_B64_BIN%5D&google_gid=CAESEJFx_kvZ6Ji8N5MN8wTuaWY&google_cver=1&google_push=AehlK4DjZVxeCXN6Xz4HOs-6KHypXLuSyl_Rn45uuiQhCw9sDx8iSfEDdJ57foUkfQwLXT93qKSDLOJRFIcLPYkB_M3wS7Xkyg_7ug HTTP 302
  • https://sync.1rx.io/usersync2/rmpssp?sub=google&zcc=1&google_push=AehlK4DjZVxeCXN6Xz4HOs-6KHypXLuSyl_Rn45uuiQhCw9sDx8iSfEDdJ57foUkfQwLXT93qKSDLOJRFIcLPYkB_M3wS7Xkyg_7ug&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3D%5BRX_SPD%5D%26google_hm%3D%5BRX_UUID_B64_BIN%5D&cb=1661962584051 HTTP 302
  • https://sync.targeting.unrulymedia.com/csync/RX-8df3ac68-2224-4add-a78f-e992acbeb876-003?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3DAehlK4DjZVxeCXN6Xz4HOs-6KHypXLuSyl_Rn45uuiQhCw9sDx8iSfEDdJ57foUkfQwLXT93qKSDLOJRFIcLPYkB_M3wS7Xkyg_7ug%26google_hm%3DA43zrGgiJErdp4_pkqy-uHY HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=AehlK4DjZVxeCXN6Xz4HOs-6KHypXLuSyl_Rn45uuiQhCw9sDx8iSfEDdJ57foUkfQwLXT93qKSDLOJRFIcLPYkB_M3wS7Xkyg_7ug&google_hm=A43zrGgiJErdp4_pkqy-uHY
Request Chain 383
  • https://sync.tidaltv.com/genericusersync.ashx?dpid=glrdr&google_gid=CAESEELsrgoAJ5WjBMF65phI_Ps&google_cver=1&google_push=AehlK4AKe1CpSEVZx5xTQmdlW0DAYSr52AsxdFouxEK1P9A90k9sygBePgfqLKKkfxOQKqoVPUgz79DqN64nVYl1snwG7XXLTw HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=lucid1&google_push&google_hm=CLkWK5PsTXqknZk9LTBYEw&gdpr=1&gdpr_consent=
Request Chain 385
  • https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESELep0oPrCbym58w7RggwKBU&google_cver=1&google_push=AehlK4CsEEnk8N6rV-Sflh22YC_tfQ9CIlUzaJTSPZZA8kOCR-9P1zXCbx9vPTuAljz9uOMSvxVjA_lFGAD6yNkPg-OeSYEZqQ HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDdIVE0xMkwtMUEtOVFNRA==&google_push=AehlK4CsEEnk8N6rV-Sflh22YC_tfQ9CIlUzaJTSPZZA8kOCR-9P1zXCbx9vPTuAljz9uOMSvxVjA_lFGAD6yNkPg-OeSYEZqQ
Request Chain 386
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEFXBx1nPUboS6h0L4h-aXhY&google_cver=1&google_push=AehlK4ACMYZyyMFGzRugtamn7S1nrd-QfRUZz0DDf3lDUCj_elaEU32nrwhIrj-mm95s2TxPzUYGeoE5Vf6I77zF0is-qZ5RQ8E HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEFXBx1nPUboS6h0L4h-aXhY&google_hm=Yw-JV2VdAdTCKpuRnEKM_AAABLEAAAIB&google_nid=index&google_push=AehlK4ACMYZyyMFGzRugtamn7S1nrd-QfRUZz0DDf3lDUCj_elaEU32nrwhIrj-mm95s2TxPzUYGeoE5Vf6I77zF0is-qZ5RQ8E
Request Chain 387
  • https://onetag-sys.com/match/?int_id=19&redir=1&google_gid=CAESEBMN_2Q9KvNyo1P4CtNH0WA&google_cver=1&google_push=AehlK4CWvCPzzO_NMqknPP_J8UCMF5C8w3xjZK_aFpMg7DAQUe49jp67bYixWX8U4Rx40ERi-puuuukaZDCnMPcI_x5pgX2Vag HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AehlK4CWvCPzzO_NMqknPP_J8UCMF5C8w3xjZK_aFpMg7DAQUe49jp67bYixWX8U4Rx40ERi-puuuukaZDCnMPcI_x5pgX2Vag
Request Chain 399
  • https://www.awin1.com/cawshow.php?v=11938&s=2542680&q=367022&r=412871&pv=1&pref3=pv_oneidGjeTBfpfXwx9UKHeHGtPt31dHZSYTeA9tEoneid__dc_reach_suite02wkz&gdpr_consent=&gdpr=0&gdpr_pd=0 HTTP 302
  • https://banner.congstar.de/cookie/?sp=awin&spfr=412871&awc=11938_412871_1661962584_42619930-2948-11ed-96ab-2230957fd0f4
Request Chain 404
  • https://pv.medialead.de/trck/epv/2aed39855b5f46b7a748752d73036483?t=htlp&subid=oneidr2GcQf9fwMQUAH7HjtqtgdXaYS8TKxdhdoneid__dc_reach_suite02wkz&gdpr_consent=&gdpr=0&gdpr_pd=0 HTTP 302
  • https://pb.media01.eu/view.aspx?trackid=529D4F146E3238B0FD87AE72E1190AD4&dt_subid1=57372&dt_subid2=oneidr2GcQf9fwMQUAH7HjtqtgdXaYS8TKxdhdoneid__dc_reach_suite02wkz&actionid=981741&produktid=&dt_url=
Request Chain 445
  • https://sync.1rx.io/usersync2/rmpssp?sub=aniview&gdpr=1&gdpr_pd=0&gdpr_consent=&redir=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1661962584249-915558184916-007205-002-006677%26biddername%3D200%26key%3D%5BRX_UUID%5D HTTP 302
  • https://sync.aniview.com/cookiesyncendpoint?auid=1661962584249-915558184916-007205-002-006677&biddername=200&key=OPTOUT
Request Chain 446
  • https://ad.360yield.com/server_match?partner_id=1581&r=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1661962584249-915558184916-007205-002-006677%26biddername%3D22%26key%3D%7BPUB_USER_ID%7D HTTP 302
  • https://ad.360yield.com/ul_cb/server_match?partner_id=1581&r=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1661962584249-915558184916-007205-002-006677%26biddername%3D22%26key%3D%7BPUB_USER_ID%7D HTTP 302
  • https://sync.aniview.com/cookiesyncendpoint?auid=1661962584249-915558184916-007205-002-006677&biddername=22&key=6585fe84-1325-496b-b805-3da3a97c944c
Request Chain 447
  • https://csync.loopme.me/?redirect=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1661962584249-915558184916-007205-002-006677%26biddername%3D56%26pid%3D59c9148628a0612da3689288%26key%3D%7Bdevice_id%7D HTTP 307
  • https://sync.aniview.com/cookiesyncendpoint?auid=1661962584249-915558184916-007205-002-006677&biddername=56&pid=59c9148628a0612da3689288&key=8054a25d-7ff0-4918-b275-d01f1afe9208
Request Chain 448
  • https://bh.contextweb.com/bh/rtset?pid=562704&ev=1&us_privacy=${us_privacy}&rurl=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1661962584249-915558184916-007205-002-006677%26biddername%3D10%26pid%3D59c9148628a0612da3689288%26key%3D%25%25VGUID%25%25 HTTP 302
  • https://sync.aniview.com/cookiesyncendpoint?auid=1661962584249-915558184916-007205-002-006677&biddername=10&pid=59c9148628a0612da3689288&key=Z6T4uN2keg3N&ev=1&us_privacy=${us_privacy}&pid=562704
Request Chain 454
  • https://video-ads.rubiconproject.com/video/12948/312596/1590248/201/vast.xml?tg_c.language=es&rp_schain=1.0,1!latinon.com,2087,1,,, HTTP 302
  • https://optimized-by.rubiconproject.com/a/api/vast.xml?account_id=12948&site_id=312596&zone_id=1590248&size_id=201&tg_c.language=es&rp_schain=1.0%2C1%21latinon.com%2C2087%2C1%2C%2C%2C&p_aso.video.api=2&p_aso.video.mimes=application%2Fjavascript%2Cvideo%2Fmp4&tk_vpaid=1&cb=28529542.232179
Request Chain 484
  • https://www.awin1.com/cshow.php?s=2470185&v=11354&q=377129&r=412871&pv=1&pref3=oneidRx6fgfQfZx7TkHwH3tQtdWgf9SzTmqbF7oneid__dc_reach_suite02wkz&gdpr_consent=&gdpr=0&gdpr_pd=0 HTTP 302
  • https://www.zenaps.com/cshow.php?pvr=42d01270-2948-11ed-b38a-2238c37626e7&v=11354&r=412871&q=377129&s=2470185&viewref3=oneidRx6fgfQfZx7TkHwH3tQtdWgf9SzTmqbF7oneid__dc_reach_suite02wkz&pv=1&gdpr=0&gdpr_consent= HTTP 302
  • https://www.conrad.de/ztpv.php?awc=11354_412871_1661962585_42d01270-2948-11ed-b38a-2238c37626e7&insert=AW&&gdpr=0&gdpr_consent=
Request Chain 543
  • https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fwww.publinews.gt%2F&domain=www.publinews.gt&cw=1&lsw=1 HTTP 302
  • https://mug.criteo.com/sid?cpp=8hBLlnxJelJSRGJoMkxEaWxVazRMdmUvc0tLczNtL2c3aW43UVFkQVZYaWlnaFRDSXMyTUZ1eHpyS1pwRmJ6aklHVlFVbFYrNVhOc21hM29lTWFDSnBnZ2JpNktjV1ppVnBicFVHU3VOdTBzc2N5aHBBbVRIbENLZHZUSEZkSVk3OTVwc2hBYTNZczMybytMeHgrL2t4M2REWXJ0N0xtVWt5UG1OektFSDRaTDJKdFZDTnJqMG5oMHl6bDAyOEtBNUV4VGp5c2o5dktJSXE0RC92QnpxY2xTZEhOM01QWTF5clkyVGx2RGl6TW5PNVhLaS9nM3J4UjJHKzZSbHFjN2xzTHhFfA&cppv=2
Request Chain 555
  • https://ads.stickyadstv.com/auto-user-sync HTTP 302
  • https://1f2e7.v.fwmrm.net/ad/u?_dv=2&dsp_user_mapping=true&127719=e5641b54d98a99bf9c6a46754b9ffa4b&rdU=https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D1169%26userId%3d%23%7buser.id%7d%26gdpr%3d0%26gdpr_consent%3d HTTP 302
  • https://ads.stickyadstv.com/user-registering?dataProviderId=1169&userId=pc026_7138074954046140882&gdpr=0&gdpr_consent= HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=stickyxchange_dbm&google_cm=&google_sc&google_hm=ZTU2NDFiNTRkOThhOTliZjljNmE0Njc1NGI5ZmZhNGI=&gdpr=0&gdpr_consent= HTTP 302
  • https://ads.stickyadstv.com/user-registering?dataProviderId=141&userId=CAESECzdv0smHsw9cv0YfZ1dzOI&google_cver=1&gdpr=0&gdpr_consent= HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=stickyads&ttd_tpi=1&gdpr=0&gdpr_consent=
Request Chain 562
  • https://token.rubiconproject.com/token?pid=2249&pt=n HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=Zjg5OWM5ZTFiOTFjOWU3ODhjODg3NTNhZmU0YzVhMWJlYTc1N2VkYQ
Request Chain 563
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEABp5B-1YWqH9U2Q7v7IZfk&google_cver=1
Request Chain 564
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id= HTTP 302
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=&dcc=t HTTP 302
  • https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=oOiy2LQ-TEGfFvQ64PLZaQ&rk=usync-other HTTP 302
  • https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=oOiy2LQ-TEGfFvQ64PLZaQ
Request Chain 565
  • https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id= HTTP 302
  • https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=&dcc=t HTTP 302
  • https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=MgON9DKeQSqbwbo8Q_5oeg&rk=usync-na HTTP 302
  • https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=MgON9DKeQSqbwbo8Q_5oeg
Request Chain 566
  • https://token.rubiconproject.com/token?pid=26594 HTTP 302
  • https://ads.yahoo.com/cms/v1?nwid=10000010181&eid=L7HTM22U-1-77HF&sigv=1&esig=2~75cbcc58016582a9c649c195531eb02968776152
Request Chain 568
  • https://token.rubiconproject.com/token?pid=36584 HTTP 302
  • https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=L7HTM22U-1-77HF
Request Chain 569
  • https://token.rubiconproject.com/token?pid=25470 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDdIVE0yMlUtMS03N0hG
Request Chain 576
  • https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fwww.publinews.gt%2F&domain=www.publinews.gt&cw=1&lsw=1 HTTP 302
  • https://mug.criteo.com/sid?cpp=CFPKEHxrbFhMRUZSNnAwUnVXdHJKTDFrYlA0OUkrcnR4ekxFZTVXSWt6U1k4Y1ZuOE40eU82Q014RnBackY3bm8rUURzSCt0Nnp2YVkzOFRncDZJR3JyRHdDVjM5L2RZQTdYMGs5M3A0T1NIL2paNmN3U1BrTGYvOHdwcE4rVjJHZkpXNDFOckwvcXMwZk52RERjOG1uR3VJd2lNcmFBTDRLYVZVS0RPNHREVFZHNXRQTUNNS1hPT0w0eTVjeXlVVnRMS3ZFR0k5TUhVN1lXeGhVelNpdkN5cVNWZ1ZXRi9DbTJYV2VjZTlVbmJEaXV1SmJWbTJ2ZjZDMUJsQi8rMkxxeFplfA&cppv=2
Request Chain 584
  • https://video-ads.rubiconproject.com/video/12948/312596/1590248/201/vast.xml?tg_c.language=es&rp_schain=1.0,1!latinon.com,2087,1,,, HTTP 302
  • https://optimized-by.rubiconproject.com/a/api/vast.xml?account_id=12948&site_id=312596&zone_id=1590248&size_id=201&tg_c.language=es&rp_schain=1.0%2C1%21latinon.com%2C2087%2C1%2C%2C%2C&p_aso.video.api=2&p_aso.video.mimes=application%2Fjavascript%2Cvideo%2Fmp4&tk_vpaid=1&cb=28529542.232179

587 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
www.publinews.gt/gt/
Redirect Chain
  • http://www.publinews.gt/
  • https://www.publinews.gt/
  • https://www.publinews.gt/gt/
344 KB
52 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.publinews.gt/gt/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
49.12.125.168 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.168.125.12.49.clients.your-server.de
Software
nginx/1.20.1 /
Resource Hash
fa4470ff4433a827ba93440ea139a17856632417c757641e2c243377f338271b
Security Headers
Name Value
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Connection
keep-alive
Content-Encoding
gzip
Content-Length
52508
Content-Type
text/html; charset=UTF-8
Date
Wed, 31 Aug 2022 16:16:21 GMT
Link
<https://www.publinews.gt/gt/wp-json/>; rel="https://api.w.org/" <https://www.publinews.gt/gt/wp-json/wp/v2/pages/1286779>; rel="alternate"; type="application/json" <https://www.publinews.gt/gt/>; rel=shortlink
Server
nginx/1.20.1
Vary
Accept-Encoding
X-XSS-Protection
1; mode=block

Redirect headers

Connection
keep-alive
Content-Length
0
Content-Type
text/html; charset=UTF-8
Date
Wed, 31 Aug 2022 16:16:19 GMT
Location
https://www.publinews.gt/gt/
Server
nginx/1.20.1
X-Redirect-By
WordPress
X-XSS-Protection
1; mode=block
style.min.css
www.publinews.gt/gt/wp-includes/css/dist/block-library/ 		79 KB
11 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.publinews.gt/gt/wp-includes/css/dist/block-library/style.min.css?ver=5.8.2
Requested by
Host: www.publinews.gt
URL: https://www.publinews.gt/gt/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
49.12.125.168 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.168.125.12.49.clients.your-server.de
Software
nginx/1.20.1 /
Resource Hash
9110fc122dda3067c424d9b8ff7747e2030b0bd9298f69a3683d399ad3373a6a
Security Headers
Name Value
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.publinews.gt/gt/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

Date
Wed, 31 Aug 2022 16:16:21 GMT
Content-Encoding
gzip
Last-Modified
Thu, 16 Dec 2021 03:17:26 GMT
Server
nginx/1.20.1
Vary
Accept-Encoding
Content-Type
text/css
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
10523
X-XSS-Protection
1; mode=block
extendify-utilities.css
www.publinews.gt/gt/wp-content/plugins/redux-framework/redux-core/extendify-sdk/public/build/ 		49 KB
6 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.publinews.gt/gt/wp-content/plugins/redux-framework/redux-core/extendify-sdk/public/build/extendify-utilities.css?ver=13.4
Requested by
Host: www.publinews.gt
URL: https://www.publinews.gt/gt/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
49.12.125.168 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.168.125.12.49.clients.your-server.de
Software
nginx/1.20.1 /
Resource Hash
12eb11b49335fcd72288d5dc1aacfc8e3b75597ecda77971f873a05babe613de
Security Headers
Name Value
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.publinews.gt/gt/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

Date
Wed, 31 Aug 2022 16:16:21 GMT
Content-Encoding
gzip
Last-Modified
Thu, 16 Dec 2021 03:18:52 GMT
Server
nginx/1.20.1
Vary
Accept-Encoding
Content-Type
text/css
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
5360
X-XSS-Protection
1; mode=block
simple-line-icons.css
www.publinews.gt/gt/wp-content/plugins/meks-flexible-shortcodes/css/simple-line/ 		11 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.publinews.gt/gt/wp-content/plugins/meks-flexible-shortcodes/css/simple-line/simple-line-icons.css?ver=1.3.3
Requested by
Host: www.publinews.gt
URL: https://www.publinews.gt/gt/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
49.12.125.168 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.168.125.12.49.clients.your-server.de
Software
nginx/1.20.1 /
Resource Hash
f293486948d4cba26c6b835bdd574b4085e62da749b86019f5f6fab3535b0e39
Security Headers
Name Value
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.publinews.gt/gt/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

Date
Wed, 31 Aug 2022 16:16:21 GMT
Content-Encoding
gzip
Last-Modified
Thu, 16 Dec 2021 03:18:36 GMT
Server
nginx/1.20.1
Vary
Accept-Encoding
Content-Type
text/css
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
2363
X-XSS-Protection
1; mode=block
style.css
www.publinews.gt/gt/wp-content/plugins/meks-flexible-shortcodes/css/ 		15 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.publinews.gt/gt/wp-content/plugins/meks-flexible-shortcodes/css/style.css?ver=1.3.3
Requested by
Host: www.publinews.gt
URL: https://www.publinews.gt/gt/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
49.12.125.168 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.168.125.12.49.clients.your-server.de
Software
nginx/1.20.1 /
Resource Hash
4bc4b508bb0ccc41052f6a18eb23441543da2d209c152f62577e954367b4d62d
Security Headers
Name Value
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.publinews.gt/gt/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

Date
Wed, 31 Aug 2022 16:16:21 GMT
Content-Encoding
gzip
Last-Modified
Thu, 16 Dec 2021 03:18:36 GMT
Server
nginx/1.20.1
Vary
Accept-Encoding
Content-Type
text/css
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
2892
X-XSS-Protection
1; mode=block
svgs-attachment.css
www.publinews.gt/gt/wp-content/plugins/svg-support/css/ 		68 B
315 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.publinews.gt/gt/wp-content/plugins/svg-support/css/svgs-attachment.css?ver=5.8.2
Requested by
Host: www.publinews.gt
URL: https://www.publinews.gt/gt/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
49.12.125.168 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.168.125.12.49.clients.your-server.de
Software
nginx/1.20.1 /
Resource Hash
5533874c2b0145642ca304f110240fcdb05253df388c2f7b97c053ad5eb69b65
Security Headers
Name Value
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.publinews.gt/gt/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

Date
Wed, 31 Aug 2022 16:16:21 GMT
Last-Modified
Thu, 16 Dec 2021 03:19:00 GMT
Server
nginx/1.20.1
Content-Type
text/css
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
68
X-XSS-Protection
1; mode=block
sps_front_style.css
www.publinews.gt/gt/wp-content/plugins/sync-post-with-other-site/assets/css/ 		0
246 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.publinews.gt/gt/wp-content/plugins/sync-post-with-other-site/assets/css/sps_front_style.css?rand=801&ver=1.3.1
Requested by
Host: www.publinews.gt
URL: https://www.publinews.gt/gt/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
49.12.125.168 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.168.125.12.49.clients.your-server.de
Software
nginx/1.20.1 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.publinews.gt/gt/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

Date
Wed, 31 Aug 2022 16:16:21 GMT
Last-Modified
Thu, 16 Dec 2021 03:19:01 GMT
Server
nginx/1.20.1
Content-Type
text/css
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
0
X-XSS-Protection
1; mode=block
left-thumbs.min.css
www.publinews.gt/gt/wp-content/plugins/top-10/css/ 		1 KB
748 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.publinews.gt/gt/wp-content/plugins/top-10/css/left-thumbs.min.css?ver=1.0.1
Requested by
Host: www.publinews.gt
URL: https://www.publinews.gt/gt/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
49.12.125.168 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.168.125.12.49.clients.your-server.de
Software
nginx/1.20.1 /
Resource Hash
7e7f4f5cdb2a02c8f4b6d8e6f4ca3b1f18d635d55e5d4b9b1106e79f0f583fde
Security Headers
Name Value
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.publinews.gt/gt/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

Date
Wed, 31 Aug 2022 16:16:21 GMT
Content-Encoding
gzip
Last-Modified
Thu, 16 Dec 2021 03:19:03 GMT
Server
nginx/1.20.1
Vary
Accept-Encoding
Content-Type
text/css
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
453
X-XSS-Protection
1; mode=block
style.css
www.publinews.gt/gt/wp-content/themes/herald/ 		315 B
519 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.publinews.gt/gt/wp-content/themes/herald/style.css?ver=5.8.2
Requested by
Host: www.publinews.gt
URL: https://www.publinews.gt/gt/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
49.12.125.168 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.168.125.12.49.clients.your-server.de
Software
nginx/1.20.1 /
Resource Hash
a74074f055c3667b9955b17856ae4908888121a89d494732067ea924ca1a33d7
Security Headers
Name Value
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.publinews.gt/gt/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

Date
Wed, 31 Aug 2022 16:16:21 GMT
Content-Encoding
gzip
Last-Modified
Wed, 21 Jul 2021 21:08:32 GMT
Server
nginx/1.20.1
Vary
Accept-Encoding
Content-Type
text/css
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
224
X-XSS-Protection
1; mode=block
style.css
www.publinews.gt/gt/wp-content/themes/herald-child/ 		169 B
422 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.publinews.gt/gt/wp-content/themes/herald-child/style.css?ver=5.8.2
Requested by
Host: www.publinews.gt
URL: https://www.publinews.gt/gt/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
49.12.125.168 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.168.125.12.49.clients.your-server.de
Software
nginx/1.20.1 /
Resource Hash
0bd39d4aa299fec073c89d8410eba716cd0e30eadcc3fb790e97f0b32f52c014
Security Headers
Name Value
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.publinews.gt/gt/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

Date
Wed, 31 Aug 2022 16:16:21 GMT
Content-Encoding
gzip
Last-Modified
Thu, 16 Dec 2021 05:55:42 GMT
Server
nginx/1.20.1
Vary
Accept-Encoding
Content-Type
text/css
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
127
X-XSS-Protection
1; mode=block
css
fonts.googleapis.com/ 		7 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Fira+Sans+Extra+Condensed%3A400%2C700%2C600&subset=latin%2Clatin-ext&ver=2.3.1
Requested by
Host: www.publinews.gt
URL: https://www.publinews.gt/gt/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
f40b287808addc4f3d91a36b2e0b25ca9aa1f1cce7d8611fcd2d924295bf0c4f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.publinews.gt/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Wed, 31 Aug 2022 16:16:21 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Wed, 31 Aug 2022 16:16:21 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Wed, 31 Aug 2022 16:16:21 GMT
min.css
www.publinews.gt/gt/wp-content/themes/herald/assets/css/ 		233 KB
38 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.publinews.gt/gt/wp-content/themes/herald/assets/css/min.css?ver=2.3.1
Requested by
Host: www.publinews.gt
URL: https://www.publinews.gt/gt/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
49.12.125.168 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.168.125.12.49.clients.your-server.de
Software
nginx/1.20.1 /
Resource Hash
1cf6bc39bed40dc5c00a863f08034028aa0289860a8491a5345f35f587e79d0c
Security Headers
Name Value
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.publinews.gt/gt/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

Date
Wed, 31 Aug 2022 16:16:21 GMT
Content-Encoding
gzip
Last-Modified
Wed, 21 Jul 2021 21:09:18 GMT
Server
nginx/1.20.1
Vary
Accept-Encoding
Content-Type
text/css
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
38122
X-XSS-Protection
1; mode=block
style.css
www.publinews.gt/gt/wp-content/plugins/meks-easy-ads-widget/css/ 		705 B
588 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.publinews.gt/gt/wp-content/plugins/meks-easy-ads-widget/css/style.css?ver=2.0.5
Requested by
Host: www.publinews.gt
URL: https://www.publinews.gt/gt/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
49.12.125.168 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.168.125.12.49.clients.your-server.de
Software
nginx/1.20.1 /
Resource Hash
4b0e2c1c8e6d92b9083cd952cea6a065485827df78fae548752352da136c3540
Security Headers
Name Value
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.publinews.gt/gt/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

Date
Wed, 31 Aug 2022 16:16:21 GMT
Content-Encoding
gzip
Last-Modified
Thu, 16 Dec 2021 03:18:29 GMT
Server
nginx/1.20.1
Vary
Accept-Encoding
Content-Type
text/css
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
293
X-XSS-Protection
1; mode=block
main.css
www.publinews.gt/gt/wp-content/plugins/meks-easy-social-share/assets/css/ 		9 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.publinews.gt/gt/wp-content/plugins/meks-easy-social-share/assets/css/main.css?ver=1.2.6
Requested by
Host: www.publinews.gt
URL: https://www.publinews.gt/gt/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
49.12.125.168 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.168.125.12.49.clients.your-server.de
Software
nginx/1.20.1 /
Resource Hash
d3592fbffec7c4245f008ef25e57005968575ebb3a6db25cd0b14a261cd0b8ff
Security Headers
Name Value
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.publinews.gt/gt/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

Date
Wed, 31 Aug 2022 16:16:21 GMT
Content-Encoding
gzip
Last-Modified
Thu, 16 Dec 2021 03:18:34 GMT
Server
nginx/1.20.1
Vary
Accept-Encoding
Content-Type
text/css
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
1747
X-XSS-Protection
1; mode=block
wp-review.css
www.publinews.gt/gt/wp-content/plugins/wp-review/public/css/ 		37 KB
6 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.publinews.gt/gt/wp-content/plugins/wp-review/public/css/wp-review.css?ver=5.3.5
Requested by
Host: www.publinews.gt
URL: https://www.publinews.gt/gt/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
49.12.125.168 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.168.125.12.49.clients.your-server.de
Software
nginx/1.20.1 /
Resource Hash
438ff3af395513310c69d935eb8c6e521312075673d2fdf0e82a7ad2d3037152
Security Headers
Name Value
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.publinews.gt/gt/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

Date
Wed, 31 Aug 2022 16:16:21 GMT
Content-Encoding
gzip
Last-Modified
Thu, 16 Dec 2021 03:19:11 GMT
Server
nginx/1.20.1
Vary
Accept-Encoding
Content-Type
text/css
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
5976
X-XSS-Protection
1; mode=block
jquery.min.js
www.publinews.gt/gt/wp-includes/js/jquery/ 		87 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.publinews.gt/gt/wp-includes/js/jquery/jquery.min.js?ver=3.6.0
Requested by
Host: www.publinews.gt
URL: https://www.publinews.gt/gt/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
49.12.125.168 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.168.125.12.49.clients.your-server.de
Software
nginx/1.20.1 /
Resource Hash
bd4de6a3fc0fb68d6f76ba7b93514b96a92e585c295b5351c31ad92a4b0777ea
Security Headers
Name Value
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.publinews.gt/gt/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

Date
Wed, 31 Aug 2022 16:16:21 GMT
Content-Encoding
gzip
Last-Modified
Thu, 16 Dec 2021 03:17:26 GMT
Server
nginx/1.20.1
Vary
Accept-Encoding
Content-Type
application/javascript
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
30908
X-XSS-Protection
1; mode=block
jquery-migrate.min.js
www.publinews.gt/gt/wp-includes/js/jquery/ 		11 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.publinews.gt/gt/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2
Requested by
Host: www.publinews.gt
URL: https://www.publinews.gt/gt/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
49.12.125.168 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.168.125.12.49.clients.your-server.de
Software
nginx/1.20.1 /
Resource Hash
029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300
Security Headers
Name Value
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.publinews.gt/gt/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

Date
Wed, 31 Aug 2022 16:16:21 GMT
Content-Encoding
gzip
Last-Modified
Thu, 16 Dec 2021 03:17:26 GMT
Server
nginx/1.20.1
Vary
Accept-Encoding
Content-Type
application/javascript
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
4169
X-XSS-Protection
1; mode=block
js
www.googletagmanager.com/gtag/ 		208 KB
74 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-5QX73SF3RL
Requested by
Host: www.publinews.gt
URL: https://www.publinews.gt/gt/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
731d1277c50de0269f87ab5bdc413fc0cfab4c58b386235e6c34900f8df1d3ea
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.publinews.gt/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Wed, 31 Aug 2022 16:16:21 GMT
content-encoding
br
server
Google Tag Manager
access-control-allow-headers
Cache-Control
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; includeSubDomains
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
75466
x-xss-protection
0
expires
Wed, 31 Aug 2022 16:16:21 GMT
js
www.googletagmanager.com/gtag/ 		105 KB
41 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-53456215-1
Requested by
Host: www.publinews.gt
URL: https://www.publinews.gt/gt/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
bf17b845d3d0a835545d962a4782db1647dbcac4475339cc5430d84c57570e46
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.publinews.gt/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Wed, 31 Aug 2022 16:16:21 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
41918
x-xss-protection
0
last-modified
Wed, 31 Aug 2022 15:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Wed, 31 Aug 2022 16:16:21 GMT
js
www.googletagmanager.com/gtag/ 		202 KB
72 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-1JWRY3SKE9
Requested by
Host: www.publinews.gt
URL: https://www.publinews.gt/gt/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
625723aeb0567e38b4bf8dca523a95d8bb2b3131f808bec3dd529990f30b0156
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.publinews.gt/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Wed, 31 Aug 2022 16:16:21 GMT
content-encoding
br
server
Google Tag Manager
access-control-allow-headers
Cache-Control
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; includeSubDomains
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
73612
x-xss-protection
0
expires
Wed, 31 Aug 2022 16:16:21 GMT
tag
a.teads.tv/page/82680/ 		1 KB
706 B 		Script
General
Check archive.org
Download Go to
Full URL
https://a.teads.tv/page/82680/tag
Requested by
Host: www.publinews.gt
URL: https://www.publinews.gt/gt/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.18.232.7 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-232-7.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
947d33645c199a25fb14bedb5cf80a48a61f8558747bd0f4958fb8217f48547e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.publinews.gt/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Wed, 31 Aug 2022 16:16:21 GMT
content-encoding
gzip
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, must-revalidate, max-age=3600
access-control-allow-credentials
true
content-length
506
expires
Wed, 31 Aug 2022 17:16:21 GMT
tag.js
a.teads.tv/analytics/ 		19 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://a.teads.tv/analytics/tag.js
Requested by
Host: www.publinews.gt
URL: https://www.publinews.gt/gt/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.18.232.7 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-232-7.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
f70a708909ea0e41d9ff70cc101e8ca4a5391ffb134ce3a98b0f5e42d7cb72b4

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.publinews.gt/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

x-amz-server-side-encryption
AES256
x-amz-version-id
MY2axGObrvZwSiP12Z8xf0lYd1yv3MC2
content-encoding
br
last-modified
Mon, 22 Aug 2022 09:28:26 GMT
x-amz-request-id
YDCNYN0M0MRMJGNM
etag
"b86fb801339e9f7d8ee05180f9a8320b"
vary
Accept-Encoding
content-type
text/javascript;charset=utf-8
cache-control
private, max-age=3600
date
Wed, 31 Aug 2022 16:16:21 GMT
accept-ranges
bytes
content-length
4822
x-amz-id-2
drsiTqqQMxNiCGrQKGnT5NOsLgle7OFjF//CthEdh4DFfHUlih3WjiRbwboSGEHBWUVZM9L57mE=
asyncjs.php
adserver.latinon.com/revive/www/delivery/ 		4 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://adserver.latinon.com/revive/www/delivery/asyncjs.php
Requested by
Host: www.publinews.gt
URL: https://www.publinews.gt/gt/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
64.227.27.145 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx /
Resource Hash
1feccc5457246a341b82f181fa84317e9dd084c63ac370c1ac43104c3cbf3329
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.publinews.gt/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

Date
Wed, 31 Aug 2022 16:16:22 GMT
X-Content-Type-Options
nosniff
Server
nginx
ETag
11dac5182c2ea03a67dd87cdf9937cd5
Transfer-Encoding
chunked
P3P
CP="CUR ADM OUR NOR STA NID"
Cache-Control
private, max-age=3600
Connection
keep-alive
Content-Type
text/javascript;charset=UTF-8
Keep-Alive
timeout=20
Expire
Wed, 31 Aug 2022 17:16:22 GMT
X-Xss-Protection
1; mode=block
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ 		166 KB
57 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-6383764698994707
Requested by
Host: www.publinews.gt
URL: https://www.publinews.gt/gt/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
b7793332502df8dad6689946d6210b829844d28af503da97a5cf63bde23c530c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.publinews.gt/
Origin
https://www.publinews.gt
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Wed, 31 Aug 2022 16:16:21 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
57434
x-xss-protection
0
server
cafe
etag
4788036394849261414
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Wed, 31 Aug 2022 16:16:21 GMT
gpt.js
www.googletagservices.com/tag/js/ 		83 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/tag/js/gpt.js
Requested by
Host: www.publinews.gt
URL: https://www.publinews.gt/gt/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
df53e659f3547ace9edacc6e0dfe20f89fb5e54ea08c7156a20224a168311d2e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.publinews.gt/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Wed, 31 Aug 2022 16:16:21 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
28560
x-xss-protection
0
server
sffe
etag
"1319 / 39 of 1000 / last-modified: 1661943937"
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Wed, 31 Aug 2022 16:16:21 GMT
gpt.js
securepubads.g.doubleclick.net/tag/js/ 		83 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: www.publinews.gt
URL: https://www.publinews.gt/gt/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1acc33d91129adec432db09da6e1c2239c89e702c732cd5d8310d9e6f17fe0e0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.publinews.gt/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Wed, 31 Aug 2022 16:16:21 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
28568
x-xss-protection
0
server
sffe
etag
"1319 / 235 of 1000 / last-modified: 1661944034"
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Wed, 31 Aug 2022 16:16:21 GMT
svgpublinews.svg
static.publinews.gt/2020/06/
Redirect Chain
  • https://www.publinews.gt/gt/wp-content/uploads/2020/06/svgpublinews.svg
  • https://static.publinews.gt/2020/06/svgpublinews.svg
9 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.publinews.gt/2020/06/svgpublinews.svg
Requested by
Host: www.publinews.gt
URL: https://www.publinews.gt/gt/
Protocol
HTTP/1.1
Server
49.12.125.168 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.168.125.12.49.clients.your-server.de
Software
nginx/1.20.1 /
Resource Hash
7965777dcddb12ba6fcbfdb90bbbe664dfeec6ee3fb6a069c1fad9980bc25a10

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.publinews.gt/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

Date
Wed, 31 Aug 2022 16:16:21 GMT
Last-Modified
Mon, 29 Jun 2020 01:16:03 GMT
Server
nginx/1.20.1
ETag
"5ef940d3-23ac"
Content-Type
image/svg+xml
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
9132

Redirect headers

Location
https://static.publinews.gt/2020/06/svgpublinews.svg
Date
Wed, 31 Aug 2022 16:16:21 GMT
Server
nginx/1.20.1
Connection
keep-alive
Content-Length
169
Content-Type
text/html
portada-web.jpg
www.publinews.gt/gt/portadas/ 		18 KB
18 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.publinews.gt/gt/portadas/portada-web.jpg?dummy=5984
Requested by
Host: www.publinews.gt
URL: https://www.publinews.gt/gt/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
49.12.125.168 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.168.125.12.49.clients.your-server.de
Software
nginx/1.20.1 /
Resource Hash
b1d37476f42be18cedf76df6ac4cde79a2b0821226a3346e76b6887c9eb873b8
Security Headers
Name Value
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.publinews.gt/gt/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

Date
Wed, 31 Aug 2022 16:16:21 GMT
Last-Modified
Wed, 31 Aug 2022 08:05:00 GMT
Server
nginx/1.20.1
Content-Type
image/jpeg
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
17975
X-XSS-Protection
1; mode=block
horizontal-slim-10_7.css
cdn-images.mailchimp.com/embedcode/ 		2 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn-images.mailchimp.com/embedcode/horizontal-slim-10_7.css
Requested by
Host: www.publinews.gt
URL: https://www.publinews.gt/gt/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
18.66.127.89 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-127-89.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
aa55e57957c57eaae4a51740e3e3ae7c3fcb1c951803b3ce0a6c6c7b66733ece

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.publinews.gt/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

x-amz-version-id
null
Content-Encoding
gzip
Vary
Accept-Encoding
Last-Modified
Wed, 16 Dec 2015 16:21:55 GMT
Server
AmazonS3
Age
464
ETag
W/"bd21b0313fe7dc2b8ac08955a7ef1209"
Transfer-Encoding
chunked
X-Cache
Hit from cloudfront
Content-Type
text/css
Via
1.1 7b314c2b827b3a655861e27775634208.cloudfront.net (CloudFront)
Connection
keep-alive
Date
Wed, 31 Aug 2022 16:08:37 GMT
X-Amz-Cf-Pop
FRA60-P2
X-Amz-Cf-Id
bWcIj0xh_pR7oh__lCKU4uATLysfv5ULzWnW-84wH4f-8EUi6Niq4A==
widgets.js
platform.twitter.com/ 		97 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://platform.twitter.com/widgets.js
Requested by
Host: www.publinews.gt
URL: https://www.publinews.gt/gt/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (frb/67D3) /
Resource Hash
33558069624c6849e3bedf4ef9ead7bf4cef2afdd7ecb64758a660fa4ae5ed8d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.publinews.gt/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

Date
Wed, 31 Aug 2022 16:16:22 GMT
Content-Encoding
gzip
Age
1193
X-Cache
HIT
P3P
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server-Timing
x-cache;desc= HIT,x-tw-cdn;desc=,edge;dur=1
Content-Length
29278
x-tw-cdn
VZ
Last-Modified
Mon, 15 Aug 2022 23:23:32 GMT
Server
ECS (frb/67D3)
Etag
"080f1472776d4d1a972a14cea4433aeb+gzip"
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET
Content-Type
application/javascript; charset=utf-8
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=1800
publinews.gt.1129387.js
jsc.mgid.com/p/u/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://jsc.mgid.com/p/u/publinews.gt.1129387.js
Requested by
Host: www.publinews.gt
URL: https://www.publinews.gt/gt/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:1::6813:884e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c01b1b907eb9f740683e1f64643fde07ef63a9c1ebbee1958834dd168ff6befd

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.publinews.gt/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Wed, 31 Aug 2022 16:16:22 GMT
content-encoding
br
cf-cache-status
HIT
age
621
cf-polished
origSize=2318
last-modified
Wed, 15 Jun 2022 13:21:57 GMT
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id
XN8KP9AJ50Q304K5
x-amz-id-2
lddRBrN7DgjgWWVROM195BSWLNg/JBegWHSC5GwIFUZn3C9dtS5BXGC24t9ye5nxKZh/RWTIkd8=
cf-bgj
minify
server
cloudflare
etag
W/"a0b4c82e20084745c33640f28da9e85c"
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=10800
x-amz-version-id
3W3V9xeUWqpKwHNTHWadBVM15xHpPtu5
cf-ray
743711f988f49097-FRA
expires
Wed, 31 Aug 2022 19:16:22 GMT
opinion-default.jpg
www.publinews.gt/wp-content/uploads/2020/06/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.publinews.gt/wp-content/uploads/2020/06/opinion-default.jpg
Requested by
Host: www.publinews.gt
URL: https://www.publinews.gt/gt/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
49.12.125.168 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.168.125.12.49.clients.your-server.de
Software
nginx/1.20.1 /
Resource Hash
3be29565ed74ebe94b47d147f84748dc076566e4348c72db227ad8cf72a75f24
Security Headers
Name Value
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.publinews.gt/gt/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

Date
Wed, 31 Aug 2022 16:16:21 GMT
Last-Modified
Mon, 29 Jun 2020 01:13:59 GMT
Server
nginx/1.20.1
Content-Type
image/jpeg
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
4519
X-XSS-Protection
1; mode=block
flickity.css
www.publinews.gt/gt/wp-content/plugins/shortcodes-ultimate/vendor/flickity/ 		2 KB
949 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.publinews.gt/gt/wp-content/plugins/shortcodes-ultimate/vendor/flickity/flickity.css?ver=2.2.1
Requested by
Host: www.publinews.gt
URL: https://www.publinews.gt/gt/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
49.12.125.168 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.168.125.12.49.clients.your-server.de
Software
nginx/1.20.1 /
Resource Hash
20a22e2a0610fa88287f0f8a033e1f8c5fb3abb7f0a0d527115b6ce3dde328a1
Security Headers
Name Value
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.publinews.gt/gt/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

Date
Wed, 31 Aug 2022 16:16:21 GMT
Content-Encoding
gzip
Last-Modified
Thu, 16 Dec 2021 03:18:54 GMT
Server
nginx/1.20.1
Vary
Accept-Encoding
Content-Type
text/css
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
654
X-XSS-Protection
1; mode=block
shortcodes.css
www.publinews.gt/gt/wp-content/plugins/shortcodes-ultimate/includes/css/ 		45 KB
8 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.publinews.gt/gt/wp-content/plugins/shortcodes-ultimate/includes/css/shortcodes.css?ver=5.11.1
Requested by
Host: www.publinews.gt
URL: https://www.publinews.gt/gt/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
49.12.125.168 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.168.125.12.49.clients.your-server.de
Software
nginx/1.20.1 /
Resource Hash
568de4a237f78930c495806b9302c91df36f7212ee5af1cc6d9f4abc3ff03b38
Security Headers
Name Value
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.publinews.gt/gt/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

Date
Wed, 31 Aug 2022 16:16:21 GMT
Content-Encoding
gzip
Last-Modified
Thu, 16 Dec 2021 03:18:54 GMT
Server
nginx/1.20.1
Vary
Accept-Encoding
Content-Type
text/css
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
7777
X-XSS-Protection
1; mode=block
main.js
www.publinews.gt/gt/wp-content/plugins/meks-flexible-shortcodes/js/ 		7 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.publinews.gt/gt/wp-content/plugins/meks-flexible-shortcodes/js/main.js?ver=1
Requested by
Host: www.publinews.gt
URL: https://www.publinews.gt/gt/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
49.12.125.168 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.168.125.12.49.clients.your-server.de
Software
nginx/1.20.1 /
Resource Hash
02007cb9ea5401983a0a4a34d08c1a57c75484d0852194291e124c94b848d474
Security Headers
Name Value
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.publinews.gt/gt/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

Date
Wed, 31 Aug 2022 16:16:21 GMT
Content-Encoding
gzip
Last-Modified
Thu, 16 Dec 2021 03:18:36 GMT
Server
nginx/1.20.1
Vary
Accept-Encoding
Content-Type
application/javascript
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
1500
X-XSS-Protection
1; mode=block
sps_front_js.js
www.publinews.gt/gt/wp-content/plugins/sync-post-with-other-site/assets/js/ 		0
260 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.publinews.gt/gt/wp-content/plugins/sync-post-with-other-site/assets/js/sps_front_js.js?rand=402&ver=1.3.1
Requested by
Host: www.publinews.gt
URL: https://www.publinews.gt/gt/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
49.12.125.168 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.168.125.12.49.clients.your-server.de
Software
nginx/1.20.1 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.publinews.gt/gt/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

Date
Wed, 31 Aug 2022 16:16:21 GMT
Last-Modified
Thu, 16 Dec 2021 03:19:01 GMT
Server
nginx/1.20.1
Content-Type
application/javascript
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
0
X-XSS-Protection
1; mode=block
top-10-tracker.min.js
www.publinews.gt/gt/wp-content/plugins/top-10/includes/js/ 		286 B
459 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.publinews.gt/gt/wp-content/plugins/top-10/includes/js/top-10-tracker.min.js?ver=1.0
Requested by
Host: www.publinews.gt
URL: https://www.publinews.gt/gt/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
49.12.125.168 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.168.125.12.49.clients.your-server.de
Software
nginx/1.20.1 /
Resource Hash
d0a77e495359613dd0f75850a9b9a541f059b6f215c76acddb418bedb7a2cf6b
Security Headers
Name Value
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.publinews.gt/gt/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

Date
Wed, 31 Aug 2022 16:16:21 GMT
Content-Encoding
gzip
Last-Modified
Thu, 16 Dec 2021 03:19:03 GMT
Server
nginx/1.20.1
Vary
Accept-Encoding
Content-Type
application/javascript
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
150
X-XSS-Protection
1; mode=block
imagesloaded.min.js
www.publinews.gt/gt/wp-includes/js/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.publinews.gt/gt/wp-includes/js/imagesloaded.min.js?ver=4.1.4
Requested by
Host: www.publinews.gt
URL: https://www.publinews.gt/gt/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
49.12.125.168 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.168.125.12.49.clients.your-server.de
Software
nginx/1.20.1 /
Resource Hash
ff4bd34aa98a0214833619d3d751838db015722dfbbec15cd14dadc66cd67869
Security Headers
Name Value
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.publinews.gt/gt/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

Date
Wed, 31 Aug 2022 16:16:21 GMT
Content-Encoding
gzip
Last-Modified
Sat, 12 Sep 2020 03:45:57 GMT
Server
nginx/1.20.1
Vary
Accept-Encoding
Content-Type
application/javascript
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
1834
X-XSS-Protection
1; mode=block
min.js
www.publinews.gt/gt/wp-content/themes/herald/assets/js/ 		87 KB
25 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.publinews.gt/gt/wp-content/themes/herald/assets/js/min.js?ver=2.3.1
Requested by
Host: www.publinews.gt
URL: https://www.publinews.gt/gt/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
49.12.125.168 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.168.125.12.49.clients.your-server.de
Software
nginx/1.20.1 /
Resource Hash
85d423c5c3713d5ad1fb1529618fb0f6530869a98b53374f292ab1bb5f5bb9ff
Security Headers
Name Value
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.publinews.gt/gt/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

Date
Wed, 31 Aug 2022 16:16:21 GMT
Content-Encoding
gzip
Last-Modified
Wed, 21 Jul 2021 21:09:18 GMT
Server
nginx/1.20.1
Vary
Accept-Encoding
Content-Type
application/javascript
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
25466
X-XSS-Protection
1; mode=block
main.js
www.publinews.gt/gt/wp-content/plugins/meks-easy-social-share/assets/js/ 		551 B
632 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.publinews.gt/gt/wp-content/plugins/meks-easy-social-share/assets/js/main.js?ver=1.2.6
Requested by
Host: www.publinews.gt
URL: https://www.publinews.gt/gt/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
49.12.125.168 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.168.125.12.49.clients.your-server.de
Software
nginx/1.20.1 /
Resource Hash
8efd7ef0887f8d97df1f68248a4d6f603ab11021a0f683e61584227ee7a71909
Security Headers
Name Value
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.publinews.gt/gt/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

Date
Wed, 31 Aug 2022 16:16:21 GMT
Content-Encoding
gzip
Last-Modified
Thu, 16 Dec 2021 03:18:34 GMT
Server
nginx/1.20.1
Vary
Accept-Encoding
Content-Type
application/javascript
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
323
X-XSS-Protection
1; mode=block
js.cookie.min.js
www.publinews.gt/gt/wp-content/plugins/wp-review/public/js/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.publinews.gt/gt/wp-content/plugins/wp-review/public/js/js.cookie.min.js?ver=2.1.4
Requested by
Host: www.publinews.gt
URL: https://www.publinews.gt/gt/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
49.12.125.168 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.168.125.12.49.clients.your-server.de
Software
nginx/1.20.1 /
Resource Hash
d5b071fda01315f271998e251812dcf8465dcf34bb9e436bb502235700c40eac
Security Headers
Name Value
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.publinews.gt/gt/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

Date
Wed, 31 Aug 2022 16:16:21 GMT
Content-Encoding
gzip
Last-Modified
Thu, 16 Dec 2021 03:19:11 GMT
Server
nginx/1.20.1
Vary
Accept-Encoding
Content-Type
application/javascript
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
866
X-XSS-Protection
1; mode=block
underscore.min.js
www.publinews.gt/gt/wp-includes/js/ 		19 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.publinews.gt/gt/wp-includes/js/underscore.min.js?ver=1.13.1
Requested by
Host: www.publinews.gt
URL: https://www.publinews.gt/gt/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
49.12.125.168 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.168.125.12.49.clients.your-server.de
Software
nginx/1.20.1 /
Resource Hash
5dacc86b8a64742e60d70192353e5643da219a3f84c0b26cf6116b06b67fff32
Security Headers
Name Value
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.publinews.gt/gt/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

Date
Wed, 31 Aug 2022 16:16:21 GMT
Content-Encoding
gzip
Last-Modified
Thu, 16 Dec 2021 03:17:26 GMT
Server
nginx/1.20.1
Vary
Accept-Encoding
Content-Type
application/javascript
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
7319
X-XSS-Protection
1; mode=block
wp-util.min.js
www.publinews.gt/gt/wp-includes/js/ 		1 KB
1014 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.publinews.gt/gt/wp-includes/js/wp-util.min.js?ver=5.8.2
Requested by
Host: www.publinews.gt
URL: https://www.publinews.gt/gt/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
49.12.125.168 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.168.125.12.49.clients.your-server.de
Software
nginx/1.20.1 /
Resource Hash
b8e78b48acc08ce31457aff168d6fb2c814d51a8739a97693cdba585d60f5b35
Security Headers
Name Value
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.publinews.gt/gt/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

Date
Wed, 31 Aug 2022 16:16:21 GMT
Content-Encoding
gzip
Last-Modified
Thu, 16 Dec 2021 03:17:26 GMT
Server
nginx/1.20.1
Vary
Accept-Encoding
Content-Type
application/javascript
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
705
X-XSS-Protection
1; mode=block
main.js
www.publinews.gt/gt/wp-content/plugins/wp-review/public/js/ 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.publinews.gt/gt/wp-content/plugins/wp-review/public/js/main.js?ver=5.3.5
Requested by
Host: www.publinews.gt
URL: https://www.publinews.gt/gt/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
49.12.125.168 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.168.125.12.49.clients.your-server.de
Software
nginx/1.20.1 /
Resource Hash
b471033f1864708331e5945f9003e0eed1d563d673d2666aca296198b9cc6ca7
Security Headers
Name Value
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.publinews.gt/gt/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

Date
Wed, 31 Aug 2022 16:16:21 GMT
Content-Encoding
gzip
Last-Modified
Thu, 16 Dec 2021 03:19:11 GMT
Server
nginx/1.20.1
Vary
Accept-Encoding
Content-Type
application/javascript
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
1158
X-XSS-Protection
1; mode=block
wp-embed.min.js
www.publinews.gt/gt/wp-includes/js/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.publinews.gt/gt/wp-includes/js/wp-embed.min.js?ver=5.8.2
Requested by
Host: www.publinews.gt
URL: https://www.publinews.gt/gt/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
49.12.125.168 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.168.125.12.49.clients.your-server.de
Software
nginx/1.20.1 /
Resource Hash
5be614bce53f767993a5f5f14a6badd6aae6bf3af7cbdbf4d31520de49e27991
Security Headers
Name Value
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.publinews.gt/gt/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

Date
Wed, 31 Aug 2022 16:16:21 GMT
Content-Encoding
gzip
Last-Modified
Thu, 16 Dec 2021 03:17:26 GMT
Server
nginx/1.20.1
Vary
Accept-Encoding
Content-Type
application/javascript
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
765
X-XSS-Protection
1; mode=block
flickity.js
www.publinews.gt/gt/wp-content/plugins/shortcodes-ultimate/vendor/flickity/ 		53 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.publinews.gt/gt/wp-content/plugins/shortcodes-ultimate/vendor/flickity/flickity.js?ver=2.2.1
Requested by
Host: www.publinews.gt
URL: https://www.publinews.gt/gt/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
49.12.125.168 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.168.125.12.49.clients.your-server.de
Software
nginx/1.20.1 /
Resource Hash
dcc6aaeccd530bcb0e91ef01e2046485f1ad113a865aafb17a740eee4da61e32
Security Headers
Name Value
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.publinews.gt/gt/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

Date
Wed, 31 Aug 2022 16:16:21 GMT
Content-Encoding
gzip
Last-Modified
Thu, 16 Dec 2021 03:18:54 GMT
Server
nginx/1.20.1
Vary
Accept-Encoding
Content-Type
application/javascript
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
13635
X-XSS-Protection
1; mode=block
index.js
www.publinews.gt/gt/wp-content/plugins/shortcodes-ultimate/includes/js/shortcodes/ 		12 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.publinews.gt/gt/wp-content/plugins/shortcodes-ultimate/includes/js/shortcodes/index.js?ver=5.11.1
Requested by
Host: www.publinews.gt
URL: https://www.publinews.gt/gt/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
49.12.125.168 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.168.125.12.49.clients.your-server.de
Software
nginx/1.20.1 /
Resource Hash
860d562b0a45cb007e7a669dc845cc85bec45a5229c67ddc3b11534ff54a9947
Security Headers
Name Value
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.publinews.gt/gt/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

Date
Wed, 31 Aug 2022 16:16:21 GMT
Content-Encoding
gzip
Last-Modified
Thu, 16 Dec 2021 03:18:54 GMT
Server
nginx/1.20.1
Vary
Accept-Encoding
Content-Type
application/javascript
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
3666
X-XSS-Protection
1; mode=block
firebase-app.js
www.gstatic.com/firebasejs/7.15.5/ 		19 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/firebasejs/7.15.5/firebase-app.js
Requested by
Host: www.publinews.gt
URL: https://www.publinews.gt/gt/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
bedab15fd177a9715568682a8b3a04edd59939cafffa07dfd2e6e64b010f757c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.publinews.gt/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Wed, 24 Aug 2022 17:07:25 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
601736
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/firebase-js
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6604
x-xss-protection
0
last-modified
Thu, 25 Jun 2020 23:15:25 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="firebase-js"
vary
Accept-Encoding
report-to
{"group":"firebase-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/firebase-js"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 24 Aug 2023 17:07:25 GMT
firebase-messaging.js
www.gstatic.com/firebasejs/7.15.5/ 		38 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/firebasejs/7.15.5/firebase-messaging.js
Requested by
Host: www.publinews.gt
URL: https://www.publinews.gt/gt/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
aee7d2f3931049f9fbdccac3d0e7e36eca23ce66c76c464ed28372d7d4559597
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.publinews.gt/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Wed, 31 Aug 2022 08:45:35 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
27046
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/firebase-js
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
10593
x-xss-protection
0
last-modified
Thu, 25 Jun 2020 23:15:28 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="firebase-js"
vary
Accept-Encoding
report-to
{"group":"firebase-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/firebase-js"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 31 Aug 2023 08:45:35 GMT
gtm.js
www.googletagmanager.com/ 		113 KB
43 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-NQLFSFD
Requested by
Host: www.publinews.gt
URL: https://www.publinews.gt/gt/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
1679bdbc47305929955b6925d93a552e6cc8752c420b93eafb6401231b6cc9e7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.publinews.gt/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Wed, 31 Aug 2022 16:16:21 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
44395
x-xss-protection
0
last-modified
Wed, 31 Aug 2022 15:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Wed, 31 Aug 2022 16:16:21 GMT
gtm.js
www.googletagmanager.com/ 		113 KB
43 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-P5DVV5N
Requested by
Host: www.publinews.gt
URL: https://www.publinews.gt/gt/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
b497af1a14943d02255934de227963426af25a5222e9bd89dce5181c17743a38
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.publinews.gt/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Wed, 31 Aug 2022 16:16:21 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
44399
x-xss-protection
0
last-modified
Wed, 31 Aug 2022 15:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Wed, 31 Aug 2022 16:16:21 GMT
gtm.js
www.googletagmanager.com/ 		113 KB
43 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-K3XQFVX
Requested by
Host: www.publinews.gt
URL: https://www.publinews.gt/gt/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
f9e8861c8cfde8d6789c997abf02e8142a079f8d7058c0bf68e31c309d537000
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.publinews.gt/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Wed, 31 Aug 2022 16:16:21 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
44395
x-xss-protection
0
last-modified
Wed, 31 Aug 2022 15:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Wed, 31 Aug 2022 16:16:21 GMT
fab.js
ecdn.analysis.fi/static/js/ 		4 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ecdn.analysis.fi/static/js/fab.js
Requested by
Host: www.publinews.gt
URL: https://www.publinews.gt/gt/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.97.24 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-97-24.fra56.r.cloudfront.net
Software
nginx/1.20.0 /
Resource Hash
d8a34aeacc4054bd4e119e538c7eb4956421014f48a9b603d3f9314a7435b5a6

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.publinews.gt/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Wed, 31 Aug 2022 15:17:03 GMT
via
1.1 1f0db25765b79d244ad1fa2184395c12.cloudfront.net (CloudFront)
last-modified
Tue, 14 Dec 2021 15:30:51 GMT
server
nginx/1.20.0
age
3559
etag
"61b8b8ab-1090"
x-cache
Hit from cloudfront
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=3600
x-amz-cf-pop
FRA56-P2
accept-ranges
bytes
content-length
4240
x-amz-cf-id
9lx7rbv886UhfyeW1-mbXsjLSnXKr6x2dFl26Ssfjl7QUA-9Xf1DcA==
expires
Wed, 31 Aug 2022 16:17:03 GMT
fi_client.js
ecdn.firstimpression.io/ 		347 KB
92 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ecdn.firstimpression.io/fi_client.js
Requested by
Host: www.publinews.gt
URL: https://www.publinews.gt/gt/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.84.106.61 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-84-106-61.bud50.r.cloudfront.net
Software
nginx/1.20.0 / PHP/8.0.14
Resource Hash
9a744a6df1a8fda9ba645d1cbf04c91d2bd460fe89d3146528106f94b20e3d51
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.publinews.gt/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Wed, 31 Aug 2022 16:08:34 GMT
content-encoding
br
etag
W/"ed2861ddca3c52715fc664c16fceb2df"
last-modified
Wed, 31 Aug 2022 16:08:34 UTC
server
nginx/1.20.0
age
468
x-powered-by
PHP/8.0.14
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 eb9781eaf534229bf5ad50a1b819581a.cloudfront.net (CloudFront)
x-amz-cf-pop
BUD50-C1
x-amz-cf-id
udsy24mNEkWiTcdSDTrU2xeHDK2-4ciZdaIxp9MM0D52ZetKMmRTQw==
x-xss-protection
0
NaPKcYDaAO5dirw6IaFn7lPJFqXmS-M9Atn3wgda1f-uug.woff2
fonts.gstatic.com/s/firasansextracondensed/v10/ 		22 KB
23 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/firasansextracondensed/v10/NaPKcYDaAO5dirw6IaFn7lPJFqXmS-M9Atn3wgda1f-uug.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Fira+Sans+Extra+Condensed%3A400%2C700%2C600&subset=latin%2Clatin-ext&ver=2.3.1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d1ec9625d1c2d3ff00cb5891990c4541a89f096540ee2226e565713d1a189e18
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.publinews.gt
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Tue, 30 Aug 2022 08:12:43 GMT
x-content-type-options
nosniff
age
115418
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
22676
x-xss-protection
0
last-modified
Thu, 21 Apr 2022 17:06:40 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 30 Aug 2023 08:12:43 GMT
pubads_impl_2022082501.js
securepubads.g.doubleclick.net/gpt/ 		380 KB
130 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022082501.js
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
aad48e612efa9d7364a3ad0e06aaa0d46320b7a57cc13697a8997ee9ef7c9101
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.publinews.gt/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
Intervention
<https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

date
Wed, 31 Aug 2022 15:25:15 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
3066
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
132254
x-xss-protection
0
last-modified
Thu, 25 Aug 2022 08:41:05 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Thu, 31 Aug 2023 15:25:15 GMT
ppub_config
securepubads.g.doubleclick.net/pagead/ 		345 B
800 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=www.publinews.gt
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
eec356b27f72f835e55d2b242a94ce15e32fb8c83872a47838936ced10968f09
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.publinews.gt/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 31 Aug 2022 16:16:21 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
163
x-xss-protection
0
expires
Wed, 31 Aug 2022 16:16:21 GMT
fpc
at.teads.tv/ 		0
339 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://at.teads.tv/fpc?analytics_tag_id=PUB_15725&tfpvi=&gdpr_status=22&gdpr_reason=220&gdpr_consent=&ccpa_consent=&shared_ids=&sv=4f65ebf&
Requested by
Host: a.teads.tv
URL: https://a.teads.tv/analytics/tag.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2.21.185.49 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-21-185-49.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.publinews.gt/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 31 Aug 2022 16:16:22 GMT
Content-Type
text/plain; charset=UTF-8
Access-Control-Allow-Origin
https://www.publinews.gt
Cache-Control
max-age=0, no-cache, no-store
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
0
Expires
Wed, 31 Aug 2022 16:16:22 GMT
js
www.googletagmanager.com/gtag/ 		205 KB
73 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-5QX73SF3RL&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-53456215-1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
69043de68767b5c633f1b690e2642dd9a0ef91efbd8ef11dd7111ac5ad292f48
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.publinews.gt/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Wed, 31 Aug 2022 16:16:22 GMT
content-encoding
br
server
Google Tag Manager
access-control-allow-headers
Cache-Control
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; includeSubDomains
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
74556
x-xss-protection
0
expires
Wed, 31 Aug 2022 16:16:22 GMT
analytics.js
www.google-analytics.com/ 		49 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-53456215-1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.publinews.gt/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 13 Apr 2022 21:02:38 GMT
server
Golfe2
age
4462
date
Wed, 31 Aug 2022 15:02:00 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20006
expires
Wed, 31 Aug 2022 17:02:00 GMT
js
www.googletagmanager.com/gtag/ 		201 KB
72 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-1JWRY3SKE9&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-53456215-1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
f52e2b1c2bdbf21eb6d0d04556f7c524659f6a97208f4b631dbbab46cd71520c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.publinews.gt/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Wed, 31 Aug 2022 16:16:22 GMT
content-encoding
br
server
Google Tag Manager
access-control-allow-headers
Cache-Control
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; includeSubDomains
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
73579
x-xss-protection
0
expires
Wed, 31 Aug 2022 16:16:22 GMT
js
www.googletagmanager.com/gtag/ 		105 KB
41 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-90285-12&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-53456215-1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
c948099423bf995b623df020afb88be6802682eca6c6626002a13f0d28e5c288
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.publinews.gt/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Wed, 31 Aug 2022 16:16:22 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
41982
x-xss-protection
0
last-modified
Wed, 31 Aug 2022 15:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Wed, 31 Aug 2022 16:16:22 GMT
js
www.googletagmanager.com/gtag/ 		105 KB
41 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-52170176-1&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-53456215-1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
9e7b91e0722b209a6e4aafe5e508f1194fe7b7a0ca55d8a2d5683b974581d8d9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.publinews.gt/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Wed, 31 Aug 2022 16:16:22 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
41979
x-xss-protection
0
last-modified
Wed, 31 Aug 2022 15:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Wed, 31 Aug 2022 16:16:22 GMT
favicon.ico
ad.doubleclick.net/ 		1 KB
663 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad.doubleclick.net/favicon.ico?ad=300x250&ad_box_=1&adnet=1&showad=1&size=250x250
Requested by
Host: www.publinews.gt
URL: https://www.publinews.gt/gt/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.16.198 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s65-in-f6.1e100.net
Software
sffe /
Resource Hash
d961b08e4321250926de6f79087594975fe20ad1518de8f91eb711af5d1a6ef8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.publinews.gt/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Wed, 31 Aug 2022 15:11:29 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
3893
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
104
x-xss-protection
0
last-modified
Tue, 08 May 2012 13:08:06 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/x-icon
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Thu, 01 Sep 2022 15:11:29 GMT
achoice.svg
widgets.outbrain.com/images/widgetIcons/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://widgets.outbrain.com/images/widgetIcons/achoice.svg
Requested by
Host: www.publinews.gt
URL: https://www.publinews.gt/gt/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.21.185.80 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-21-185-80.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
2c87952cc1c23627496c7874271042bdb6af21efdf7cbf36ec4d98e6cec34d04

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.publinews.gt/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Wed, 31 Aug 2022 16:16:22 GMT
last-modified
Sun, 03 Jul 2022 06:49:40 GMT
server
AkamaiNetStorage
etag
"9d26fa4e7238ed94f1d0d92afb453b3e:1656855957.074767"
access-control-allow-methods
GET,POST
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=2592000
access-control-allow-credentials
false
accept-ranges
bytes
timing-allow-origin
*, *
content-length
2735
expires
Fri, 30 Sep 2022 16:16:22 GMT
collect
region1.analytics.google.com/g/ 		0
348 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.analytics.google.com/g/collect?v=2&tid=G-5QX73SF3RL&gtm=2oe8t0&_p=1812898241&_gaz=1&cid=691347407.1661962582&ul=en-us&sr=1600x1200&_z=ccd.v9B&_s=1&sid=1661962582&sct=1&seg=0&dl=https%3A%2F%2Fwww.publinews.gt%2Fgt%2F&dt=Noticias%2C%20Deportes%20y%20Espect%C3%A1culos%20de%20Guatemala%20y%20el%20Mundo%20%7C%20Publinews&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-5QX73SF3RL
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.publinews.gt/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 31 Aug 2022 16:16:22 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.publinews.gt
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/g/ 		0
339 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/g/collect?v=2&tid=G-5QX73SF3RL&cid=691347407.1661962582&gtm=2oe8t0&aip=1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-5QX73SF3RL
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c09::9c Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.publinews.gt/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 31 Aug 2022 16:16:22 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.publinews.gt
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.de/ads/ 		42 B
107 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-5QX73SF3RL&cid=691347407.1661962582&gtm=2oe8t0&aip=1&z=1452390695
Requested by
Host: www.publinews.gt
URL: https://www.publinews.gt/gt/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.publinews.gt/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 31 Aug 2022 16:16:22 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
region1.analytics.google.com/g/ 		0
54 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.analytics.google.com/g/collect?v=2&tid=G-1JWRY3SKE9&gtm=2oe8t0&_p=1812898241&_gaz=1&cid=691347407.1661962582&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_z=ccd.v9B&_s=1&sid=1661962582&sct=1&seg=0&dl=https%3A%2F%2Fwww.publinews.gt%2Fgt%2F&dt=Noticias%2C%20Deportes%20y%20Espect%C3%A1culos%20de%20Guatemala%20y%20el%20Mundo%20%7C%20Publinews&en=page_view&_fv=1&_ss=1&_ee=1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-1JWRY3SKE9
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.publinews.gt/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 31 Aug 2022 16:16:22 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.publinews.gt
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/g/ 		0
54 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/g/collect?v=2&tid=G-1JWRY3SKE9&cid=691347407.1661962582&gtm=2oe8t0&aip=1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-1JWRY3SKE9
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c09::9c Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.publinews.gt/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 31 Aug 2022 16:16:22 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.publinews.gt
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.de/ads/ 		42 B
501 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-1JWRY3SKE9&cid=691347407.1661962582&gtm=2oe8t0&aip=1&z=1232777044
Requested by
Host: www.publinews.gt
URL: https://www.publinews.gt/gt/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.publinews.gt/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 31 Aug 2022 16:16:22 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
integrator.js
adservice.google.de/adsid/ 		107 B
792 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=www.publinews.gt
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022082501.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.publinews.gt/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 31 Aug 2022 16:16:22 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
549 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=www.publinews.gt
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022082501.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.publinews.gt/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 31 Aug 2022 16:16:22 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ 		37 KB
12 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=370390444806995&correlator=226001996987965&eid=31069126%2C31062931&output=ldjh&gdfp_req=1&vrg=2022082501&ptt=17&impl=fif&iu_parts=168615172%2CGT_PN%2Cad_layer&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=1x1&ifi=1&adks=3023400616&sfv=1-0-38&fsapi=false&eri=2&sc=1&cookie_enabled=1&abxe=1&dt=1661962582174&lmt=1661962582&dlt=1661962581641&idt=513&adxs=0&adys=0&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=1&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fwww.publinews.gt%2Fgt%2F&frm=20&vis=1&psz=1600x0&msz=1600x0&fws=0&ohw=0&ga_vid=691347407.1661962582&ga_sid=1661962582&ga_hid=1812898241&ga_fc=true
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022082501.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ab368352a164fa8cee70180124da9b9e8004033985516c7fcf5f4f8085dad271
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.publinews.gt/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Wed, 31 Aug 2022 16:16:22 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
12628
x-xss-protection
0
google-lineitem-id
6079252777
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138400463707
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.publinews.gt
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
b646121064d0d0dec321ab1288f34722.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame EF66 		6 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://b646121064d0d0dec321ab1288f34722.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022082501.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.publinews.gt/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, immutable, max-age=31536000
content-encoding
gzip
content-length
3108
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Wed, 31 Aug 2022 16:16:22 GMT
expires
Thu, 31 Aug 2023 16:16:22 GMT
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ 		414 B
249 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=370390444806995&correlator=226001996987965&eid=31069126%2C31062931&output=ldjh&gdfp_req=1&vrg=2022082501&ptt=17&impl=fif&iu_parts=129480178%2Cpixel&enc_prev_ius=%2F0%2F1&prev_iu_szs=1x1&ifi=2&adks=1811529524&sfv=1-0-38&fsapi=false&eri=2&sc=1&cookie_enabled=1&abxe=1&dt=1661962582204&lmt=1661962582&dlt=1661962581641&idt=513&adxs=0&adys=0&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=2&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fwww.publinews.gt%2Fgt%2F&frm=20&vis=1&psz=1600x0&msz=1600x0&fws=0&ohw=0&ga_vid=691347407.1661962582&ga_sid=1661962582&ga_hid=1812898241&ga_fc=true
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022082501.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
075257c2ad8d32f772c439e486c9ed2268339bc12097a8b0cef74eea915cb20e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.publinews.gt/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Wed, 31 Aug 2022 16:16:22 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
219
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.publinews.gt
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		17 KB
9 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=370390444806995&correlator=226001996987965&eid=31069126%2C31062931&output=ldjh&gdfp_req=1&vrg=2022082501&ptt=17&impl=fif&iu_parts=168615172%2CGT_PN%2Cad_header&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=300x250%7C970x90%7C970x250%7C320x50%7C320x320%7C320x100%7C320x60%7C350x200&ifi=3&adks=3455657583&sfv=1-0-38&fsapi=false&sc=1&cookie_enabled=1&abxe=1&dt=1661962582217&lmt=1661962582&dlt=1661962581641&idt=513&adxs=650&adys=8&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=3&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fwww.publinews.gt%2Fgt%2F&frm=20&vis=1&psz=1600x50&msz=1600x50&fws=0&ohw=0&ga_vid=691347407.1661962582&ga_sid=1661962582&ga_hid=1812898241&ga_fc=true
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022082501.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
758c4310cc73238872619adab08f7bc6bf442f0b26dc1897bb16db5a709b954c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.publinews.gt/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Wed, 31 Aug 2022 16:16:22 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9113
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.publinews.gt
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
fontawesome-webfont.woff2
www.publinews.gt/gt/wp-content/themes/herald/assets/fonts/ 		75 KB
76 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.publinews.gt/gt/wp-content/themes/herald/assets/fonts/fontawesome-webfont.woff2?v=4.7.0
Requested by
Host: www.publinews.gt
URL: https://www.publinews.gt/gt/wp-content/themes/herald/assets/css/min.css?ver=2.3.1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
49.12.125.168 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.168.125.12.49.clients.your-server.de
Software
nginx/1.20.1 /
Resource Hash
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
Security Headers
Name Value
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.publinews.gt/gt/wp-content/themes/herald/assets/css/min.css?ver=2.3.1
Origin
https://www.publinews.gt
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

Date
Wed, 31 Aug 2022 16:16:22 GMT
Last-Modified
Wed, 05 Jun 2019 17:45:26 GMT
Server
nginx/1.20.1
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
77160
X-XSS-Protection
1; mode=block
NaPPcYDaAO5dirw6IaFn7lPJFqXmS-M9Atn3wgda3SCKr3i-oQ.woff2
fonts.gstatic.com/s/firasansextracondensed/v10/ 		23 KB
23 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/firasansextracondensed/v10/NaPPcYDaAO5dirw6IaFn7lPJFqXmS-M9Atn3wgda3SCKr3i-oQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Fira+Sans+Extra+Condensed%3A400%2C700%2C600&subset=latin%2Clatin-ext&ver=2.3.1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7d9969d56cafe0bcc63350313033ca15ab1acca206040bbfbbdf99e22a1ad2ec
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.publinews.gt
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Thu, 25 Aug 2022 21:40:21 GMT
x-content-type-options
nosniff
age
498961
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
23712
x-xss-protection
0
last-modified
Thu, 21 Apr 2022 17:06:43 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 25 Aug 2023 21:40:21 GMT
NaPPcYDaAO5dirw6IaFn7lPJFqXmS-M9Atn3wgda3USLr3i-oQ.woff2
fonts.gstatic.com/s/firasansextracondensed/v10/ 		24 KB
24 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/firasansextracondensed/v10/NaPPcYDaAO5dirw6IaFn7lPJFqXmS-M9Atn3wgda3USLr3i-oQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Fira+Sans+Extra+Condensed%3A400%2C700%2C600&subset=latin%2Clatin-ext&ver=2.3.1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
2f6eeb511e853211c742d1fa125b45ece32fe5711f407c5eb43613670082b3e5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.publinews.gt
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Fri, 26 Aug 2022 00:07:50 GMT
x-content-type-options
nosniff
age
490112
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
24064
x-xss-protection
0
last-modified
Thu, 21 Apr 2022 17:01:57 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 26 Aug 2023 00:07:50 GMT
show_ads_impl_with_ama_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202208250101/ 		343 KB
121 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202208250101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-6383764698994707&plah=www.publinews.gt&bust=31069217
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-6383764698994707
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
fb568542327d4264166e9839781916f91331fc0bae0bb29397ee3ebb4cc66ed8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.publinews.gt/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Wed, 31 Aug 2022 16:16:22 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
123441
x-xss-protection
0
server
cafe
etag
7010565757551956371
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
expires
Wed, 31 Aug 2022 16:16:22 GMT
zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20220829/r20190131/ Frame 0FB5 		10 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20220829/r20190131/zrt_lookup.html
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-6383764698994707
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
de317176fa6b64a8e89bbd45d20b6be2560bbfa96e7e53e63eb754e18bfe6c1f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.publinews.gt/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
10226
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=1209600
content-encoding
gzip
content-length
4412
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Wed, 31 Aug 2022 13:25:56 GMT
etag
8616628553774171045
expires
Wed, 14 Sep 2022 13:25:56 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
collect
www.google-analytics.com/j/ 		2 B
22 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j96&a=1812898241&t=pageview&_s=1&dl=https%3A%2F%2Fwww.publinews.gt%2Fgt%2F&ul=en-us&de=UTF-8&dt=Noticias%2C%20Deportes%20y%20Espect%C3%A1culos%20de%20Guatemala%20y%20el%20Mundo%20%7C%20Publinews&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YADAAUABAAAAAC~&jid=1464853756&gjid=660142062&cid=691347407.1661962582&tid=UA-53456215-1&_gid=190023625.1661962582&_r=1&gtm=2ou8t0&z=1422764325
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.publinews.gt/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 31 Aug 2022 16:16:22 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.publinews.gt
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/j/ 		2 B
22 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j96&a=1812898241&t=pageview&_s=1&dl=https%3A%2F%2Fwww.publinews.gt%2Fgt%2F&ul=en-us&de=UTF-8&dt=Noticias%2C%20Deportes%20y%20Espect%C3%A1culos%20de%20Guatemala%20y%20el%20Mundo%20%7C%20Publinews&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YADAAUABAAAAAC~&jid=2021830352&gjid=153703935&cid=691347407.1661962582&tid=UA-90285-12&_gid=190023625.1661962582&_r=1&gtm=2wg8t0P5DVV5N&z=1287668733
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.publinews.gt/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 31 Aug 2022 16:16:22 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.publinews.gt
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/j/ 		2 B
22 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j96&a=1812898241&t=pageview&_s=1&dl=https%3A%2F%2Fwww.publinews.gt%2Fgt%2F&ul=en-us&de=UTF-8&dt=Noticias%2C%20Deportes%20y%20Espect%C3%A1culos%20de%20Guatemala%20y%20el%20Mundo%20%7C%20Publinews&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YADAAUABAAAAAC~&jid=442044019&gjid=115858906&cid=691347407.1661962582&tid=UA-52170176-1&_gid=190023625.1661962582&_r=1&gtm=2wg8t0K3XQFVX&z=219052761
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.publinews.gt/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 31 Aug 2022 16:16:22 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.publinews.gt
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/j/ 		2 B
22 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j96&a=1812898241&t=pageview&_s=1&dl=https%3A%2F%2Fwww.publinews.gt%2Fgt%2F&ul=en-us&de=UTF-8&dt=Noticias%2C%20Deportes%20y%20Espect%C3%A1culos%20de%20Guatemala%20y%20el%20Mundo%20%7C%20Publinews&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YADAAUABAAAAAC~&jid=594461262&gjid=1224267972&cid=691347407.1661962582&tid=UA-52170176-1&_gid=190023625.1661962582&_r=1&gtm=2ou8t0&z=1848037256
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.publinews.gt/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 31 Aug 2022 16:16:22 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.publinews.gt
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/j/ 		2 B
22 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j96&a=1812898241&t=pageview&_s=1&dl=https%3A%2F%2Fwww.publinews.gt%2Fgt%2F&ul=en-us&de=UTF-8&dt=Noticias%2C%20Deportes%20y%20Espect%C3%A1culos%20de%20Guatemala%20y%20el%20Mundo%20%7C%20Publinews&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YADAAUABAAAAAC~&jid=2095589435&gjid=1871512597&cid=691347407.1661962582&tid=UA-53456215-1&_gid=190023625.1661962582&_r=1&gtm=2wg8t0NQLFSFD&z=1936753130
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.publinews.gt/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 31 Aug 2022 16:16:22 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.publinews.gt
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/j/ 		2 B
22 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j96&a=1812898241&t=pageview&_s=1&dl=https%3A%2F%2Fwww.publinews.gt%2Fgt%2F&ul=en-us&de=UTF-8&dt=Noticias%2C%20Deportes%20y%20Espect%C3%A1culos%20de%20Guatemala%20y%20el%20Mundo%20%7C%20Publinews&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aADAAUABAAAAAC~&jid=1372708339&gjid=1855434217&cid=691347407.1661962582&tid=UA-90285-12&_gid=190023625.1661962582&_r=1&gtm=2ou8t0&z=823644519
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.publinews.gt/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 31 Aug 2022 16:16:22 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.publinews.gt
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2
expires
Fri, 01 Jan 1990 00:00:00 GMT
spc_fi.php
cdn.firstimpression.io/delivery/ 		58 KB
13 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.firstimpression.io/delivery/spc_fi.php?id=7934&url=%2Fgt%2F&charset=UTF-8&ch=16&ref=www.publinews.gt&viewerId=null&referer=&_firid=32432964
Requested by
Host: ecdn.firstimpression.io
URL: https://ecdn.firstimpression.io/fi_client.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.122.112 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-122-112.fra60.r.cloudfront.net
Software
nginx/1.20.0 / PHP/8.0.14
Resource Hash
7960ba7125f1ee1a38b063d895143864c12b69b00ab584f279528b28dd440573

Request headers

Accept
application/json, text/javascript, */*; q=0.01
Referer
https://www.publinews.gt/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Wed, 31 Aug 2022 16:16:22 GMT
content-encoding
gzip
x-amz-cf-pop
FRA60-P2
x-powered-by
PHP/8.0.14
x-cache
Miss from cloudfront
p3p
CP="CUR ADM OUR NOR STA NID"
pragma
no-cache
access-control-allow-origin
https://www.publinews.gt
server
nginx/1.20.0
vary
Accept-Encoding
content-type
application/json; charset=UTF-8
via
1.1 508d9aac3b0097e502b117c1e7390bb0.cloudfront.net (CloudFront)
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
x-amz-cf-id
GJeNMFtQbci16JsMR621NEaIvB6TtkfaRpq8shKG7felEXdlGKb7RA==
expires
0
Skin-upa-agosto-publinews-2022.jpg
static.publinews.gt/2022/07/ 		470 KB
470 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.publinews.gt/2022/07/Skin-upa-agosto-publinews-2022.jpg
Requested by
Host: www.publinews.gt
URL: https://www.publinews.gt/gt/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
49.12.125.168 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.168.125.12.49.clients.your-server.de
Software
nginx/1.20.1 /
Resource Hash
b07fe8d2c18f44d35ffaa187fd48bddc1ef81c69476cd0457279790e4c2e0725

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.publinews.gt/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

Date
Wed, 31 Aug 2022 16:16:22 GMT
Last-Modified
Fri, 29 Jul 2022 20:02:40 GMT
Server
nginx/1.20.1
ETag
"62e43ce0-756e3"
Content-Type
image/jpeg
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
480995
previa-quinta-etapa-vuelta-ciclistica-a-guatemala-2020-publinews-1-300x300.png
static.publinews.gt/2020/10/
Redirect Chain
  • https://www.publinews.gt/gt/wp-content/uploads/2020/10/previa-quinta-etapa-vuelta-ciclistica-a-guatemala-2020-publinews-1-300x300.png
  • https://static.publinews.gt/2020/10/previa-quinta-etapa-vuelta-ciclistica-a-guatemala-2020-publinews-1-300x300.png
136 KB
136 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.publinews.gt/2020/10/previa-quinta-etapa-vuelta-ciclistica-a-guatemala-2020-publinews-1-300x300.png
Requested by
Host: www.publinews.gt
URL: https://www.publinews.gt/gt/
Protocol
HTTP/1.1
Server
49.12.125.168 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.168.125.12.49.clients.your-server.de
Software
nginx/1.20.1 /
Resource Hash
a6f0352702b7604323c13594f1c3b74e58b11c1c0847a537511261d06f80ba25

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.publinews.gt/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

Date
Wed, 31 Aug 2022 16:16:22 GMT
Last-Modified
Tue, 27 Oct 2020 03:57:29 GMT
Server
nginx/1.20.1
ETag
"5f979aa9-21e6c"
Content-Type
image/png
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
138860

Redirect headers

Location
https://static.publinews.gt/2020/10/previa-quinta-etapa-vuelta-ciclistica-a-guatemala-2020-publinews-1-300x300.png
Date
Wed, 31 Aug 2022 16:16:22 GMT
Server
nginx/1.20.1
Connection
keep-alive
Content-Length
169
Content-Type
text/html
manifestacion-en-contra-de-suspencion-de-los-estatutos-del-COG-3-300x168.jpg
static.publinews.gt/2022/08/
Redirect Chain
  • https://www.publinews.gt/gt/wp-content/uploads/2022/08/manifestacion-en-contra-de-suspencion-de-los-estatutos-del-COG-3-300x168.jpg
  • https://static.publinews.gt/2022/08/manifestacion-en-contra-de-suspencion-de-los-estatutos-del-COG-3-300x168.jpg
16 KB
17 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.publinews.gt/2022/08/manifestacion-en-contra-de-suspencion-de-los-estatutos-del-COG-3-300x168.jpg
Requested by
Host: www.publinews.gt
URL: https://www.publinews.gt/gt/
Protocol
HTTP/1.1
Server
49.12.125.168 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.168.125.12.49.clients.your-server.de
Software
nginx/1.20.1 /
Resource Hash
f448ed9142035fd376ba0fe2bd66a804431bad6676b34725297b770d21d64f37

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.publinews.gt/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

Date
Wed, 31 Aug 2022 16:16:22 GMT
Last-Modified
Tue, 30 Aug 2022 18:52:09 GMT
Server
nginx/1.20.1
ETag
"630e5c59-4114"
Content-Type
image/jpeg
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
16660

Redirect headers

Location
https://static.publinews.gt/2022/08/manifestacion-en-contra-de-suspencion-de-los-estatutos-del-COG-3-300x168.jpg
Date
Wed, 31 Aug 2022 16:16:22 GMT
Server
nginx/1.20.1
Connection
keep-alive
Content-Length
169
Content-Type
text/html
view
securepubads.g.doubleclick.net/pcs/ Frame A312 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssZ7Y6RZ-bIhqs3GDW1dE_j3ZNE3ZktpQ4fG8AoOv2GyCzJJ-i5gt8N1EAlDG0MZxqJSL9RQNbKP-6nnb8HRjUIxYPquw1nbT5-Dnc-ZgU4M6VE7zf7Ch2-vskPznr__mdkoccTeZxiGJCZEIRwjsZkj3wYKr6hoErtZuOF6_9yOvOev-EIvRhnxR79eAWDRS1xPbQ5ToGY73H-m31OrbU_y8WWdTnvM98YkHK9CpIl0HonmiFgGlQ76CajT-d5m094CZjE7XdNj0IlHDVdYGLkAayr6hfF9BELXArDyL-jW0x_fWQTwZmk3atyHtm0kzPkx0rSL5xeKyHohIGCJmdbRTrxFAwv&sai=AMfl-YRUEnUsRJHw4HPISBcz_gkhyhOe5JwoBUM0i1s6Gg_7xnfs2z_WcFkiDPhSbl4DFeQM-ordzJU6ut_U5zH8NCMTH8X6aGxd-J01twi_EJzdajWbOLgedXbbupaLJgp_Bg&sig=Cg0ArKJSzC1sXFa0URy6EAE&uach_m=[UACH]&urlfix=1&adurl=
Requested by
Host: www.publinews.gt
URL: https://www.publinews.gt/gt/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.publinews.gt/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 31 Aug 2022 16:16:22 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
expires
Wed, 31 Aug 2022 16:16:22 GMT
index.html
ads.emisorasunidas.com/2022/08/upa/layerdk/ Frame 713B 		91 KB
92 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.emisorasunidas.com/2022/08/upa/layerdk/index.html
Requested by
Host: www.publinews.gt
URL: https://www.publinews.gt/gt/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
144.76.115.197 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.197.115.76.144.clients.your-server.de
Software
Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.3.33 /
Resource Hash
def3fda286cea0ab75ea959813f6965f453356dc35b05fac9e48921cbf3d4668

Request headers

Referer
https://www.publinews.gt/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Accept-Ranges
bytes
Connection
Keep-Alive
Content-Length
93369
Content-Type
text/html; charset=UTF-8
Date
Wed, 31 Aug 2022 16:16:22 GMT
ETag
"16cb9-5e4cac90dc696"
Keep-Alive
timeout=5, max=100
Last-Modified
Wed, 27 Jul 2022 15:08:11 GMT
Server
Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.3.33
index.html
ads.emisorasunidas.com/2022/08/upa/layerdk/ Frame 90CA 		91 KB
92 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.emisorasunidas.com/2022/08/upa/layerdk/index.html
Requested by
Host: www.publinews.gt
URL: https://www.publinews.gt/gt/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
144.76.115.197 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.197.115.76.144.clients.your-server.de
Software
Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.3.33 /
Resource Hash
def3fda286cea0ab75ea959813f6965f453356dc35b05fac9e48921cbf3d4668

Request headers

Referer
https://www.publinews.gt/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Accept-Ranges
bytes
Connection
Keep-Alive
Content-Length
93369
Content-Type
text/html; charset=UTF-8
Date
Wed, 31 Aug 2022 16:16:22 GMT
ETag
"16cb9-5e4cac90dc696"
Keep-Alive
timeout=5, max=100
Last-Modified
Wed, 27 Jul 2022 15:08:11 GMT
Server
Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.3.33
index.html
ads.emisorasunidas.com/2022/08/upa/layerdk/ Frame 0295 		91 KB
92 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.emisorasunidas.com/2022/08/upa/layerdk/index.html
Requested by
Host: www.publinews.gt
URL: https://www.publinews.gt/gt/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
144.76.115.197 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.197.115.76.144.clients.your-server.de
Software
Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.3.33 /
Resource Hash
def3fda286cea0ab75ea959813f6965f453356dc35b05fac9e48921cbf3d4668

Request headers

Referer
https://www.publinews.gt/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Accept-Ranges
bytes
Connection
Keep-Alive
Content-Length
93369
Content-Type
text/html; charset=UTF-8
Date
Wed, 31 Aug 2022 16:16:22 GMT
ETag
"16cb9-5e4cac90dc696"
Keep-Alive
timeout=5, max=99
Last-Modified
Wed, 27 Jul 2022 15:08:11 GMT
Server
Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.3.33
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame A312 		141 KB
44 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022082501.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3d94a91612f816c172c583d17bb06e140969a22fae663e7b8cae7d18d55eb2c6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.publinews.gt/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Wed, 31 Aug 2022 16:16:22 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
44757
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1661773661488070"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Wed, 31 Aug 2022 16:16:22 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame A312 		0
29 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssZ7Y6RZ-bIhqs3GDW1dE_j3ZNE3ZktpQ4fG8AoOv2GyCzJJ-i5gt8N1EAlDG0MZxqJSL9RQNbKP-6nnb8HRjUIxYPquw1nbT5-Dnc-ZgU4M6VE7zf7Ch2-vskPznr__mdkoccTeZxiGJCZEIRwjsZkj3wYKr6hoErtZuOF6_9yOvOev-EIvRhnxR79eAWDRS1xPbQ5ToGY73H-m31OrbU_y8WWdTnvM98YkHK9CpIl0HonmiFgGlQ76CajT-d5m094CZjE7XdNj0IlHDVdYGLkAayr6hfF9BELXArDyL-jW0x_fWQTwZmk3atyHtm0kzPkx0rSL5xeKyHohIGCJmdbRTrxFAwv&sai=AMfl-YRUEnUsRJHw4HPISBcz_gkhyhOe5JwoBUM0i1s6Gg_7xnfs2z_WcFkiDPhSbl4DFeQM-ordzJU6ut_U5zH8NCMTH8X6aGxd-J01twi_EJzdajWbOLgedXbbupaLJgp_Bg&sig=Cg0ArKJSzC1sXFa0URy6EAE&uach_m=[UACH]&urlfix=1&adurl=
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022082501.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.publinews.gt/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 31 Aug 2022 16:16:22 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
expires
Wed, 31 Aug 2022 16:16:22 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		26 KB
11 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=370390444806995&correlator=226001996987965&eid=31069126%2C31062931&output=ldjh&gdfp_req=1&vrg=2022082501&ptt=17&impl=fif&iu_parts=168615172%2CGT_PN%2Cad_300x250_4&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=300x600%7C320x320%7C300x250%7C300x400&ifi=5&adks=1855378003&sfv=1-0-38&fsapi=false&sc=1&cookie=ID%3D3e919791225ba04a-22279d160fce002a%3AT%3D1661962582%3AS%3DALNI_Ma962-5CeT1YBQGE3h12GnrP9tFJQ&abxe=1&dt=1661962582443&lmt=1661962582&dlt=1661962581641&idt=513&adxs=805&adys=1129&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=4&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fwww.publinews.gt%2Fgt%2F&frm=20&vis=1&psz=500x250&msz=500x250&fws=0&ohw=0&psts=AEC3cPJxP7lRRJY5ElFBgoyERqWx7OwauXNXxj0c4ue21MwScE6-qdJ026_5QdVbW13FYR2uyTbCeyisl8holVGjXklz7Q&ga_vid=691347407.1661962582&ga_sid=1661962582&ga_hid=1812898241&ga_fc=true
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022082501.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e08ca4668af0a3d0190e803f3f230d63c93a200fa35a234e3190a81a5f40767f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.publinews.gt/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Wed, 31 Aug 2022 16:16:22 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11575
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.publinews.gt
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
coronaVirus.jpg
static.publinews.gt/2020/06/ 		78 KB
78 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.publinews.gt/2020/06/coronaVirus.jpg
Requested by
Host: www.publinews.gt
URL: https://www.publinews.gt/gt/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
49.12.125.168 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.168.125.12.49.clients.your-server.de
Software
nginx/1.20.1 /
Resource Hash
20a7cab4c3d02182a4adf415218a7bf45485746273fba452bf48c4d3cf5df9d7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.publinews.gt/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

Date
Wed, 31 Aug 2022 16:16:22 GMT
Last-Modified
Mon, 29 Jun 2020 04:49:00 GMT
Server
nginx/1.20.1
ETag
"5ef972bc-137fb"
Content-Type
image/jpeg
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
79867
accidente-de-transito-300x168.jpg
static.publinews.gt/2022/08/
Redirect Chain
  • https://www.publinews.gt/gt/wp-content/uploads/2022/08/accidente-de-transito-300x168.jpg
  • https://static.publinews.gt/2022/08/accidente-de-transito-300x168.jpg
17 KB
17 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.publinews.gt/2022/08/accidente-de-transito-300x168.jpg
Requested by
Host: www.publinews.gt
URL: https://www.publinews.gt/gt/
Protocol
HTTP/1.1
Server
49.12.125.168 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.168.125.12.49.clients.your-server.de
Software
nginx/1.20.1 /
Resource Hash
f8100ddd5433052f55abbd975cbaf4d300b5acaeef36e0e47e8a285941920bd7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.publinews.gt/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

Date
Wed, 31 Aug 2022 16:16:22 GMT
Last-Modified
Wed, 31 Aug 2022 14:58:10 GMT
Server
nginx/1.20.1
ETag
"630f7702-449d"
Content-Type
image/jpeg
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
17565

Redirect headers

Location
https://static.publinews.gt/2022/08/accidente-de-transito-300x168.jpg
Date
Wed, 31 Aug 2022 16:16:22 GMT
Server
nginx/1.20.1
Connection
keep-alive
Content-Length
169
Content-Type
text/html
accidente-de-transito-trailer-volcado-periferico-31-agosto-2022-pmt-300x168.jpg
static.publinews.gt/2022/08/
Redirect Chain
  • https://www.publinews.gt/gt/wp-content/uploads/2022/08/accidente-de-transito-trailer-volcado-periferico-31-agosto-2022-pmt-300x168.jpg
  • https://static.publinews.gt/2022/08/accidente-de-transito-trailer-volcado-periferico-31-agosto-2022-pmt-300x168.jpg
15 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.publinews.gt/2022/08/accidente-de-transito-trailer-volcado-periferico-31-agosto-2022-pmt-300x168.jpg
Requested by
Host: www.publinews.gt
URL: https://www.publinews.gt/gt/
Protocol
HTTP/1.1
Server
49.12.125.168 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.168.125.12.49.clients.your-server.de
Software
nginx/1.20.1 /
Resource Hash
ad0cb034a1ea6a2c67906a36f384b1960f3130f9a8605feb0d030878a508c8a1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.publinews.gt/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

Date
Wed, 31 Aug 2022 16:16:22 GMT
Last-Modified
Wed, 31 Aug 2022 14:25:42 GMT
Server
nginx/1.20.1
ETag
"630f6f66-3ae1"
Content-Type
image/jpeg
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
15073

Redirect headers

Location
https://static.publinews.gt/2022/08/accidente-de-transito-trailer-volcado-periferico-31-agosto-2022-pmt-300x168.jpg
Date
Wed, 31 Aug 2022 16:16:22 GMT
Server
nginx/1.20.1
Connection
keep-alive
Content-Length
169
Content-Type
text/html
nelson-carreras-publinews-300x168.jpg
static.publinews.gt/2022/08/
Redirect Chain
  • https://www.publinews.gt/gt/wp-content/uploads/2022/08/nelson-carreras-publinews-300x168.jpg
  • https://static.publinews.gt/2022/08/nelson-carreras-publinews-300x168.jpg
14 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.publinews.gt/2022/08/nelson-carreras-publinews-300x168.jpg
Requested by
Host: www.publinews.gt
URL: https://www.publinews.gt/gt/
Protocol
HTTP/1.1
Server
49.12.125.168 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.168.125.12.49.clients.your-server.de
Software
nginx/1.20.1 /
Resource Hash
1b15e526bc6cb6b3e03ab22a6c585f1ca05e34bbee1be501676126492fb3c8a8

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.publinews.gt/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

Date
Wed, 31 Aug 2022 16:16:22 GMT
Last-Modified
Mon, 08 Aug 2022 04:24:21 GMT
Server
nginx/1.20.1
ETag
"62f08ff5-378b"
Content-Type
image/jpeg
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
14219

Redirect headers

Location
https://static.publinews.gt/2022/08/nelson-carreras-publinews-300x168.jpg
Date
Wed, 31 Aug 2022 16:16:22 GMT
Server
nginx/1.20.1
Connection
keep-alive
Content-Length
169
Content-Type
text/html
hospital-san-juan-de-dios-pandemia-covid-19-coronavirus-guatemala-1-de-septiembre-2021-publinews-edwin-bercian-7-300x168.jpg
static.publinews.gt/2021/09/
Redirect Chain
  • https://www.publinews.gt/gt/wp-content/uploads/2021/09/hospital-san-juan-de-dios-pandemia-covid-19-coronavirus-guatemala-1-de-septiembre-2021-publinews-edwin-bercian-7-300x168.jpg
  • https://static.publinews.gt/2021/09/hospital-san-juan-de-dios-pandemia-covid-19-coronavirus-guatemala-1-de-septiembre-2021-publinews-edwin-bercian-7-300x168.jpg
13 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.publinews.gt/2021/09/hospital-san-juan-de-dios-pandemia-covid-19-coronavirus-guatemala-1-de-septiembre-2021-publinews-edwin-bercian-7-300x168.jpg
Requested by
Host: www.publinews.gt
URL: https://www.publinews.gt/gt/
Protocol
HTTP/1.1
Server
49.12.125.168 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.168.125.12.49.clients.your-server.de
Software
nginx/1.20.1 /
Resource Hash
5481dd7de36de039271fe67000794500e2b58e5c3928941c2d455c90da69f596

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.publinews.gt/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

Date
Wed, 31 Aug 2022 16:16:22 GMT
Last-Modified
Wed, 01 Sep 2021 19:06:00 GMT
Server
nginx/1.20.1
ETag
"612fcf18-33e1"
Content-Type
image/jpeg
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
13281

Redirect headers

Location
https://static.publinews.gt/2021/09/hospital-san-juan-de-dios-pandemia-covid-19-coronavirus-guatemala-1-de-septiembre-2021-publinews-edwin-bercian-7-300x168.jpg
Date
Wed, 31 Aug 2022 16:16:22 GMT
Server
nginx/1.20.1
Connection
keep-alive
Content-Length
169
Content-Type
text/html
laboratorio-movil-hisopados-pruebas-covid-19-coronavirus-guatemala-julio-2022-3-foto-ministerio-de-salud-187x140.jpg
static.publinews.gt/2022/07/
Redirect Chain
  • https://www.publinews.gt/gt/wp-content/uploads/2022/07/laboratorio-movil-hisopados-pruebas-covid-19-coronavirus-guatemala-julio-2022-3-foto-ministerio-de-salud-187x140.jpg
  • https://static.publinews.gt/2022/07/laboratorio-movil-hisopados-pruebas-covid-19-coronavirus-guatemala-julio-2022-3-foto-ministerio-de-salud-187x140.jpg
9 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.publinews.gt/2022/07/laboratorio-movil-hisopados-pruebas-covid-19-coronavirus-guatemala-julio-2022-3-foto-ministerio-de-salud-187x140.jpg
Requested by
Host: www.publinews.gt
URL: https://www.publinews.gt/gt/
Protocol
HTTP/1.1
Server
49.12.125.168 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.168.125.12.49.clients.your-server.de
Software
nginx/1.20.1 /
Resource Hash
d9d5edd148587000bfe55d7aac8dbb8cca56983ea943193fc9a86fa75f9febc8

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.publinews.gt/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

Date
Wed, 31 Aug 2022 16:16:22 GMT
Last-Modified
Wed, 06 Jul 2022 15:48:35 GMT
Server
nginx/1.20.1
ETag
"62c5aed3-224a"
Content-Type
image/jpeg
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
8778

Redirect headers

Location
https://static.publinews.gt/2022/07/laboratorio-movil-hisopados-pruebas-covid-19-coronavirus-guatemala-julio-2022-3-foto-ministerio-de-salud-187x140.jpg
Date
Wed, 31 Aug 2022 16:16:22 GMT
Server
nginx/1.20.1
Connection
keep-alive
Content-Length
169
Content-Type
text/html
pruebas-covid-19-hisopados-plaza-constitucion-publinews5-187x140.jpg
static.publinews.gt/2022/07/
Redirect Chain
  • https://www.publinews.gt/gt/wp-content/uploads/2022/07/pruebas-covid-19-hisopados-plaza-constitucion-publinews5-187x140.jpg
  • https://static.publinews.gt/2022/07/pruebas-covid-19-hisopados-plaza-constitucion-publinews5-187x140.jpg
7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.publinews.gt/2022/07/pruebas-covid-19-hisopados-plaza-constitucion-publinews5-187x140.jpg
Requested by
Host: www.publinews.gt
URL: https://www.publinews.gt/gt/
Protocol
HTTP/1.1
Server
49.12.125.168 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.168.125.12.49.clients.your-server.de
Software
nginx/1.20.1 /
Resource Hash
4fe5b47e7a09066a05bddeccd186c45d843df3ca22377b8c8d6e49d9fcd53f7f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.publinews.gt/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

Date
Wed, 31 Aug 2022 16:16:22 GMT
Last-Modified
Sat, 09 Jul 2022 19:41:26 GMT
Server
nginx/1.20.1
ETag
"62c9d9e6-1aea"
Content-Type
image/jpeg
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
6890

Redirect headers

Location
https://static.publinews.gt/2022/07/pruebas-covid-19-hisopados-plaza-constitucion-publinews5-187x140.jpg
Date
Wed, 31 Aug 2022 16:16:22 GMT
Server
nginx/1.20.1
Connection
keep-alive
Content-Length
169
Content-Type
text/html
corea-norte-reporta-4-posibles-nuevos-casos-covid-19-publinews-187x140.jpg
static.publinews.gt/2022/08/
Redirect Chain
  • https://www.publinews.gt/gt/wp-content/uploads/2022/08/corea-norte-reporta-4-posibles-nuevos-casos-covid-19-publinews-187x140.jpg
  • https://static.publinews.gt/2022/08/corea-norte-reporta-4-posibles-nuevos-casos-covid-19-publinews-187x140.jpg
7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.publinews.gt/2022/08/corea-norte-reporta-4-posibles-nuevos-casos-covid-19-publinews-187x140.jpg
Requested by
Host: www.publinews.gt
URL: https://www.publinews.gt/gt/
Protocol
HTTP/1.1
Server
49.12.125.168 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.168.125.12.49.clients.your-server.de
Software
nginx/1.20.1 /
Resource Hash
0ff7037954a24b7731d5a03a63186a85b4a7198516650a00fb3cd0620d7d06e2

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.publinews.gt/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

Date
Wed, 31 Aug 2022 16:16:22 GMT
Last-Modified
Thu, 25 Aug 2022 13:59:11 GMT
Server
nginx/1.20.1
ETag
"6307802f-1a03"
Content-Type
image/jpeg
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
6659

Redirect headers

Location
https://static.publinews.gt/2022/08/corea-norte-reporta-4-posibles-nuevos-casos-covid-19-publinews-187x140.jpg
Date
Wed, 31 Aug 2022 16:16:22 GMT
Server
nginx/1.20.1
Connection
keep-alive
Content-Length
169
Content-Type
text/html
collect
region1.analytics.google.com/g/ 		0
17 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.analytics.google.com/g/collect?v=2&tid=G-5QX73SF3RL&gtm=2oe8t0&_p=1812898241&cid=691347407.1661962582&ul=en-us&sr=1600x1200&_z=ccd.v9B&_s=2&sid=1661962582&sct=1&seg=0&dl=https%3A%2F%2Fwww.publinews.gt%2Fgt%2F&dt=Noticias%2C%20Deportes%20y%20Espect%C3%A1culos%20de%20Guatemala%20y%20el%20Mundo%20%7C%20Publinews&en=scroll&epn.percent_scrolled=90&_et=38
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-5QX73SF3RL
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.publinews.gt/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 31 Aug 2022 16:16:22 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.publinews.gt
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		18 KB
10 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=370390444806995&correlator=226001996987965&eid=31069126%2C31062931&output=ldjh&gdfp_req=1&vrg=2022082501&ptt=17&impl=fif&iu_parts=168615172%2CGT_PN%2Cad_300x250_2&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=300x250%7C300x400%7C300x600%7C320x320&ifi=6&adks=1216183410&sfv=1-0-38&fsapi=false&sc=1&cookie=ID%3D3e919791225ba04a-22279d160fce002a%3AT%3D1661962582%3AS%3DALNI_Ma962-5CeT1YBQGE3h12GnrP9tFJQ&abxe=1&dt=1661962582486&lmt=1661962582&dlt=1661962581641&idt=513&adxs=1148&adys=2032&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=1&ucis=5&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fwww.publinews.gt%2Fgt%2F&frm=20&vis=1&psz=332x28&msz=332x28&fws=0&ohw=0&psts=AEC3cPJxP7lRRJY5ElFBgoyERqWx7OwauXNXxj0c4ue21MwScE6-qdJ026_5QdVbW13FYR2uyTbCeyisl8holVGjXklz7Q&ga_vid=691347407.1661962582&ga_sid=1661962582&ga_hid=1812898241&ga_fc=true
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022082501.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
eed11e03f7adce468116318c30e5848dd0bde2472fb52db33557a348082f43fc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.publinews.gt/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Wed, 31 Aug 2022 16:16:23 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9932
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.publinews.gt
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/j/ 		4 B
25 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-53456215-1&cid=691347407.1661962582&jid=1464853756&gjid=660142062&_gid=190023625.1661962582&_u=YADAAUAAAAAAAC~&z=512604637
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400c:c09::9c Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.publinews.gt/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
date
Wed, 31 Aug 2022 16:16:22 GMT
content-type
text/plain
access-control-allow-origin
https://www.publinews.gt
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/j/ 		1 B
22 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-52170176-1&cid=691347407.1661962582&jid=594461262&gjid=1224267972&_gid=190023625.1661962582&_u=YADAAUABAAAAAC~&z=2027758886
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400c:c09::9c Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.publinews.gt/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
date
Wed, 31 Aug 2022 16:16:22 GMT
content-type
text/plain
access-control-allow-origin
https://www.publinews.gt
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/j/ 		4 B
25 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-53456215-1&cid=691347407.1661962582&jid=2095589435&gjid=1871512597&_gid=190023625.1661962582&_u=YADAAUABAAAAAC~&z=1945847744
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400c:c09::9c Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.publinews.gt/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
date
Wed, 31 Aug 2022 16:16:22 GMT
content-type
text/plain
access-control-allow-origin
https://www.publinews.gt
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/j/ 		1 B
22 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-52170176-1&cid=691347407.1661962582&jid=442044019&gjid=115858906&_gid=190023625.1661962582&_u=YADAAUABAAAAAC~&z=204966433
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400c:c09::9c Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.publinews.gt/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
date
Wed, 31 Aug 2022 16:16:22 GMT
content-type
text/plain
access-control-allow-origin
https://www.publinews.gt
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/j/ 		4 B
25 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-90285-12&cid=691347407.1661962582&jid=2021830352&gjid=153703935&_gid=190023625.1661962582&_u=YADAAUABAAAAAC~&z=1383491655
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400c:c09::9c Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.publinews.gt/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
date
Wed, 31 Aug 2022 16:16:22 GMT
content-type
text/plain
access-control-allow-origin
https://www.publinews.gt
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/j/ 		4 B
25 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-90285-12&cid=691347407.1661962582&jid=1372708339&gjid=1855434217&_gid=190023625.1661962582&_u=aADAAUABAAAAAC~&z=1037465349
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400c:c09::9c Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.publinews.gt/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
date
Wed, 31 Aug 2022 16:16:22 GMT
content-type
text/plain
access-control-allow-origin
https://www.publinews.gt
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
pacientes-en-el-hospital-roosevelt-en-guatemala-dan-positivo-a-pruebas-de-covid-19-pandemia-coronavirus-31-de-enero-de-2022-fotos-publinews-300x300.jpg
static.publinews.gt/2022/01/
Redirect Chain
  • https://www.publinews.gt/gt/wp-content/uploads/2022/01/pacientes-en-el-hospital-roosevelt-en-guatemala-dan-positivo-a-pruebas-de-covid-19-pandemia-coronavirus-31-de-enero-de-2022-fotos-publinews-30...
  • https://static.publinews.gt/2022/01/pacientes-en-el-hospital-roosevelt-en-guatemala-dan-positivo-a-pruebas-de-covid-19-pandemia-coronavirus-31-de-enero-de-2022-fotos-publinews-300x300.jpg
13 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.publinews.gt/2022/01/pacientes-en-el-hospital-roosevelt-en-guatemala-dan-positivo-a-pruebas-de-covid-19-pandemia-coronavirus-31-de-enero-de-2022-fotos-publinews-300x300.jpg
Requested by
Host: www.publinews.gt
URL: https://www.publinews.gt/gt/
Protocol
HTTP/1.1
Server
49.12.125.168 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.168.125.12.49.clients.your-server.de
Software
nginx/1.20.1 /
Resource Hash
501e62c6e0c1d488fc66e31ced03aba2702df783387148fe1b8c4239bcc7d074

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.publinews.gt/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

Date
Wed, 31 Aug 2022 16:16:22 GMT
Last-Modified
Mon, 31 Jan 2022 19:32:54 GMT
Server
nginx/1.20.1
ETag
"61f83966-330d"
Content-Type
image/jpeg
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
13069

Redirect headers

Location
https://static.publinews.gt/2022/01/pacientes-en-el-hospital-roosevelt-en-guatemala-dan-positivo-a-pruebas-de-covid-19-pandemia-coronavirus-31-de-enero-de-2022-fotos-publinews-300x300.jpg
Date
Wed, 31 Aug 2022 16:16:22 GMT
Server
nginx/1.20.1
Connection
keep-alive
Content-Length
169
Content-Type
text/html
jornada-vacunacion-contra-la-covid-coronavirus-en-paseo-la-sexta-avenida-guatemala-zona-1-7-de-febrero-2022-foto-edwin-bercian-publinews-emisoras-unidas-4-300x300.jpg
static.publinews.gt/2022/02/
Redirect Chain
  • https://www.publinews.gt/gt/wp-content/uploads/2022/02/jornada-vacunacion-contra-la-covid-coronavirus-en-paseo-la-sexta-avenida-guatemala-zona-1-7-de-febrero-2022-foto-edwin-bercian-publinews-emiso...
  • https://static.publinews.gt/2022/02/jornada-vacunacion-contra-la-covid-coronavirus-en-paseo-la-sexta-avenida-guatemala-zona-1-7-de-febrero-2022-foto-edwin-bercian-publinews-emisoras-unidas-4-300x30...
16 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.publinews.gt/2022/02/jornada-vacunacion-contra-la-covid-coronavirus-en-paseo-la-sexta-avenida-guatemala-zona-1-7-de-febrero-2022-foto-edwin-bercian-publinews-emisoras-unidas-4-300x300.jpg
Requested by
Host: www.publinews.gt
URL: https://www.publinews.gt/gt/
Protocol
HTTP/1.1
Server
49.12.125.168 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.168.125.12.49.clients.your-server.de
Software
nginx/1.20.1 /
Resource Hash
e35db8b1d2fa2c61290c6d2963bbb8c944825be440a59e40c2ca6a8e1bbdba3e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.publinews.gt/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

Date
Wed, 31 Aug 2022 16:16:22 GMT
Last-Modified
Mon, 07 Feb 2022 19:00:53 GMT
Server
nginx/1.20.1
ETag
"62016c65-3e54"
Content-Type
image/jpeg
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
15956

Redirect headers

Location
https://static.publinews.gt/2022/02/jornada-vacunacion-contra-la-covid-coronavirus-en-paseo-la-sexta-avenida-guatemala-zona-1-7-de-febrero-2022-foto-edwin-bercian-publinews-emisoras-unidas-4-300x300.jpg
Date
Wed, 31 Aug 2022 16:16:22 GMT
Server
nginx/1.20.1
Connection
keep-alive
Content-Length
169
Content-Type
text/html
jeringa-vacuna-300x300.jpg
static.publinews.gt/2022/08/
Redirect Chain
  • https://www.publinews.gt/gt/wp-content/uploads/2022/08/jeringa-vacuna-300x300.jpg
  • https://static.publinews.gt/2022/08/jeringa-vacuna-300x300.jpg
13 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.publinews.gt/2022/08/jeringa-vacuna-300x300.jpg
Requested by
Host: www.publinews.gt
URL: https://www.publinews.gt/gt/
Protocol
HTTP/1.1
Server
49.12.125.168 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.168.125.12.49.clients.your-server.de
Software
nginx/1.20.1 /
Resource Hash
f85d0f6cef01d5f18cfc5a169161c7d723039494ef0fc712878aafc2e690fbd9

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.publinews.gt/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

Date
Wed, 31 Aug 2022 16:16:22 GMT
Last-Modified
Wed, 31 Aug 2022 05:40:27 GMT
Server
nginx/1.20.1
ETag
"630ef44b-35c1"
Content-Type
image/jpeg
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
13761

Redirect headers

Location
https://static.publinews.gt/2022/08/jeringa-vacuna-300x300.jpg
Date
Wed, 31 Aug 2022 16:16:22 GMT
Server
nginx/1.20.1
Connection
keep-alive
Content-Length
169
Content-Type
text/html
Candidoilegalidades-300x168.jpg
static.publinews.gt/2022/08/
Redirect Chain
  • https://www.publinews.gt/gt/wp-content/uploads/2022/08/Candidoilegalidades-300x168.jpg
  • https://static.publinews.gt/2022/08/Candidoilegalidades-300x168.jpg
10 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.publinews.gt/2022/08/Candidoilegalidades-300x168.jpg
Requested by
Host: www.publinews.gt
URL: https://www.publinews.gt/gt/
Protocol
HTTP/1.1
Server
49.12.125.168 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.168.125.12.49.clients.your-server.de
Software
nginx/1.20.1 /
Resource Hash
f57845b064a26d7f08b24b1ab52fc7e0b6fc185cf3d3a6818f882faa7c9c46ef

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.publinews.gt/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

Date
Wed, 31 Aug 2022 16:16:22 GMT
Last-Modified
Wed, 31 Aug 2022 04:10:02 GMT
Server
nginx/1.20.1
ETag
"630edf1a-27c0"
Content-Type
image/jpeg
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
10176

Redirect headers

Location
https://static.publinews.gt/2022/08/Candidoilegalidades-300x168.jpg
Date
Wed, 31 Aug 2022 16:16:22 GMT
Server
nginx/1.20.1
Connection
keep-alive
Content-Length
169
Content-Type
text/html
omar-franco-extitular-sat-300x300.jpg
static.publinews.gt/2022/08/
Redirect Chain
  • https://www.publinews.gt/gt/wp-content/uploads/2022/08/omar-franco-extitular-sat-300x300.jpg
  • https://static.publinews.gt/2022/08/omar-franco-extitular-sat-300x300.jpg
14 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.publinews.gt/2022/08/omar-franco-extitular-sat-300x300.jpg
Requested by
Host: www.publinews.gt
URL: https://www.publinews.gt/gt/
Protocol
HTTP/1.1
Server
49.12.125.168 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.168.125.12.49.clients.your-server.de
Software
nginx/1.20.1 /
Resource Hash
ba64d0b9ec6285834517ef3f3d3029ec5e07c50380f911de891f7a92216d7562

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.publinews.gt/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

Date
Wed, 31 Aug 2022 16:16:22 GMT
Last-Modified
Wed, 31 Aug 2022 01:32:26 GMT
Server
nginx/1.20.1
ETag
"630eba2a-378d"
Content-Type
image/jpeg
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
14221

Redirect headers

Location
https://static.publinews.gt/2022/08/omar-franco-extitular-sat-300x300.jpg
Date
Wed, 31 Aug 2022 16:16:22 GMT
Server
nginx/1.20.1
Connection
keep-alive
Content-Length
169
Content-Type
text/html
inauguran-edificio-atencion-animal-santa-catarina-pinula-187x140.jpg
static.publinews.gt/2022/08/
Redirect Chain
  • https://www.publinews.gt/gt/wp-content/uploads/2022/08/inauguran-edificio-atencion-animal-santa-catarina-pinula-187x140.jpg
  • https://static.publinews.gt/2022/08/inauguran-edificio-atencion-animal-santa-catarina-pinula-187x140.jpg
8 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.publinews.gt/2022/08/inauguran-edificio-atencion-animal-santa-catarina-pinula-187x140.jpg
Requested by
Host: www.publinews.gt
URL: https://www.publinews.gt/gt/
Protocol
HTTP/1.1
Server
49.12.125.168 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.168.125.12.49.clients.your-server.de
Software
nginx/1.20.1 /
Resource Hash
bebd22e0d2e170ed848979c4a2d7b46b947aab1f85887421bc99bcf8cb18a535

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.publinews.gt/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

Date
Wed, 31 Aug 2022 16:16:22 GMT
Last-Modified
Wed, 31 Aug 2022 00:10:04 GMT
Server
nginx/1.20.1
ETag
"630ea6dc-212c"
Content-Type
image/jpeg
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
8492

Redirect headers

Location
https://static.publinews.gt/2022/08/inauguran-edificio-atencion-animal-santa-catarina-pinula-187x140.jpg
Date
Wed, 31 Aug 2022 16:16:22 GMT
Server
nginx/1.20.1
Connection
keep-alive
Content-Length
169
Content-Type
text/html
heart-intercambio-medicos-eeuu-guatemala-187x140.jpg
static.publinews.gt/2022/08/
Redirect Chain
  • https://www.publinews.gt/gt/wp-content/uploads/2022/08/heart-intercambio-medicos-eeuu-guatemala-187x140.jpg
  • https://static.publinews.gt/2022/08/heart-intercambio-medicos-eeuu-guatemala-187x140.jpg
8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.publinews.gt/2022/08/heart-intercambio-medicos-eeuu-guatemala-187x140.jpg
Requested by
Host: www.publinews.gt
URL: https://www.publinews.gt/gt/
Protocol
HTTP/1.1
Server
49.12.125.168 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.168.125.12.49.clients.your-server.de
Software
nginx/1.20.1 /
Resource Hash
25742a542a49a5e301deb22ccbbf81d19f779a63427ba59eff1a01ce68fd29ca

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.publinews.gt/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

Date
Wed, 31 Aug 2022 16:16:22 GMT
Last-Modified
Tue, 30 Aug 2022 20:56:01 GMT
Server
nginx/1.20.1
ETag
"630e7961-20b8"
Content-Type
image/jpeg
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
8376

Redirect headers

Location
https://static.publinews.gt/2022/08/heart-intercambio-medicos-eeuu-guatemala-187x140.jpg
Date
Wed, 31 Aug 2022 16:16:22 GMT
Server
nginx/1.20.1
Connection
keep-alive
Content-Length
169
Content-Type
text/html
/
tag.escalated.io/ 		103 KB
40 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tag.escalated.io/?i=KxxajmhPPCsT&d=www.publinews.gt&type=display&cust=7934&sid=direct&c=&cust2=direct
Requested by
Host: ecdn.firstimpression.io
URL: https://ecdn.firstimpression.io/fi_client.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.78.253.158 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-78-253-158.eu-west-1.compute.amazonaws.com
Software
Apache /
Resource Hash
e2bc317a3f54afb1933d31d4f51a70dfa52a29e19a02bf8dadaebb3f4596b56f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.publinews.gt/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

Date
Wed, 31 Aug 2022 16:16:22 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Last-Modified
Mon, 29 Aug 2022 15:02:45 GMT
Server
Apache
ETag
"19c1a-5e7628e5faf40"
Vary
Accept-Encoding
Content-Type
text/javascript
Connection
close
Accept-Ranges
bytes
Content-Length
40512
X-XSS-Protection
1; mode=block
collect
cdn.firstimpression.io/tracking/ 		2 B
409 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://cdn.firstimpression.io/tracking/collect?b=1
Requested by
Host: ecdn.firstimpression.io
URL: https://ecdn.firstimpression.io/fi_client.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.122.112 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-122-112.fra60.r.cloudfront.net
Software
/
Resource Hash
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3

Request headers

Referer
https://www.publinews.gt/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
Content-Type
application/x-www-form-urlencoded;charset=UTF-8

Response headers

date
Wed, 31 Aug 2022 16:16:22 GMT
access-control-request-method
*
x-amz-cf-pop
FRA60-P2
access-control-allow-methods
OPTIONS, GET, POST
content-type
text/plain
access-control-allow-origin
https://www.publinews.gt
access-control-allow-credentials
true
x-cache
Miss from cloudfront
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
content-length
2
via
1.1 508d9aac3b0097e502b117c1e7390bb0.cloudfront.net (CloudFront)
x-amz-cf-id
08N2UxHcyjza-OpLu1iEeW2bd59KgK0p8Z2cuwg5PwUKjTjr4Fvf4Q==
prebidamp.js
ecdn.firstimpression.io/static/js/ 		312 KB
97 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ecdn.firstimpression.io/static/js/prebidamp.js
Requested by
Host: ecdn.firstimpression.io
URL: https://ecdn.firstimpression.io/fi_client.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.84.106.61 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-84-106-61.bud50.r.cloudfront.net
Software
nginx/1.20.0 /
Resource Hash
9180f589b3c6ace89b0d577f9bbc4d136d2fab3e2c19831caa0bd815f0702d83

Request headers

Referer
https://www.publinews.gt/
Origin
https://www.publinews.gt
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Wed, 31 Aug 2022 16:14:01 GMT
content-encoding
gzip
last-modified
Tue, 14 Dec 2021 15:30:51 GMT
server
nginx/1.20.0
age
306
etag
W/"61b8b8ab-4e128"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=3600
x-amz-cf-pop
BUD50-C1
x-amz-cf-id
-nq-3JkTg1R2dJq9YiiksCAL7YKQZyVnGt0Ugyp94qbjql3X7QDnxg==
via
1.1 e2f809a20f7d3a7f8eef1c1b1cfdcc94.cloudfront.net (CloudFront)
expires
Wed, 31 Aug 2022 17:11:16 GMT
creative.js
cdn.jsdelivr.net/npm/prebid-universal-creative@latest/dist/ 		26 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/npm/prebid-universal-creative@latest/dist/creative.js
Requested by
Host: ecdn.firstimpression.io
URL: https://ecdn.firstimpression.io/fi_client.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:5614 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e72a4d605e3d5af4047f1f34af4008981be221e0809e57805c6011c451f81c14
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.publinews.gt/
Origin
https://www.publinews.gt
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Wed, 31 Aug 2022 16:16:22 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
21505
x-jsd-version
1.13.0
x-cache
HIT
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; includeSubDomains; preload
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-served-by
cache-fra19150-FRA
timing-allow-origin
*
x-jsd-version-type
version
server
cloudflare
etag
W/"682b-2ihEYwqesMldd0dS8BiHEV2ELiA"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=glGkibUflJ4qivP4WR%2Bi9cNOMXbxHoKHB0ofoTrwxDaA7K9I0dysSwp5BXjk1x0vRzS7d6JpuoGrq0PsaHCoGws016g8AuN0hzQoz84a6tAEZyBdZI3oxSoyWk9ksY0A1h2rBKPYeQGiij7%2F3%2BY%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=604800, s-maxage=43200
cf-ray
743711fd094c8fc5-FRA
apstag.js
c.amazon-adsystem.com/aax2/ 		161 KB
41 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/aax2/apstag.js
Requested by
Host: ecdn.firstimpression.io
URL: https://ecdn.firstimpression.io/fi_client.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.14.70 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-14-70.vie50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
a17bf5a5e1a1e1c69faa10ec7a45118181b51ca287bb2374c32798eff7edbb09

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.publinews.gt/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

x-amz-server-side-encryption
AES256
date
Wed, 31 Aug 2022 15:41:54 GMT
via
1.1 8eee0c5143f92bd7600d25e3dc25ce5e.cloudfront.net (CloudFront), 1.1 95c9d51ed7176777d7ac8ca8cb233696.cloudfront.net (CloudFront)
last-modified
Thu, 25 Aug 2022 16:04:10 GMT
server
AmazonS3
age
2069
etag
W/"a702d6a9b82e18143638cd1f28cbb7a1"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
public, max-age=3600
x-amz-cf-pop
FRA60-P1, VIE50-C2
content-encoding
gzip
x-amz-cf-id
hTsr36p7NwTCTQ9S7XLhcJs5upztwdzLzCckeepoK4d3aa8kHRBZyQ==
integrator.js
adservice.google.de/adsid/ 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=www.publinews.gt
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022082501.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.publinews.gt/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 31 Aug 2022 16:16:22 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=www.publinews.gt
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022082501.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.publinews.gt/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 31 Aug 2022 16:16:22 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ 		26 KB
11 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=370390444806995&correlator=226001996987965&eid=31069126%2C31062931&output=ldjh&gdfp_req=1&vrg=2022082501&ptt=17&impl=fif&iu_parts=168615172%2CGT_PN%2Cad_300x250_3&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=300x250%7C300x400%7C300x600%7C320x320&ifi=7&adks=3649687490&sfv=1-0-38&fsapi=false&sc=1&cookie=ID%3D3e919791225ba04a-22279d160fce002a%3AT%3D1661962582%3AS%3DALNI_Ma962-5CeT1YBQGE3h12GnrP9tFJQ&abxe=1&dt=1661962582538&lmt=1661962582&dlt=1661962581641&idt=513&adxs=1148&adys=2816&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=2&ucis=6&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fwww.publinews.gt%2Fgt%2F&frm=20&vis=1&psz=332x28&msz=332x28&fws=0&ohw=0&psts=AEC3cPJxP7lRRJY5ElFBgoyERqWx7OwauXNXxj0c4ue21MwScE6-qdJ026_5QdVbW13FYR2uyTbCeyisl8holVGjXklz7Q&ga_vid=691347407.1661962582&ga_sid=1661962582&ga_hid=1812898241&ga_fc=true
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022082501.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
954f97dde16392f43d94a1ad9bf2bac9829f0fc74fd2fbd4fab7ed674b6426b7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.publinews.gt/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Wed, 31 Aug 2022 16:16:23 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11442
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.publinews.gt
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
centinelas-oracion-juventud-congreso-6-187x140.jpg
static.publinews.gt/2022/08/
Redirect Chain
  • https://www.publinews.gt/gt/wp-content/uploads/2022/08/centinelas-oracion-juventud-congreso-6-187x140.jpg
  • https://static.publinews.gt/2022/08/centinelas-oracion-juventud-congreso-6-187x140.jpg
10 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.publinews.gt/2022/08/centinelas-oracion-juventud-congreso-6-187x140.jpg
Requested by
Host: www.publinews.gt
URL: https://www.publinews.gt/gt/
Protocol
HTTP/1.1
Server
49.12.125.168 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.168.125.12.49.clients.your-server.de
Software
nginx/1.20.1 /
Resource Hash
11c06de8ef1ec20c136bdfdd382c33b766a571ab8054d1ac9986c3ad153e9514

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.publinews.gt/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

Date
Wed, 31 Aug 2022 16:16:22 GMT
Last-Modified
Tue, 30 Aug 2022 18:42:27 GMT
Server
nginx/1.20.1
ETag
"630e5a13-283b"
Content-Type
image/jpeg
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
10299

Redirect headers

Location
https://static.publinews.gt/2022/08/centinelas-oracion-juventud-congreso-6-187x140.jpg
Date
Wed, 31 Aug 2022 16:16:22 GMT
Server
nginx/1.20.1
Connection
keep-alive
Content-Length
169
Content-Type
text/html
nina-muere-golpeada-granizo-tormenta-espana-publinews-300x168.jpeg
static.publinews.gt/2022/08/
Redirect Chain
  • https://www.publinews.gt/gt/wp-content/uploads/2022/08/nina-muere-golpeada-granizo-tormenta-espana-publinews-300x168.jpeg
  • https://static.publinews.gt/2022/08/nina-muere-golpeada-granizo-tormenta-espana-publinews-300x168.jpeg
18 KB
18 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.publinews.gt/2022/08/nina-muere-golpeada-granizo-tormenta-espana-publinews-300x168.jpeg
Requested by
Host: www.publinews.gt
URL: https://www.publinews.gt/gt/
Protocol
HTTP/1.1
Server
49.12.125.168 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.168.125.12.49.clients.your-server.de
Software
nginx/1.20.1 /
Resource Hash
0b1e3fa98eb243884f760147e9304bc32541d99e61a4382e3cdc66f2a9121abb

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.publinews.gt/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

Date
Wed, 31 Aug 2022 16:16:22 GMT
Last-Modified
Wed, 31 Aug 2022 13:42:31 GMT
Server
nginx/1.20.1
ETag
"630f6547-4856"
Content-Type
image/jpeg
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
18518

Redirect headers

Location
https://static.publinews.gt/2022/08/nina-muere-golpeada-granizo-tormenta-espana-publinews-300x168.jpeg
Date
Wed, 31 Aug 2022 16:16:22 GMT
Server
nginx/1.20.1
Connection
keep-alive
Content-Length
169
Content-Type
text/html
murio-expresidente-sovietico-mijail-gorbachov-publinews-187x140.jpg
static.publinews.gt/2022/08/
Redirect Chain
  • https://www.publinews.gt/gt/wp-content/uploads/2022/08/murio-expresidente-sovietico-mijail-gorbachov-publinews-187x140.jpg
  • https://static.publinews.gt/2022/08/murio-expresidente-sovietico-mijail-gorbachov-publinews-187x140.jpg
6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.publinews.gt/2022/08/murio-expresidente-sovietico-mijail-gorbachov-publinews-187x140.jpg
Requested by
Host: www.publinews.gt
URL: https://www.publinews.gt/gt/
Protocol
HTTP/1.1
Server
49.12.125.168 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.168.125.12.49.clients.your-server.de
Software
nginx/1.20.1 /
Resource Hash
fa9aefda737b61a1b83c8ee9fcbd6ea14c2a61f48ee6d6bdaf1531fd96afa714

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.publinews.gt/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

Date
Wed, 31 Aug 2022 16:16:22 GMT
Last-Modified
Tue, 30 Aug 2022 21:12:27 GMT
Server
nginx/1.20.1
ETag
"630e7d3b-1606"
Content-Type
image/jpeg
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
5638

Redirect headers

Location
https://static.publinews.gt/2022/08/murio-expresidente-sovietico-mijail-gorbachov-publinews-187x140.jpg
Date
Wed, 31 Aug 2022 16:16:22 GMT
Server
nginx/1.20.1
Connection
keep-alive
Content-Length
169
Content-Type
text/html
murio-camilo-guevara-march-hijo-che-guevara-publinews-187x140.png
static.publinews.gt/2022/08/
Redirect Chain
  • https://www.publinews.gt/gt/wp-content/uploads/2022/08/murio-camilo-guevara-march-hijo-che-guevara-publinews-187x140.png
  • https://static.publinews.gt/2022/08/murio-camilo-guevara-march-hijo-che-guevara-publinews-187x140.png
33 KB
34 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.publinews.gt/2022/08/murio-camilo-guevara-march-hijo-che-guevara-publinews-187x140.png
Requested by
Host: www.publinews.gt
URL: https://www.publinews.gt/gt/
Protocol
HTTP/1.1
Server
49.12.125.168 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.168.125.12.49.clients.your-server.de
Software
nginx/1.20.1 /
Resource Hash
20105a9ea23b5e61401fa1f3fbf846c4ecdfc5544a8094b98e07fc0e610fe91f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.publinews.gt/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

Date
Wed, 31 Aug 2022 16:16:22 GMT
Last-Modified
Tue, 30 Aug 2022 13:20:16 GMT
Server
nginx/1.20.1
ETag
"630e0e90-85f1"
Content-Type
image/png
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
34289

Redirect headers

Location
https://static.publinews.gt/2022/08/murio-camilo-guevara-march-hijo-che-guevara-publinews-187x140.png
Date
Wed, 31 Aug 2022 16:16:22 GMT
Server
nginx/1.20.1
Connection
keep-alive
Content-Length
169
Content-Type
text/html
murio-hombre-mas-solitario-mundo-amazonia-brasilena-publinews-187x140.png
static.publinews.gt/2022/08/
Redirect Chain
  • https://www.publinews.gt/gt/wp-content/uploads/2022/08/murio-hombre-mas-solitario-mundo-amazonia-brasilena-publinews-187x140.png
  • https://static.publinews.gt/2022/08/murio-hombre-mas-solitario-mundo-amazonia-brasilena-publinews-187x140.png
46 KB
46 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.publinews.gt/2022/08/murio-hombre-mas-solitario-mundo-amazonia-brasilena-publinews-187x140.png
Requested by
Host: www.publinews.gt
URL: https://www.publinews.gt/gt/
Protocol
HTTP/1.1
Server
49.12.125.168 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.168.125.12.49.clients.your-server.de
Software
nginx/1.20.1 /
Resource Hash
4f790ff3954d68b63058e55090a0342c4da8553f87b82bf1bb1863e0fb889543

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.publinews.gt/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

Date
Wed, 31 Aug 2022 16:16:22 GMT
Last-Modified
Mon, 29 Aug 2022 22:21:55 GMT
Server
nginx/1.20.1
ETag
"630d3c03-b626"
Content-Type
image/png
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
46630

Redirect headers

Location
https://static.publinews.gt/2022/08/murio-hombre-mas-solitario-mundo-amazonia-brasilena-publinews-187x140.png
Date
Wed, 31 Aug 2022 16:16:22 GMT
Server
nginx/1.20.1
Connection
keep-alive
Content-Length
169
Content-Type
text/html
soldado-ruso-que-muestra-el-cra%CC%81neo-de-un-ucraniano-300x300.jpg
static.publinews.gt/2022/08/
Redirect Chain
  • https://www.publinews.gt/gt/wp-content/uploads/2022/08/soldado-ruso-que-muestra-el-cra%CC%81neo-de-un-ucraniano-300x300.jpg
  • https://static.publinews.gt/2022/08/soldado-ruso-que-muestra-el-cra%CC%81neo-de-un-ucraniano-300x300.jpg
16 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.publinews.gt/2022/08/soldado-ruso-que-muestra-el-cra%CC%81neo-de-un-ucraniano-300x300.jpg
Requested by
Host: www.publinews.gt
URL: https://www.publinews.gt/gt/
Protocol
HTTP/1.1
Server
49.12.125.168 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.168.125.12.49.clients.your-server.de
Software
nginx/1.20.1 /
Resource Hash
4f5d84442beb96eed73c1fe4d54cb86b3ad4ba90b041c1c44e4f314d7ad9e1bd

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.publinews.gt/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

Date
Wed, 31 Aug 2022 16:16:22 GMT
Last-Modified
Mon, 29 Aug 2022 18:49:54 GMT
Server
nginx/1.20.1
ETag
"630d0a52-3fbd"
Content-Type
image/jpeg
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
16317

Redirect headers

Location
https://static.publinews.gt/2022/08/soldado-ruso-que-muestra-el-cra%CC%81neo-de-un-ucraniano-300x300.jpg
Date
Wed, 31 Aug 2022 16:16:22 GMT
Server
nginx/1.20.1
Connection
keep-alive
Content-Length
169
Content-Type
text/html
view
securepubads.g.doubleclick.net/pcs/ Frame A312 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvsLipzZbE3abRgIYwgbFA2FuGsqZclKPhq2-cQhi4T_GYN8mRtV46Ra3JGvSdUA2ssweyjXe2qZGwKD9gP09sui3LRCaN7VQzFIP5RBkSzCvhGGtgXWL-PrOi6ys8JGBnj3GL31xd6NBrFtVm0G_P06al0rpXhCl0lLoXmFApLXUhROxCAijExQkx19yKVNePUPUs1yd-RwM6Tk6e7ESDBle-_40TQIYs5KkoddH_nnr3Jx3Y8sqlUu4ZivprNnYEnyNSbsWlgNNZRjw8X8PIWioVVKWQce9UCUS3_unTgB5EMXaUnke-KvrqAG5kndvUppKZFVHNb253C&sai=AMfl-YTL-IkJCjjNaSWZlgIg11BF_uyASLwd-LggiKYAkI3N6ZDs6THJbm8D60kCBPJnsd9BFzPVBo2wFDrLxZkuXqjkVW4WodmUPuym53jNWf_9FiZlVzJzd9QxDRKqSrAdiw&sig=Cg0ArKJSzGUR0PbmxNkgEAE&uach_m=[UACH]&urlfix=1&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.publinews.gt/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 31 Aug 2022 16:16:22 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
expires
Wed, 31 Aug 2022 16:16:22 GMT
truncated
/ Frame A312 		208 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
9ac3b4df4215fce9a40d11a8d3f41ae2618214f7cf732e63b0006a9ee5c68e4d

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

Content-Type
image/png
aplazan-lanzamiento-mision-artemis-i-nasa-problema-motor-publinews-187x140.png
static.publinews.gt/2022/08/
Redirect Chain
  • https://www.publinews.gt/gt/wp-content/uploads/2022/08/aplazan-lanzamiento-mision-artemis-i-nasa-problema-motor-publinews-187x140.png
  • https://static.publinews.gt/2022/08/aplazan-lanzamiento-mision-artemis-i-nasa-problema-motor-publinews-187x140.png
41 KB
42 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.publinews.gt/2022/08/aplazan-lanzamiento-mision-artemis-i-nasa-problema-motor-publinews-187x140.png
Requested by
Host: www.publinews.gt
URL: https://www.publinews.gt/gt/
Protocol
HTTP/1.1
Server
49.12.125.168 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.168.125.12.49.clients.your-server.de
Software
nginx/1.20.1 /
Resource Hash
47f0d2d106e5abe1a5aa5f092d8d1d09dff436c1dfc4b47f2a944b66b9792311

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.publinews.gt/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

Date
Wed, 31 Aug 2022 16:16:22 GMT
Last-Modified
Mon, 29 Aug 2022 13:09:07 GMT
Server
nginx/1.20.1
ETag
"630cba73-a5d7"
Content-Type
image/png
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
42455

Redirect headers

Location
https://static.publinews.gt/2022/08/aplazan-lanzamiento-mision-artemis-i-nasa-problema-motor-publinews-187x140.png
Date
Wed, 31 Aug 2022 16:16:22 GMT
Server
nginx/1.20.1
Connection
keep-alive
Content-Length
169
Content-Type
text/html
debate-presidencial-bolsonaro-lula-187x140.jpg
static.publinews.gt/2022/08/
Redirect Chain
  • https://www.publinews.gt/gt/wp-content/uploads/2022/08/debate-presidencial-bolsonaro-lula-187x140.jpg
  • https://static.publinews.gt/2022/08/debate-presidencial-bolsonaro-lula-187x140.jpg
9 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.publinews.gt/2022/08/debate-presidencial-bolsonaro-lula-187x140.jpg
Requested by
Host: www.publinews.gt
URL: https://www.publinews.gt/gt/
Protocol
HTTP/1.1
Server
49.12.125.168 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.168.125.12.49.clients.your-server.de
Software
nginx/1.20.1 /
Resource Hash
dfaf8d73be470252fc6dd20cfccda6c98ed6d6503cf0ba944ec4b6482820b2b8

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.publinews.gt/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

Date
Wed, 31 Aug 2022 16:16:22 GMT
Last-Modified
Mon, 29 Aug 2022 05:17:28 GMT
Server
nginx/1.20.1
ETag
"630c4be8-223f"
Content-Type
image/jpeg
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
8767

Redirect headers

Location
https://static.publinews.gt/2022/08/debate-presidencial-bolsonaro-lula-187x140.jpg
Date
Wed, 31 Aug 2022 16:16:22 GMT
Server
nginx/1.20.1
Connection
keep-alive
Content-Length
169
Content-Type
text/html
hillary-clinton-187x140.jpg
static.publinews.gt/2022/08/
Redirect Chain
  • https://www.publinews.gt/gt/wp-content/uploads/2022/08/hillary-clinton-187x140.jpg
  • https://static.publinews.gt/2022/08/hillary-clinton-187x140.jpg
6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.publinews.gt/2022/08/hillary-clinton-187x140.jpg
Requested by
Host: www.publinews.gt
URL: https://www.publinews.gt/gt/
Protocol
HTTP/1.1
Server
49.12.125.168 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.168.125.12.49.clients.your-server.de
Software
nginx/1.20.1 /
Resource Hash
390eedd6493a1a6fcbc79bbdf9dbaa97af9dc20ae608746e18f2d541378b5d91

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.publinews.gt/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

Date
Wed, 31 Aug 2022 16:16:22 GMT
Last-Modified
Mon, 29 Aug 2022 00:48:10 GMT
Server
nginx/1.20.1
ETag
"630c0cca-17c8"
Content-Type
image/jpeg
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
6088

Redirect headers

Location
https://static.publinews.gt/2022/08/hillary-clinton-187x140.jpg
Date
Wed, 31 Aug 2022 16:16:22 GMT
Server
nginx/1.20.1
Connection
keep-alive
Content-Length
169
Content-Type
text/html
Al-menos-12-heridos-dejo%CC%81-un-accidente-en-una-montan%CC%83a-rusa-300x168.jpg
static.publinews.gt/2022/08/
Redirect Chain
  • https://www.publinews.gt/gt/wp-content/uploads/2022/08/Al-menos-12-heridos-dejo%CC%81-un-accidente-en-una-montan%CC%83a-rusa-300x168.jpg
  • https://static.publinews.gt/2022/08/Al-menos-12-heridos-dejo%CC%81-un-accidente-en-una-montan%CC%83a-rusa-300x168.jpg
10 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.publinews.gt/2022/08/Al-menos-12-heridos-dejo%CC%81-un-accidente-en-una-montan%CC%83a-rusa-300x168.jpg
Requested by
Host: www.publinews.gt
URL: https://www.publinews.gt/gt/
Protocol
HTTP/1.1
Server
49.12.125.168 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.168.125.12.49.clients.your-server.de
Software
nginx/1.20.1 /
Resource Hash
6e24d3527c0d9bebc03ee87d68544d0543471a2da12361beaa3729b2ba16beee

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.publinews.gt/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

Date
Wed, 31 Aug 2022 16:16:22 GMT
Last-Modified
Sat, 27 Aug 2022 15:47:11 GMT
Server
nginx/1.20.1
ETag
"630a3c7f-2766"
Content-Type
image/jpeg
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
10086

Redirect headers

Location
https://static.publinews.gt/2022/08/Al-menos-12-heridos-dejo%CC%81-un-accidente-en-una-montan%CC%83a-rusa-300x168.jpg
Date
Wed, 31 Aug 2022 16:16:22 GMT
Server
nginx/1.20.1
Connection
keep-alive
Content-Length
169
Content-Type
text/html
ga-audiences
www.google.com/ads/ 		42 B
501 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-90285-12&cid=691347407.1661962582&jid=1372708339&_u=aADAAUABAAAAAC~&z=1620197991
Requested by
Host: www.publinews.gt
URL: https://www.publinews.gt/gt/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.publinews.gt/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 31 Aug 2022 16:16:22 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.de/ads/ 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-90285-12&cid=691347407.1661962582&jid=1372708339&_u=aADAAUABAAAAAC~&z=1620197991
Requested by
Host: www.publinews.gt
URL: https://www.publinews.gt/gt/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.publinews.gt/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 31 Aug 2022 16:16:22 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.com/ads/ 		42 B
107 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-53456215-1&cid=691347407.1661962582&jid=1464853756&_u=YADAAUAAAAAAAC~&z=238233200
Requested by
Host: www.publinews.gt
URL: https://www.publinews.gt/gt/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.publinews.gt/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 31 Aug 2022 16:16:22 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.de/ads/ 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-53456215-1&cid=691347407.1661962582&jid=1464853756&_u=YADAAUAAAAAAAC~&z=238233200
Requested by
Host: www.publinews.gt
URL: https://www.publinews.gt/gt/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.publinews.gt/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 31 Aug 2022 16:16:22 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.com/ads/ 		42 B
107 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-90285-12&cid=691347407.1661962582&jid=2021830352&_u=YADAAUABAAAAAC~&z=1905889365
Requested by
Host: www.publinews.gt
URL: https://www.publinews.gt/gt/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.publinews.gt/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 31 Aug 2022 16:16:22 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.de/ads/ 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-90285-12&cid=691347407.1661962582&jid=2021830352&_u=YADAAUABAAAAAC~&z=1905889365
Requested by
Host: www.publinews.gt
URL: https://www.publinews.gt/gt/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.publinews.gt/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 31 Aug 2022 16:16:22 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
Enabler.js
s0.2mdn.net/ads/studio/ Frame 713B 		136 KB
46 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/ads/studio/Enabler.js
Requested by
Host: ads.emisorasunidas.com
URL: https://ads.emisorasunidas.com/2022/08/upa/layerdk/index.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
bf6ec42c97f86957a324a484a37dd528b568a9ff2570965be53e6ec4b0dfdae2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.emisorasunidas.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Wed, 31 Aug 2022 16:01:33 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
889
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
46978
x-xss-protection
0
last-modified
Mon, 06 Jun 2022 19:45:39 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=900
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 31 Aug 2022 16:16:33 GMT
ga-audiences
www.google.com/ads/ 		42 B
107 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-53456215-1&cid=691347407.1661962582&jid=2095589435&_u=YADAAUABAAAAAC~&z=875576400
Requested by
Host: www.publinews.gt
URL: https://www.publinews.gt/gt/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.publinews.gt/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 31 Aug 2022 16:16:22 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.de/ads/ 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-53456215-1&cid=691347407.1661962582&jid=2095589435&_u=YADAAUABAAAAAC~&z=875576400
Requested by
Host: www.publinews.gt
URL: https://www.publinews.gt/gt/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.publinews.gt/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 31 Aug 2022 16:16:22 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
Enabler.js
s0.2mdn.net/ads/studio/ Frame 90CA 		136 KB
46 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/ads/studio/Enabler.js
Requested by
Host: ads.emisorasunidas.com
URL: https://ads.emisorasunidas.com/2022/08/upa/layerdk/index.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
bf6ec42c97f86957a324a484a37dd528b568a9ff2570965be53e6ec4b0dfdae2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.emisorasunidas.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Wed, 31 Aug 2022 16:01:33 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
889
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
46978
x-xss-protection
0
last-modified
Mon, 06 Jun 2022 19:45:39 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=900
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 31 Aug 2022 16:16:33 GMT
cookie.js
partner.googleadservices.com/gampad/ 		12 B
476 B 		Script
General
Check archive.org
Download Go to
Full URL
https://partner.googleadservices.com/gampad/cookie.js?domain=www.publinews.gt&callback=_gfp_s_&client=ca-pub-6383764698994707&cookie=ID%3D3e919791225ba04a-22279d160fce002a%3AT%3D1661962582%3AS%3DALNI_Ma962-5CeT1YBQGE3h12GnrP9tFJQ
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202208250101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-6383764698994707&plah=www.publinews.gt&bust=31069217
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
cafe /
Resource Hash
daa795332e5dbcf893adf2d5f3349f02b8c1cb957ff3b5f4c11b742e33c3376f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.publinews.gt/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Wed, 31 Aug 2022 16:16:22 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
text/javascript; charset=UTF-8
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
32
x-xss-protection
0
gen_204
pagead2.googlesyndication.com/pagead/ 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=ach_evt&url=https%3A%2F%2Fwww.publinews.gt%2Fgt%2F&tn=IFRAME&id=google_ads_iframe_%2F168615172%2FGT_PN%2Fad_layer_1&ign=false&pw=1600&ph=1200&x=0&y=69.6
Requested by
Host: www.publinews.gt
URL: https://www.publinews.gt/gt/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.publinews.gt/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 31 Aug 2022 16:16:22 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
googleads.g.doubleclick.net/pagead/ Frame 9D06 		0
16 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6383764698994707&output=html&adk=1812271804&adf=1573534164&lmt=1661962582&plat=2%3A16777216%2C9%3A32904%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fwww.publinews.gt%2Fgt%2F&ea=0&pra=5&wgl=1&easpf=1&easpi=0&asntp=0&asntpv=0&asntpl=0&asntpm=0&asntpc=0&asna=0&asnd=0&asnp=0&asns=0&asmat=1&asptt=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1661962582246&bpp=4&bdt=605&idt=385&shv=r20220829&mjsv=m202208250101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D3e919791225ba04a-22279d160fce002a%3AT%3D1661962582%3AS%3DALNI_Ma962-5CeT1YBQGE3h12GnrP9tFJQ&nras=1&correlator=7758249439997&frm=20&pv=2&ga_vid=691347407.1661962582&ga_sid=1661962582&ga_hid=1812898241&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31069217%2C44772915%2C31062931&oid=2&pvsid=370390444806995&tmod=117887328&uas=0&nvt=1&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=4&uci=a!4&fsb=1&dtd=398
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202208250101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-6383764698994707&plah=www.publinews.gt&bust=31069217
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.publinews.gt/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Wed, 31 Aug 2022 16:16:22 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
Enabler.js
s0.2mdn.net/ads/studio/ Frame 0295 		136 KB
46 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/ads/studio/Enabler.js
Requested by
Host: ads.emisorasunidas.com
URL: https://ads.emisorasunidas.com/2022/08/upa/layerdk/index.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
bf6ec42c97f86957a324a484a37dd528b568a9ff2570965be53e6ec4b0dfdae2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.emisorasunidas.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Wed, 31 Aug 2022 16:01:33 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
889
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
46978
x-xss-protection
0
last-modified
Mon, 06 Jun 2022 19:45:39 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=900
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 31 Aug 2022 16:16:33 GMT
ads
googleads.g.doubleclick.net/pagead/ Frame ADB5 		94 KB
34 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6383764698994707&output=html&h=280&slotname=3742502606&adk=174841845&adf=2764318805&pi=t.ma~as.3742502606&w=1200&fwrn=4&fwrnh=100&lmt=1661962582&rafmt=1&psa=0&format=1200x280&url=https%3A%2F%2Fwww.publinews.gt%2Fgt%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1661962582593&bpp=3&bdt=951&idt=79&shv=r20220829&mjsv=m202208250101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D3e919791225ba04a-22279d160fce002a%3AT%3D1661962582%3AS%3DALNI_Ma962-5CeT1YBQGE3h12GnrP9tFJQ&prev_fmts=0x0&nras=1&correlator=7758249439997&frm=20&pv=1&ga_vid=691347407.1661962582&ga_sid=1661962582&ga_hid=1812898241&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=120&ady=3882&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31069217%2C44772915%2C31062931&oid=2&pvsid=370390444806995&tmod=117887328&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7ClEebr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=8&uci=a!8&btvi=1&fsb=1&xpc=g4YKPmXyTo&p=https%3A//www.publinews.gt&dtd=86
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202208250101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-6383764698994707&plah=www.publinews.gt&bust=31069217
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
f6a08d53625a5fe2a1cc8019a09fb0cb612b0970b24a33dedde2a87bbef16b6a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.publinews.gt/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-encoding
br
content-length
34819
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Wed, 31 Aug 2022 16:16:23 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
container.html
b646121064d0d0dec321ab1288f34722.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 2295 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://b646121064d0d0dec321ab1288f34722.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022082501.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.publinews.gt/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, immutable, max-age=31536000
content-encoding
gzip
content-length
3108
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Wed, 31 Aug 2022 16:16:22 GMT
expires
Thu, 31 Aug 2023 16:16:22 GMT
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
paperBG.png
static.publinews.gt/2020/06/ 		102 KB
102 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.publinews.gt/2020/06/paperBG.png
Requested by
Host: www.publinews.gt
URL: https://www.publinews.gt/gt/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
49.12.125.168 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.168.125.12.49.clients.your-server.de
Software
nginx/1.20.1 /
Resource Hash
a61a648444a16a41ef29c2f3ce95053de667e244321323ea9a669c35768e0397

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.publinews.gt/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

Date
Wed, 31 Aug 2022 16:16:22 GMT
Last-Modified
Mon, 29 Jun 2020 04:48:55 GMT
Server
nginx/1.20.1
ETag
"5ef972b7-19897"
Content-Type
image/png
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
104599
publinews.gt.1129387.es6.js
jsc.mgid.com/p/u/ 		265 KB
76 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://jsc.mgid.com/p/u/publinews.gt.1129387.es6.js
Requested by
Host: jsc.mgid.com
URL: https://jsc.mgid.com/p/u/publinews.gt.1129387.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:1::6813:884e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ba2509a2b7e125a486a751d0f50e1be8319240ba60a66e6612c6daf4c0525688

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.publinews.gt/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Wed, 31 Aug 2022 16:16:22 GMT
content-encoding
br
cf-cache-status
HIT
age
4578
cf-polished
origSize=271107
last-modified
Wed, 24 Aug 2022 10:13:54 GMT
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id
P4PQWXDPCYZCA200
x-amz-id-2
FuWvR2CFIaa7lbS0m73WLL8UnL4HYba6HU86LX4Cv85APGjejzd+AKCGTgoalOLBGQzjWe9JyMw=
cf-bgj
minify
server
cloudflare
etag
W/"e56936ed2e96b92878eb01574ed8f167"
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=10800
x-amz-version-id
Q.vPtjYAtwJqV21e2jT0qb5RFEuHBqH3
cf-ray
743711fe3e989b37-FRA
expires
Wed, 31 Aug 2022 19:16:22 GMT
opinion-fondo.jpg
static.publinews.gt/2020/06/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.publinews.gt/2020/06/opinion-fondo.jpg
Requested by
Host: www.publinews.gt
URL: https://www.publinews.gt/gt/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
49.12.125.168 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.168.125.12.49.clients.your-server.de
Software
nginx/1.20.1 /
Resource Hash
142285bd07a14ae41f00f7a4abfb34d050e788f6d64e3935fda159cef378acab

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.publinews.gt/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

Date
Wed, 31 Aug 2022 16:16:22 GMT
Last-Modified
Mon, 29 Jun 2020 01:14:06 GMT
Server
nginx/1.20.1
ETag
"5ef9405e-e83"
Content-Type
image/jpeg
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
3715
integrator.js
adservice.google.de/adsid/ 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=www.publinews.gt
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022082501.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.publinews.gt/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 31 Aug 2022 16:16:22 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=www.publinews.gt
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022082501.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.publinews.gt/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 31 Aug 2022 16:16:22 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ 		407 B
245 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=370390444806995&correlator=226001996987965&eid=31069126%2C31062931&output=ldjh&gdfp_req=1&vrg=2022082501&ptt=17&impl=fif&iu_parts=168615172%2CGT_PN%2Cad_footer&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=1x1&ifi=12&adks=27636735&sfv=1-0-38&ists=1&fsapi=false&sc=1&cookie=ID%3Dd1c1db6dc49d7b38-2287b5ce0ece00c8%3AT%3D1661962582%3AS%3DALNI_MZZ4JngTSL-bVGDckGo9JbZtrqT_A&abxe=1&dt=1661962582781&lmt=1661962582&dlt=1661962581641&idt=513&adxs=0&adys=10774&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=3&ucis=7&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fwww.publinews.gt%2Fgt%2F&frm=20&vis=1&psz=1600x10765&msz=1600x0&fws=0&ohw=0&psts=AEC3cPJxP7lRRJY5ElFBgoyERqWx7OwauXNXxj0c4ue21MwScE6-qdJ026_5QdVbW13FYR2uyTbCeyisl8holVGjXklz7Q&ga_vid=691347407.1661962582&ga_sid=1661962582&ga_hid=1812898241&ga_fc=true
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022082501.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
2aef819cd6a586c7ec28cec5572a182ef761a4103425ef0e9c9eec0a827ca05e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.publinews.gt/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Wed, 31 Aug 2022 16:16:23 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
216
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.publinews.gt
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		405 B
244 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=370390444806995&correlator=226001996987965&eid=31069126%2C31062931&output=ldjh&gdfp_req=1&vrg=2022082501&ptt=17&impl=fif&iu_parts=168615172%2CGT_PN%2Cad_skin&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=1x1%7C4x4&ifi=13&adks=3787344750&sfv=1-0-38&fsapi=false&sc=1&cookie=ID%3Dd1c1db6dc49d7b38-2287b5ce0ece00c8%3AT%3D1661962582%3AS%3DALNI_MZZ4JngTSL-bVGDckGo9JbZtrqT_A&abxe=1&dt=1661962582788&lmt=1661962582&dlt=1661962581641&idt=513&adxs=0&adys=10774&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=4&ucis=8&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fwww.publinews.gt%2Fgt%2F&frm=20&vis=1&psz=1600x10765&msz=1600x0&fws=0&ohw=0&psts=AEC3cPJxP7lRRJY5ElFBgoyERqWx7OwauXNXxj0c4ue21MwScE6-qdJ026_5QdVbW13FYR2uyTbCeyisl8holVGjXklz7Q&ga_vid=691347407.1661962582&ga_sid=1661962582&ga_hid=1812898241&ga_fc=true
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022082501.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8e18210d414061bf5c4e225f94e1bc4cb4ff600e156f91cf70f440ca1667e120
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.publinews.gt/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Wed, 31 Aug 2022 16:16:23 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
215
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.publinews.gt
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		408 B
245 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=370390444806995&correlator=226001996987965&eid=31069126%2C31062931&output=ldjh&gdfp_req=1&vrg=2022082501&ptt=17&impl=fif&iu_parts=168615172%2CGT_PN%2Cad_sponsor&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=120x40&ifi=14&adks=1143347988&sfv=1-0-38&fsapi=false&sc=1&cookie=ID%3Dd1c1db6dc49d7b38-2287b5ce0ece00c8%3AT%3D1661962582%3AS%3DALNI_MZZ4JngTSL-bVGDckGo9JbZtrqT_A&abxe=1&dt=1661962582795&lmt=1661962582&dlt=1661962581641&idt=513&adxs=0&adys=10774&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=5&ucis=9&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fwww.publinews.gt%2Fgt%2F&frm=20&vis=1&psz=1600x10765&msz=1600x0&fws=0&ohw=0&psts=AEC3cPJxP7lRRJY5ElFBgoyERqWx7OwauXNXxj0c4ue21MwScE6-qdJ026_5QdVbW13FYR2uyTbCeyisl8holVGjXklz7Q&ga_vid=691347407.1661962582&ga_sid=1661962582&ga_hid=1812898241&ga_fc=true
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022082501.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
0a1f4b0271bbf198f26519fc4862e6a2da9c6b6a98bcdd0d122caa637fbc7900
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.publinews.gt/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Wed, 31 Aug 2022 16:16:23 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
216
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.publinews.gt
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
truncated
/ 		68 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
5e89733d8a8e055100cda68bf7a712ab0e1b24fefee7e39792b47cb5ff7c3cb1

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

Content-Type
image/png
ads
securepubads.g.doubleclick.net/gampad/ 		411 B
251 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=370390444806995&correlator=226001996987965&eid=31069126%2C31062931&output=ldjh&gdfp_req=1&vrg=2022082501&ptt=17&impl=fif&iu_parts=168615172%2CGT_PN%2Cad_footer&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=320x100%7C970x100&ifi=15&adks=3733977308&sfv=1-0-38&fsapi=false&sc=1&cookie=ID%3Dd1c1db6dc49d7b38-2287b5ce0ece00c8%3AT%3D1661962582%3AS%3DALNI_MZZ4JngTSL-bVGDckGo9JbZtrqT_A&abxe=1&dt=1661962582827&lmt=1661962582&dlt=1661962581641&idt=513&adxs=640&adys=1095&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=a&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fwww.publinews.gt%2Fgt%2F&frm=20&vis=1&psz=1600x-1&msz=1600x-1&fws=512&ohw=0&psts=AEC3cPJxP7lRRJY5ElFBgoyERqWx7OwauXNXxj0c4ue21MwScE6-qdJ026_5QdVbW13FYR2uyTbCeyisl8holVGjXklz7Q&ga_vid=691347407.1661962582&ga_sid=1661962582&ga_hid=1812898241&ga_fc=true
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022082501.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
1531db6d549c592856d78d3f285bd13d876027abc063c73dd60e9252cf69f0de
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.publinews.gt/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Wed, 31 Aug 2022 16:16:23 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
222
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.publinews.gt
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
teads-format.min.js
a.teads.tv/media/format/v3/ 		600 KB
132 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://a.teads.tv/media/format/v3/teads-format.min.js
Requested by
Host: a.teads.tv
URL: https://a.teads.tv/page/82680/tag
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.18.232.7 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-232-7.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
99725e21800ccc55e79d462f475db2fec19f1c82057b6b5bc87bdfe5212927d4

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.publinews.gt/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

x-amz-server-side-encryption
AES256
date
Wed, 31 Aug 2022 16:16:22 GMT
content-encoding
br
last-modified
Tue, 23 Aug 2022 13:37:12 GMT
x-amz-request-id
61MWF8QNN3MKJCTE
etag
"64ef8a8414b0709762a104370ec0c6fc"
vary
Accept-Encoding
content-type
text/javascript;charset=utf-8
cache-control
private, must-revalidate, max-age=1800, no-transform
x-bucket
0
accept-ranges
bytes
content-length
134075
x-amz-id-2
S8AIPwXc9i8eukCl31hxa1Vjq+1amyt8CMrHeiDNlmnLEI299syiPbcgruHabqb/BFFOHnD9hhI=
expires
Wed, 31 Aug 2022 16:46:22 GMT
asyncspc.php
adserver.latinon.com/revive/www/delivery/ 		640 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://adserver.latinon.com/revive/www/delivery/asyncspc.php?zones=137&prefix=revive-0-&loc=https%3A%2F%2Fwww.publinews.gt%2Fgt%2F
Requested by
Host: adserver.latinon.com
URL: https://adserver.latinon.com/revive/www/delivery/asyncjs.php
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
64.227.27.145 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx /
Resource Hash
ee188e6af35c18a3acb711edca560bb12e0eb56128bccafdfbf0eb16d7bb4950
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.publinews.gt/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 31 Aug 2022 16:16:22 GMT
X-Content-Type-Options
nosniff
Server
nginx
Transfer-Encoding
chunked
P3P
CP="CUR ADM OUR NOR STA NID"
Access-Control-Allow-Origin
https://www.publinews.gt
Cache-Control
no-cache, no-store, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json
Keep-Alive
timeout=20
X-Xss-Protection
1; mode=block
Expires
0
widget_iframe.9d00f3a022654eb8edfbc3190e981f9d.html
platform.twitter.com/widgets/ Frame 30B1 		320 KB
104 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://platform.twitter.com/widgets/widget_iframe.9d00f3a022654eb8edfbc3190e981f9d.html?origin=https%3A%2F%2Fwww.publinews.gt
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (frb/6712) /
Resource Hash
8c0531412c543b9bd978e29acb8f5cf330db9891115d1e9924519d9a675b7b74

Request headers

Referer
https://www.publinews.gt/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Access-Control-Allow-Methods
GET
Access-Control-Allow-Origin
*
Age
37943
Cache-Control
public, max-age=315360000
Content-Encoding
gzip
Content-Length
105445
Content-Type
text/html; charset=utf-8
Date
Wed, 31 Aug 2022 16:16:22 GMT
Etag
"50d73c0b4a4c7e4697b9c6ac6f1ecd75+gzip"
Last-Modified
Mon, 15 Aug 2022 23:01:14 GMT
P3P
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server
ECS (frb/6712)
Server-Timing
x-cache;desc= HIT,x-tw-cdn;desc=VZ,edge;dur=1
Vary
Accept-Encoding
X-Cache
HIT
x-tw-cdn
VZ
post
tag.escalated.io/ 		31 B
464 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://tag.escalated.io/post
Requested by
Host: tag.escalated.io
URL: https://tag.escalated.io/?i=KxxajmhPPCsT&d=www.publinews.gt&type=display&cust=7934&sid=direct&c=&cust2=direct
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.78.253.158 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-78-253-158.eu-west-1.compute.amazonaws.com
Software
Apache /
Resource Hash
5c327b569f692955e64e65cc830aac27433c0c1ecbebf9036d60cc4012137929
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
Content-Type
text/plain

Response headers

Date
Wed, 31 Aug 2022 16:16:22 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Server
Apache
Vary
Accept-Encoding
Access-Control-Allow-Methods
POST, GET
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
*
Cache-Control
no-store
Connection
close
Access-Control-Allow-Headers
content-type
Content-Length
51
X-XSS-Protection
1; mode=block
/
www.publinews.gt/gt/ 		0
222 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.publinews.gt/gt/
Requested by
Host: www.publinews.gt
URL: https://www.publinews.gt/gt/wp-includes/js/jquery/jquery.min.js?ver=3.6.0
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
49.12.125.168 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.168.125.12.49.clients.your-server.de
Software
nginx/1.20.1 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 1; mode=block

Request headers

Accept
*/*
Referer
https://www.publinews.gt/gt/
X-Requested-With
XMLHttpRequest
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

Date
Wed, 31 Aug 2022 16:16:22 GMT
Cache-Control
max-age=15, s-maxage=0
Server
nginx/1.20.1
Connection
keep-alive
X-XSS-Protection
1; mode=block
Content-Type
text/html; charset=UTF-8
opinion-mariaace%C3%B1a.jpg
static.publinews.gt/2020/06/ 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.publinews.gt/2020/06/opinion-mariaace%C3%B1a.jpg
Requested by
Host: www.publinews.gt
URL: https://www.publinews.gt/gt/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
49.12.125.168 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.168.125.12.49.clients.your-server.de
Software
nginx/1.20.1 /
Resource Hash
a0aad236d91f8a4ccca9299f760e17fff3a18635872a6e38ae4900eead00cd38

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.publinews.gt/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

Date
Wed, 31 Aug 2022 16:16:22 GMT
Last-Modified
Mon, 29 Jun 2020 01:14:43 GMT
Server
nginx/1.20.1
ETag
"5ef94083-18a4"
Content-Type
image/jpeg
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
6308
opinion-josesanabria.jpg
static.publinews.gt/2020/06/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.publinews.gt/2020/06/opinion-josesanabria.jpg
Requested by
Host: www.publinews.gt
URL: https://www.publinews.gt/gt/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
49.12.125.168 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.168.125.12.49.clients.your-server.de
Software
nginx/1.20.1 /
Resource Hash
3f43187776cc2fd671ed841523cc7bfd3d8d4dc3c0a32e0ae3b1b84e32f6d871

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.publinews.gt/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

Date
Wed, 31 Aug 2022 16:16:22 GMT
Last-Modified
Mon, 29 Jun 2020 01:14:22 GMT
Server
nginx/1.20.1
ETag
"5ef9406e-1426"
Content-Type
image/jpeg
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
5158
opinion-giovannifratti.jpg
static.publinews.gt/2020/06/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.publinews.gt/2020/06/opinion-giovannifratti.jpg
Requested by
Host: www.publinews.gt
URL: https://www.publinews.gt/gt/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
49.12.125.168 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.168.125.12.49.clients.your-server.de
Software
nginx/1.20.1 /
Resource Hash
1adf337204d2f4cee5264b18e3212be7a93cd619c705e30bf89a3d27192b77f6

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.publinews.gt/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

Date
Wed, 31 Aug 2022 16:16:22 GMT
Last-Modified
Mon, 29 Jun 2020 01:14:17 GMT
Server
nginx/1.20.1
ETag
"5ef94069-1406"
Content-Type
image/jpeg
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
5126
opinion-default.jpg
static.publinews.gt/2020/06/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.publinews.gt/2020/06/opinion-default.jpg
Requested by
Host: www.publinews.gt
URL: https://www.publinews.gt/gt/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
49.12.125.168 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.168.125.12.49.clients.your-server.de
Software
nginx/1.20.1 /
Resource Hash
3be29565ed74ebe94b47d147f84748dc076566e4348c72db227ad8cf72a75f24

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.publinews.gt/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

Date
Wed, 31 Aug 2022 16:16:22 GMT
Last-Modified
Mon, 29 Jun 2020 01:13:59 GMT
Server
nginx/1.20.1
ETag
"5ef94057-11a7"
Content-Type
image/jpeg
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
4519
opinion-luisvalenzuela.jpg
static.publinews.gt/2020/06/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.publinews.gt/2020/06/opinion-luisvalenzuela.jpg
Requested by
Host: www.publinews.gt
URL: https://www.publinews.gt/gt/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
49.12.125.168 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.168.125.12.49.clients.your-server.de
Software
nginx/1.20.1 /
Resource Hash
8195ec559939a3299a302f8e0c182ba87ddc46b9d26de044d2b8b69fd412a645

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.publinews.gt/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

Date
Wed, 31 Aug 2022 16:16:22 GMT
Last-Modified
Mon, 29 Jun 2020 01:14:33 GMT
Server
nginx/1.20.1
ETag
"5ef94079-1358"
Content-Type
image/jpeg
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
4952
pixel
googleads.g.doubleclick.net/xbbe/ Frame D7D2 		624 B
299 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhCn9EsYkeKpXTAB&v=APEucNXRzBwmJfkTmy14Wy4dUm7-GVYubjbz9iVWeyITr1HW1s9o6a3kcFu5Ag73t2dQ7n8wwVaoKivh0X3Ls-ij1k0sYUcD6fit70MtgtTb0VK1gg9tZN-Dhm8FUt6NjEUvyK5GrxDT3nuWDto-kHoREV1D6LyxrzXX1zXUJxMa6EdixmJzWEY
Requested by
Host: b646121064d0d0dec321ab1288f34722.safeframe.googlesyndication.com
URL: https://b646121064d0d0dec321ab1288f34722.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://b646121064d0d0dec321ab1288f34722.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private
content-encoding
gzip
content-length
276
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Wed, 31 Aug 2022 16:16:23 GMT
expires
Wed, 31 Aug 2022 16:16:23 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
ad
googleads.g.doubleclick.net/dbm/ Frame 2295 		27 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-CRY3MRr-aGwPeLQMBFMkN4IqK9lkERsMvvxAvSxnhihdBz3S5us8FzSgu9ZrXxFfnh-RXlU-1IViwrJy8YWQNwsEtutB5mdxZXKA1WkJkosDHKXxmAefTiNU-DDNfu56OFDiSkuQFKlmfw0y8U_jz3vFuDjg&cry=1&dbm_d=AKAmf-Ch8BiMlSMs4LjxpjwQ9m49vZoQRu4-S-D_Zcn_3Rx88hBIr6J3BuhA0MJcLNtPjBgz23cqFaM1Pk9uH8ukBDwnxWIBkCe-hS9OJA5jwzSfwCLMSXhDnZxIgdAYaMgzbXp0foaVLAMtdIwgezVVp3BX_EQ8SLryW2cmsj_vtNanKJgY4QB-BcoOXXtRo-Ur8df2B-mWhQhPsDbNqoO8xDafhHEMae2JnLr6djZC4NKT5mvYrmyFGiHtApRLM6FZdKfeOX-W6X1O4-o4__ZuH-72vp4kFwmw6jZJP5RCdsf984LrEj2gH49bQmguigr4lFAIpNZoTWj3K36kwGKg6M1_FamQEfC50tDypNwJs8dfj3brnk1Hi6IxGoyx-vUz58artix5vegGgHR82mkMrz0Q4ui2h8F7MR0mObOZ1UTzgMs1HVkO_yBZXWZjnCGcpr8DLvcX01Jvk6dNd9p-BRw7chXVXTLxOwLpZSHrHQG8A8x4M0_ILVOXHg--9ucXtlzsfaLWzb7uBk4H_C3rPpX496tv7ZFGQHiHhy4htlz-Hmdc9iyKn_G4cM4kDhcpUrtCJrGSPt1chAaAX6oYLENX4C1b-t5pQygoaLgQv93q9Ov-WY0K2zZyk4u14Q6HlKDzeQ11TFXfmiGoXysEo4U4I7A5oDx80la2-5ycTvMHqFvq1fRHpWweywZjbZSedKiKZZHyJ7yQE46kjSBcmIaaOWcVWwUXmGpD5yUBKTyUDl8yNtoX_V-dWNY0M-hNbhiJWBc_O-PeD4cN5elorlAqd0yhumRFtXvbWPZh6jvFIwpS5EceMb4SbjMPk1_oSI1e3UtfomdANv6eS0s-7XqER72jIE40vqta71Ie7cksMAQW5OzdRV9d1LezTLYQxPdI3K3YFcisLYESIXra-vWv3399CD676zVK0ZO7QfOnVdXU2R7jJTVcL8tCNnsm1BOCigznjeJJgMRmPmI_FyIk_52pb5GB-qHm-jPw3KdrtscZHONwKqCin4UHbVAVLB2q2NY4zxrGFzdJY0RwXSVSKFDLUbElSfyCVNv8erNasIu100ytm7G9cLSfBYL2E7kbrq_JNtS7xDj2XSwcWnJYuK0VVStpB_5xGk-DdaSakopA7tRqL7gpp3J35vpG2LSbw5lBM7Nr91z34Pi56OJocqZx0DGVrRx0hTfCQIDCUat_12D8RfkRp9Cy8l23gmAeJtaIkPNgwV7qTU8a8cUXtoDJtzEHf8vFyjnGpm5lq6YJScibAfRWxx6Jp71FKjprPfktd8WU4vKngb6i43YG1N3oW3qYQ5rewTASsqE6NOCfu1_zui8sz-4JNHn0v-mx8ZL7OgIH7oIdDQoZtmIXbynq8VMulJI_7at1qfp9d3XJGt_seimN9Vm33D5-gpymwKTltBwr-e9PXs7R1DA_JMWMVP5Zsk1WCdcwoAvpIAosOGkUpu9AgMR8AfKs7JjsKJsKsZgUtqNsAF_smZaNzOkKegyX_wPuKH7Ys-i0THOkdEyzn7Zt_p601XdKkGodZ0Uba53GtZyEEF60OqsBPvWzYzU-L629UQtUmhCIPr7nmqumvyOUFs4gjAHaSrg0qKCsmLr2p9qo-mHySe1kiqAjEa7L7xP8NB8I1scWR_Kl4TQbQpBGyVDdy9pIjRDxjfL0fSSZjicHDlZauyhEGlkPdAIRrBbBtKPUgqsUpkjR-WgtctmiD8MfB9fc6H9PZDmi7BMDJctUel49XVsyRqV5uypC5UJM5TjBB0LPefUsesMS06XlRmoL6eFGXz2ngbbAf9PA61BA8SBLPEANmycxCuxLxBurbUHzNd2XG5on_m49y73dfhfyukcfwB3bnGeXPmFHoGALEQ7dukNoNre1kJmSloFtfrdpL4i-TA2hrMSki0fgiNTFIwrWCWOuDidmd2PIlGAzMKYzIw7puff90DDamVddUijZJnsKFjzpmngWAEZsUchBc52x4dM9-pqW3lEBS-4qMqkwYq0IkvEspsCrGiviluFssbTmYvTRj9wlpkVU9AlrYaOEJ0_kV6a7wfSUN5Y6y-V8pzNtttRsy_JCuenV71kvyDFfmFP49_L07GU11KHb1lvbNwMtMSITODDRLwYu1CvG_Sp_XruKGHyBWzGbBFTlzbK7ox7wHT4O-cdAfgU71rfT3k16DJVkytDgvXpUogQ0SC80C3cpiK_2DKklgd9-ujZmunq7SzCmMH29dK2qv_BI6wT-htk7Ghsefxevs3Ceo3qv8ymVFD4b2SrklPkElqn7jpXQiHFyEciAVAmv4O4PR2_f64jkp8f3InIaz_RWyO3w_OEDL9ZqT8SncWlm2eXt4pjVf-7TzF0jhl8EgbP1n2tbB5At3ldbKkFnzCe9iSHtECGbS0NiP8x6r-6et8mlaZsMXuP03NEkspuo1z2qFmsqWgRd19LLb63rKzfaPUbn8rGDhhvtuxmAnYU7ByVOEDmqOuPtpUJULNBB6YwWVaDE8nx2oZsSMSpG6CpLM_YFt0u2QfI68CqJIkNI48AY22v5LubRHYf8X7Sb0lrIvdvjc4R_mwSav25LXQC3gzQx18vjrv-6vTB7-qLvWdcT1nhSZXIrd7B5VvWkGpfr_gNz-VulnWT4az_yd49WRRpQLY5AR70bL-9riwPnsohgjYyrz7nsaX9wFEtfIo39TX5i9D9-LBviDB5sT_8P_Ul_9yT4YucGl601Svbqgj-fZZjL-5_rayP5MbKZeH6bJNZCuIE4NpT82yJeHil0RsWvgxoI-w2AwC0-yQa62PdrABcPoOpPVSyAnUHN7HpXWP76HUpL3T0p8P1CQ0QrxFyrwkCf7P9ChBJa5csHycdZwp3e-CqdAG5jQMIiSf42XG2F3lDc0VWANKsfZob91PWAD1jZkCDZUyCpvZAbLBUuPvMKyAoSibizppXBn4HNdmtTTs4qEVViQBPbmudCSycZkBXxY-9T0TTiFhRtMkoonX0wqeU-Fsm3MibbSG727GP8vby1qDIUvKkhvDKwCtRZgZ3BALv1EdpuM3uW78qufzEFTe2RjojE79tWpngM6H5dLEzI24NTAKu-LCcJ5LUFXQZXbvGIu5WoROvZIRj9X_isn6zCS7FlHQG-8sxmN7n8UY7yacKANN6VccXdyKCB9AQtpkd-BA7Ypk2E6WenUwX3oSYc9X96IxgFbUQ9SFuG5ojsmqI2-C6_FjZNDPDeBj8Dc7mtclvN1jTHkJ191LKT06X8ssr4VdoF3cz4iy4sfx_amp_AROB6-QCMWZtn13xLPMxL3B1BVbeSejt0_2yPEAAsPXTk4w5pSOGR1uuZBAERDsXrGfkodY5kb2RqtphVUsN-C5_nwzYYsV6Bi3yXPCCwaAROzOIVl3dGUroDTFGWDTjgaBzzB51Zz_sAQ9wo49cyEhY2Qmz4kFVKzce4ZWWZ3F6H_oChmUBpVWjLTR0KMXBLPMeMXwstBxkqMRo3kdrtGkV3izwzO2rs9FWB0dA&cid=CAASKORo1ZdXs_-CgFo2R_bb0sZPRHXa9aAQzmxP-9QWQw2TFSstvOX_I8s&rfl=1%2Chttps%253A%252F%252Fwww.publinews.gt%252F%240
Requested by
Host: www.publinews.gt
URL: https://www.publinews.gt/gt/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a6b60bb64b7adc84348f9e890becec9a80d9cdbd7f5f8f7914253bdaff835dc4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://b646121064d0d0dec321ab1288f34722.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 31 Aug 2022 16:16:22 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
16889
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 2295 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-DtHkjq_Ps8cntgmtxVj-lA0syu_8qeKdGO8xOPqHAas9oSMQ659beZVQy19wqM1x_fnKDNIRFotA8MRt6lHJ6JWn4m_tLd0eSO8IsGxDwivIHbT4Q
Requested by
Host: b646121064d0d0dec321ab1288f34722.safeframe.googlesyndication.com
URL: https://b646121064d0d0dec321ab1288f34722.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://b646121064d0d0dec321ab1288f34722.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 31 Aug 2022 16:16:22 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220829/r20110914/client/ Frame 2295 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220829/r20110914/client/window_focus_fy2021.js
Requested by
Host: b646121064d0d0dec321ab1288f34722.safeframe.googlesyndication.com
URL: https://b646121064d0d0dec321ab1288f34722.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://b646121064d0d0dec321ab1288f34722.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Wed, 31 Aug 2022 16:06:08 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
615
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1359
x-xss-protection
0
server
cafe
etag
1484984001845508991
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 14 Sep 2022 16:06:08 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220829/r20110914/client/ Frame 2295 		17 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220829/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: b646121064d0d0dec321ab1288f34722.safeframe.googlesyndication.com
URL: https://b646121064d0d0dec321ab1288f34722.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
57000ea03bfb53734d0858b8fe992e6742226f23f311eb0f9d2177e2a84a5621
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://b646121064d0d0dec321ab1288f34722.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Wed, 31 Aug 2022 16:13:04 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
199
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7599
x-xss-protection
0
server
cafe
etag
9215437806027971270
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 14 Sep 2022 16:13:04 GMT
l
www.google.com/ads/measurement/ Frame 2295 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaSXYgk04uDrL_J3_M53lLpqD7XZuv1db6HYiwKtbRG-c-CGvqCajhZW0EkN-0cL863UrmGJrXH_hNkHz5Pe5hI0k0vmUw
Requested by
Host: b646121064d0d0dec321ab1288f34722.safeframe.googlesyndication.com
URL: https://b646121064d0d0dec321ab1288f34722.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://b646121064d0d0dec321ab1288f34722.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 2295 		141 KB
44 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: b646121064d0d0dec321ab1288f34722.safeframe.googlesyndication.com
URL: https://b646121064d0d0dec321ab1288f34722.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3d94a91612f816c172c583d17bb06e140969a22fae663e7b8cae7d18d55eb2c6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://b646121064d0d0dec321ab1288f34722.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Wed, 31 Aug 2022 16:16:22 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
44757
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1661773661488070"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Wed, 31 Aug 2022 16:16:22 GMT
opinion-chechapaiz-150x150.jpg
static.publinews.gt/2020/06/
Redirect Chain
  • https://www.publinews.gt/gt/wp-content/uploads/2020/06/opinion-chechapaiz-150x150.jpg
  • https://static.publinews.gt/2020/06/opinion-chechapaiz-150x150.jpg
4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.publinews.gt/2020/06/opinion-chechapaiz-150x150.jpg
Requested by
Host: www.publinews.gt
URL: https://www.publinews.gt/gt/
Protocol
HTTP/1.1
Server
49.12.125.168 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.168.125.12.49.clients.your-server.de
Software
nginx/1.20.1 /
Resource Hash
6c25b976778ba4a030773a7897d64c44197eb5e393115ff8367c9d78aeffdc3c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.publinews.gt/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

Date
Wed, 31 Aug 2022 16:16:23 GMT
Last-Modified
Mon, 29 Jun 2020 04:38:44 GMT
Server
nginx/1.20.1
ETag
"5ef97054-10c0"
Content-Type
image/jpeg
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
4288

Redirect headers

Location
https://static.publinews.gt/2020/06/opinion-chechapaiz-150x150.jpg
Date
Wed, 31 Aug 2022 16:16:23 GMT
Server
nginx/1.20.1
Connection
keep-alive
Content-Length
169
Content-Type
text/html
opinion-giovannifratti.jpg
static.publinews.gt/2020/06/
Redirect Chain
  • https://www.publinews.gt/gt/wp-content/uploads/2020/06/opinion-giovannifratti.jpg
  • https://static.publinews.gt/2020/06/opinion-giovannifratti.jpg
5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.publinews.gt/2020/06/opinion-giovannifratti.jpg
Requested by
Host: www.publinews.gt
URL: https://www.publinews.gt/gt/
Protocol
HTTP/1.1
Server
49.12.125.168 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.168.125.12.49.clients.your-server.de
Software
nginx/1.20.1 /
Resource Hash
1adf337204d2f4cee5264b18e3212be7a93cd619c705e30bf89a3d27192b77f6

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.publinews.gt/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

Date
Wed, 31 Aug 2022 16:16:23 GMT
Last-Modified
Mon, 29 Jun 2020 01:14:17 GMT
Server
nginx/1.20.1
ETag
"5ef94069-1406"
Content-Type
image/jpeg
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
5126

Redirect headers

Location
https://static.publinews.gt/2020/06/opinion-giovannifratti.jpg
Date
Wed, 31 Aug 2022 16:16:23 GMT
Server
nginx/1.20.1
Connection
keep-alive
Content-Length
169
Content-Type
text/html
opinion-josesanabria.jpg
static.publinews.gt/2020/06/
Redirect Chain
  • https://www.publinews.gt/gt/wp-content/uploads/2020/06/opinion-josesanabria.jpg
  • https://static.publinews.gt/2020/06/opinion-josesanabria.jpg
5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.publinews.gt/2020/06/opinion-josesanabria.jpg
Requested by
Host: www.publinews.gt
URL: https://www.publinews.gt/gt/
Protocol
HTTP/1.1
Server
49.12.125.168 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.168.125.12.49.clients.your-server.de
Software
nginx/1.20.1 /
Resource Hash
3f43187776cc2fd671ed841523cc7bfd3d8d4dc3c0a32e0ae3b1b84e32f6d871

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.publinews.gt/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

Date
Wed, 31 Aug 2022 16:16:23 GMT
Last-Modified
Mon, 29 Jun 2020 01:14:22 GMT
Server
nginx/1.20.1
ETag
"5ef9406e-1426"
Content-Type
image/jpeg
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
5158

Redirect headers

Location
https://static.publinews.gt/2020/06/opinion-josesanabria.jpg
Date
Wed, 31 Aug 2022 16:16:23 GMT
Server
nginx/1.20.1
Connection
keep-alive
Content-Length
169
Content-Type
text/html
opinion-julissamartinez-150x150.jpg
static.publinews.gt/2020/06/
Redirect Chain
  • https://www.publinews.gt/gt/wp-content/uploads/2020/06/opinion-julissamartinez-150x150.jpg
  • https://static.publinews.gt/2020/06/opinion-julissamartinez-150x150.jpg
5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.publinews.gt/2020/06/opinion-julissamartinez-150x150.jpg
Requested by
Host: www.publinews.gt
URL: https://www.publinews.gt/gt/
Protocol
HTTP/1.1
Server
49.12.125.168 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.168.125.12.49.clients.your-server.de
Software
nginx/1.20.1 /
Resource Hash
0da563d8fc4e14fac20984e96e83406f2554ee1bef09f5de660a7662c1713ecc

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.publinews.gt/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

Date
Wed, 31 Aug 2022 16:16:23 GMT
Last-Modified
Mon, 29 Jun 2020 04:38:42 GMT
Server
nginx/1.20.1
ETag
"5ef97052-1256"
Content-Type
image/jpeg
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
4694

Redirect headers

Location
https://static.publinews.gt/2020/06/opinion-julissamartinez-150x150.jpg
Date
Wed, 31 Aug 2022 16:16:23 GMT
Server
nginx/1.20.1
Connection
keep-alive
Content-Length
169
Content-Type
text/html
opinion-luisvalenzuela.jpg
static.publinews.gt/2020/06/
Redirect Chain
  • https://www.publinews.gt/gt/wp-content/uploads/2020/06/opinion-luisvalenzuela.jpg
  • https://static.publinews.gt/2020/06/opinion-luisvalenzuela.jpg
5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.publinews.gt/2020/06/opinion-luisvalenzuela.jpg
Requested by
Host: www.publinews.gt
URL: https://www.publinews.gt/gt/
Protocol
HTTP/1.1
Server
49.12.125.168 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.168.125.12.49.clients.your-server.de
Software
nginx/1.20.1 /
Resource Hash
8195ec559939a3299a302f8e0c182ba87ddc46b9d26de044d2b8b69fd412a645

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.publinews.gt/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

Date
Wed, 31 Aug 2022 16:16:23 GMT
Last-Modified
Mon, 29 Jun 2020 01:14:33 GMT
Server
nginx/1.20.1
ETag
"5ef94079-1358"
Content-Type
image/jpeg
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
4952

Redirect headers

Location
https://static.publinews.gt/2020/06/opinion-luisvalenzuela.jpg
Date
Wed, 31 Aug 2022 16:16:23 GMT
Server
nginx/1.20.1
Connection
keep-alive
Content-Length
169
Content-Type
text/html
opinion-mariaace%C3%B1a.jpg
static.publinews.gt/2020/06/
Redirect Chain
  • https://www.publinews.gt/gt/wp-content/uploads/2020/06/opinion-mariaace%C3%B1a.jpg
  • https://static.publinews.gt/2020/06/opinion-mariaace%C3%B1a.jpg
6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.publinews.gt/2020/06/opinion-mariaace%C3%B1a.jpg
Requested by
Host: www.publinews.gt
URL: https://www.publinews.gt/gt/
Protocol
HTTP/1.1
Server
49.12.125.168 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.168.125.12.49.clients.your-server.de
Software
nginx/1.20.1 /
Resource Hash
a0aad236d91f8a4ccca9299f760e17fff3a18635872a6e38ae4900eead00cd38

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.publinews.gt/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

Date
Wed, 31 Aug 2022 16:16:23 GMT
Last-Modified
Mon, 29 Jun 2020 01:14:43 GMT
Server
nginx/1.20.1
ETag
"5ef94083-18a4"
Content-Type
image/jpeg
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
6308

Redirect headers

Location
https://static.publinews.gt/2020/06/opinion-mariaace%C3%B1a.jpg
Date
Wed, 31 Aug 2022 16:16:23 GMT
Server
nginx/1.20.1
Connection
keep-alive
Content-Length
169
Content-Type
text/html
opinion-nelsonleal-150x150.jpg
static.publinews.gt/2020/06/
Redirect Chain
  • https://www.publinews.gt/gt/wp-content/uploads/2020/06/opinion-nelsonleal-150x150.jpg
  • https://static.publinews.gt/2020/06/opinion-nelsonleal-150x150.jpg
6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.publinews.gt/2020/06/opinion-nelsonleal-150x150.jpg
Requested by
Host: www.publinews.gt
URL: https://www.publinews.gt/gt/
Protocol
HTTP/1.1
Server
49.12.125.168 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.168.125.12.49.clients.your-server.de
Software
nginx/1.20.1 /
Resource Hash
e91580f860a460f66df16f1383f3a285780216e698edf0407e07ff45ff1cd0c3

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.publinews.gt/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

Date
Wed, 31 Aug 2022 16:16:23 GMT
Last-Modified
Mon, 29 Jun 2020 04:38:41 GMT
Server
nginx/1.20.1
ETag
"5ef97051-1838"
Content-Type
image/jpeg
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
6200

Redirect headers

Location
https://static.publinews.gt/2020/06/opinion-nelsonleal-150x150.jpg
Date
Wed, 31 Aug 2022 16:16:23 GMT
Server
nginx/1.20.1
Connection
keep-alive
Content-Length
169
Content-Type
text/html
opinion-paolarivano.jpg
static.publinews.gt/2020/06/
Redirect Chain
  • https://www.publinews.gt/gt/wp-content/uploads/2020/06/opinion-paolarivano.jpg
  • https://static.publinews.gt/2020/06/opinion-paolarivano.jpg
6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.publinews.gt/2020/06/opinion-paolarivano.jpg
Requested by
Host: www.publinews.gt
URL: https://www.publinews.gt/gt/
Protocol
HTTP/1.1
Server
49.12.125.168 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.168.125.12.49.clients.your-server.de
Software
nginx/1.20.1 /
Resource Hash
cf85242e9b3ceb7147907911c2f6a14da84b99d06aba24c4daad28cbbf93209b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.publinews.gt/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

Date
Wed, 31 Aug 2022 16:16:23 GMT
Last-Modified
Mon, 29 Jun 2020 01:14:53 GMT
Server
nginx/1.20.1
ETag
"5ef9408d-181a"
Content-Type
image/jpeg
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
6170

Redirect headers

Location
https://static.publinews.gt/2020/06/opinion-paolarivano.jpg
Date
Wed, 31 Aug 2022 16:16:23 GMT
Server
nginx/1.20.1
Connection
keep-alive
Content-Length
169
Content-Type
text/html
NIN%CC%83O-CREA-SU-PROPIO-A%CC%81LBUM-DEL-MUNDIAL-640x576.jpg
static.publinews.gt/2022/08/
Redirect Chain
  • https://www.publinews.gt/gt/wp-content/uploads/2022/08/NIN%CC%83O-CREA-SU-PROPIO-A%CC%81LBUM-DEL-MUNDIAL-640x576.jpg
  • https://static.publinews.gt/2022/08/NIN%CC%83O-CREA-SU-PROPIO-A%CC%81LBUM-DEL-MUNDIAL-640x576.jpg
42 KB
42 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.publinews.gt/2022/08/NIN%CC%83O-CREA-SU-PROPIO-A%CC%81LBUM-DEL-MUNDIAL-640x576.jpg
Requested by
Host: www.publinews.gt
URL: https://www.publinews.gt/gt/
Protocol
HTTP/1.1
Server
49.12.125.168 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.168.125.12.49.clients.your-server.de
Software
nginx/1.20.1 /
Resource Hash
9f9fdc49f32f71acb66c5ecce0ebc7724952ba9147196f3d2b46d2c783e0bade

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.publinews.gt/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

Date
Wed, 31 Aug 2022 16:16:23 GMT
Last-Modified
Wed, 31 Aug 2022 15:44:20 GMT
Server
nginx/1.20.1
ETag
"630f81d4-a86f"
Content-Type
image/jpeg
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
43119

Redirect headers

Location
https://static.publinews.gt/2022/08/NIN%CC%83O-CREA-SU-PROPIO-A%CC%81LBUM-DEL-MUNDIAL-640x576.jpg
Date
Wed, 31 Aug 2022 16:16:23 GMT
Server
nginx/1.20.1
Connection
keep-alive
Content-Length
169
Content-Type
text/html
aparicio-lynner-414x232.jpg
static.publinews.gt/2022/08/
Redirect Chain
  • https://www.publinews.gt/gt/wp-content/uploads/2022/08/aparicio-lynner-414x232.jpg
  • https://static.publinews.gt/2022/08/aparicio-lynner-414x232.jpg
17 KB
18 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.publinews.gt/2022/08/aparicio-lynner-414x232.jpg
Requested by
Host: www.publinews.gt
URL: https://www.publinews.gt/gt/
Protocol
HTTP/1.1
Server
49.12.125.168 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.168.125.12.49.clients.your-server.de
Software
nginx/1.20.1 /
Resource Hash
fb98c93cbc8f3b8213bcf9b5e149a22210238854b41e7cd1b6c05b89765e86b3

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.publinews.gt/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

Date
Wed, 31 Aug 2022 16:16:23 GMT
Last-Modified
Wed, 31 Aug 2022 15:21:48 GMT
Server
nginx/1.20.1
ETag
"630f7c8c-45f0"
Content-Type
image/jpeg
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
17904

Redirect headers

Location
https://static.publinews.gt/2022/08/aparicio-lynner-414x232.jpg
Date
Wed, 31 Aug 2022 16:16:23 GMT
Server
nginx/1.20.1
Connection
keep-alive
Content-Length
169
Content-Type
text/html
visita-de-infantino-a-Guatemala-1-414x232.jpeg
static.publinews.gt/2022/08/
Redirect Chain
  • https://www.publinews.gt/gt/wp-content/uploads/2022/08/visita-de-infantino-a-Guatemala-1-414x232.jpeg
  • https://static.publinews.gt/2022/08/visita-de-infantino-a-Guatemala-1-414x232.jpeg
14 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.publinews.gt/2022/08/visita-de-infantino-a-Guatemala-1-414x232.jpeg
Requested by
Host: www.publinews.gt
URL: https://www.publinews.gt/gt/
Protocol
HTTP/1.1
Server
49.12.125.168 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.168.125.12.49.clients.your-server.de
Software
nginx/1.20.1 /
Resource Hash
0f5e3f3cdc5c53c1abc30a8519e086fed3793f2f580ecee4a9b34fc2c40d8892

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.publinews.gt/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

Date
Wed, 31 Aug 2022 16:16:23 GMT
Last-Modified
Tue, 30 Aug 2022 20:59:19 GMT
Server
nginx/1.20.1
ETag
"630e7a27-38d6"
Content-Type
image/jpeg
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
14550

Redirect headers

Location
https://static.publinews.gt/2022/08/visita-de-infantino-a-Guatemala-1-414x232.jpeg
Date
Wed, 31 Aug 2022 16:16:23 GMT
Server
nginx/1.20.1
Connection
keep-alive
Content-Length
169
Content-Type
text/html
gianni-infantino-presidente-fifa-anima-guatemala-clasificar-mundial-publinews--414x232.jpg
static.publinews.gt/2022/08/
Redirect Chain
  • https://www.publinews.gt/gt/wp-content/uploads/2022/08/gianni-infantino-presidente-fifa-anima-guatemala-clasificar-mundial-publinews--414x232.jpg
  • https://static.publinews.gt/2022/08/gianni-infantino-presidente-fifa-anima-guatemala-clasificar-mundial-publinews--414x232.jpg
14 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.publinews.gt/2022/08/gianni-infantino-presidente-fifa-anima-guatemala-clasificar-mundial-publinews--414x232.jpg
Requested by
Host: www.publinews.gt
URL: https://www.publinews.gt/gt/
Protocol
HTTP/1.1
Server
49.12.125.168 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.168.125.12.49.clients.your-server.de
Software
nginx/1.20.1 /
Resource Hash
dfaaebdec60dc0454116815d8287e7975ba3ce5b6b575cbf4a301d251b4947b5

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.publinews.gt/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

Date
Wed, 31 Aug 2022 16:16:23 GMT
Last-Modified
Wed, 31 Aug 2022 00:48:31 GMT
Server
nginx/1.20.1
ETag
"630eafdf-39dc"
Content-Type
image/jpeg
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
14812

Redirect headers

Location
https://static.publinews.gt/2022/08/gianni-infantino-presidente-fifa-anima-guatemala-clasificar-mundial-publinews--414x232.jpg
Date
Wed, 31 Aug 2022 16:16:23 GMT
Server
nginx/1.20.1
Connection
keep-alive
Content-Length
169
Content-Type
text/html
visita-de-infantino-a-Guatemala-1-640x640.jpeg
static.publinews.gt/2022/08/
Redirect Chain
  • https://www.publinews.gt/gt/wp-content/uploads/2022/08/visita-de-infantino-a-Guatemala-1-640x640.jpeg
  • https://static.publinews.gt/2022/08/visita-de-infantino-a-Guatemala-1-640x640.jpeg
36 KB
36 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.publinews.gt/2022/08/visita-de-infantino-a-Guatemala-1-640x640.jpeg
Requested by
Host: www.publinews.gt
URL: https://www.publinews.gt/gt/
Protocol
HTTP/1.1
Server
49.12.125.168 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.168.125.12.49.clients.your-server.de
Software
nginx/1.20.1 /
Resource Hash
d77df218a292b8f67740205b6d1dc75666f15f1645b95519b7bef5f161a0f8f1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.publinews.gt/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

Date
Wed, 31 Aug 2022 16:16:23 GMT
Last-Modified
Tue, 30 Aug 2022 20:59:19 GMT
Server
nginx/1.20.1
ETag
"630e7a27-8f58"
Content-Type
image/jpeg
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
36696

Redirect headers

Location
https://static.publinews.gt/2022/08/visita-de-infantino-a-Guatemala-1-640x640.jpeg
Date
Wed, 31 Aug 2022 16:16:23 GMT
Server
nginx/1.20.1
Connection
keep-alive
Content-Length
169
Content-Type
text/html
gianni-infantino-presidente-de-FIFA-visita-guatemala-publinews--414x232.jpg
static.publinews.gt/2022/08/
Redirect Chain
  • https://www.publinews.gt/gt/wp-content/uploads/2022/08/gianni-infantino-presidente-de-FIFA-visita-guatemala-publinews--414x232.jpg
  • https://static.publinews.gt/2022/08/gianni-infantino-presidente-de-FIFA-visita-guatemala-publinews--414x232.jpg
13 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.publinews.gt/2022/08/gianni-infantino-presidente-de-FIFA-visita-guatemala-publinews--414x232.jpg
Requested by
Host: www.publinews.gt
URL: https://www.publinews.gt/gt/
Protocol
HTTP/1.1
Server
49.12.125.168 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.168.125.12.49.clients.your-server.de
Software
nginx/1.20.1 /
Resource Hash
6eb371fe2cdba0f5fae6d062346e86535f2c667b80e23c4c65cd3fd24be65cef

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.publinews.gt/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

Date
Wed, 31 Aug 2022 16:16:23 GMT
Last-Modified
Tue, 30 Aug 2022 22:24:51 GMT
Server
nginx/1.20.1
ETag
"630e8e33-349d"
Content-Type
image/jpeg
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
13469

Redirect headers

Location
https://static.publinews.gt/2022/08/gianni-infantino-presidente-de-FIFA-visita-guatemala-publinews--414x232.jpg
Date
Wed, 31 Aug 2022 16:16:23 GMT
Server
nginx/1.20.1
Connection
keep-alive
Content-Length
169
Content-Type
text/html
eugenio-derbez-comediante-300x168.jpg
static.publinews.gt/2022/08/
Redirect Chain
  • https://www.publinews.gt/gt/wp-content/uploads/2022/08/eugenio-derbez-comediante-300x168.jpg
  • https://static.publinews.gt/2022/08/eugenio-derbez-comediante-300x168.jpg
8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.publinews.gt/2022/08/eugenio-derbez-comediante-300x168.jpg
Requested by
Host: www.publinews.gt
URL: https://www.publinews.gt/gt/
Protocol
HTTP/1.1
Server
49.12.125.168 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.168.125.12.49.clients.your-server.de
Software
nginx/1.20.1 /
Resource Hash
5d4738110b480f423e4f0c054dd3444f7eb0388186dd356a8c171f26db1faaef

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.publinews.gt/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

Date
Wed, 31 Aug 2022 16:16:23 GMT
Last-Modified
Tue, 30 Aug 2022 03:19:36 GMT
Server
nginx/1.20.1
ETag
"630d81c8-1f35"
Content-Type
image/jpeg
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
7989

Redirect headers

Location
https://static.publinews.gt/2022/08/eugenio-derbez-comediante-300x168.jpg
Date
Wed, 31 Aug 2022 16:16:23 GMT
Server
nginx/1.20.1
Connection
keep-alive
Content-Length
169
Content-Type
text/html
Presentador-de-La-Academia-acciona-contra-mujer-que-lo-acusa-de-abuso-sexual-187x140.jpg
static.publinews.gt/2022/08/
Redirect Chain
  • https://www.publinews.gt/gt/wp-content/uploads/2022/08/Presentador-de-La-Academia-acciona-contra-mujer-que-lo-acusa-de-abuso-sexual-187x140.jpg
  • https://static.publinews.gt/2022/08/Presentador-de-La-Academia-acciona-contra-mujer-que-lo-acusa-de-abuso-sexual-187x140.jpg
9 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.publinews.gt/2022/08/Presentador-de-La-Academia-acciona-contra-mujer-que-lo-acusa-de-abuso-sexual-187x140.jpg
Requested by
Host: www.publinews.gt
URL: https://www.publinews.gt/gt/
Protocol
HTTP/1.1
Server
49.12.125.168 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.168.125.12.49.clients.your-server.de
Software
nginx/1.20.1 /
Resource Hash
880249a25ca053564710985b7a778579dc4839896e16b063816f9b068de5f1de

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.publinews.gt/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

Date
Wed, 31 Aug 2022 16:16:23 GMT
Last-Modified
Wed, 31 Aug 2022 14:27:03 GMT
Server
nginx/1.20.1
ETag
"630f6fb7-2231"
Content-Type
image/jpeg
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
8753

Redirect headers

Location
https://static.publinews.gt/2022/08/Presentador-de-La-Academia-acciona-contra-mujer-que-lo-acusa-de-abuso-sexual-187x140.jpg
Date
Wed, 31 Aug 2022 16:16:23 GMT
Server
nginx/1.20.1
Connection
keep-alive
Content-Length
169
Content-Type
text/html
yailin-la-mas-viral-publinews-1-187x140.jpg
static.publinews.gt/2022/08/
Redirect Chain
  • https://www.publinews.gt/gt/wp-content/uploads/2022/08/yailin-la-mas-viral-publinews-1-187x140.jpg
  • https://static.publinews.gt/2022/08/yailin-la-mas-viral-publinews-1-187x140.jpg
6 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.publinews.gt/2022/08/yailin-la-mas-viral-publinews-1-187x140.jpg
Requested by
Host: www.publinews.gt
URL: https://www.publinews.gt/gt/
Protocol
HTTP/1.1
Server
49.12.125.168 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.168.125.12.49.clients.your-server.de
Software
nginx/1.20.1 /
Resource Hash
37af9af0b46dbfcd7484c63a7436233e85730db5241bcab7aa6f84fdfd11b931

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.publinews.gt/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

Date
Wed, 31 Aug 2022 16:16:23 GMT
Last-Modified
Wed, 31 Aug 2022 00:50:57 GMT
Server
nginx/1.20.1
ETag
"630eb071-19d1"
Content-Type
image/jpeg
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
6609

Redirect headers

Location
https://static.publinews.gt/2022/08/yailin-la-mas-viral-publinews-1-187x140.jpg
Date
Wed, 31 Aug 2022 16:16:23 GMT
Server
nginx/1.20.1
Connection
keep-alive
Content-Length
169
Content-Type
text/html
georgina-rodriguez-publinews-1-1-187x140.jpg
static.publinews.gt/2022/08/
Redirect Chain
  • https://www.publinews.gt/gt/wp-content/uploads/2022/08/georgina-rodriguez-publinews-1-1-187x140.jpg
  • https://static.publinews.gt/2022/08/georgina-rodriguez-publinews-1-1-187x140.jpg
9 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.publinews.gt/2022/08/georgina-rodriguez-publinews-1-1-187x140.jpg
Requested by
Host: www.publinews.gt
URL: https://www.publinews.gt/gt/
Protocol
HTTP/1.1
Server
49.12.125.168 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.168.125.12.49.clients.your-server.de
Software
nginx/1.20.1 /
Resource Hash
3be60f209c08e90c16558d5d32d6953439f287f5c88565c2e43cdcb40d6c3d58

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.publinews.gt/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

Date
Wed, 31 Aug 2022 16:16:23 GMT
Last-Modified
Wed, 31 Aug 2022 00:24:17 GMT
Server
nginx/1.20.1
ETag
"630eaa31-2446"
Content-Type
image/jpeg
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
9286

Redirect headers

Location
https://static.publinews.gt/2022/08/georgina-rodriguez-publinews-1-1-187x140.jpg
Date
Wed, 31 Aug 2022 16:16:23 GMT
Server
nginx/1.20.1
Connection
keep-alive
Content-Length
169
Content-Type
text/html
Van-Gogh-Suen%CC%83o-Inmersivo-publinews-1-300x300.jpg
static.publinews.gt/2022/08/
Redirect Chain
  • https://www.publinews.gt/gt/wp-content/uploads/2022/08/Van-Gogh-Suen%CC%83o-Inmersivo-publinews-1-300x300.jpg
  • https://static.publinews.gt/2022/08/Van-Gogh-Suen%CC%83o-Inmersivo-publinews-1-300x300.jpg
24 KB
24 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.publinews.gt/2022/08/Van-Gogh-Suen%CC%83o-Inmersivo-publinews-1-300x300.jpg
Requested by
Host: www.publinews.gt
URL: https://www.publinews.gt/gt/
Protocol
HTTP/1.1
Server
49.12.125.168 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.168.125.12.49.clients.your-server.de
Software
nginx/1.20.1 /
Resource Hash
364d1741b1499d9100a6b2324534a452e66a45f392481cec3f62e70e76da1419

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.publinews.gt/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

Date
Wed, 31 Aug 2022 16:16:23 GMT
Last-Modified
Tue, 30 Aug 2022 23:33:22 GMT
Server
nginx/1.20.1
ETag
"630e9e42-60cd"
Content-Type
image/jpeg
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
24781

Redirect headers

Location
https://static.publinews.gt/2022/08/Van-Gogh-Suen%CC%83o-Inmersivo-publinews-1-300x300.jpg
Date
Wed, 31 Aug 2022 16:16:23 GMT
Server
nginx/1.20.1
Connection
keep-alive
Content-Length
169
Content-Type
text/html
Cesia-y-Andre%CC%81s-187x140.jpg
static.publinews.gt/2022/08/
Redirect Chain
  • https://www.publinews.gt/gt/wp-content/uploads/2022/08/Cesia-y-Andre%CC%81s-187x140.jpg
  • https://static.publinews.gt/2022/08/Cesia-y-Andre%CC%81s-187x140.jpg
7 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.publinews.gt/2022/08/Cesia-y-Andre%CC%81s-187x140.jpg
Requested by
Host: www.publinews.gt
URL: https://www.publinews.gt/gt/
Protocol
HTTP/1.1
Server
49.12.125.168 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.168.125.12.49.clients.your-server.de
Software
nginx/1.20.1 /
Resource Hash
487c60b5e53c1d237b331698067d65073bf3bce979a6149ec0c12b622efc819f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.publinews.gt/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

Date
Wed, 31 Aug 2022 16:16:23 GMT
Last-Modified
Tue, 30 Aug 2022 22:55:43 GMT
Server
nginx/1.20.1
ETag
"630e956f-1dfd"
Content-Type
image/jpeg
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
7677

Redirect headers

Location
https://static.publinews.gt/2022/08/Cesia-y-Andre%CC%81s-187x140.jpg
Date
Wed, 31 Aug 2022 16:16:23 GMT
Server
nginx/1.20.1
Connection
keep-alive
Content-Length
169
Content-Type
text/html
eugenioderbezyal-03e2ad4f6af7ed3584aa69493660eb43-187x140.jpg
static.publinews.gt/2019/12/24/
Redirect Chain
  • https://www.publinews.gt/gt/wp-content/uploads/2019/12/24/eugenioderbezyal-03e2ad4f6af7ed3584aa69493660eb43-187x140.jpg
  • https://static.publinews.gt/2019/12/24/eugenioderbezyal-03e2ad4f6af7ed3584aa69493660eb43-187x140.jpg
10 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.publinews.gt/2019/12/24/eugenioderbezyal-03e2ad4f6af7ed3584aa69493660eb43-187x140.jpg
Requested by
Host: www.publinews.gt
URL: https://www.publinews.gt/gt/
Protocol
HTTP/1.1
Server
49.12.125.168 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.168.125.12.49.clients.your-server.de
Software
nginx/1.20.1 /
Resource Hash
9af9b37392830c3d27d0370c7e36fe4a21ff49ef2a0465d3ea33ab9c8a537595

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.publinews.gt/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

Date
Wed, 31 Aug 2022 16:16:23 GMT
Last-Modified
Sun, 12 Jul 2020 20:28:20 GMT
Server
nginx/1.20.1
ETag
"5f0b7264-27a0"
Content-Type
image/jpeg
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
10144

Redirect headers

Location
https://static.publinews.gt/2019/12/24/eugenioderbezyal-03e2ad4f6af7ed3584aa69493660eb43-187x140.jpg
Date
Wed, 31 Aug 2022 16:16:23 GMT
Server
nginx/1.20.1
Connection
keep-alive
Content-Length
169
Content-Type
text/html
ashleygrahamencienderedessexybailelenceria-cf27fce9cade7c55f7f799b5bdaf1214-187x140.jpg
static.publinews.gt/2018/01/17/
Redirect Chain
  • https://www.publinews.gt/gt/wp-content/uploads/2018/01/17/ashleygrahamencienderedessexybailelenceria-cf27fce9cade7c55f7f799b5bdaf1214-187x140.jpg
  • https://static.publinews.gt/2018/01/17/ashleygrahamencienderedessexybailelenceria-cf27fce9cade7c55f7f799b5bdaf1214-187x140.jpg
6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.publinews.gt/2018/01/17/ashleygrahamencienderedessexybailelenceria-cf27fce9cade7c55f7f799b5bdaf1214-187x140.jpg
Requested by
Host: www.publinews.gt
URL: https://www.publinews.gt/gt/
Protocol
HTTP/1.1
Server
49.12.125.168 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.168.125.12.49.clients.your-server.de
Software
nginx/1.20.1 /
Resource Hash
07253e76af1894dfbbca9fddb53ed63c85e95d1b55ff082b7e469baef6a984d4

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.publinews.gt/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

Date
Wed, 31 Aug 2022 16:16:23 GMT
Last-Modified
Sun, 05 Jul 2020 02:02:31 GMT
Server
nginx/1.20.1
ETag
"5f0134b7-16f6"
Content-Type
image/jpeg
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
5878

Redirect headers

Location
https://static.publinews.gt/2018/01/17/ashleygrahamencienderedessexybailelenceria-cf27fce9cade7c55f7f799b5bdaf1214-187x140.jpg
Date
Wed, 31 Aug 2022 16:16:23 GMT
Server
nginx/1.20.1
Connection
keep-alive
Content-Length
169
Content-Type
text/html
laura-flores-300x168.jpg
static.publinews.gt/2017/08/23/
Redirect Chain
  • https://www.publinews.gt/gt/wp-content/uploads/2017/08/23/laura-flores-300x168.jpg
  • https://static.publinews.gt/2017/08/23/laura-flores-300x168.jpg
7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.publinews.gt/2017/08/23/laura-flores-300x168.jpg
Requested by
Host: www.publinews.gt
URL: https://www.publinews.gt/gt/
Protocol
HTTP/1.1
Server
49.12.125.168 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.168.125.12.49.clients.your-server.de
Software
nginx/1.20.1 /
Resource Hash
e38e2116e7fcecafc78b089ca5d6e23cb944090acae7e75dd87ccb1c776a1849

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.publinews.gt/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

Date
Wed, 31 Aug 2022 16:16:23 GMT
Last-Modified
Tue, 14 Jul 2020 03:25:34 GMT
Server
nginx/1.20.1
ETag
"5f0d25ae-1ccc"
Content-Type
image/jpeg
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
7372

Redirect headers

Location
https://static.publinews.gt/2017/08/23/laura-flores-300x168.jpg
Date
Wed, 31 Aug 2022 16:16:23 GMT
Server
nginx/1.20.1
Connection
keep-alive
Content-Length
169
Content-Type
text/html
Clara-Chia-Marti-y-Gerard-Pique-414x232.jpg
static.publinews.gt/2022/08/
Redirect Chain
  • https://www.publinews.gt/gt/wp-content/uploads/2022/08/Clara-Chia-Marti-y-Gerard-Pique-414x232.jpg
  • https://static.publinews.gt/2022/08/Clara-Chia-Marti-y-Gerard-Pique-414x232.jpg
22 KB
22 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.publinews.gt/2022/08/Clara-Chia-Marti-y-Gerard-Pique-414x232.jpg
Requested by
Host: www.publinews.gt
URL: https://www.publinews.gt/gt/
Protocol
HTTP/1.1
Server
49.12.125.168 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.168.125.12.49.clients.your-server.de
Software
nginx/1.20.1 /
Resource Hash
50c64c30ceeb83775f2b933b917c3657f818dfd38cad2180b0f2d262b1157e63

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.publinews.gt/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

Date
Wed, 31 Aug 2022 16:16:23 GMT
Last-Modified
Tue, 30 Aug 2022 14:20:37 GMT
Server
nginx/1.20.1
ETag
"630e1cb5-56a6"
Content-Type
image/jpeg
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
22182

Redirect headers

Location
https://static.publinews.gt/2022/08/Clara-Chia-Marti-y-Gerard-Pique-414x232.jpg
Date
Wed, 31 Aug 2022 16:16:23 GMT
Server
nginx/1.20.1
Connection
keep-alive
Content-Length
169
Content-Type
text/html
Robert-Lupone-los-soprano-187x140.png
static.publinews.gt/2022/08/
Redirect Chain
  • https://www.publinews.gt/gt/wp-content/uploads/2022/08/Robert-Lupone-los-soprano-187x140.png
  • https://static.publinews.gt/2022/08/Robert-Lupone-los-soprano-187x140.png
65 KB
65 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.publinews.gt/2022/08/Robert-Lupone-los-soprano-187x140.png
Requested by
Host: www.publinews.gt
URL: https://www.publinews.gt/gt/
Protocol
HTTP/1.1
Server
49.12.125.168 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.168.125.12.49.clients.your-server.de
Software
nginx/1.20.1 /
Resource Hash
c86748710e797c6d7933b864f62834904876163ae177570a332a2c477ad6aca6

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.publinews.gt/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

Date
Wed, 31 Aug 2022 16:16:23 GMT
Last-Modified
Tue, 30 Aug 2022 13:51:38 GMT
Server
nginx/1.20.1
ETag
"630e15ea-102a2"
Content-Type
image/png
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
66210

Redirect headers

Location
https://static.publinews.gt/2022/08/Robert-Lupone-los-soprano-187x140.png
Date
Wed, 31 Aug 2022 16:16:23 GMT
Server
nginx/1.20.1
Connection
keep-alive
Content-Length
169
Content-Type
text/html
eugenio-derbez-comediante-187x140.jpg
static.publinews.gt/2022/08/
Redirect Chain
  • https://www.publinews.gt/gt/wp-content/uploads/2022/08/eugenio-derbez-comediante-187x140.jpg
  • https://static.publinews.gt/2022/08/eugenio-derbez-comediante-187x140.jpg
5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.publinews.gt/2022/08/eugenio-derbez-comediante-187x140.jpg
Requested by
Host: www.publinews.gt
URL: https://www.publinews.gt/gt/
Protocol
HTTP/1.1
Server
49.12.125.168 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.168.125.12.49.clients.your-server.de
Software
nginx/1.20.1 /
Resource Hash
76932632c4ba6d864a00b6341a9d5460f9b44ff952e478c47e68ffe664624efb

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.publinews.gt/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

Date
Wed, 31 Aug 2022 16:16:23 GMT
Last-Modified
Tue, 30 Aug 2022 03:19:36 GMT
Server
nginx/1.20.1
ETag
"630d81c8-14ca"
Content-Type
image/jpeg
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
5322

Redirect headers

Location
https://static.publinews.gt/2022/08/eugenio-derbez-comediante-187x140.jpg
Date
Wed, 31 Aug 2022 16:16:23 GMT
Server
nginx/1.20.1
Connection
keep-alive
Content-Length
169
Content-Type
text/html
arturo-lopez-gavito-publinews-1-414x232.jpg
static.publinews.gt/2022/08/
Redirect Chain
  • https://www.publinews.gt/gt/wp-content/uploads/2022/08/arturo-lopez-gavito-publinews-1-414x232.jpg
  • https://static.publinews.gt/2022/08/arturo-lopez-gavito-publinews-1-414x232.jpg
8 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.publinews.gt/2022/08/arturo-lopez-gavito-publinews-1-414x232.jpg
Requested by
Host: www.publinews.gt
URL: https://www.publinews.gt/gt/
Protocol
HTTP/1.1
Server
49.12.125.168 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.168.125.12.49.clients.your-server.de
Software
nginx/1.20.1 /
Resource Hash
2165620fa9b4145a3e19a084e259da7f094390109f8742410ebd36d8899c3e26

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.publinews.gt/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

Date
Wed, 31 Aug 2022 16:16:23 GMT
Last-Modified
Tue, 30 Aug 2022 00:56:36 GMT
Server
nginx/1.20.1
ETag
"630d6044-2191"
Content-Type
image/jpeg
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
8593

Redirect headers

Location
https://static.publinews.gt/2022/08/arturo-lopez-gavito-publinews-1-414x232.jpg
Date
Wed, 31 Aug 2022 16:16:23 GMT
Server
nginx/1.20.1
Connection
keep-alive
Content-Length
169
Content-Type
text/html
House-Of-the-Drago%CC%81n-publinews--187x140.png
static.publinews.gt/2022/08/
Redirect Chain
  • https://www.publinews.gt/gt/wp-content/uploads/2022/08/House-Of-the-Drago%CC%81n-publinews--187x140.png
  • https://static.publinews.gt/2022/08/House-Of-the-Drago%CC%81n-publinews--187x140.png
46 KB
46 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.publinews.gt/2022/08/House-Of-the-Drago%CC%81n-publinews--187x140.png
Requested by
Host: www.publinews.gt
URL: https://www.publinews.gt/gt/
Protocol
HTTP/1.1
Server
49.12.125.168 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.168.125.12.49.clients.your-server.de
Software
nginx/1.20.1 /
Resource Hash
9251eeb3c03ab159a47dffd5e5740756c82f088da7b82d17541395ff101f227d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.publinews.gt/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

Date
Wed, 31 Aug 2022 16:16:23 GMT
Last-Modified
Tue, 30 Aug 2022 00:29:22 GMT
Server
nginx/1.20.1
ETag
"630d59e2-b887"
Content-Type
image/png
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
47239

Redirect headers

Location
https://static.publinews.gt/2022/08/House-Of-the-Drago%CC%81n-publinews--187x140.png
Date
Wed, 31 Aug 2022 16:16:23 GMT
Server
nginx/1.20.1
Connection
keep-alive
Content-Length
169
Content-Type
text/html
danna-paola-publinews--187x140.jpg
static.publinews.gt/2022/08/
Redirect Chain
  • https://www.publinews.gt/gt/wp-content/uploads/2022/08/danna-paola-publinews--187x140.jpg
  • https://static.publinews.gt/2022/08/danna-paola-publinews--187x140.jpg
6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.publinews.gt/2022/08/danna-paola-publinews--187x140.jpg
Requested by
Host: www.publinews.gt
URL: https://www.publinews.gt/gt/
Protocol
HTTP/1.1
Server
49.12.125.168 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.168.125.12.49.clients.your-server.de
Software
nginx/1.20.1 /
Resource Hash
0f8794ef6a720afcd13b0681fd4d770447a5095d7e60330c52762bc8083d7953

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.publinews.gt/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

Date
Wed, 31 Aug 2022 16:16:23 GMT
Last-Modified
Tue, 30 Aug 2022 00:12:11 GMT
Server
nginx/1.20.1
ETag
"630d55db-1664"
Content-Type
image/jpeg
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
5732

Redirect headers

Location
https://static.publinews.gt/2022/08/danna-paola-publinews--187x140.jpg
Date
Wed, 31 Aug 2022 16:16:23 GMT
Server
nginx/1.20.1
Connection
keep-alive
Content-Length
169
Content-Type
text/html
PORTADA-PUBLINEWS-31-AGOSTO-2022.jpg
static.publinews.gt/2022/08/
Redirect Chain
  • https://www.publinews.gt/gt/wp-content/uploads/2022/08/PORTADA-PUBLINEWS-31-AGOSTO-2022.jpg
  • https://static.publinews.gt/2022/08/PORTADA-PUBLINEWS-31-AGOSTO-2022.jpg
441 KB
441 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.publinews.gt/2022/08/PORTADA-PUBLINEWS-31-AGOSTO-2022.jpg
Requested by
Host: www.publinews.gt
URL: https://www.publinews.gt/gt/
Protocol
HTTP/1.1
Server
49.12.125.168 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.168.125.12.49.clients.your-server.de
Software
nginx/1.20.1 /
Resource Hash
fc80d7c8c7af5d54f59d93bbbbb74c35d7834a85f3d363240fc0bca8bc43a1fc

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.publinews.gt/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

Date
Wed, 31 Aug 2022 16:16:23 GMT
Last-Modified
Wed, 31 Aug 2022 08:03:42 GMT
Server
nginx/1.20.1
ETag
"630f15de-6e2e6"
Content-Type
image/jpeg
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
451302

Redirect headers

Location
https://static.publinews.gt/2022/08/PORTADA-PUBLINEWS-31-AGOSTO-2022.jpg
Date
Wed, 31 Aug 2022 16:16:23 GMT
Server
nginx/1.20.1
Connection
keep-alive
Content-Length
169
Content-Type
text/html
espacio-ocupacional-restaurante-quetzaltenango-300x300.jpg
static.publinews.gt/2022/08/
Redirect Chain
  • https://www.publinews.gt/gt/wp-content/uploads/2022/08/espacio-ocupacional-restaurante-quetzaltenango-300x300.jpg
  • https://static.publinews.gt/2022/08/espacio-ocupacional-restaurante-quetzaltenango-300x300.jpg
12 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.publinews.gt/2022/08/espacio-ocupacional-restaurante-quetzaltenango-300x300.jpg
Requested by
Host: www.publinews.gt
URL: https://www.publinews.gt/gt/
Protocol
HTTP/1.1
Server
49.12.125.168 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.168.125.12.49.clients.your-server.de
Software
nginx/1.20.1 /
Resource Hash
f1887d08d005e0cb9f16eaffa7914de0f834f4292835a69561adad05b36b2436

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.publinews.gt/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

Date
Wed, 31 Aug 2022 16:16:23 GMT
Last-Modified
Wed, 31 Aug 2022 14:40:16 GMT
Server
nginx/1.20.1
ETag
"630f72d0-31c5"
Content-Type
image/jpeg
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
12741

Redirect headers

Location
https://static.publinews.gt/2022/08/espacio-ocupacional-restaurante-quetzaltenango-300x300.jpg
Date
Wed, 31 Aug 2022 16:16:23 GMT
Server
nginx/1.20.1
Connection
keep-alive
Content-Length
169
Content-Type
text/html
El-Chavo-del-8-don-Ramo%CC%81n-y-la-Chilindrina-se-lucieron-con-un-gran-show.--300x168.png
static.publinews.gt/2022/08/
Redirect Chain
  • https://www.publinews.gt/gt/wp-content/uploads/2022/08/El-Chavo-del-8-don-Ramo%CC%81n-y-la-Chilindrina-se-lucieron-con-un-gran-show.--300x168.png
  • https://static.publinews.gt/2022/08/El-Chavo-del-8-don-Ramo%CC%81n-y-la-Chilindrina-se-lucieron-con-un-gran-show.--300x168.png
73 KB
73 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.publinews.gt/2022/08/El-Chavo-del-8-don-Ramo%CC%81n-y-la-Chilindrina-se-lucieron-con-un-gran-show.--300x168.png
Requested by
Host: www.publinews.gt
URL: https://www.publinews.gt/gt/
Protocol
HTTP/1.1
Server
49.12.125.168 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.168.125.12.49.clients.your-server.de
Software
nginx/1.20.1 /
Resource Hash
adb44f29ca95e43406f4c3434262b8e3016a378ee2e51223fd11ef3c79a6f5b0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.publinews.gt/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

Date
Wed, 31 Aug 2022 16:16:23 GMT
Last-Modified
Tue, 30 Aug 2022 22:36:56 GMT
Server
nginx/1.20.1
ETag
"630e9108-12234"
Content-Type
image/png
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
74292

Redirect headers

Location
https://static.publinews.gt/2022/08/El-Chavo-del-8-don-Ramo%CC%81n-y-la-Chilindrina-se-lucieron-con-un-gran-show.--300x168.png
Date
Wed, 31 Aug 2022 16:16:23 GMT
Server
nginx/1.20.1
Connection
keep-alive
Content-Length
169
Content-Type
text/html
Reunio%CC%81n-escolar-termina-en-pelea-campal--187x140.png
static.publinews.gt/2022/08/
Redirect Chain
  • https://www.publinews.gt/gt/wp-content/uploads/2022/08/Reunio%CC%81n-escolar-termina-en-pelea-campal--187x140.png
  • https://static.publinews.gt/2022/08/Reunio%CC%81n-escolar-termina-en-pelea-campal--187x140.png
43 KB
43 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.publinews.gt/2022/08/Reunio%CC%81n-escolar-termina-en-pelea-campal--187x140.png
Requested by
Host: www.publinews.gt
URL: https://www.publinews.gt/gt/
Protocol
HTTP/1.1
Server
49.12.125.168 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.168.125.12.49.clients.your-server.de
Software
nginx/1.20.1 /
Resource Hash
d78ccee2910b62b729634ed37d0000e39dd0092cf3f278247668af30c0108f2c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.publinews.gt/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

Date
Wed, 31 Aug 2022 16:16:23 GMT
Last-Modified
Tue, 30 Aug 2022 22:22:21 GMT
Server
nginx/1.20.1
ETag
"630e8d9d-ab2c"
Content-Type
image/png
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
43820

Redirect headers

Location
https://static.publinews.gt/2022/08/Reunio%CC%81n-escolar-termina-en-pelea-campal--187x140.png
Date
Wed, 31 Aug 2022 16:16:23 GMT
Server
nginx/1.20.1
Connection
keep-alive
Content-Length
169
Content-Type
text/html
Se-hace-viral-un-extran%CC%83o-animal-con-apariencia-de-perro-187x140.png
static.publinews.gt/2022/08/
Redirect Chain
  • https://www.publinews.gt/gt/wp-content/uploads/2022/08/Se-hace-viral-un-extran%CC%83o-animal-con-apariencia-de-perro-187x140.png
  • https://static.publinews.gt/2022/08/Se-hace-viral-un-extran%CC%83o-animal-con-apariencia-de-perro-187x140.png
48 KB
49 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.publinews.gt/2022/08/Se-hace-viral-un-extran%CC%83o-animal-con-apariencia-de-perro-187x140.png
Requested by
Host: www.publinews.gt
URL: https://www.publinews.gt/gt/
Protocol
HTTP/1.1
Server
49.12.125.168 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.168.125.12.49.clients.your-server.de
Software
nginx/1.20.1 /
Resource Hash
2e5e3213e89839fadc122682148b6f08fc41eb2f2ff8d8a3be8314e936df6368

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.publinews.gt/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

Date
Wed, 31 Aug 2022 16:16:23 GMT
Last-Modified
Mon, 29 Aug 2022 13:23:38 GMT
Server
nginx/1.20.1
ETag
"630cbdda-c1a4"
Content-Type
image/png
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
49572

Redirect headers

Location
https://static.publinews.gt/2022/08/Se-hace-viral-un-extran%CC%83o-animal-con-apariencia-de-perro-187x140.png
Date
Wed, 31 Aug 2022 16:16:23 GMT
Server
nginx/1.20.1
Connection
keep-alive
Content-Length
169
Content-Type
text/html
Maestra-reprueba-a-alumna-por-entregar-tarea-con-lenguaje-inclusivo22--187x140.jpg
static.publinews.gt/2022/08/
Redirect Chain
  • https://www.publinews.gt/gt/wp-content/uploads/2022/08/Maestra-reprueba-a-alumna-por-entregar-tarea-con-lenguaje-inclusivo22--187x140.jpg
  • https://static.publinews.gt/2022/08/Maestra-reprueba-a-alumna-por-entregar-tarea-con-lenguaje-inclusivo22--187x140.jpg
5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.publinews.gt/2022/08/Maestra-reprueba-a-alumna-por-entregar-tarea-con-lenguaje-inclusivo22--187x140.jpg
Requested by
Host: www.publinews.gt
URL: https://www.publinews.gt/gt/
Protocol
HTTP/1.1
Server
49.12.125.168 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.168.125.12.49.clients.your-server.de
Software
nginx/1.20.1 /
Resource Hash
8167cf5c527ce9551e0fc2e7bd7b315a9ef815d7f91f3338351bd498af468336

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.publinews.gt/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

Date
Wed, 31 Aug 2022 16:16:23 GMT
Last-Modified
Sun, 28 Aug 2022 22:22:11 GMT
Server
nginx/1.20.1
ETag
"630bea93-14d4"
Content-Type
image/jpeg
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
5332

Redirect headers

Location
https://static.publinews.gt/2022/08/Maestra-reprueba-a-alumna-por-entregar-tarea-con-lenguaje-inclusivo22--187x140.jpg
Date
Wed, 31 Aug 2022 16:16:23 GMT
Server
nginx/1.20.1
Connection
keep-alive
Content-Length
169
Content-Type
text/html
Nin%CC%83a-de-2-an%CC%83os-mata-a-mordidas-a-una-serpiente-que-la-mordio%CC%81-primero-300x300.png
static.publinews.gt/2022/08/
Redirect Chain
  • https://www.publinews.gt/gt/wp-content/uploads/2022/08/Nin%CC%83a-de-2-an%CC%83os-mata-a-mordidas-a-una-serpiente-que-la-mordio%CC%81-primero-300x300.png
  • https://static.publinews.gt/2022/08/Nin%CC%83a-de-2-an%CC%83os-mata-a-mordidas-a-una-serpiente-que-la-mordio%CC%81-primero-300x300.png
132 KB
132 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.publinews.gt/2022/08/Nin%CC%83a-de-2-an%CC%83os-mata-a-mordidas-a-una-serpiente-que-la-mordio%CC%81-primero-300x300.png
Requested by
Host: www.publinews.gt
URL: https://www.publinews.gt/gt/
Protocol
HTTP/1.1
Server
49.12.125.168 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.168.125.12.49.clients.your-server.de
Software
nginx/1.20.1 /
Resource Hash
cd82d566535d0b66758f1b99b889967cd6828985bc98bfa0a4c7551f41fcd032

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.publinews.gt/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

Date
Wed, 31 Aug 2022 16:16:23 GMT
Last-Modified
Sun, 28 Aug 2022 21:32:16 GMT
Server
nginx/1.20.1
ETag
"630bdee0-21097"
Content-Type
image/png
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
135319

Redirect headers

Location
https://static.publinews.gt/2022/08/Nin%CC%83a-de-2-an%CC%83os-mata-a-mordidas-a-una-serpiente-que-la-mordio%CC%81-primero-300x300.png
Date
Wed, 31 Aug 2022 16:16:23 GMT
Server
nginx/1.20.1
Connection
keep-alive
Content-Length
169
Content-Type
text/html
Conductor-impacto%CC%81-su-auto-contra-vivienda-y-llego%CC%81-hasta-la-cocina-300x300.jpg
static.publinews.gt/2022/08/
Redirect Chain
  • https://www.publinews.gt/gt/wp-content/uploads/2022/08/Conductor-impacto%CC%81-su-auto-contra-vivienda-y-llego%CC%81-hasta-la-cocina-300x300.jpg
  • https://static.publinews.gt/2022/08/Conductor-impacto%CC%81-su-auto-contra-vivienda-y-llego%CC%81-hasta-la-cocina-300x300.jpg
24 KB
25 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.publinews.gt/2022/08/Conductor-impacto%CC%81-su-auto-contra-vivienda-y-llego%CC%81-hasta-la-cocina-300x300.jpg
Requested by
Host: www.publinews.gt
URL: https://www.publinews.gt/gt/
Protocol
HTTP/1.1
Server
49.12.125.168 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.168.125.12.49.clients.your-server.de
Software
nginx/1.20.1 /
Resource Hash
a753f298789dae8ad91548a345d839638170cd51ae74260c2f262492e8751072

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.publinews.gt/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

Date
Wed, 31 Aug 2022 16:16:23 GMT
Last-Modified
Sat, 27 Aug 2022 18:50:48 GMT
Server
nginx/1.20.1
ETag
"630a6788-6186"
Content-Type
image/jpeg
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
24966

Redirect headers

Location
https://static.publinews.gt/2022/08/Conductor-impacto%CC%81-su-auto-contra-vivienda-y-llego%CC%81-hasta-la-cocina-300x300.jpg
Date
Wed, 31 Aug 2022 16:16:23 GMT
Server
nginx/1.20.1
Connection
keep-alive
Content-Length
169
Content-Type
text/html
descubre-mcdonalandia-mcdonalds-zona-juegos-amenidades-naranjo-mall-publinews-1-300x300.jpeg
static.publinews.gt/2022/08/
Redirect Chain
  • https://www.publinews.gt/gt/wp-content/uploads/2022/08/descubre-mcdonalandia-mcdonalds-zona-juegos-amenidades-naranjo-mall-publinews-1-300x300.jpeg
  • https://static.publinews.gt/2022/08/descubre-mcdonalandia-mcdonalds-zona-juegos-amenidades-naranjo-mall-publinews-1-300x300.jpeg
30 KB
30 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.publinews.gt/2022/08/descubre-mcdonalandia-mcdonalds-zona-juegos-amenidades-naranjo-mall-publinews-1-300x300.jpeg
Requested by
Host: www.publinews.gt
URL: https://www.publinews.gt/gt/
Protocol
HTTP/1.1
Server
49.12.125.168 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.168.125.12.49.clients.your-server.de
Software
nginx/1.20.1 /
Resource Hash
488866fa28bf7969cb05e48b0842dd23c409c8fcb15351df0c5b3cac4219a617

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.publinews.gt/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

Date
Wed, 31 Aug 2022 16:16:23 GMT
Last-Modified
Fri, 26 Aug 2022 16:45:07 GMT
Server
nginx/1.20.1
ETag
"6308f893-770d"
Content-Type
image/jpeg
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
30477

Redirect headers

Location
https://static.publinews.gt/2022/08/descubre-mcdonalandia-mcdonalds-zona-juegos-amenidades-naranjo-mall-publinews-1-300x300.jpeg
Date
Wed, 31 Aug 2022 16:16:23 GMT
Server
nginx/1.20.1
Connection
keep-alive
Content-Length
169
Content-Type
text/html
comex-llena-de-color-mirador-las-nubes-solola-emisoras-unidas-publinews-1-300x168.jpg
static.publinews.gt/2022/08/
Redirect Chain
  • https://www.publinews.gt/gt/wp-content/uploads/2022/08/comex-llena-de-color-mirador-las-nubes-solola-emisoras-unidas-publinews-1-300x168.jpg
  • https://static.publinews.gt/2022/08/comex-llena-de-color-mirador-las-nubes-solola-emisoras-unidas-publinews-1-300x168.jpg
13 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.publinews.gt/2022/08/comex-llena-de-color-mirador-las-nubes-solola-emisoras-unidas-publinews-1-300x168.jpg
Requested by
Host: www.publinews.gt
URL: https://www.publinews.gt/gt/
Protocol
HTTP/1.1
Server
49.12.125.168 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.168.125.12.49.clients.your-server.de
Software
nginx/1.20.1 /
Resource Hash
59706d892b5158ca9fd1f3ea8b33035ea4894e449cbb06fe42e7ef2e93f4af6f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.publinews.gt/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

Date
Wed, 31 Aug 2022 16:16:23 GMT
Last-Modified
Fri, 26 Aug 2022 19:08:52 GMT
Server
nginx/1.20.1
ETag
"63091a44-3321"
Content-Type
image/jpeg
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
13089

Redirect headers

Location
https://static.publinews.gt/2022/08/comex-llena-de-color-mirador-las-nubes-solola-emisoras-unidas-publinews-1-300x168.jpg
Date
Wed, 31 Aug 2022 16:16:23 GMT
Server
nginx/1.20.1
Connection
keep-alive
Content-Length
169
Content-Type
text/html
participa-la-ruta-al-bienestar-financiero-bam-museo-ferrocarril-guatemala-publinews-11-300x168.png
static.publinews.gt/2022/08/
Redirect Chain
  • https://www.publinews.gt/gt/wp-content/uploads/2022/08/participa-la-ruta-al-bienestar-financiero-bam-museo-ferrocarril-guatemala-publinews-11-300x168.png
  • https://static.publinews.gt/2022/08/participa-la-ruta-al-bienestar-financiero-bam-museo-ferrocarril-guatemala-publinews-11-300x168.png
91 KB
92 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.publinews.gt/2022/08/participa-la-ruta-al-bienestar-financiero-bam-museo-ferrocarril-guatemala-publinews-11-300x168.png
Requested by
Host: www.publinews.gt
URL: https://www.publinews.gt/gt/
Protocol
HTTP/1.1
Server
49.12.125.168 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.168.125.12.49.clients.your-server.de
Software
nginx/1.20.1 /
Resource Hash
c9d8d2e92dd150ea79a80180174ddd106e3c5d2b27fb1511771e9dfba9428fed

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.publinews.gt/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

Date
Wed, 31 Aug 2022 16:16:23 GMT
Last-Modified
Thu, 18 Aug 2022 17:13:03 GMT
Server
nginx/1.20.1
ETag
"62fe731f-16d58"
Content-Type
image/png
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
93528

Redirect headers

Location
https://static.publinews.gt/2022/08/participa-la-ruta-al-bienestar-financiero-bam-museo-ferrocarril-guatemala-publinews-11-300x168.png
Date
Wed, 31 Aug 2022 16:16:23 GMT
Server
nginx/1.20.1
Connection
keep-alive
Content-Length
169
Content-Type
text/html
anuncian-la-decima-edicion-del-training-day-en-guatemala-publinews-emisoras-unidas-1-1-300x168.jpg
static.publinews.gt/2022/08/
Redirect Chain
  • https://www.publinews.gt/gt/wp-content/uploads/2022/08/anuncian-la-decima-edicion-del-training-day-en-guatemala-publinews-emisoras-unidas-1-1-300x168.jpg
  • https://static.publinews.gt/2022/08/anuncian-la-decima-edicion-del-training-day-en-guatemala-publinews-emisoras-unidas-1-1-300x168.jpg
13 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.publinews.gt/2022/08/anuncian-la-decima-edicion-del-training-day-en-guatemala-publinews-emisoras-unidas-1-1-300x168.jpg
Requested by
Host: www.publinews.gt
URL: https://www.publinews.gt/gt/
Protocol
HTTP/1.1
Server
49.12.125.168 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.168.125.12.49.clients.your-server.de
Software
nginx/1.20.1 /
Resource Hash
60cd5f5fd4564d87050ccdebef5e222235df46c8749240a0564eb34f1644648b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.publinews.gt/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

Date
Wed, 31 Aug 2022 16:16:23 GMT
Last-Modified
Tue, 23 Aug 2022 21:41:30 GMT
Server
nginx/1.20.1
ETag
"6305498a-33d5"
Content-Type
image/jpeg
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
13269

Redirect headers

Location
https://static.publinews.gt/2022/08/anuncian-la-decima-edicion-del-training-day-en-guatemala-publinews-emisoras-unidas-1-1-300x168.jpg
Date
Wed, 31 Aug 2022 16:16:23 GMT
Server
nginx/1.20.1
Connection
keep-alive
Content-Length
169
Content-Type
text/html
tarjetas-cuscatlan-presenta-multipuntos-nuevo-programa-lealtad-emisoras-unidas-publinews-3-300x168.jpg
static.publinews.gt/2022/08/
Redirect Chain
  • https://www.publinews.gt/gt/wp-content/uploads/2022/08/tarjetas-cuscatlan-presenta-multipuntos-nuevo-programa-lealtad-emisoras-unidas-publinews-3-300x168.jpg
  • https://static.publinews.gt/2022/08/tarjetas-cuscatlan-presenta-multipuntos-nuevo-programa-lealtad-emisoras-unidas-publinews-3-300x168.jpg
18 KB
18 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.publinews.gt/2022/08/tarjetas-cuscatlan-presenta-multipuntos-nuevo-programa-lealtad-emisoras-unidas-publinews-3-300x168.jpg
Requested by
Host: www.publinews.gt
URL: https://www.publinews.gt/gt/
Protocol
HTTP/1.1
Server
49.12.125.168 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.168.125.12.49.clients.your-server.de
Software
nginx/1.20.1 /
Resource Hash
305fdde3249b89d0bddbadce2a090ea2877549b9f6ac836375f58f682cc84ce3

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.publinews.gt/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

Date
Wed, 31 Aug 2022 16:16:23 GMT
Last-Modified
Thu, 18 Aug 2022 17:52:10 GMT
Server
nginx/1.20.1
ETag
"62fe7c4a-48a8"
Content-Type
image/jpeg
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
18600

Redirect headers

Location
https://static.publinews.gt/2022/08/tarjetas-cuscatlan-presenta-multipuntos-nuevo-programa-lealtad-emisoras-unidas-publinews-3-300x168.jpg
Date
Wed, 31 Aug 2022 16:16:23 GMT
Server
nginx/1.20.1
Connection
keep-alive
Content-Length
169
Content-Type
text/html
spt
tg1.aniview.com/api/adserver/ 		16 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tg1.aniview.com/api/adserver/spt?AV_TAGID=62a37b4eabc9f014c02c6f24&AV_PUBLISHERID=5d31fb2628a06116ff22aef3
Requested by
Host: adserver.latinon.com
URL: https://adserver.latinon.com/revive/www/delivery/asyncjs.php
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2a02:26f0:3500:58c::2c79 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
01c092c7a79dd6d4fb813d4203947f714b92d34e7bffcae27cd4557155b1e964

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.publinews.gt/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

Date
Wed, 31 Aug 2022 16:16:23 GMT
Content-Encoding
gzip
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET, POST, DELETE, PUT, OPTIONS, INDEX
Content-Type
text/javascript
Cache-Control
max-age=300
Access-Control-Allow-Credentials
true
Connection
keep-alive
Access-Control-Allow-Headers
Keep-Alive,User-Agent,If-Modified-Since,Cache-Control,Content-Type,Authorization,X-Bamboo-Token,Event-Id,X-Requested-With,avsptstaging
Content-Length
4770
Expires
Wed, 31 Aug 2022 16:21:23 GMT
lg.php
adserver.latinon.com/revive/www/delivery/ 		43 B
580 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://adserver.latinon.com/revive/www/delivery/lg.php?bannerid=4054&campaignid=125&zoneid=137&loc=https%3A%2F%2Fwww.publinews.gt%2Fgt%2F&cb=70d6a1b6e8
Requested by
Host: www.publinews.gt
URL: https://www.publinews.gt/gt/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
64.227.27.145 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.publinews.gt/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 31 Aug 2022 16:16:23 GMT
X-Content-Type-Options
nosniff
Server
nginx
Transfer-Encoding
chunked
P3P
CP="CUR ADM OUR NOR STA NID"
Access-Control-Allow-Origin
*
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Content-Type
image/gif
Keep-Alive
timeout=20
X-Xss-Protection
1; mode=block
Expires
0
a5c969ce-c524-4e2e-b30d-5b1dbb6b4756
https://www.publinews.gt/ 		0
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://www.publinews.gt/a5c969ce-c524-4e2e-b30d-5b1dbb6b4756
Requested by
Host: www.publinews.gt
URL: https://www.publinews.gt/gt/
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

Content-Length
0
Content-Type
text/javascript
91e24085-a870-4e97-99cd-05acde064906
https://www.publinews.gt/ 		245 B
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://www.publinews.gt/91e24085-a870-4e97-99cd-05acde064906
Requested by
Host: www.publinews.gt
URL: https://www.publinews.gt/gt/
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
d68edf3c87c6a6d87223649e8162ef1584ea6faad6f20e80fdd5f72c21b16a17

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

Content-Length
245
Content-Type
text/javascript
container.html
b646121064d0d0dec321ab1288f34722.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 0681 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://b646121064d0d0dec321ab1288f34722.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022082501.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.publinews.gt/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
1
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, immutable, max-age=31536000
content-encoding
gzip
content-length
3108
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Wed, 31 Aug 2022 16:16:22 GMT
expires
Thu, 31 Aug 2023 16:16:22 GMT
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
settings
syndication.twitter.com/ Frame 30B1 		709 B
589 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://syndication.twitter.com/settings?session_id=147a02f0d19ff09125b09e9c7a4d047b596aa85a
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/widgets/widget_iframe.9d00f3a022654eb8edfbc3190e981f9d.html?origin=https%3A%2F%2Fwww.publinews.gt
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.244.42.136 , United States, ASN13414 (TWITTER, US),
Reverse DNS
Software
tsa_o /
Resource Hash
d65246f2a98e02b32e2a0d80916e65eab499aebe923d078037efd692b31cef58
Security Headers
Name Value
Strict-Transport-Security max-age=631138519

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://platform.twitter.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

x-response-time
119
date
Wed, 31 Aug 2022 16:16:22 GMT
content-encoding
gzip
last-modified
Wed, 31 Aug 2022 16:16:23 GMT
server
tsa_o
vary
Origin
strict-transport-security
max-age=631138519
content-type
application/json; charset=utf-8
access-control-allow-origin
https://platform.twitter.com
cache-control
must-revalidate, max-age=600
access-control-allow-credentials
true
x-connection-hash
2f259f94a17e2ea9dbe19c47c0803ce3c3dbd00f780d177cf6f50e55a674a06c
content-length
308
abg_lite.js
pagead2.googlesyndication.com/pagead/js/r20220829/r20110914/ Frame 2295 		30 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20220829/r20110914/abg_lite.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-CRY3MRr-aGwPeLQMBFMkN4IqK9lkERsMvvxAvSxnhihdBz3S5us8FzSgu9ZrXxFfnh-RXlU-1IViwrJy8YWQNwsEtutB5mdxZXKA1WkJkosDHKXxmAefTiNU-DDNfu56OFDiSkuQFKlmfw0y8U_jz3vFuDjg&cry=1&dbm_d=AKAmf-Ch8BiMlSMs4LjxpjwQ9m49vZoQRu4-S-D_Zcn_3Rx88hBIr6J3BuhA0MJcLNtPjBgz23cqFaM1Pk9uH8ukBDwnxWIBkCe-hS9OJA5jwzSfwCLMSXhDnZxIgdAYaMgzbXp0foaVLAMtdIwgezVVp3BX_EQ8SLryW2cmsj_vtNanKJgY4QB-BcoOXXtRo-Ur8df2B-mWhQhPsDbNqoO8xDafhHEMae2JnLr6djZC4NKT5mvYrmyFGiHtApRLM6FZdKfeOX-W6X1O4-o4__ZuH-72vp4kFwmw6jZJP5RCdsf984LrEj2gH49bQmguigr4lFAIpNZoTWj3K36kwGKg6M1_FamQEfC50tDypNwJs8dfj3brnk1Hi6IxGoyx-vUz58artix5vegGgHR82mkMrz0Q4ui2h8F7MR0mObOZ1UTzgMs1HVkO_yBZXWZjnCGcpr8DLvcX01Jvk6dNd9p-BRw7chXVXTLxOwLpZSHrHQG8A8x4M0_ILVOXHg--9ucXtlzsfaLWzb7uBk4H_C3rPpX496tv7ZFGQHiHhy4htlz-Hmdc9iyKn_G4cM4kDhcpUrtCJrGSPt1chAaAX6oYLENX4C1b-t5pQygoaLgQv93q9Ov-WY0K2zZyk4u14Q6HlKDzeQ11TFXfmiGoXysEo4U4I7A5oDx80la2-5ycTvMHqFvq1fRHpWweywZjbZSedKiKZZHyJ7yQE46kjSBcmIaaOWcVWwUXmGpD5yUBKTyUDl8yNtoX_V-dWNY0M-hNbhiJWBc_O-PeD4cN5elorlAqd0yhumRFtXvbWPZh6jvFIwpS5EceMb4SbjMPk1_oSI1e3UtfomdANv6eS0s-7XqER72jIE40vqta71Ie7cksMAQW5OzdRV9d1LezTLYQxPdI3K3YFcisLYESIXra-vWv3399CD676zVK0ZO7QfOnVdXU2R7jJTVcL8tCNnsm1BOCigznjeJJgMRmPmI_FyIk_52pb5GB-qHm-jPw3KdrtscZHONwKqCin4UHbVAVLB2q2NY4zxrGFzdJY0RwXSVSKFDLUbElSfyCVNv8erNasIu100ytm7G9cLSfBYL2E7kbrq_JNtS7xDj2XSwcWnJYuK0VVStpB_5xGk-DdaSakopA7tRqL7gpp3J35vpG2LSbw5lBM7Nr91z34Pi56OJocqZx0DGVrRx0hTfCQIDCUat_12D8RfkRp9Cy8l23gmAeJtaIkPNgwV7qTU8a8cUXtoDJtzEHf8vFyjnGpm5lq6YJScibAfRWxx6Jp71FKjprPfktd8WU4vKngb6i43YG1N3oW3qYQ5rewTASsqE6NOCfu1_zui8sz-4JNHn0v-mx8ZL7OgIH7oIdDQoZtmIXbynq8VMulJI_7at1qfp9d3XJGt_seimN9Vm33D5-gpymwKTltBwr-e9PXs7R1DA_JMWMVP5Zsk1WCdcwoAvpIAosOGkUpu9AgMR8AfKs7JjsKJsKsZgUtqNsAF_smZaNzOkKegyX_wPuKH7Ys-i0THOkdEyzn7Zt_p601XdKkGodZ0Uba53GtZyEEF60OqsBPvWzYzU-L629UQtUmhCIPr7nmqumvyOUFs4gjAHaSrg0qKCsmLr2p9qo-mHySe1kiqAjEa7L7xP8NB8I1scWR_Kl4TQbQpBGyVDdy9pIjRDxjfL0fSSZjicHDlZauyhEGlkPdAIRrBbBtKPUgqsUpkjR-WgtctmiD8MfB9fc6H9PZDmi7BMDJctUel49XVsyRqV5uypC5UJM5TjBB0LPefUsesMS06XlRmoL6eFGXz2ngbbAf9PA61BA8SBLPEANmycxCuxLxBurbUHzNd2XG5on_m49y73dfhfyukcfwB3bnGeXPmFHoGALEQ7dukNoNre1kJmSloFtfrdpL4i-TA2hrMSki0fgiNTFIwrWCWOuDidmd2PIlGAzMKYzIw7puff90DDamVddUijZJnsKFjzpmngWAEZsUchBc52x4dM9-pqW3lEBS-4qMqkwYq0IkvEspsCrGiviluFssbTmYvTRj9wlpkVU9AlrYaOEJ0_kV6a7wfSUN5Y6y-V8pzNtttRsy_JCuenV71kvyDFfmFP49_L07GU11KHb1lvbNwMtMSITODDRLwYu1CvG_Sp_XruKGHyBWzGbBFTlzbK7ox7wHT4O-cdAfgU71rfT3k16DJVkytDgvXpUogQ0SC80C3cpiK_2DKklgd9-ujZmunq7SzCmMH29dK2qv_BI6wT-htk7Ghsefxevs3Ceo3qv8ymVFD4b2SrklPkElqn7jpXQiHFyEciAVAmv4O4PR2_f64jkp8f3InIaz_RWyO3w_OEDL9ZqT8SncWlm2eXt4pjVf-7TzF0jhl8EgbP1n2tbB5At3ldbKkFnzCe9iSHtECGbS0NiP8x6r-6et8mlaZsMXuP03NEkspuo1z2qFmsqWgRd19LLb63rKzfaPUbn8rGDhhvtuxmAnYU7ByVOEDmqOuPtpUJULNBB6YwWVaDE8nx2oZsSMSpG6CpLM_YFt0u2QfI68CqJIkNI48AY22v5LubRHYf8X7Sb0lrIvdvjc4R_mwSav25LXQC3gzQx18vjrv-6vTB7-qLvWdcT1nhSZXIrd7B5VvWkGpfr_gNz-VulnWT4az_yd49WRRpQLY5AR70bL-9riwPnsohgjYyrz7nsaX9wFEtfIo39TX5i9D9-LBviDB5sT_8P_Ul_9yT4YucGl601Svbqgj-fZZjL-5_rayP5MbKZeH6bJNZCuIE4NpT82yJeHil0RsWvgxoI-w2AwC0-yQa62PdrABcPoOpPVSyAnUHN7HpXWP76HUpL3T0p8P1CQ0QrxFyrwkCf7P9ChBJa5csHycdZwp3e-CqdAG5jQMIiSf42XG2F3lDc0VWANKsfZob91PWAD1jZkCDZUyCpvZAbLBUuPvMKyAoSibizppXBn4HNdmtTTs4qEVViQBPbmudCSycZkBXxY-9T0TTiFhRtMkoonX0wqeU-Fsm3MibbSG727GP8vby1qDIUvKkhvDKwCtRZgZ3BALv1EdpuM3uW78qufzEFTe2RjojE79tWpngM6H5dLEzI24NTAKu-LCcJ5LUFXQZXbvGIu5WoROvZIRj9X_isn6zCS7FlHQG-8sxmN7n8UY7yacKANN6VccXdyKCB9AQtpkd-BA7Ypk2E6WenUwX3oSYc9X96IxgFbUQ9SFuG5ojsmqI2-C6_FjZNDPDeBj8Dc7mtclvN1jTHkJ191LKT06X8ssr4VdoF3cz4iy4sfx_amp_AROB6-QCMWZtn13xLPMxL3B1BVbeSejt0_2yPEAAsPXTk4w5pSOGR1uuZBAERDsXrGfkodY5kb2RqtphVUsN-C5_nwzYYsV6Bi3yXPCCwaAROzOIVl3dGUroDTFGWDTjgaBzzB51Zz_sAQ9wo49cyEhY2Qmz4kFVKzce4ZWWZ3F6H_oChmUBpVWjLTR0KMXBLPMeMXwstBxkqMRo3kdrtGkV3izwzO2rs9FWB0dA&cid=CAASKORo1ZdXs_-CgFo2R_bb0sZPRHXa9aAQzmxP-9QWQw2TFSstvOX_I8s&rfl=1%2Chttps%253A%252F%252Fwww.publinews.gt%252F%240
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
dac404ab5c3fcdc83e30b66349bccf92526406c5fdd63b9c1394acf78348ac52
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://b646121064d0d0dec321ab1288f34722.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Wed, 31 Aug 2022 16:14:59 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
84
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11766
x-xss-protection
0
server
cafe
etag
14053427913132020778
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 14 Sep 2022 16:14:59 GMT
UFYwWwmt.js
tpc.googlesyndication.com/sodar/ Frame 2295 		41 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-CRY3MRr-aGwPeLQMBFMkN4IqK9lkERsMvvxAvSxnhihdBz3S5us8FzSgu9ZrXxFfnh-RXlU-1IViwrJy8YWQNwsEtutB5mdxZXKA1WkJkosDHKXxmAefTiNU-DDNfu56OFDiSkuQFKlmfw0y8U_jz3vFuDjg&cry=1&dbm_d=AKAmf-Ch8BiMlSMs4LjxpjwQ9m49vZoQRu4-S-D_Zcn_3Rx88hBIr6J3BuhA0MJcLNtPjBgz23cqFaM1Pk9uH8ukBDwnxWIBkCe-hS9OJA5jwzSfwCLMSXhDnZxIgdAYaMgzbXp0foaVLAMtdIwgezVVp3BX_EQ8SLryW2cmsj_vtNanKJgY4QB-BcoOXXtRo-Ur8df2B-mWhQhPsDbNqoO8xDafhHEMae2JnLr6djZC4NKT5mvYrmyFGiHtApRLM6FZdKfeOX-W6X1O4-o4__ZuH-72vp4kFwmw6jZJP5RCdsf984LrEj2gH49bQmguigr4lFAIpNZoTWj3K36kwGKg6M1_FamQEfC50tDypNwJs8dfj3brnk1Hi6IxGoyx-vUz58artix5vegGgHR82mkMrz0Q4ui2h8F7MR0mObOZ1UTzgMs1HVkO_yBZXWZjnCGcpr8DLvcX01Jvk6dNd9p-BRw7chXVXTLxOwLpZSHrHQG8A8x4M0_ILVOXHg--9ucXtlzsfaLWzb7uBk4H_C3rPpX496tv7ZFGQHiHhy4htlz-Hmdc9iyKn_G4cM4kDhcpUrtCJrGSPt1chAaAX6oYLENX4C1b-t5pQygoaLgQv93q9Ov-WY0K2zZyk4u14Q6HlKDzeQ11TFXfmiGoXysEo4U4I7A5oDx80la2-5ycTvMHqFvq1fRHpWweywZjbZSedKiKZZHyJ7yQE46kjSBcmIaaOWcVWwUXmGpD5yUBKTyUDl8yNtoX_V-dWNY0M-hNbhiJWBc_O-PeD4cN5elorlAqd0yhumRFtXvbWPZh6jvFIwpS5EceMb4SbjMPk1_oSI1e3UtfomdANv6eS0s-7XqER72jIE40vqta71Ie7cksMAQW5OzdRV9d1LezTLYQxPdI3K3YFcisLYESIXra-vWv3399CD676zVK0ZO7QfOnVdXU2R7jJTVcL8tCNnsm1BOCigznjeJJgMRmPmI_FyIk_52pb5GB-qHm-jPw3KdrtscZHONwKqCin4UHbVAVLB2q2NY4zxrGFzdJY0RwXSVSKFDLUbElSfyCVNv8erNasIu100ytm7G9cLSfBYL2E7kbrq_JNtS7xDj2XSwcWnJYuK0VVStpB_5xGk-DdaSakopA7tRqL7gpp3J35vpG2LSbw5lBM7Nr91z34Pi56OJocqZx0DGVrRx0hTfCQIDCUat_12D8RfkRp9Cy8l23gmAeJtaIkPNgwV7qTU8a8cUXtoDJtzEHf8vFyjnGpm5lq6YJScibAfRWxx6Jp71FKjprPfktd8WU4vKngb6i43YG1N3oW3qYQ5rewTASsqE6NOCfu1_zui8sz-4JNHn0v-mx8ZL7OgIH7oIdDQoZtmIXbynq8VMulJI_7at1qfp9d3XJGt_seimN9Vm33D5-gpymwKTltBwr-e9PXs7R1DA_JMWMVP5Zsk1WCdcwoAvpIAosOGkUpu9AgMR8AfKs7JjsKJsKsZgUtqNsAF_smZaNzOkKegyX_wPuKH7Ys-i0THOkdEyzn7Zt_p601XdKkGodZ0Uba53GtZyEEF60OqsBPvWzYzU-L629UQtUmhCIPr7nmqumvyOUFs4gjAHaSrg0qKCsmLr2p9qo-mHySe1kiqAjEa7L7xP8NB8I1scWR_Kl4TQbQpBGyVDdy9pIjRDxjfL0fSSZjicHDlZauyhEGlkPdAIRrBbBtKPUgqsUpkjR-WgtctmiD8MfB9fc6H9PZDmi7BMDJctUel49XVsyRqV5uypC5UJM5TjBB0LPefUsesMS06XlRmoL6eFGXz2ngbbAf9PA61BA8SBLPEANmycxCuxLxBurbUHzNd2XG5on_m49y73dfhfyukcfwB3bnGeXPmFHoGALEQ7dukNoNre1kJmSloFtfrdpL4i-TA2hrMSki0fgiNTFIwrWCWOuDidmd2PIlGAzMKYzIw7puff90DDamVddUijZJnsKFjzpmngWAEZsUchBc52x4dM9-pqW3lEBS-4qMqkwYq0IkvEspsCrGiviluFssbTmYvTRj9wlpkVU9AlrYaOEJ0_kV6a7wfSUN5Y6y-V8pzNtttRsy_JCuenV71kvyDFfmFP49_L07GU11KHb1lvbNwMtMSITODDRLwYu1CvG_Sp_XruKGHyBWzGbBFTlzbK7ox7wHT4O-cdAfgU71rfT3k16DJVkytDgvXpUogQ0SC80C3cpiK_2DKklgd9-ujZmunq7SzCmMH29dK2qv_BI6wT-htk7Ghsefxevs3Ceo3qv8ymVFD4b2SrklPkElqn7jpXQiHFyEciAVAmv4O4PR2_f64jkp8f3InIaz_RWyO3w_OEDL9ZqT8SncWlm2eXt4pjVf-7TzF0jhl8EgbP1n2tbB5At3ldbKkFnzCe9iSHtECGbS0NiP8x6r-6et8mlaZsMXuP03NEkspuo1z2qFmsqWgRd19LLb63rKzfaPUbn8rGDhhvtuxmAnYU7ByVOEDmqOuPtpUJULNBB6YwWVaDE8nx2oZsSMSpG6CpLM_YFt0u2QfI68CqJIkNI48AY22v5LubRHYf8X7Sb0lrIvdvjc4R_mwSav25LXQC3gzQx18vjrv-6vTB7-qLvWdcT1nhSZXIrd7B5VvWkGpfr_gNz-VulnWT4az_yd49WRRpQLY5AR70bL-9riwPnsohgjYyrz7nsaX9wFEtfIo39TX5i9D9-LBviDB5sT_8P_Ul_9yT4YucGl601Svbqgj-fZZjL-5_rayP5MbKZeH6bJNZCuIE4NpT82yJeHil0RsWvgxoI-w2AwC0-yQa62PdrABcPoOpPVSyAnUHN7HpXWP76HUpL3T0p8P1CQ0QrxFyrwkCf7P9ChBJa5csHycdZwp3e-CqdAG5jQMIiSf42XG2F3lDc0VWANKsfZob91PWAD1jZkCDZUyCpvZAbLBUuPvMKyAoSibizppXBn4HNdmtTTs4qEVViQBPbmudCSycZkBXxY-9T0TTiFhRtMkoonX0wqeU-Fsm3MibbSG727GP8vby1qDIUvKkhvDKwCtRZgZ3BALv1EdpuM3uW78qufzEFTe2RjojE79tWpngM6H5dLEzI24NTAKu-LCcJ5LUFXQZXbvGIu5WoROvZIRj9X_isn6zCS7FlHQG-8sxmN7n8UY7yacKANN6VccXdyKCB9AQtpkd-BA7Ypk2E6WenUwX3oSYc9X96IxgFbUQ9SFuG5ojsmqI2-C6_FjZNDPDeBj8Dc7mtclvN1jTHkJ191LKT06X8ssr4VdoF3cz4iy4sfx_amp_AROB6-QCMWZtn13xLPMxL3B1BVbeSejt0_2yPEAAsPXTk4w5pSOGR1uuZBAERDsXrGfkodY5kb2RqtphVUsN-C5_nwzYYsV6Bi3yXPCCwaAROzOIVl3dGUroDTFGWDTjgaBzzB51Zz_sAQ9wo49cyEhY2Qmz4kFVKzce4ZWWZ3F6H_oChmUBpVWjLTR0KMXBLPMeMXwstBxkqMRo3kdrtGkV3izwzO2rs9FWB0dA&cid=CAASKORo1ZdXs_-CgFo2R_bb0sZPRHXa9aAQzmxP-9QWQw2TFSstvOX_I8s&rfl=1%2Chttps%253A%252F%252Fwww.publinews.gt%252F%240
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://b646121064d0d0dec321ab1288f34722.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Wed, 31 Aug 2022 04:57:30 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
40733
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15207
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 31 Aug 2023 04:57:30 GMT
track
t.teads.tv/ 		23 B
113 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://t.teads.tv/track?action=placementCall&env=js-web&auctid=b63218f5-bb76-4681-ab8b-7940848a838b&pageId=82680&pid=89486&debug_metadata=n6D6KAVqAg&fv=1067&ts=1661962583190&f=1&referer=https%3A%2F%2Fwww.publinews.gt%2Fgt%2F
Requested by
Host: www.publinews.gt
URL: https://www.publinews.gt/gt/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.21.185.49 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-21-185-49.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.publinews.gt/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Wed, 31 Aug 2022 16:16:23 GMT
cache-control
private, max-age=3666
content-length
23
content-type
image/gif
track
t.teads.tv/ 		23 B
143 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://t.teads.tv/track?action=slotAvailable&env=js-web&auctid=b63218f5-bb76-4681-ab8b-7940848a838b&pageId=82680&pid=89486&slot=native&fv=1067&ts=1661962583198&f=1&referer=https%3A%2F%2Fwww.publinews.gt%2Fgt%2F
Requested by
Host: www.publinews.gt
URL: https://www.publinews.gt/gt/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.21.185.49 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-21-185-49.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.publinews.gt/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Wed, 31 Aug 2022 16:16:23 GMT
cache-control
max-age=0, no-cache, no-store
expires
Sat, 26 Jul 1997 05:00:00 GMT
content-length
23
content-type
image/gif
track
t.teads.tv/ 		23 B
113 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://t.teads.tv/track?action=placementCall&env=js-web&auctid=4fd2c9b5-6003-48e2-93d7-ee031787a6e9&pageId=82680&pid=167404&debug_metadata=DgS1FDAABU&fv=1067&ts=1661962583202&f=1&referer=https%3A%2F%2Fwww.publinews.gt%2Fgt%2F
Requested by
Host: www.publinews.gt
URL: https://www.publinews.gt/gt/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.21.185.49 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-21-185-49.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.publinews.gt/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Wed, 31 Aug 2022 16:16:23 GMT
cache-control
private, max-age=3666
content-length
23
content-type
image/gif
track
t.teads.tv/ 		23 B
143 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://t.teads.tv/track?action=slotAvailable&env=js-web&auctid=4fd2c9b5-6003-48e2-93d7-ee031787a6e9&pageId=82680&pid=167404&slot=multislot&fv=1067&ts=1661962583206&f=1&referer=https%3A%2F%2Fwww.publinews.gt%2Fgt%2F
Requested by
Host: www.publinews.gt
URL: https://www.publinews.gt/gt/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.21.185.49 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-21-185-49.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.publinews.gt/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Wed, 31 Aug 2022 16:16:23 GMT
cache-control
max-age=0, no-cache, no-store
expires
Sat, 26 Jul 1997 05:00:00 GMT
content-length
23
content-type
image/gif
ad
a.teads.tv/page/82680/ 		538 B
572 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://a.teads.tv/page/82680/ad?windowWidth=1600&windowHeight=1200&windowDepth=1&windowReferrerUrl=https%3A%2F%2Fwww.publinews.gt%2Fgt%2F&page=%7B%22id%22%3A82680%2C%22placements%22%3A%5B%7B%22id%22%3A89486%2C%22validity%22%3A%7B%22status%22%3Atrue%2C%22reasons%22%3A%5B%5D%7D%2C%22player%22%3A%7B%22width%22%3A1360%2C%22height%22%3A765%7D%2C%22slotType%22%3A%22native%22%7D%5D%2C%22gdpr_iab%22%3A%7B%22reason%22%3A220%2C%22status%22%3A22%2C%22consent%22%3A%22%22%2C%22apiVersion%22%3Anull%2C%22cmpId%22%3Anull%7D%2C%22segments%22%3A%7B%22permutive%22%3Anull%7D%2C%22first_party_data%22%3A%7B%22firstPartyCookieTeadsId%22%3Anull%2C%22sharedIds%22%3A%5B%5D%7D%7D&auctid=b63218f5-bb76-4681-ab8b-7940848a838b&formatVersion=1067&env=js-web&netBw=10&ttfb=2236
Requested by
Host: a.teads.tv
URL: https://a.teads.tv/media/format/v3/teads-format.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.18.232.7 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-232-7.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
838006bceef23a0a411bcfc0dfc67711049b50eb0a0af16d7314dc24e3d020f6

Request headers

Accept
application/json; charset=UTF-8
Referer
https://www.publinews.gt/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 31 Aug 2022 16:16:23 GMT
content-encoding
gzip
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://www.publinews.gt
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-length
364
expires
Wed, 31 Aug 2022 16:16:23 GMT
ad
a.teads.tv/page/82680/ 		538 B
572 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://a.teads.tv/page/82680/ad?windowWidth=1600&windowHeight=1200&windowDepth=1&windowReferrerUrl=https%3A%2F%2Fwww.publinews.gt%2Fgt%2F&page=%7B%22id%22%3A82680%2C%22placements%22%3A%5B%7B%22id%22%3A167404%2C%22validity%22%3A%7B%22status%22%3Atrue%2C%22reasons%22%3A%5B%5D%7D%2C%22player%22%3A%7B%22width%22%3A323%2C%22height%22%3A182%7D%2C%22slotType%22%3A%22multislot%22%7D%5D%2C%22gdpr_iab%22%3A%7B%22reason%22%3A220%2C%22status%22%3A22%2C%22consent%22%3A%22%22%2C%22apiVersion%22%3Anull%2C%22cmpId%22%3Anull%7D%2C%22segments%22%3A%7B%22permutive%22%3Anull%7D%2C%22first_party_data%22%3A%7B%22firstPartyCookieTeadsId%22%3Anull%2C%22sharedIds%22%3A%5B%5D%7D%7D&auctid=4fd2c9b5-6003-48e2-93d7-ee031787a6e9&formatVersion=1067&env=js-web&netBw=10&ttfb=2236
Requested by
Host: a.teads.tv
URL: https://a.teads.tv/media/format/v3/teads-format.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.18.232.7 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-232-7.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
4d139db3062991f7f5be76554bc0a39b88c55229871b7d7c9b5a07358082f33d

Request headers

Accept
application/json; charset=UTF-8
Referer
https://www.publinews.gt/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 31 Aug 2022 16:16:23 GMT
content-encoding
gzip
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://www.publinews.gt
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-length
364
expires
Wed, 31 Aug 2022 16:16:23 GMT
rum
dsum-sec.casalemedia.com/ Frame D7D2
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEBlwHZeid5Gxjcc26PRS-yU&google_cver=1
43 B
843 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEBlwHZeid5Gxjcc26PRS-yU&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhCn9EsYkeKpXTAB&v=APEucNXRzBwmJfkTmy14Wy4dUm7-GVYubjbz9iVWeyITr1HW1s9o6a3kcFu5Ag73t2dQ7n8wwVaoKivh0X3Ls-ij1k0sYUcD6fit70MtgtTb0VK1gg9tZN-Dhm8FUt6NjEUvyK5GrxDT3nuWDto-kHoREV1D6LyxrzXX1zXUJxMa6EdixmJzWEY
Protocol
H3
Server
104.18.18.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

cf-ray
743712026bef6945-FRA
pragma
no-cache
date
Wed, 31 Aug 2022 16:16:23 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zOm57329t1LLZL0Wd5E%2BveR71tZPsa8nG12qGrJ11i%2Bz9y4YDToCBGiAsQmU1uGSQBJkvM9NAPAGNu1sKLq4RU2sRiKEFMVHZ7B9nYkb1eqQeps9FnceW1Bi3SWk%2FkZFSvXw%2FP4IHRsTQw%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
cache-control
no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Wed, 31 Aug 2022 16:16:23 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEBlwHZeid5Gxjcc26PRS-yU&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
rum
dsum-sec.casalemedia.com/ Frame D7D2
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
  • https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=Yw.JV2VdAdTCKpuRnEKM-AAA
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEJ4lR5yZuGZjQULyilTr5rg&google_cver=1&google_hm=2
43 B
849 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEJ4lR5yZuGZjQULyilTr5rg&google_cver=1&google_hm=2
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhCn9EsYkeKpXTAB&v=APEucNXRzBwmJfkTmy14Wy4dUm7-GVYubjbz9iVWeyITr1HW1s9o6a3kcFu5Ag73t2dQ7n8wwVaoKivh0X3Ls-ij1k0sYUcD6fit70MtgtTb0VK1gg9tZN-Dhm8FUt6NjEUvyK5GrxDT3nuWDto-kHoREV1D6LyxrzXX1zXUJxMa6EdixmJzWEY
Protocol
H3
Server
104.18.18.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

cf-ray
743712032d286945-FRA
pragma
no-cache
date
Wed, 31 Aug 2022 16:16:23 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lKOaoIY1ozNSGghrQr%2BIwa2VrgjG2Vv%2Bb4vldEEz62zb9l%2BWizi5VqB4vWJ%2Fdiw4UIn7%2BSq2xXx5NYn0tztBPhSrmTcEN7eT3jEORWK4TgHz%2FPWvoB%2Fu4A3Ireq0YBt5Y%2B7e6OdBVomvLw%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
cache-control
no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Wed, 31 Aug 2022 16:16:23 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEJ4lR5yZuGZjQULyilTr5rg&google_cver=1&google_hm=2
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
329
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
setuid
ib.adnxs.com/ Frame D7D2
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
  • https://ib.adnxs.com/setuid?entity=101&code=CAESEF3CPL3hy5q9qvBOlMqIiR4&google_cver=1
43 B
1020 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/setuid?entity=101&code=CAESEF3CPL3hy5q9qvBOlMqIiR4&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhCn9EsYkeKpXTAB&v=APEucNXRzBwmJfkTmy14Wy4dUm7-GVYubjbz9iVWeyITr1HW1s9o6a3kcFu5Ag73t2dQ7n8wwVaoKivh0X3Ls-ij1k0sYUcD6fit70MtgtTb0VK1gg9tZN-Dhm8FUt6NjEUvyK5GrxDT3nuWDto-kHoREV1D6LyxrzXX1zXUJxMa6EdixmJzWEY
Protocol
HTTP/1.1
Server
185.89.210.20 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
944.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 31 Aug 2022 16:16:23 GMT
X-Proxy-Origin
185.213.155.166; 185.213.155.166; 944.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
AN-X-Request-Uuid
d9e16ca3-6997-45ff-b01b-1e1bd952d7b6
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma
no-cache
date
Wed, 31 Aug 2022 16:16:23 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://ib.adnxs.com/setuid?entity=101&code=CAESEF3CPL3hy5q9qvBOlMqIiR4&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
290
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame D7D2
Redirect Chain
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NjM0Mzc5NTgyMTk5OTA1NzM0OQ%3D%3D
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NjM0Mzc5NTgyMTk5OTA1NzM0OQ%3D%3D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhCn9EsYkeKpXTAB&v=APEucNXRzBwmJfkTmy14Wy4dUm7-GVYubjbz9iVWeyITr1HW1s9o6a3kcFu5Ag73t2dQ7n8wwVaoKivh0X3Ls-ij1k0sYUcD6fit70MtgtTb0VK1gg9tZN-Dhm8FUt6NjEUvyK5GrxDT3nuWDto-kHoREV1D6LyxrzXX1zXUJxMa6EdixmJzWEY
Protocol
H3
Server
142.250.186.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 31 Aug 2022 16:16:23 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Wed, 31 Aug 2022 16:16:23 GMT
X-Proxy-Origin
185.213.155.166; 185.213.155.166; 944.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
AN-X-Request-Uuid
744075ed-299f-4d3a-a2fa-a2aa72fd9919
Server
nginx/1.21.3
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NjM0Mzc5NTgyMTk5OTA1NzM0OQ%3D%3D
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
player.js
player.aniview.com/script/6.1/ 		28 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://player.aniview.com/script/6.1/player.js
Requested by
Host: tg1.aniview.com
URL: https://tg1.aniview.com/api/adserver/spt?AV_TAGID=62a37b4eabc9f014c02c6f24&AV_PUBLISHERID=5d31fb2628a06116ff22aef3
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2a02:26f0:3500:595::2c79 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
UploadServer /
Resource Hash
ca54edd0ecccc0631469de08f41f95ffc860a900aadb27b909da20ed6a89dca8

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.publinews.gt/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Wed, 31 Aug 2022 16:16:23 GMT
content-encoding
gzip
x-guploader-uploadid
ADPycdvigikvgURSN7H_mlK-kyhN7kvr68s8rntkewoTRmQtDmGwJuzAW4sg5P6uyxiBiv4ujjtEKKzIAlcJhhOXeorjFT60lAEX
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
content-length
9907
last-modified
Tue, 30 Aug 2022 07:41:05 GMT
server
UploadServer
etag
"161bfe1228cd12a62fa6cb550058be44"
vary
Accept-Encoding
x-goog-hash
crc32c=d1CDfQ==, md5=Fhv+EijNEqYvpstVAFi+RA==
x-goog-generation
1661845265644477
access-control-allow-origin
*
access-control-expose-headers
Content-Type
cache-control
public, max-age=300
x-goog-stored-content-length
9907
accept-ranges
bytes
content-type
application/javascript
expires
Wed, 31 Aug 2022 16:21:23 GMT
track
track1.aniview.com/ 		0
71 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://track1.aniview.com/track?pid=5d31fb2628a06116ff22aef3&cid=5f4452d76e685a1c474b9879&cb=1661962583262&r=www.publinews.gt&stagid=62a37b4eabc9f014c02c6f24&stplid=62a21cd2219bc9403f4ec8d5&d35=&d65=&e=playerLoaded
Requested by
Host: www.publinews.gt
URL: https://www.publinews.gt/gt/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.226.74.25 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-226-74-25.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.publinews.gt/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Wed, 31 Aug 2022 16:16:23 GMT
cache-control
max-age=0, no-cache, no-store
content-length
0
adview
securepubads.g.doubleclick.net/pagead/ Frame 0681 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=CL-ZTVokPY4DtJMTtgQeEg6H4AZDhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTQ5MjI5NTQzOTQ1ODQ2NjWgAcKu6N0DyAEJqQKLyfoBn8qwPuACAKgDAaoEkQJP0HiLrnkivyadFVGiFcalUA72NXlrnWxFvxIAh0-6l-1xkihUJsB9GRIGfEUbzpxxa21zZ1K-orfX6D-UyZKU_QocCojREOaHHW_oEITVOM57ZT9UcaiXbd0VPetUH9jQZnY_P3bA6U05SnkCuKZ_OtRKSZ7cuHwAvIIg2jKAss8Ox2jLf15AaHByWj7P9prLeEHGHvf-iZBLArml2q7ckhVeNy3o_952I7VmO7mzeiBNaMK_vuONY_DPJvIJYNa_m4Re4C7QedQYfHjGSee-xMMkirCKusGto7MP-t8onkpZxKTMiLFcAbQZyAB0wNlZxRyO0QLJduSTWekWtS_LSBKiJo0cYS4OHpjiBCLEv_rgBAGABuPMp6eF8Y2wSqAGIagHipixAqgHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgECACgP6CwIIAYAMAdAVAYAXAbIXHAoaEhRwdWItNDkyMjk1NDM5NDU4NDY2NRicrBw&sigh=og84HtdE7mk&uach_m=[UACH]&cid=CAQSOwCsnQUxwMTxN0xsX9V8Jf8IpM5yNDQPQdXJsrnNMfOuE7AzUUwh6rMNpu_weW91iNCfZG-MYC1zKxoOGAE
Requested by
Host: www.publinews.gt
URL: https://www.publinews.gt/gt/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://b646121064d0d0dec321ab1288f34722.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers
winResponse
prod-rtb.ad4mat.net/ Frame 0681 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://prod-rtb.ad4mat.net/winResponse?a=1h2ham6qpxhdnj19yfpewgvd2tfnw8ydn7arh7j6skgw8wtc0wq1mf0qdc24ac28g3d7t53dzxe531w1db0vb0zd7vzxm9mzyf51gcvvre0rrzxwxq6amt061ybebbm1gr22c0nkqz8k04enmny3718ag7x311xnwdbg7yr55p8g9gjmr32rg1w4xfc5a9940wb8xwgaws6yacn7bxapejzt3yzne94z420zpmh5jn1k5fy9pz802w2sb4jq79rt32p7k4841ftzbx93w9n20djhpqrt7r5xzhbsheb36feht2e3y09h2yqv34cnqggn20t733xrnt1b9ggwvh9chy3bz966ypk5rkj4zhgn327v5ejfhxy6c8q2wzf1zah0gejvbb438g29jgk5rx3qher&b=Yw-JVgAJNoAK4HbEAAhBhDiy3x6drxOfeaOfmA
Requested by
Host: www.publinews.gt
URL: https://www.publinews.gt/gt/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:1901:0:76b9:: Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://b646121064d0d0dec321ab1288f34722.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

access-control-allow-origin
*
date
Wed, 31 Aug 2022 16:16:23 GMT
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-type
image/gif
dr
as.ad4m.at/ad/ Frame B784 		2 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://as.ad4m.at/ad/dr?ed=1gvyhcpkj2rxmc89tf0dqka9sk70jpp0n2skms53tqpya2zb3gz9jkb620bevjgp8b9pqzrd2mv1fkamg3kyxjskb3a0ex8p53xz5ejnwpe9bhmcen8b4vsfnxc8maj7e54ap06ff9f4vgj728vs6anpz2g3x8qcsrp685dp7r6e18zqfezxe1r43av39d9hszedxkzbbb7krppx9t7tms4kek7wbkrgee5sc0ybs8m0t4bfjjwxmdkj0k76px8v4q1t2set1s4jkjpz719yyvfsgmwy83q9agkx41702ptjstt195mbefh6311z9aw900qhchghn61m42neqd9v5bdya72w2r3e3p4th3zj53x7gxjzw9m5vbes4armv70fy49cawwyeaqt1nmsybwv67pjjxd6m5ar6m&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCX5LxVokPY4DtJMTtgQeEg6H4AZDhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTQ5MjI5NTQzOTQ1ODQ2NjWgAcKu6N0DyAEJqQKLyfoBn8qwPuACAKgDAaoElAJP0HiLrnkivyadFVGiFcalUA72NXlrnWxFvxIAh0-6l-1xkihUJsB9GRIGfEUbzpxxa21zZ1K-orfX6D-UyZKU_QocCojREOaHHW_oEITVOM57ZT9UcaiXbd0VPetUH9jQZnY_P3bA6U05SnkCuKZ_OtRKSZ7cuHwAvIIg2jKAss8Ox2jLf15AaHByWj7P9prLeEHGHvf-iZBLArml2q7ckhVeNy3o_952I7VmO7mzeiBNaMK_vuONY_DPJvIJYNa_m4Re4C7QedQYfHjGSee-xMMkirCKusGto7MP-t8onkpZxKTMiLFcAbQZigJVUg6gQlxGVkpfrK0Bq9ACv4LBZgp_pk9V89aaALT60f5b_zLMeOHgBAGABuPMp6eF8Y2wSqAGIagHipixAqgHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_26JN6B9s3jbrknJI8aorEoKy2UJQ%26client%3Dca-pub-4922954394584665%26adurl%3D
Requested by
Host: b646121064d0d0dec321ab1288f34722.safeframe.googlesyndication.com
URL: https://b646121064d0d0dec321ab1288f34722.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ee7f5c5ef246e8d86079434afa9a340702b2bbbcd93434a57727930674a4464e
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri *;child-src *;connect-src *;default-src 'self';font-src *;form-action 'none';frame-ancestors * data:;frame-src *;img-src * data:;manifest-src 'none';media-src 'none';navigate-to *;object-src 'none';prefetch-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
Strict-Transport-Security max-age=86400; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://b646121064d0d0dec321ab1288f34722.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate
cf-cache-status
DYNAMIC
cf-ray
74371201bd678fe8-FRA
content-encoding
br
content-security-policy
block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri *;child-src *;connect-src *;default-src 'self';font-src *;form-action 'none';frame-ancestors * data:;frame-src *;img-src * data:;manifest-src 'none';media-src 'none';navigate-to *;object-src 'none';prefetch-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
unsafe-none
cross-origin-opener-policy
unsafe-none
cross-origin-resource-policy
cross-origin
date
Wed, 31 Aug 2022 16:16:23 GMT
expires
0
feature-policy
geolocation 'none';midi 'none';sync-xhr 'none';microphone 'none';camera 'none';magnetometer 'none';gyroscope 'none';fullscreen 'none';payment 'none';accelerometer 'none';usb 'none';autoplay 'self'
nel
{"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
pragma
no-cache
referrer-policy
same-origin
report-to
{"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
server
cloudflare
strict-transport-security
max-age=86400; includeSubDomains; preload
surrogate-control
no-store
vary
accept-encoding
via
1.1 google
x-content-type-options
nosniff
x-download-options
noopen
x-xss-protection
1; mode=block
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220829/r20110914/client/ Frame 0681 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220829/r20110914/client/window_focus_fy2021.js
Requested by
Host: b646121064d0d0dec321ab1288f34722.safeframe.googlesyndication.com
URL: https://b646121064d0d0dec321ab1288f34722.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://b646121064d0d0dec321ab1288f34722.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Wed, 31 Aug 2022 16:09:37 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
406
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1359
x-xss-protection
0
server
cafe
etag
1484984001845508991
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 14 Sep 2022 16:09:37 GMT
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame 02EA 		1 KB
749 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: b646121064d0d0dec321ab1288f34722.safeframe.googlesyndication.com
URL: https://b646121064d0d0dec321ab1288f34722.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://b646121064d0d0dec321ab1288f34722.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
38657
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=86400
content-encoding
gzip
content-length
724
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Wed, 31 Aug 2022 05:32:06 GMT
etag
48472445140208031
expires
Thu, 01 Sep 2022 05:32:06 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220829/r20110914/client/ Frame 0681 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220829/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: b646121064d0d0dec321ab1288f34722.safeframe.googlesyndication.com
URL: https://b646121064d0d0dec321ab1288f34722.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
57000ea03bfb53734d0858b8fe992e6742226f23f311eb0f9d2177e2a84a5621
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://b646121064d0d0dec321ab1288f34722.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Wed, 31 Aug 2022 16:02:55 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
808
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7599
x-xss-protection
0
server
cafe
etag
9215437806027971270
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 14 Sep 2022 16:02:55 GMT
l
www.google.com/ads/measurement/ Frame 0681 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaShMv2r-y0cgUwAqSWtiI0OCoW9Y4DDY2ln02cAGAc6IPIMIbDtbKsCpUWX7VbDw4k56HmO-20CHmlEDN09kUkqpppwdA
Requested by
Host: b646121064d0d0dec321ab1288f34722.safeframe.googlesyndication.com
URL: https://b646121064d0d0dec321ab1288f34722.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://b646121064d0d0dec321ab1288f34722.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers
ext.js
tpc.googlesyndication.com/safeframe/1-0-38/js/ Frame 0681 		22 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/safeframe/1-0-38/js/ext.js
Requested by
Host: b646121064d0d0dec321ab1288f34722.safeframe.googlesyndication.com
URL: https://b646121064d0d0dec321ab1288f34722.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0bcac89d72d5f0b2bef20f815406384ff05489e4294acee57409060c2eccffc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://b646121064d0d0dec321ab1288f34722.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Mon, 29 Aug 2022 20:25:58 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
157825
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7022
x-xss-protection
0
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Tue, 29 Aug 2023 20:25:58 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 0681 		141 KB
44 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: b646121064d0d0dec321ab1288f34722.safeframe.googlesyndication.com
URL: https://b646121064d0d0dec321ab1288f34722.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3d94a91612f816c172c583d17bb06e140969a22fae663e7b8cae7d18d55eb2c6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://b646121064d0d0dec321ab1288f34722.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Wed, 31 Aug 2022 16:16:23 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
44757
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1661773661488070"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Wed, 31 Aug 2022 16:16:23 GMT
4as54di69f4s
hal9000.redintelligence.net/zone/ Frame 2295 		11 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hal9000.redintelligence.net/zone/4as54di69f4s?subid=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCUonQVokPY77iEo2ygAe1qaTYDt2t6Khgu4_f1IgK8C4QASDm3vh9YJXikIKgB8gBCakCojANkwrIsD6oAwGqBJgCT9CjDcVg09uQqBv4xvk__UTVPHL5pvCx8Jh_RBUpdav5qv3geswrlq1zXNj221bVb8Nnu-UZ8r-o57v7OZvWVBGH-mSNhpssd5TPA7RduPefg9RkxgTcUomqHUH-vnAy_UVDTpndYsvEBuG7PE1_JBkxjwpNOyQQrMSj-oetxCJdxCF6kojhKzY3D1Cts2B6QO4nxde1wR0e7BqHiINoeV1tpaYFnW4Iw3IhOeDCQ33AFgoRWs48vmx7eHxIcE9JvDHjMnh47_onFnv3Z-920QWh1pLGJ4tHLuPPk9lkg_cFOTDgT-tQwFaUsTjf10bxulFE86nnqmDlFzkGIdR4J7gr81yJZwmuUNzMdolSYwjR-d359R0_ecAEzo67sZYC4AQDkAYBoAZNgAfr5-heqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgH35-xAtgHANIIEgiI4YAQEAEYHTIDqoIBOgKAQIAKA5gLAcgLAYAMAbATms3oDdATANgTA4gUAdgUAdAVAfgWAYAXAQ%26ae%3D1%26num%3D1%26cid%3DCAASKORo1ZdXs_-CgFo2R_bb0sZPRHXa9aAQzmxP-9QWQw2TFSstvOX_I8s%26sig%3DAOD64_3w8Fteqf3Xc3Y9hxTlIq2J8z7Ang%26client%3Dca-pub-4922954394584665%26dbm_c%3DAKAmf-BNLtYooUwo1UjHCmPwdjQiWfUzsiVGRrL2Q8tMA82WdIZnSWN_c4z2BnZM21CahHU1tNt_dEsfanf9pSEgbtQGgpdb_iFuxQdnC0ehlYvTHuTEXSW8c_dlPVXdQgN3CREPNtwjM8iYC4a2PhJD0bRqdXg8sw%26cry%3D1%26dbm_d%3DAKAmf-BId5PRRG_ZdeUGgYE-LgxEKYI9bnnmTI2xGTw2b_ixDx3smJUx6uA4CEXlu5B2gu5OsYEfy-eO-w5LdR0aMGOowE9uK9PYUsI_iafZUMVE-S4BT4fxutHhxvwNKK65pa0UYdm_GRH6nGjBKyLZf3_AEmAGrhNE2SKTRFprnDEfct692AGAb28dewSba-qb4glRw-g0eXfq75n0UvN33OBhMXqXTE_Bqdn5ol8bsOfo0usFefMx___NX-iLDiuVUCDMHP9Vw_9ZUnaTEMFBA0pLUU3OKnjXldsE17TTZEQq1bsN5BwQhKZcg-bfSEsyP8eShcan2NJ3Tj62tDiZx1fLWba9lqx2lZHL_x_GQ1Le6dpdIXIxK4Mid4Ntr1WVrKO9bg_VoDUosVevn7biBrVwrq_xQqveYiP6Yfe0GKqQ95lezd7kpPilMOP2fTruLonCCtY4cvNtQUQ8Mirf23omHc2WDt_l_VQiLrhLllufDB-nEidd2A1Bnmq2BKu5jeLjvw4SQNFk1W2bPffkjpIZwc9Oew%26adurl%3D
Requested by
Host: b646121064d0d0dec321ab1288f34722.safeframe.googlesyndication.com
URL: https://b646121064d0d0dec321ab1288f34722.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
138.201.220.30 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.30.220.201.138.clients.your-server.de
Software
Apache /
Resource Hash
01080600e932086b021706812342857f07e502b4d7b4caca064ab658f7ac3dec

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://b646121064d0d0dec321ab1288f34722.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

Date
Wed, 31 Aug 2022 16:16:23 GMT
Content-Encoding
gzip
Server
Apache
Connection
close
Content-Length
4052
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
Enqz_20U.html
tpc.googlesyndication.com/sodar/ Frame 6EFE 		22 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://b646121064d0d0dec321ab1288f34722.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
40731
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
8395
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Wed, 31 Aug 2022 04:57:32 GMT
expires
Thu, 31 Aug 2023 04:57:32 GMT
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
container.html
b646121064d0d0dec321ab1288f34722.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 85EA 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://b646121064d0d0dec321ab1288f34722.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022082501.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.publinews.gt/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
1
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, immutable, max-age=31536000
content-encoding
gzip
content-length
3108
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Wed, 31 Aug 2022 16:16:22 GMT
expires
Thu, 31 Aug 2023 16:16:22 GMT
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
horizon_timeline.08c300ab95020b1109a05214ccb84dea.js
platform.twitter.com/js/ 		7 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://platform.twitter.com/js/horizon_timeline.08c300ab95020b1109a05214ccb84dea.js
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (frb/6776) /
Resource Hash
e3a13155ff6fa3d1e25fccc2a0bbce4302b01c21c8b08c5922d70c62ec1b4bac

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.publinews.gt/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

Date
Wed, 31 Aug 2022 16:16:23 GMT
Content-Encoding
gzip
Age
65994
X-Cache
HIT
P3P
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server-Timing
x-cache;desc= HIT,x-tw-cdn;desc=VZ,edge;dur=1
Content-Length
2432
x-tw-cdn
VZ
Last-Modified
Mon, 15 Aug 2022 23:01:06 GMT
Server
ECS (frb/6776)
Etag
"d926fdf34ca16c29b65afc4b5fab0702+gzip"
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET
Content-Type
application/javascript; charset=utf-8
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=315360000
embeds
syndication.twitter.com/i/jot/ 		43 B
111 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://syndication.twitter.com/i/jot/embeds?l=%7B%22experiment_key%22%3A%22tfw_horizon_timeline_12034%22%2C%22bucket%22%3A%22treatment%22%2C%22version%22%3Anull%2C%22data%22%3A%7B%7D%2C%22context%22%3A%22rufous-eol%22%2C%22_category_%22%3A%22tfw_client_event%22%2C%22triggered_on%22%3A1661962583321%2C%22dnt%22%3Afalse%2C%22client_version%22%3A%2231f0cdc1eaa0f%3A1660602114609%22%2C%22format_version%22%3A1%2C%22widget_origin%22%3A%22%22%2C%22event_namespace%22%3A%7B%22client%22%3A%22tfw%22%2C%22page%22%3A%22ddg%22%2C%22section%22%3A%22tfw_horizon_timeline_12034%22%2C%22action%22%3A%22experiment%22%7D%7D&session_id=147a02f0d19ff09125b09e9c7a4d047b596aa85a
Requested by
Host: www.publinews.gt
URL: https://www.publinews.gt/gt/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.244.42.136 , United States, ASN13414 (TWITTER, US),
Reverse DNS
Software
tsa_o /
Resource Hash
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
Security Headers
Name Value
Strict-Transport-Security max-age=631138519

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.publinews.gt/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

x-response-time
116
date
Wed, 31 Aug 2022 16:16:23 GMT
last-modified
Wed, 31 Aug 2022 16:16:23 GMT
server
tsa_o
vary
Origin
content-type
image/gif
cache-control
must-revalidate, max-age=600
x-connection-hash
2f259f94a17e2ea9dbe19c47c0803ce3c3dbd00f780d177cf6f50e55a674a06c
strict-transport-security
max-age=631138519
content-length
43
0e36d09df9ff74ac9a9a8e304d461f4b.js
www.gstatic.com/mysidia/ Frame ADB5 		10 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/mysidia/0e36d09df9ff74ac9a9a8e304d461f4b.js?tag=client_fast_engine_2019
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6383764698994707&output=html&h=280&slotname=3742502606&adk=174841845&adf=2764318805&pi=t.ma~as.3742502606&w=1200&fwrn=4&fwrnh=100&lmt=1661962582&rafmt=1&psa=0&format=1200x280&url=https%3A%2F%2Fwww.publinews.gt%2Fgt%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1661962582593&bpp=3&bdt=951&idt=79&shv=r20220829&mjsv=m202208250101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D3e919791225ba04a-22279d160fce002a%3AT%3D1661962582%3AS%3DALNI_Ma962-5CeT1YBQGE3h12GnrP9tFJQ&prev_fmts=0x0&nras=1&correlator=7758249439997&frm=20&pv=1&ga_vid=691347407.1661962582&ga_sid=1661962582&ga_hid=1812898241&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=120&ady=3882&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31069217%2C44772915%2C31062931&oid=2&pvsid=370390444806995&tmod=117887328&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7ClEebr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=8&uci=a!8&btvi=1&fsb=1&xpc=g4YKPmXyTo&p=https%3A//www.publinews.gt&dtd=86
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8a5dc38cec076d349128944270877cc436cf084bb9ea8130ad55a644c40b35f5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Thu, 25 Aug 2022 01:33:19 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
571384
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4500
x-xss-protection
0
last-modified
Thu, 25 Aug 2022 01:10:52 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="mysidia"
vary
Accept-Encoding
report-to
{"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type
text/javascript
cache-control
public, max-age=7776000
accept-ranges
bytes
expires
Wed, 23 Nov 2022 01:33:19 GMT
e2875713480840d8712332133311d4ea.js
www.gstatic.com/mysidia/ Frame ADB5 		19 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/mysidia/e2875713480840d8712332133311d4ea.js?tag=pingback
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6383764698994707&output=html&h=280&slotname=3742502606&adk=174841845&adf=2764318805&pi=t.ma~as.3742502606&w=1200&fwrn=4&fwrnh=100&lmt=1661962582&rafmt=1&psa=0&format=1200x280&url=https%3A%2F%2Fwww.publinews.gt%2Fgt%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1661962582593&bpp=3&bdt=951&idt=79&shv=r20220829&mjsv=m202208250101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D3e919791225ba04a-22279d160fce002a%3AT%3D1661962582%3AS%3DALNI_Ma962-5CeT1YBQGE3h12GnrP9tFJQ&prev_fmts=0x0&nras=1&correlator=7758249439997&frm=20&pv=1&ga_vid=691347407.1661962582&ga_sid=1661962582&ga_hid=1812898241&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=120&ady=3882&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31069217%2C44772915%2C31062931&oid=2&pvsid=370390444806995&tmod=117887328&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7ClEebr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=8&uci=a!8&btvi=1&fsb=1&xpc=g4YKPmXyTo&p=https%3A//www.publinews.gt&dtd=86
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6d124788e480924e0a0917ef210d06075bd5166a9f9cc75f2937a98a4a497199
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Thu, 25 Aug 2022 03:43:50 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
563553
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7767
x-xss-protection
0
last-modified
Mon, 22 Aug 2022 19:28:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="mysidia"
vary
Accept-Encoding
report-to
{"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type
text/javascript
cache-control
public, max-age=7776000
accept-ranges
bytes
expires
Wed, 23 Nov 2022 03:43:50 GMT
css
fonts.googleapis.com/ Frame ADB5 		6 KB
672 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6383764698994707&output=html&h=280&slotname=3742502606&adk=174841845&adf=2764318805&pi=t.ma~as.3742502606&w=1200&fwrn=4&fwrnh=100&lmt=1661962582&rafmt=1&psa=0&format=1200x280&url=https%3A%2F%2Fwww.publinews.gt%2Fgt%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1661962582593&bpp=3&bdt=951&idt=79&shv=r20220829&mjsv=m202208250101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D3e919791225ba04a-22279d160fce002a%3AT%3D1661962582%3AS%3DALNI_Ma962-5CeT1YBQGE3h12GnrP9tFJQ&prev_fmts=0x0&nras=1&correlator=7758249439997&frm=20&pv=1&ga_vid=691347407.1661962582&ga_sid=1661962582&ga_hid=1812898241&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=120&ady=3882&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31069217%2C44772915%2C31062931&oid=2&pvsid=370390444806995&tmod=117887328&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7ClEebr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=8&uci=a!8&btvi=1&fsb=1&xpc=g4YKPmXyTo&p=https%3A//www.publinews.gt&dtd=86
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
e0be1d222e2e367ac5106f4aee4830c3de18af1d266f8cde53915e11e8b01bfd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Wed, 31 Aug 2022 15:59:29 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Wed, 31 Aug 2022 16:16:23 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Wed, 31 Aug 2022 16:16:23 GMT
load_preloaded_resource_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220829/r20110914/client/ Frame ADB5 		2 KB
902 B 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220829/r20110914/client/load_preloaded_resource_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6383764698994707&output=html&h=280&slotname=3742502606&adk=174841845&adf=2764318805&pi=t.ma~as.3742502606&w=1200&fwrn=4&fwrnh=100&lmt=1661962582&rafmt=1&psa=0&format=1200x280&url=https%3A%2F%2Fwww.publinews.gt%2Fgt%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1661962582593&bpp=3&bdt=951&idt=79&shv=r20220829&mjsv=m202208250101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D3e919791225ba04a-22279d160fce002a%3AT%3D1661962582%3AS%3DALNI_Ma962-5CeT1YBQGE3h12GnrP9tFJQ&prev_fmts=0x0&nras=1&correlator=7758249439997&frm=20&pv=1&ga_vid=691347407.1661962582&ga_sid=1661962582&ga_hid=1812898241&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=120&ady=3882&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31069217%2C44772915%2C31062931&oid=2&pvsid=370390444806995&tmod=117887328&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7ClEebr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=8&uci=a!8&btvi=1&fsb=1&xpc=g4YKPmXyTo&p=https%3A//www.publinews.gt&dtd=86
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
981c0bff12cb03203363a70e8ffe9b7fdf4af3b0b10c7a02a639eb13327574c0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Wed, 31 Aug 2022 16:08:48 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
455
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
875
x-xss-protection
0
server
cafe
etag
16974406330603315520
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 14 Sep 2022 16:08:48 GMT
a44a0b8f447061e92ca19622c4392a02.js
www.gstatic.com/mysidia/ Frame ADB5 		6 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/mysidia/a44a0b8f447061e92ca19622c4392a02.js?tag=analytics_pingback_2019
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6383764698994707&output=html&h=280&slotname=3742502606&adk=174841845&adf=2764318805&pi=t.ma~as.3742502606&w=1200&fwrn=4&fwrnh=100&lmt=1661962582&rafmt=1&psa=0&format=1200x280&url=https%3A%2F%2Fwww.publinews.gt%2Fgt%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1661962582593&bpp=3&bdt=951&idt=79&shv=r20220829&mjsv=m202208250101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D3e919791225ba04a-22279d160fce002a%3AT%3D1661962582%3AS%3DALNI_Ma962-5CeT1YBQGE3h12GnrP9tFJQ&prev_fmts=0x0&nras=1&correlator=7758249439997&frm=20&pv=1&ga_vid=691347407.1661962582&ga_sid=1661962582&ga_hid=1812898241&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=120&ady=3882&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31069217%2C44772915%2C31062931&oid=2&pvsid=370390444806995&tmod=117887328&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7ClEebr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=8&uci=a!8&btvi=1&fsb=1&xpc=g4YKPmXyTo&p=https%3A//www.publinews.gt&dtd=86
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
aa3777d578531c63cb5b48a28d1f0135a9769ca2ee44ae916aadb341089140e1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Mon, 29 Aug 2022 16:55:27 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
170456
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2233
x-xss-protection
0
last-modified
Thu, 25 Aug 2022 01:10:52 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="mysidia"
vary
Accept-Encoding
report-to
{"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type
text/javascript
cache-control
public, max-age=7776000
accept-ranges
bytes
expires
Sun, 27 Nov 2022 16:55:27 GMT
abg_lite_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220829/r20110914/ Frame ADB5 		23 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220829/r20110914/abg_lite_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6383764698994707&output=html&h=280&slotname=3742502606&adk=174841845&adf=2764318805&pi=t.ma~as.3742502606&w=1200&fwrn=4&fwrnh=100&lmt=1661962582&rafmt=1&psa=0&format=1200x280&url=https%3A%2F%2Fwww.publinews.gt%2Fgt%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1661962582593&bpp=3&bdt=951&idt=79&shv=r20220829&mjsv=m202208250101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D3e919791225ba04a-22279d160fce002a%3AT%3D1661962582%3AS%3DALNI_Ma962-5CeT1YBQGE3h12GnrP9tFJQ&prev_fmts=0x0&nras=1&correlator=7758249439997&frm=20&pv=1&ga_vid=691347407.1661962582&ga_sid=1661962582&ga_hid=1812898241&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=120&ady=3882&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31069217%2C44772915%2C31062931&oid=2&pvsid=370390444806995&tmod=117887328&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7ClEebr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=8&uci=a!8&btvi=1&fsb=1&xpc=g4YKPmXyTo&p=https%3A//www.publinews.gt&dtd=86
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
f63e08b18115b72e6d2cbe9db5f7527d2731545d38beae54317e10cfe0f58fc6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Wed, 31 Aug 2022 16:05:57 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
626
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9615
x-xss-protection
0
server
cafe
etag
5965352936607719246
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 14 Sep 2022 16:05:57 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220829/r20110914/client/ Frame ADB5 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220829/r20110914/client/window_focus_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6383764698994707&output=html&h=280&slotname=3742502606&adk=174841845&adf=2764318805&pi=t.ma~as.3742502606&w=1200&fwrn=4&fwrnh=100&lmt=1661962582&rafmt=1&psa=0&format=1200x280&url=https%3A%2F%2Fwww.publinews.gt%2Fgt%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1661962582593&bpp=3&bdt=951&idt=79&shv=r20220829&mjsv=m202208250101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D3e919791225ba04a-22279d160fce002a%3AT%3D1661962582%3AS%3DALNI_Ma962-5CeT1YBQGE3h12GnrP9tFJQ&prev_fmts=0x0&nras=1&correlator=7758249439997&frm=20&pv=1&ga_vid=691347407.1661962582&ga_sid=1661962582&ga_hid=1812898241&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=120&ady=3882&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31069217%2C44772915%2C31062931&oid=2&pvsid=370390444806995&tmod=117887328&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7ClEebr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=8&uci=a!8&btvi=1&fsb=1&xpc=g4YKPmXyTo&p=https%3A//www.publinews.gt&dtd=86
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Wed, 31 Aug 2022 16:09:37 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
406
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1359
x-xss-protection
0
server
cafe
etag
1484984001845508991
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 14 Sep 2022 16:09:37 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220829/r20110914/client/ Frame ADB5 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220829/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6383764698994707&output=html&h=280&slotname=3742502606&adk=174841845&adf=2764318805&pi=t.ma~as.3742502606&w=1200&fwrn=4&fwrnh=100&lmt=1661962582&rafmt=1&psa=0&format=1200x280&url=https%3A%2F%2Fwww.publinews.gt%2Fgt%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1661962582593&bpp=3&bdt=951&idt=79&shv=r20220829&mjsv=m202208250101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D3e919791225ba04a-22279d160fce002a%3AT%3D1661962582%3AS%3DALNI_Ma962-5CeT1YBQGE3h12GnrP9tFJQ&prev_fmts=0x0&nras=1&correlator=7758249439997&frm=20&pv=1&ga_vid=691347407.1661962582&ga_sid=1661962582&ga_hid=1812898241&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=120&ady=3882&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31069217%2C44772915%2C31062931&oid=2&pvsid=370390444806995&tmod=117887328&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7ClEebr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=8&uci=a!8&btvi=1&fsb=1&xpc=g4YKPmXyTo&p=https%3A//www.publinews.gt&dtd=86
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
57000ea03bfb53734d0858b8fe992e6742226f23f311eb0f9d2177e2a84a5621
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Wed, 31 Aug 2022 16:02:55 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
808
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7599
x-xss-protection
0
server
cafe
etag
9215437806027971270
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 14 Sep 2022 16:02:55 GMT
l
www.google.com/ads/measurement/ Frame ADB5 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaSiqfr7IXKbdB_Wxz2sovX7qH2XZLAin9gNNuxfOCEbHKIQ-2C2mgX4HSgaqdPWjbEPU2SgCIGRfF2KfIMBqdide-Fm6g
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6383764698994707&output=html&h=280&slotname=3742502606&adk=174841845&adf=2764318805&pi=t.ma~as.3742502606&w=1200&fwrn=4&fwrnh=100&lmt=1661962582&rafmt=1&psa=0&format=1200x280&url=https%3A%2F%2Fwww.publinews.gt%2Fgt%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1661962582593&bpp=3&bdt=951&idt=79&shv=r20220829&mjsv=m202208250101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D3e919791225ba04a-22279d160fce002a%3AT%3D1661962582%3AS%3DALNI_Ma962-5CeT1YBQGE3h12GnrP9tFJQ&prev_fmts=0x0&nras=1&correlator=7758249439997&frm=20&pv=1&ga_vid=691347407.1661962582&ga_sid=1661962582&ga_hid=1812898241&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=120&ady=3882&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31069217%2C44772915%2C31062931&oid=2&pvsid=370390444806995&tmod=117887328&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7ClEebr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=8&uci=a!8&btvi=1&fsb=1&xpc=g4YKPmXyTo&p=https%3A//www.publinews.gt&dtd=86
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame ADB5 		141 KB
44 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6383764698994707&output=html&h=280&slotname=3742502606&adk=174841845&adf=2764318805&pi=t.ma~as.3742502606&w=1200&fwrn=4&fwrnh=100&lmt=1661962582&rafmt=1&psa=0&format=1200x280&url=https%3A%2F%2Fwww.publinews.gt%2Fgt%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1661962582593&bpp=3&bdt=951&idt=79&shv=r20220829&mjsv=m202208250101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D3e919791225ba04a-22279d160fce002a%3AT%3D1661962582%3AS%3DALNI_Ma962-5CeT1YBQGE3h12GnrP9tFJQ&prev_fmts=0x0&nras=1&correlator=7758249439997&frm=20&pv=1&ga_vid=691347407.1661962582&ga_sid=1661962582&ga_hid=1812898241&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=120&ady=3882&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31069217%2C44772915%2C31062931&oid=2&pvsid=370390444806995&tmod=117887328&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7ClEebr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=8&uci=a!8&btvi=1&fsb=1&xpc=g4YKPmXyTo&p=https%3A//www.publinews.gt&dtd=86
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3d94a91612f816c172c583d17bb06e140969a22fae663e7b8cae7d18d55eb2c6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Wed, 31 Aug 2022 16:16:23 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
44757
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1661773661488070"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Wed, 31 Aug 2022 16:16:23 GMT
e3ca5db921b3b46420ba257a4c2f6b26.js
www.gstatic.com/mysidia/ Frame ADB5 		33 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/mysidia/e3ca5db921b3b46420ba257a4c2f6b26.js?tag=mysidia_one_click_handler_one_afma_2019
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6383764698994707&output=html&h=280&slotname=3742502606&adk=174841845&adf=2764318805&pi=t.ma~as.3742502606&w=1200&fwrn=4&fwrnh=100&lmt=1661962582&rafmt=1&psa=0&format=1200x280&url=https%3A%2F%2Fwww.publinews.gt%2Fgt%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1661962582593&bpp=3&bdt=951&idt=79&shv=r20220829&mjsv=m202208250101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D3e919791225ba04a-22279d160fce002a%3AT%3D1661962582%3AS%3DALNI_Ma962-5CeT1YBQGE3h12GnrP9tFJQ&prev_fmts=0x0&nras=1&correlator=7758249439997&frm=20&pv=1&ga_vid=691347407.1661962582&ga_sid=1661962582&ga_hid=1812898241&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=120&ady=3882&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31069217%2C44772915%2C31062931&oid=2&pvsid=370390444806995&tmod=117887328&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7ClEebr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=8&uci=a!8&btvi=1&fsb=1&xpc=g4YKPmXyTo&p=https%3A//www.publinews.gt&dtd=86
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
24302eeb5b736bcc9f610299a37ac5dcf7e5b4c11591489fe9ad89f1533bd09b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Wed, 24 Aug 2022 22:40:08 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
581775
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13683
x-xss-protection
0
last-modified
Mon, 22 Aug 2022 19:28:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="mysidia"
vary
Accept-Encoding
report-to
{"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type
text/javascript
cache-control
public, max-age=7776000
accept-ranges
bytes
expires
Tue, 22 Nov 2022 22:40:08 GMT
truncated
/ Frame 0681 		215 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
23899aaaf96687089eabeea305cd1f8a80b49823e7846dd26dab0f1711a66b4b

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

Content-Type
image/png
/
google2waycm.netmng.com/cm/ Frame 02EA 		0
0
pixel
cm.g.doubleclick.net/ Frame 02EA
Redirect Chain
  • https://pm.w55c.net/ping_match.gif?ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEKCYmF7dpLDkfyNhpNCq6GQ&google_cve...
  • https://pm.w55c.net/ping_match.gif?scc=1&ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEKCYmF7dpLDkfyNhpNCq6GQ&goog...
  • https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=QldQMjl0QzgxT3Rxbzc1&google_gid=CAESEKCYmF7dpLDkfyNhpNCq6GQ&google_cver=1&google_push=AehlK4D7ZlaNjzEpyoA3z7cg_RK8JrLRG0ExMyOrjLSDA35...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=QldQMjl0QzgxT3Rxbzc1&google_gid=CAESEKCYmF7dpLDkfyNhpNCq6GQ&google_cver=1&google_push=AehlK4D7ZlaNjzEpyoA3z7cg_RK8JrLRG0ExMyOrjLSDA35wiebIJB3tnlCIncLjGAdGxYUJWacSh-_Zh5o41NHB2vdkctr3e6Wz
Requested by
Host: b646121064d0d0dec321ab1288f34722.safeframe.googlesyndication.com
URL: https://b646121064d0d0dec321ab1288f34722.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Server
142.250.186.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 31 Aug 2022 16:16:23 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Wed, 31 Aug 2022 16:16:22 GMT
Server
PingMatch/9853e75#9853e75792b29505864c0b7c23889ef441e21f3f i-0b4faee82b62afb2e@eu-central-1b@dxedge-app-eu-central-1-prod-asg
Strict-Transport-Security
max-age=2592000; includeSubDomains
Location
https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=QldQMjl0QzgxT3Rxbzc1&google_gid=CAESEKCYmF7dpLDkfyNhpNCq6GQ&google_cver=1&google_push=AehlK4D7ZlaNjzEpyoA3z7cg_RK8JrLRG0ExMyOrjLSDA35wiebIJB3tnlCIncLjGAdGxYUJWacSh-_Zh5o41NHB2vdkctr3e6Wz
Cache-Control
no-cache, must-revalidate
Connection
keep-alive
Content-Length
0
Expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 02EA
Redirect Chain
  • https://sync.tidaltv.com/genericusersync.ashx?dpid=glrdr&google_gid=CAESEFXyDjgN9USbnevsIoq2PWo&google_cver=1&google_push=AehlK4A5CUSnCOT-Eg3Zf8imHoeDhfkfvASPvEHVN_R37bFF422wRe3VSEmOY2ftyPeGl4I5cxG...
  • https://sync.tidaltv.com/genericusersync.ashx?dpid=glrdr&google_gid=CAESEFXyDjgN9USbnevsIoq2PWo&google_cver=1&google_push=AehlK4A5CUSnCOT-Eg3Zf8imHoeDhfkfvASPvEHVN_R37bFF422wRe3VSEmOY2ftyPeGl4I5cxG...
  • https://cm.g.doubleclick.net/pixel?google_nid=lucid1&google_push&google_hm=CLkWK5PsTXqknZk9LTBYEw&gdpr=1&gdpr_consent=
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=lucid1&google_push&google_hm=CLkWK5PsTXqknZk9LTBYEw&gdpr=1&gdpr_consent=
Requested by
Host: b646121064d0d0dec321ab1288f34722.safeframe.googlesyndication.com
URL: https://b646121064d0d0dec321ab1288f34722.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Server
142.250.186.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 31 Aug 2022 16:16:23 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=lucid1&google_push&google_hm=CLkWK5PsTXqknZk9LTBYEw&gdpr=1&gdpr_consent=
pragma
no-cache
date
Wed, 31 Aug 2022 16:16:23 GMT
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-length
0
x-xss-protection
1; mode=block
expires
0
pixel
cm.g.doubleclick.net/ Frame 02EA
Redirect Chain
  • https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEBcSkvxAYmyc320V5-3Cweg&google_cver=1&google_push=AehlK4BeredGkMKic0SPPzdWOysaEheP8eeXBhNiUXCY_Eu7Q1WSYRnmARg0MB34cMR-mihBLFwnJPIY...
  • https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESEBcSkvxAYmyc320V5-3Cweg&google_cver=1&google_push=AehlK4BeredGkMKic0SPPzdWOysaEheP8eeXBhNiUXCY_Eu7Q1WSYRnmARg0MB34cMR-mihBLFw...
  • https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NDY0NTAxODIyMjg4MjU3OTU5Mg&google_push=AehlK4BeredGkMKic0SPPzdWOysaEheP8eeXBhNiUXCY_Eu7Q1WSYRnmARg0MB34cMR-mihBLFwnJP...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NDY0NTAxODIyMjg4MjU3OTU5Mg&google_push=AehlK4BeredGkMKic0SPPzdWOysaEheP8eeXBhNiUXCY_Eu7Q1WSYRnmARg0MB34cMR-mihBLFwnJPIYx5IsHFReApCZ9Xyxq1M
Requested by
Host: b646121064d0d0dec321ab1288f34722.safeframe.googlesyndication.com
URL: https://b646121064d0d0dec321ab1288f34722.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Server
142.250.186.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 31 Aug 2022 16:16:23 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Wed, 31 Aug 2022 16:16:23 GMT
server
nginx
location
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NDY0NTAxODIyMjg4MjU3OTU5Mg&google_push=AehlK4BeredGkMKic0SPPzdWOysaEheP8eeXBhNiUXCY_Eu7Q1WSYRnmARg0MB34cMR-mihBLFwnJPIYx5IsHFReApCZ9Xyxq1M
access-control-max-age
86400
access-control-allow-methods
GET
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
dds
rtb.openx.net/sync/ Frame 02EA 		43 B
351 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.openx.net/sync/dds?google_gid=CAESEO61rkfks_D4-yqvAl72u5k&google_cver=1&google_push=AehlK4BvMFjb6K0osTX9w_n1jaC_RTrMKIixs-u5TZ9mNbOFhFmzIkpt_xzCUEAGJZoeO56w9W2FmVAqrPEczssI1Of4fcAFAzUc
Requested by
Host: b646121064d0d0dec321ab1288f34722.safeframe.googlesyndication.com
URL: https://b646121064d0d0dec321ab1288f34722.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.186.253.211 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
211.253.186.35.bc.googleusercontent.com
Software
Cowboy /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 31 Aug 2022 16:16:23 GMT
via
1.1 google
server
Cowboy
vary
Origin
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
null
access-control-expose-headers
cache-control
private, max-age=0, no-cache, must-revalidate
access-control-allow-credentials
true
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
x-request-id
52uhhcre2338it40peofgu3f7bjl3j4d
pixel
cm.g.doubleclick.net/ Frame 02EA
Redirect Chain
  • https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESEDVoYlOxbN9BZq3uC9giKdM&google_cver=1&google_push=AehlK4CrZMj4kduqtcAumrCE_jyH6fz0pglGVmrxM4MbCqqruALf8HjdtKNQH1IExzIKFJIpYPCUoCuVvFjPgcjSX...
  • https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESEDVoYlOxbN9BZq3uC9giKdM&google_cver=1&google_push=AehlK4CrZMj4kduqtcAumrCE_jyH6fz0pglGVmrxM4MbCqqruALf8HjdtKNQH1IExzIKFJIpYPCUoCuVvFjPgcjSX...
  • https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=AehlK4CrZMj4kduqtcAumrCE_jyH6fz0pglGVmrxM4MbCqqruALf8HjdtKNQH1IExzIKFJIpYPCUoCuVvFjPgcjSXLiPZh0hWuZV&google_hm=FPRwuGZHrS58B9CrSf-mfroY
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=AehlK4CrZMj4kduqtcAumrCE_jyH6fz0pglGVmrxM4MbCqqruALf8HjdtKNQH1IExzIKFJIpYPCUoCuVvFjPgcjSXLiPZh0hWuZV&google_hm=FPRwuGZHrS58B9CrSf-mfroY
Requested by
Host: b646121064d0d0dec321ab1288f34722.safeframe.googlesyndication.com
URL: https://b646121064d0d0dec321ab1288f34722.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Server
142.250.186.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 31 Aug 2022 16:16:23 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Wed, 31 Aug 2022 16:16:23 GMT
pod
X-Sovrn-Pod: ad_ap6ams1
location
https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=AehlK4CrZMj4kduqtcAumrCE_jyH6fz0pglGVmrxM4MbCqqruALf8HjdtKNQH1IExzIKFJIpYPCUoCuVvFjPgcjSXLiPZh0hWuZV&google_hm=FPRwuGZHrS58B9CrSf-mfroY
access-control-allow-methods
GET, POST, DELETE, PUT
access-control-allow-origin
*
access-control-allow-credentials
true
connection
close
access-control-allow-headers
X-Requested-With, Content-Type
sync
ssbsync.smartadserver.com/api/ Frame 02EA 		0
75 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssbsync.smartadserver.com/api/sync?callerId=3&google_gid=CAESEP0Zc-lT_WOgybwpJ5SpFZY&google_cver=1&google_push=AehlK4B1Gu7vM_-LxUoRf8zYtJJEuGkk3neUuYJ3aAdUxo9MvBbttindnkda-R_oUg21SfL9wa0SfW5Q__E3iWNyIACyZdvB51I
Requested by
Host: b646121064d0d0dec321ab1288f34722.safeframe.googlesyndication.com
URL: https://b646121064d0d0dec321ab1288f34722.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.86.137.107 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Wed, 31 Aug 2022 16:16:22 GMT
content-length
0
attr
cm.g.doubleclick.net/pixel/ Frame 02EA 		0
50 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13KPdF2grE1oFrV_d1h4JUhzxaWwMkKEtcqcfeGUPfs3VDHEARoLXcZEW9rc7_qTaG27Feb-
Requested by
Host: b646121064d0d0dec321ab1288f34722.safeframe.googlesyndication.com
URL: https://b646121064d0d0dec321ab1288f34722.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Wed, 31 Aug 2022 16:16:23 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
content-type
text/html
pixel
googleads.g.doubleclick.net/xbbe/ Frame 4161 		624 B
297 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CLfi9QIQ0YXj8wEYtY7FwwEwAQ&v=APEucNVIvcP4MraefIYEf0igkgpdw1E_eWWIzQsPb9JL0fONSM8d2NZsYmKlNWj7FXLE8_rtYgpuI2Yg3cDeba7dgbxSGim-irSoMHCu-SNLZM0EF6ENKFTIccDzVNLT6C8XsacNxHpA7oi8EwtIvyVXBdoht_d7ebz7C-sYuucIPtsaYs0FDGE
Requested by
Host: b646121064d0d0dec321ab1288f34722.safeframe.googlesyndication.com
URL: https://b646121064d0d0dec321ab1288f34722.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://b646121064d0d0dec321ab1288f34722.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private
content-encoding
gzip
content-length
276
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Wed, 31 Aug 2022 16:16:23 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
ad
googleads.g.doubleclick.net/dbm/ Frame 85EA 		80 KB
34 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-Cc23gTHtn92VKCeOQnEDYK7lcsIkfshRH1RyHzmlG8hskWUJff7hvqcRNnxGfHwBvaI7CV-7GMb5vOeKSAE_l_sSIYvDRe8VTk-_75M7yLbGcrYPz06tQKSF5DN10JJJ0k-MBDb3yn4tjCnmYLv6jK0fkH6g&dbm_d=AKAmf-DNuYs0i0G0CLc8ghzhria7mlEksFKhluN-FCUir7ltaU9zXusU8YaPHTtwLVoBxjBJeSsckGZTcu3Ij9YhfCVxEgbngX4rBpfLl8jtaVHkjXGiK_vdk5Ml-kgY_7be4deyZAvIUFVyC4P9jaWj219InWeeVs2A04jJJunmEHD_FbTGfrqOJOVjAytq-HxW-LfeFvDpSXkW1Ypdl25-xHIyVaoGVRVn37DNisKCz-PWFxEePavcOj2Q4-MgbltFcRDwe6L95Lq_-C19kbanNLfi4hO2GaaCt4dDhWj_gmRbJRxYHmbCDpvmZ62ABeKWgt42rILVbucCYvt2nPkzRhHzHgTbLSl49bn45ouzLO6qpD2vKELUP2hldoeHvdXxRRpt8XL9jD2jco5dtKh3MEXsb1gSQ3zDWX_ebUohF5WVf55OnZ0RV7JVZpzmJKgjU2DcwPStsLJpPpvI5kuDVGwjub_FxJUm0AMOiUi6AQz91hZY1-ZOkoTq_2V7W1dfSVdgKTntJ-FlIKJ-4q6gNx_w-jbjs8hv4CAkTF9sLyfv4C2uZRwgthvfWLjCMUaRHmdIHYj-FPWcFLZwqGHa_kgNzQlyTSPX1-KgnlmIReSuyfOO_6nZhkofRaC0AzOS3MoLJI-R3TeikPp05Z00m4lbcAjvdjxVOHp_Y0FyfYMKtnXmv4dSX5Aiw9rYa9S09nzjT3LlYcdeWG7U3VK6B9P9TKwGlJMM4TuGKA2Jit3_ftcCl2nWTvlI30rXcC16U9V8otkF5-yEQM3DaKTuKg7o5JekJ9kzlB1Txw15zXx3JPNyrhsmhXMYNQniOBqJxKJpaX4bhYvQNgdPG7QfQSHgtI44GdNRqLrZb8WUknJVaI7dzEaVsoMnV1f2LsaBaF4BRFreAqTG9JU8agZ1vLXANNxC-YcjHlUq5-GJEWTH47b32aK3b3Ofu235842mrl0xoeouvyuCpp677mrSObsOVuT5vtpijjUi9OBAiUBN4j2t6JgfJYMlhKmCOjFzIE6ly0mpvoMBpF_GJpYh8hoimEhJ3Y7MS1Bi6up4h9aIR8Kbbptu-Du63g46J_t1vtPe2EljLFc5CZuaf3P91MCY27LwqgrDyfFpIXAqzrkYL196zWUCdQ_Htp5XV2SqZlUTFyEstbq0DGYrkn6i8iW-EPZXVmu-cAmRspjsH-AW9MgOPPhqcNB17TZ6ERaigsJck25u8YHVXYc5PbtqZDxAbK4xXm4eHBL1rxOHi1meuZt3liOvEgghkFw4H2F_O4Ch2ZGjgEhO66CXeI2HcKWgGwkEPLj2B35-VPqq6Y9s9vGpCpd_qyjGbF1ZPgtl8zZUamTQN2SGWgAzEdJx5Fc2m-MyEi_xjl-6iO70VCXXAw_xSzqsAoJC2ZPzOlDId9vac1tlmoXTHt20Oc10_gsiRIry_MzeVx1tWGIUVEploCyb6rJFBpV3sQYtWBzuraUAa4XbE67dJ-BzImx0T0czHodfU0ucac36rBYQ9nFQAAGcdMgQ2FO7f9_Y5b21NlZJCzW785ZDalsOsXXQSJ7lCZnjvNGxo8UdLejBZN2aj7yJ1EKV8C4sArO4m-57v0Zn5iihucYmqg3DjC9HNbWDOXaFmeSJVoZ_8C3EHxwOyX4EJOhUHTks7uSihaDemNAeXwRrFsv644fhEvG22bfiPKzVZrr5nmhZed222C8pATzNPnZkTHFL9omS9N2-iomIke0G1kEGBJgK6dkJnuyKdIOOsXGqOgxRrEfcxOlfvsaWhBelXNzrjoEVhHubz10tyJiid6BBZfN-vdYm7eCUDpge_tVTWewy-61mTX4lHyW6K0onq_jSHssVA7Aa1oZvDyEFbwIs4hEFkPgewjG41ibMgWr6_t7pE5WksFksXPoJJpFABKJqFCBAlBPCYb-oPw41niWPjK1-EFq-s-3yhU4ZJwwHlupHHsbbkJ3ag4cbxSXM4d60xSg0rYKZc2GNU9V712WF5ttNdw3gcSgeGyRx3reDZl8vxIIJ1oR2pYWZ2e06KvUtMgG-8jxM2yUarwHEAX73p17YgECtlWca1ORiAeTsniYWMP-80-8E7fxqHQwv2PRyW7isri6rkuGPr004-YkAsL2W7EOwmNH4XmDMc4XWEU4DLHg-3NVC1flb0PdUiAGANdHDLOmcw01FNRzi272skhq2gGQvdjhV9-a49gc15VYyQ5mQXiFxBREkwiih41S2kgRjC3uSwVzUwKEytgcKhRThgH2h9vmHfX5c-k059VxhTAqmhtfit84dNTmed6QB9SzQOVZDi5kS3VmE200-x8A6LKc5zEqL6IlnlRh6aNlIGcxYw4CEUzJCJdwS5uR9w_-hODR6fhMcAq3JclWejkUfJcW8FZs9UXz4iuYGmw5Mhg5rhw3NaV9vhoxm6DPdjCqLskqNYSaXL1gEF74CXB0-G_j0n44sD4Ha_6l_zSTsJlIthxHZcfXB6gFp8bsiuwanIGMXLABzpdYqlbqyVsZxelSg9pPPINICDNulnuxCtI7Gspcr5G7U-Usg--4G17V4lXXSO7S6HW_9um6hFMDpRE_k9GNF0zyT5jDAmLckDLWVwcTQUQGceowaKXH4LYLOHCLT-BevUxYQWEp4C3a0YJG8TfeEAYvS4CIIyPFBUhM2MZTCjjX_pIqQg6W7RREQSt_r1C5KM4s35WyiIuKMyErp0anjmckeSdeBpPpruDz4_nSQv5X2MZlsqej1AM7MmXPuiw7OpW4hJfkH3LMScd8RUPsl3rzEx823mF9GhyNTgTFwZYB-gTtDQ-KR-44pr0H0yQdPKVfnZS039J8Ju1ApuY9dY-35RZn0hMe-EAeQR7yLFJn7E0v9ixDOlTuC7Jc0WuIcV7cysTy8swbgXxUV554h25ladacflgm87PCKKX8VRoM92sla9Z6HdvVxc9StSG59LO8TnkhRA5nYpfr1qPGcuTyc6bEcD4byhbKv1rKITUI1IikQDdAAFfxVgUZknX3b2QTnWLu61civez-5hFIPt4vQUqBPKr_ZFFyz8Nomg1Vjj_VXGY391qphduO5_ABxD3CxwUkBa686UZFt7N3r1s5LYHz2AdwX4SK7bhlhv3qKGDdVYXKc5tQFzkm5l_bnXjme8FE84oA_JoQAP403YLO_XLtOzLChVcuxQrc9ChLCo1lmviTKobkubNYkFfUt8NYH6vGg66yKymUgKX2BXlA1M6uLhzc3tXufuT9zsSg0CI0ZEtYH7BwUQXdqldd0NPJdZLPOLsC-DRM2gEfqFWFf3w&cid=CAASJORowU4SY5iXnHV-_fiXB2-aUM8C1NPzPwRPhqOw7uHPrKRN7A&rfl=1%2Chttps%253A%252F%252Fwww.publinews.gt%252F%240
Requested by
Host: www.publinews.gt
URL: https://www.publinews.gt/gt/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9ecdda397f6989f0bdb5044f7dbef53faad9019516e6e5c0d269a939e702da1a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://b646121064d0d0dec321ab1288f34722.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 31 Aug 2022 16:16:23 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
34484
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 85EA 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-BtGAHmRE8DEw5RhhUmids0KuGENNyJ9ljHqMCUxhrGksSUP701Fj-_mwAl13C6CY3K6wXgcQmdSxv0XSh7X-8zt8DmA6qZfODISrvoiSSi9qu3xLU
Requested by
Host: b646121064d0d0dec321ab1288f34722.safeframe.googlesyndication.com
URL: https://b646121064d0d0dec321ab1288f34722.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://b646121064d0d0dec321ab1288f34722.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 31 Aug 2022 16:16:23 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220829/r20110914/client/ Frame 85EA 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220829/r20110914/client/window_focus_fy2021.js
Requested by
Host: b646121064d0d0dec321ab1288f34722.safeframe.googlesyndication.com
URL: https://b646121064d0d0dec321ab1288f34722.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://b646121064d0d0dec321ab1288f34722.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Wed, 31 Aug 2022 16:09:37 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
406
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1359
x-xss-protection
0
server
cafe
etag
1484984001845508991
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 14 Sep 2022 16:09:37 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220829/r20110914/client/ Frame 85EA 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220829/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: b646121064d0d0dec321ab1288f34722.safeframe.googlesyndication.com
URL: https://b646121064d0d0dec321ab1288f34722.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
57000ea03bfb53734d0858b8fe992e6742226f23f311eb0f9d2177e2a84a5621
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://b646121064d0d0dec321ab1288f34722.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Wed, 31 Aug 2022 16:02:55 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
808
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7599
x-xss-protection
0
server
cafe
etag
9215437806027971270
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 14 Sep 2022 16:02:55 GMT
l
www.google.com/ads/measurement/ Frame 85EA 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaTFyGvj83mGwqNxQkaqL6UJYjqYxMtq3MalivVEnROxuU0Uwyy8Fd5cXr-e1DHvMpocjtFPlU2QMrhIO6eqy-mlveipfw
Requested by
Host: b646121064d0d0dec321ab1288f34722.safeframe.googlesyndication.com
URL: https://b646121064d0d0dec321ab1288f34722.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://b646121064d0d0dec321ab1288f34722.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 85EA 		141 KB
44 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: b646121064d0d0dec321ab1288f34722.safeframe.googlesyndication.com
URL: https://b646121064d0d0dec321ab1288f34722.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3d94a91612f816c172c583d17bb06e140969a22fae663e7b8cae7d18d55eb2c6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://b646121064d0d0dec321ab1288f34722.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Wed, 31 Aug 2022 16:16:23 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
44757
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1661773661488070"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Wed, 31 Aug 2022 16:16:23 GMT
default.css
as.ad4m.at/ad/style/0.1.22/one-ad/ Frame B784 		85 KB
11 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://as.ad4m.at/ad/style/0.1.22/one-ad/default.css
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/dr?ed=1gvyhcpkj2rxmc89tf0dqka9sk70jpp0n2skms53tqpya2zb3gz9jkb620bevjgp8b9pqzrd2mv1fkamg3kyxjskb3a0ex8p53xz5ejnwpe9bhmcen8b4vsfnxc8maj7e54ap06ff9f4vgj728vs6anpz2g3x8qcsrp685dp7r6e18zqfezxe1r43av39d9hszedxkzbbb7krppx9t7tms4kek7wbkrgee5sc0ybs8m0t4bfjjwxmdkj0k76px8v4q1t2set1s4jkjpz719yyvfsgmwy83q9agkx41702ptjstt195mbefh6311z9aw900qhchghn61m42neqd9v5bdya72w2r3e3p4th3zj53x7gxjzw9m5vbes4armv70fy49cawwyeaqt1nmsybwv67pjjxd6m5ar6m&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCX5LxVokPY4DtJMTtgQeEg6H4AZDhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTQ5MjI5NTQzOTQ1ODQ2NjWgAcKu6N0DyAEJqQKLyfoBn8qwPuACAKgDAaoElAJP0HiLrnkivyadFVGiFcalUA72NXlrnWxFvxIAh0-6l-1xkihUJsB9GRIGfEUbzpxxa21zZ1K-orfX6D-UyZKU_QocCojREOaHHW_oEITVOM57ZT9UcaiXbd0VPetUH9jQZnY_P3bA6U05SnkCuKZ_OtRKSZ7cuHwAvIIg2jKAss8Ox2jLf15AaHByWj7P9prLeEHGHvf-iZBLArml2q7ckhVeNy3o_952I7VmO7mzeiBNaMK_vuONY_DPJvIJYNa_m4Re4C7QedQYfHjGSee-xMMkirCKusGto7MP-t8onkpZxKTMiLFcAbQZigJVUg6gQlxGVkpfrK0Bq9ACv4LBZgp_pk9V89aaALT60f5b_zLMeOHgBAGABuPMp6eF8Y2wSqAGIagHipixAqgHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_26JN6B9s3jbrknJI8aorEoKy2UJQ%26client%3Dca-pub-4922954394584665%26adurl%3D
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0d28bd4bc4b8a1ecb41ea341dd43aabbc0322889858d76d406b7dc8a887b8eac
Security Headers
Name Value
Strict-Transport-Security max-age=86400; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://as.ad4m.at/ad/dr?ed=1gvyhcpkj2rxmc89tf0dqka9sk70jpp0n2skms53tqpya2zb3gz9jkb620bevjgp8b9pqzrd2mv1fkamg3kyxjskb3a0ex8p53xz5ejnwpe9bhmcen8b4vsfnxc8maj7e54ap06ff9f4vgj728vs6anpz2g3x8qcsrp685dp7r6e18zqfezxe1r43av39d9hszedxkzbbb7krppx9t7tms4kek7wbkrgee5sc0ybs8m0t4bfjjwxmdkj0k76px8v4q1t2set1s4jkjpz719yyvfsgmwy83q9agkx41702ptjstt195mbefh6311z9aw900qhchghn61m42neqd9v5bdya72w2r3e3p4th3zj53x7gxjzw9m5vbes4armv70fy49cawwyeaqt1nmsybwv67pjjxd6m5ar6m&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCX5LxVokPY4DtJMTtgQeEg6H4AZDhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTQ5MjI5NTQzOTQ1ODQ2NjWgAcKu6N0DyAEJqQKLyfoBn8qwPuACAKgDAaoElAJP0HiLrnkivyadFVGiFcalUA72NXlrnWxFvxIAh0-6l-1xkihUJsB9GRIGfEUbzpxxa21zZ1K-orfX6D-UyZKU_QocCojREOaHHW_oEITVOM57ZT9UcaiXbd0VPetUH9jQZnY_P3bA6U05SnkCuKZ_OtRKSZ7cuHwAvIIg2jKAss8Ox2jLf15AaHByWj7P9prLeEHGHvf-iZBLArml2q7ckhVeNy3o_952I7VmO7mzeiBNaMK_vuONY_DPJvIJYNa_m4Re4C7QedQYfHjGSee-xMMkirCKusGto7MP-t8onkpZxKTMiLFcAbQZigJVUg6gQlxGVkpfrK0Bq9ACv4LBZgp_pk9V89aaALT60f5b_zLMeOHgBAGABuPMp6eF8Y2wSqAGIagHipixAqgHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_26JN6B9s3jbrknJI8aorEoKy2UJQ%26client%3Dca-pub-4922954394584665%26adurl%3D
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Wed, 31 Aug 2022 16:16:23 GMT
via
1.1 google
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
age
176862
cross-origin-embedder-policy
unsafe-none
cf-polished
origSize=86775
surrogate-control
no-store
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=86400; includeSubDomains; preload
content-encoding
br
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection
1; mode=block
pragma
no-cache
referrer-policy
same-origin
last-modified
Mon, 29 Aug 2022 15:08:41 GMT
server
cloudflare
cross-origin-opener-policy
unsafe-none
x-download-options
noopen
vary
accept-encoding
report-to
{"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
content-type
text/css; charset=utf-8
expires
0
cache-control
max-age=3600, must-revalidate, proxy-revalidate
cf-ray
743712027b2cbbb0-FRA
cf-bgj
minify
fxpcopuw.js
ad4m.at/ Frame B784 		36 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ad4m.at/fxpcopuw.js
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/dr?ed=1gvyhcpkj2rxmc89tf0dqka9sk70jpp0n2skms53tqpya2zb3gz9jkb620bevjgp8b9pqzrd2mv1fkamg3kyxjskb3a0ex8p53xz5ejnwpe9bhmcen8b4vsfnxc8maj7e54ap06ff9f4vgj728vs6anpz2g3x8qcsrp685dp7r6e18zqfezxe1r43av39d9hszedxkzbbb7krppx9t7tms4kek7wbkrgee5sc0ybs8m0t4bfjjwxmdkj0k76px8v4q1t2set1s4jkjpz719yyvfsgmwy83q9agkx41702ptjstt195mbefh6311z9aw900qhchghn61m42neqd9v5bdya72w2r3e3p4th3zj53x7gxjzw9m5vbes4armv70fy49cawwyeaqt1nmsybwv67pjjxd6m5ar6m&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCX5LxVokPY4DtJMTtgQeEg6H4AZDhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTQ5MjI5NTQzOTQ1ODQ2NjWgAcKu6N0DyAEJqQKLyfoBn8qwPuACAKgDAaoElAJP0HiLrnkivyadFVGiFcalUA72NXlrnWxFvxIAh0-6l-1xkihUJsB9GRIGfEUbzpxxa21zZ1K-orfX6D-UyZKU_QocCojREOaHHW_oEITVOM57ZT9UcaiXbd0VPetUH9jQZnY_P3bA6U05SnkCuKZ_OtRKSZ7cuHwAvIIg2jKAss8Ox2jLf15AaHByWj7P9prLeEHGHvf-iZBLArml2q7ckhVeNy3o_952I7VmO7mzeiBNaMK_vuONY_DPJvIJYNa_m4Re4C7QedQYfHjGSee-xMMkirCKusGto7MP-t8onkpZxKTMiLFcAbQZigJVUg6gQlxGVkpfrK0Bq9ACv4LBZgp_pk9V89aaALT60f5b_zLMeOHgBAGABuPMp6eF8Y2wSqAGIagHipixAqgHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_26JN6B9s3jbrknJI8aorEoKy2UJQ%26client%3Dca-pub-4922954394584665%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
22cadce4f1aad2a4af3657f90efa02d4e3d32217fdf307ff69512771d1fb08ab

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Wed, 31 Aug 2022 16:16:23 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
106565
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Wed, 27 Jul 2022 10:39:36 GMT
server
cloudflare
etag
W/"1a2552545a3303319c45b19addfd8947"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=oExrFwjPhTmFnFCeql572yHdObSkVej4ovx86z2Xvbqe48HABCB1IBfaoQoBb0SNOwBvrPwfISTs2XYUw%2BBmhe08u0QdLOAYbiMqHoDZZpTFz10ElIix62oZ9gqa0TgBRO3vMak%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
expires
Wed, 24 Aug 2022 14:07:37 GMT
cache-control
public, max-age=3600, must-revalidate, stale-while-revalidate=300
cf-ray
743712026e938fe8-FRA
cf-bgj
minify
request.php
hal90002.redintelligence.net/ Frame 2295
Redirect Chain
  • https://hal90002.redintelligence.net/request.php?zone=4as54di69f4s&nw=20&renderingType=javascript&namespace=9e402249d7&subid=&uid=9aea150153057ab1&screenSize=1600x1200&screenSizeAvail=1600x1200&cli...
  • https://hal90002.redintelligence.net/request.php?zone=4as54di69f4s&nw=20&renderingType=javascript&namespace=9e402249d7&subid=&uid=9aea150153057ab1&screenSize=1600x1200&screenSizeAvail=1600x1200&cli...
2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hal90002.redintelligence.net/request.php?zone=4as54di69f4s&nw=20&renderingType=javascript&namespace=9e402249d7&subid=&uid=9aea150153057ab1&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=300x250&scrollPos=0x0&extData[]=&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCUonQVokPY77iEo2ygAe1qaTYDt2t6Khgu4_f1IgK8C4QASDm3vh9YJXikIKgB8gBCakCojANkwrIsD6oAwGqBJgCT9CjDcVg09uQqBv4xvk__UTVPHL5pvCx8Jh_RBUpdav5qv3geswrlq1zXNj221bVb8Nnu-UZ8r-o57v7OZvWVBGH-mSNhpssd5TPA7RduPefg9RkxgTcUomqHUH-vnAy_UVDTpndYsvEBuG7PE1_JBkxjwpNOyQQrMSj-oetxCJdxCF6kojhKzY3D1Cts2B6QO4nxde1wR0e7BqHiINoeV1tpaYFnW4Iw3IhOeDCQ33AFgoRWs48vmx7eHxIcE9JvDHjMnh47_onFnv3Z-920QWh1pLGJ4tHLuPPk9lkg_cFOTDgT-tQwFaUsTjf10bxulFE86nnqmDlFzkGIdR4J7gr81yJZwmuUNzMdolSYwjR-d359R0_ecAEzo67sZYC4AQDkAYBoAZNgAfr5-heqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgH35-xAtgHANIIEgiI4YAQEAEYHTIDqoIBOgKAQIAKA5gLAcgLAYAMAbATms3oDdATANgTA4gUAdgUAdAVAfgWAYAXAQ%26ae%3D1%26num%3D1%26cid%3DCAASKORo1ZdXs_-CgFo2R_bb0sZPRHXa9aAQzmxP-9QWQw2TFSstvOX_I8s%26sig%3DAOD64_3w8Fteqf3Xc3Y9hxTlIq2J8z7Ang%26client%3Dca-pub-4922954394584665%26dbm_c%3DAKAmf-BNLtYooUwo1UjHCmPwdjQiWfUzsiVGRrL2Q8tMA82WdIZnSWN_c4z2BnZM21CahHU1tNt_dEsfanf9pSEgbtQGgpdb_iFuxQdnC0ehlYvTHuTEXSW8c_dlPVXdQgN3CREPNtwjM8iYC4a2PhJD0bRqdXg8sw%26cry%3D1%26dbm_d%3DAKAmf-BId5PRRG_ZdeUGgYE-LgxEKYI9bnnmTI2xGTw2b_ixDx3smJUx6uA4CEXlu5B2gu5OsYEfy-eO-w5LdR0aMGOowE9uK9PYUsI_iafZUMVE-S4BT4fxutHhxvwNKK65pa0UYdm_GRH6nGjBKyLZf3_AEmAGrhNE2SKTRFprnDEfct692AGAb28dewSba-qb4glRw-g0eXfq75n0UvN33OBhMXqXTE_Bqdn5ol8bsOfo0usFefMx___NX-iLDiuVUCDMHP9Vw_9ZUnaTEMFBA0pLUU3OKnjXldsE17TTZEQq1bsN5BwQhKZcg-bfSEsyP8eShcan2NJ3Tj62tDiZx1fLWba9lqx2lZHL_x_GQ1Le6dpdIXIxK4Mid4Ntr1WVrKO9bg_VoDUosVevn7biBrVwrq_xQqveYiP6Yfe0GKqQ95lezd7kpPilMOP2fTruLonCCtY4cvNtQUQ8Mirf23omHc2WDt_l_VQiLrhLllufDB-nEidd2A1Bnmq2BKu5jeLjvw4SQNFk1W2bPffkjpIZwc9Oew%26adurl%3D&documentReferer=https%3A%2F%2Fwww.publinews.gt%2F&ancestorOrigins=https%3A%2F%2Fwww.publinews.gt&random=9769128962088&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0&uidRedirect=1
Requested by
Host: b646121064d0d0dec321ab1288f34722.safeframe.googlesyndication.com
URL: https://b646121064d0d0dec321ab1288f34722.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
HTTP/1.1
Server
46.4.10.47 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.47.10.4.46.clients.your-server.de
Software
Apache /
Resource Hash
a90fd7584941cb6a17c40a8a26a529e0418fa2bc58ded6347025a7c0b346acb8

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://b646121064d0d0dec321ab1288f34722.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 31 Aug 2022 16:16:23 GMT
Content-Encoding
gzip
Server
Apache
Vary
Accept-Encoding
P3P
CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Cache-Control
no-store, no-cache, must-revalidate, max-age=0
X-NEORY-SubId
50921200115005400757589012068002
Connection
close
Content-Type
application/x-javascript; charset=utf-8
Content-Length
726
Expires
Wed, 31 Aug 2022 17:16:23 +0200

Redirect headers

Pragma
no-cache
Date
Wed, 31 Aug 2022 16:16:23 GMT
Server
Apache
P3P
CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Location
request.php?zone=4as54di69f4s&nw=20&renderingType=javascript&namespace=9e402249d7&subid=&uid=9aea150153057ab1&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=300x250&scrollPos=0x0&extData[]=&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCUonQVokPY77iEo2ygAe1qaTYDt2t6Khgu4_f1IgK8C4QASDm3vh9YJXikIKgB8gBCakCojANkwrIsD6oAwGqBJgCT9CjDcVg09uQqBv4xvk__UTVPHL5pvCx8Jh_RBUpdav5qv3geswrlq1zXNj221bVb8Nnu-UZ8r-o57v7OZvWVBGH-mSNhpssd5TPA7RduPefg9RkxgTcUomqHUH-vnAy_UVDTpndYsvEBuG7PE1_JBkxjwpNOyQQrMSj-oetxCJdxCF6kojhKzY3D1Cts2B6QO4nxde1wR0e7BqHiINoeV1tpaYFnW4Iw3IhOeDCQ33AFgoRWs48vmx7eHxIcE9JvDHjMnh47_onFnv3Z-920QWh1pLGJ4tHLuPPk9lkg_cFOTDgT-tQwFaUsTjf10bxulFE86nnqmDlFzkGIdR4J7gr81yJZwmuUNzMdolSYwjR-d359R0_ecAEzo67sZYC4AQDkAYBoAZNgAfr5-heqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgH35-xAtgHANIIEgiI4YAQEAEYHTIDqoIBOgKAQIAKA5gLAcgLAYAMAbATms3oDdATANgTA4gUAdgUAdAVAfgWAYAXAQ%26ae%3D1%26num%3D1%26cid%3DCAASKORo1ZdXs_-CgFo2R_bb0sZPRHXa9aAQzmxP-9QWQw2TFSstvOX_I8s%26sig%3DAOD64_3w8Fteqf3Xc3Y9hxTlIq2J8z7Ang%26client%3Dca-pub-4922954394584665%26dbm_c%3DAKAmf-BNLtYooUwo1UjHCmPwdjQiWfUzsiVGRrL2Q8tMA82WdIZnSWN_c4z2BnZM21CahHU1tNt_dEsfanf9pSEgbtQGgpdb_iFuxQdnC0ehlYvTHuTEXSW8c_dlPVXdQgN3CREPNtwjM8iYC4a2PhJD0bRqdXg8sw%26cry%3D1%26dbm_d%3DAKAmf-BId5PRRG_ZdeUGgYE-LgxEKYI9bnnmTI2xGTw2b_ixDx3smJUx6uA4CEXlu5B2gu5OsYEfy-eO-w5LdR0aMGOowE9uK9PYUsI_iafZUMVE-S4BT4fxutHhxvwNKK65pa0UYdm_GRH6nGjBKyLZf3_AEmAGrhNE2SKTRFprnDEfct692AGAb28dewSba-qb4glRw-g0eXfq75n0UvN33OBhMXqXTE_Bqdn5ol8bsOfo0usFefMx___NX-iLDiuVUCDMHP9Vw_9ZUnaTEMFBA0pLUU3OKnjXldsE17TTZEQq1bsN5BwQhKZcg-bfSEsyP8eShcan2NJ3Tj62tDiZx1fLWba9lqx2lZHL_x_GQ1Le6dpdIXIxK4Mid4Ntr1WVrKO9bg_VoDUosVevn7biBrVwrq_xQqveYiP6Yfe0GKqQ95lezd7kpPilMOP2fTruLonCCtY4cvNtQUQ8Mirf23omHc2WDt_l_VQiLrhLllufDB-nEidd2A1Bnmq2BKu5jeLjvw4SQNFk1W2bPffkjpIZwc9Oew%26adurl%3D&documentReferer=https%3A%2F%2Fwww.publinews.gt%2F&ancestorOrigins=https%3A%2F%2Fwww.publinews.gt&random=9769128962088&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0&uidRedirect=1
Cache-Control
no-store, no-cache, must-revalidate, max-age=0
Connection
close
Content-Type
text/html; charset=UTF-8
Content-Length
0
Expires
Wed, 31 Aug 2022 17:16:23 +0200
ppzs-o_oDTLysEGEkZroIB51IgxzANAUgUjK_Y8VX9I.js
pagead2.googlesyndication.com/bg/ Frame 6EFE 		36 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/ppzs-o_oDTLysEGEkZroIB51IgxzANAUgUjK_Y8VX9I.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a69cecfa8fe80d32f2b04184919ae8201e75220c7300d0148148cafd8f155fd2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Wed, 31 Aug 2022 11:57:15 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
15548
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15877
x-xss-protection
0
last-modified
Mon, 22 Aug 2022 11:08:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 31 Aug 2023 11:57:15 GMT
PublinewsGT
syndication.twitter.com/srv/timeline-profile/screen-name/ Frame 9C56 		156 KB
14 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://syndication.twitter.com/srv/timeline-profile/screen-name/PublinewsGT?dnt=false&embedId=twitter-widget-0&frame=false&lang=es&maxHeight=600&origin=https%3A%2F%2Fwww.publinews.gt%2Fgt%2F&sessionId=147a02f0d19ff09125b09e9c7a4d047b596aa85a&showHeader=true&showReplies=false&siteScreenName=PublinewsGT&widgetsVersion=31f0cdc1eaa0f%3A1660602114609
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.244.42.136 , United States, ASN13414 (TWITTER, US),
Reverse DNS
Software
tsa_o /
Resource Hash
32b295ff5b47514003127c298ccbee1c43d9f536146560c47b64bb0713d2ddcf
Security Headers
Name Value
Strict-Transport-Security max-age=631138519
X-Xss-Protection 0

Request headers

Referer
https://www.publinews.gt/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
must-revalidate, max-age=60
content-encoding
gzip
content-length
13957
content-type
text/html; charset=utf-8
date
Wed, 31 Aug 2022 16:16:23 GMT
etag
"26e17-RygiWvns6prX++czruMJXToEzbM"
server
tsa_o
strict-transport-security
max-age=631138519
x-connection-hash
2f259f94a17e2ea9dbe19c47c0803ce3c3dbd00f780d177cf6f50e55a674a06c
x-response-time
498
x-xss-protection
0
/
c.mgid.com/pv/ 		0
66 B 		Script
General
Check archive.org
Download Go to
Full URL
https://c.mgid.com/pv/?pv=5&cbuster=1661962583463825179578&uniqId=12bcf&lct=1661299200&niet=4g&nisd=false&jsv=es6&ref=&cxurl=https%3A%2F%2Fwww.publinews.gt%2Fgt%2F&lu=https%3A%2F%2Fwww.publinews.gt%2Fgt%2F&sessionId=630f8957-0f694&pageView=1&pvid=182f4b07da794a4bf21&site=708914&implVersion=11&dpr=1
Requested by
Host: jsc.mgid.com
URL: https://jsc.mgid.com/p/u/publinews.gt.1129387.es6.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:1::6813:884e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.publinews.gt/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Wed, 31 Aug 2022 16:16:23 GMT
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
743712034aa19097-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
0
f0737e64-962c-4c3d-a637-f9ce775bc137
https://www.publinews.gt/ 		1 KB
0 		Media
General
Check archive.org
Download Go to
Full URL
blob:https://www.publinews.gt/f0737e64-962c-4c3d-a637-f9ce775bc137
Requested by
Host: www.publinews.gt
URL: https://www.publinews.gt/gt/
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
60ddc774c7b5fd0c01d169321a444da403d60c0042f6bee01b0c96f6e1535fda

Request headers

Referer
Accept-Encoding
identity;q=1, *;q=0
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
Range
bytes=0-

Response headers

Content-Range
bytes 0-1492/1493
Content-Length
1493
Content-Type
video/mp4
adchoices_default.png
static-de.ad4mat.net/ads/img/ad_markers_folder/ Frame B784 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static-de.ad4mat.net/ads/img/ad_markers_folder/adchoices_default.png
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/style/0.1.22/one-ad/default.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:61b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2eeaed1b310e214596abec926291c1a41c6333ddaeac312886fc0b5930d71f0e

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

x-goog-hash
crc32c=v7nNsg==, md5=eUyE0w4hPsahRNZCFfB1UQ==
date
Wed, 31 Aug 2022 16:16:23 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
18866865
x-guploader-uploadid
ADPycdvuqSd5z7x-P6zciDvJguhfevnTZzPv-sFvdv4VVTj2cCVUndir5fZqBzjNPOlq80uW-sAFhIkV33WDoT1aRSnwIseHrQ
x-goog-storage-class
STANDARD
x-goog-custom-time
1970-01-01T00:00:00Z
x-goog-metageneration
2
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
3262
x-goog-meta-
last-modified
Wed, 09 Jun 2021 12:35:14 GMT
server
cloudflare
etag
"794c84d30e213ec6a144d64215f07551"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vdzWo6yyYfJt8JnwfF0PALeDcFgRdvpaLNfzVV5bCM8p2UDKQkHxuvL2hUlens0qhNmdga02N%2BIsf9zEeRRZtGW7xLo81hu69xhCBmYCIjcfQKfcDry9Eh7shRtiGNRCrchYIQb5l0dJZG%2Bh6pSO%2FMg%2F"}],"group":"cf-nel","max_age":604800}
x-goog-generation
1623242114099744
content-type
image/png
cache-control
public, max-age=31536000, immutable
x-goog-stored-content-length
3262
accept-ranges
bytes
cf-ray
743712035db75b38-FRA
expires
Wed, 25 Jan 2023 07:28:38 GMT
frame.html
ad4m.at/ Frame A961 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ad4m.at/frame.html
Requested by
Host: ad4m.at
URL: https://ad4m.at/fxpcopuw.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5d485f783c7cc440cba21bb750ce67e191bce0783bfc6cff5f98e236e401b7ab

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
504672
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
public, max-age=3600
cf-cache-status
HIT
cf-ray
74371202fc42bbb0-FRA
content-encoding
br
content-language
en
content-type
text/html; charset=utf-8
date
Wed, 31 Aug 2022 16:16:23 GMT
expires
Thu, 25 Aug 2022 20:10:16 GMT
last-modified
Thu, 25 Aug 2022 14:12:41 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=aO5VjMUbZ5PpuXX1S9%2FvUS0GDetP6NbLBb2nunMTmlK1RelDDtGn4Hwk3WAl9nuJQH875VvAXv8vjpoyGUu2nDCXG6fqVCdB2g21gmeCMHDqmWZyWBdSxUiDgPJScfu4PSIhbPg%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
collect
cdn.firstimpression.io/tracking/ 		2 B
409 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://cdn.firstimpression.io/tracking/collect?b=1
Requested by
Host: ecdn.firstimpression.io
URL: https://ecdn.firstimpression.io/fi_client.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.122.112 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-122-112.fra60.r.cloudfront.net
Software
/
Resource Hash
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3

Request headers

Referer
https://www.publinews.gt/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Wed, 31 Aug 2022 16:16:23 GMT
access-control-request-method
*
x-amz-cf-pop
FRA60-P2
access-control-allow-methods
OPTIONS, GET, POST
content-type
text/plain
access-control-allow-origin
https://www.publinews.gt
access-control-allow-credentials
true
x-cache
Miss from cloudfront
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
content-length
2
via
1.1 508d9aac3b0097e502b117c1e7390bb0.cloudfront.net (CloudFront)
x-amz-cf-id
oXEGUiC4F9etfgcB20a3U3sUAYw8ayq5Jj70lBcfmK6rnxSRMA06IA==
rum
dsum-sec.casalemedia.com/ Frame 4161
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEJ4lR5yZuGZjQULyilTr5rg&google_cver=1
43 B
846 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEJ4lR5yZuGZjQULyilTr5rg&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLfi9QIQ0YXj8wEYtY7FwwEwAQ&v=APEucNVIvcP4MraefIYEf0igkgpdw1E_eWWIzQsPb9JL0fONSM8d2NZsYmKlNWj7FXLE8_rtYgpuI2Yg3cDeba7dgbxSGim-irSoMHCu-SNLZM0EF6ENKFTIccDzVNLT6C8XsacNxHpA7oi8EwtIvyVXBdoht_d7ebz7C-sYuucIPtsaYs0FDGE
Protocol
H3
Server
104.18.18.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

cf-ray
743712039da06945-FRA
pragma
no-cache
date
Wed, 31 Aug 2022 16:16:23 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OzP93xbHqJUXipP9aaTPGVwN0%2Fhy9L4rSjSeVIywS%2FH2s93R%2Fo4KEP6i%2FbL62k2iIbfsE42haLYeVsrt0CvvsetYGHoHAPYayl1PZiP7C33MPNVG7Fh3Ac5ahQwP%2FAKUvCUr3D%2FjHLl9Fw%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
cache-control
no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Wed, 31 Aug 2022 16:16:23 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEJ4lR5yZuGZjQULyilTr5rg&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
rum
dsum-sec.casalemedia.com/ Frame 4161
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=Yw.JV2VdAdTCKpuRnEKM-AAA
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEJ4lR5yZuGZjQULyilTr5rg&google_cver=1&google_hm=2
43 B
842 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEJ4lR5yZuGZjQULyilTr5rg&google_cver=1&google_hm=2
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLfi9QIQ0YXj8wEYtY7FwwEwAQ&v=APEucNVIvcP4MraefIYEf0igkgpdw1E_eWWIzQsPb9JL0fONSM8d2NZsYmKlNWj7FXLE8_rtYgpuI2Yg3cDeba7dgbxSGim-irSoMHCu-SNLZM0EF6ENKFTIccDzVNLT6C8XsacNxHpA7oi8EwtIvyVXBdoht_d7ebz7C-sYuucIPtsaYs0FDGE
Protocol
H3
Server
104.18.18.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

cf-ray
74371204bf516945-FRA
pragma
no-cache
date
Wed, 31 Aug 2022 16:16:23 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nHUr5OxLuDhOVWJD1eujNt5cLduE2X5QrpdYFAwvgjKRE8zhTXwTF0gKvME488g148EafG3%2FGMU8XpCenszTKnLFjrw9n2KhMsTdGQZKkj1u%2BAxK5IGBXeeXEcXGzsDuueByuBOce4JT3Q%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
cache-control
no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Wed, 31 Aug 2022 16:16:23 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEJ4lR5yZuGZjQULyilTr5rg&google_cver=1&google_hm=2
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
329
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
setuid
ib.adnxs.com/ Frame 4161
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
  • https://ib.adnxs.com/setuid?entity=101&code=CAESEN_5Wqu3FT5vusPpgxQ0xRM&google_cver=1
43 B
1020 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/setuid?entity=101&code=CAESEN_5Wqu3FT5vusPpgxQ0xRM&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLfi9QIQ0YXj8wEYtY7FwwEwAQ&v=APEucNVIvcP4MraefIYEf0igkgpdw1E_eWWIzQsPb9JL0fONSM8d2NZsYmKlNWj7FXLE8_rtYgpuI2Yg3cDeba7dgbxSGim-irSoMHCu-SNLZM0EF6ENKFTIccDzVNLT6C8XsacNxHpA7oi8EwtIvyVXBdoht_d7ebz7C-sYuucIPtsaYs0FDGE
Protocol
HTTP/1.1
Server
185.89.210.20 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
944.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 31 Aug 2022 16:16:23 GMT
X-Proxy-Origin
185.213.155.166; 185.213.155.166; 944.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
AN-X-Request-Uuid
8f10254a-30b6-428b-a737-eae9dc97ae98
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma
no-cache
date
Wed, 31 Aug 2022 16:16:23 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://ib.adnxs.com/setuid?entity=101&code=CAESEN_5Wqu3FT5vusPpgxQ0xRM&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
290
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 4161
Redirect Chain
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NjM0Mzc5NTgyMTk5OTA1NzM0OQ%3D%3D
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NjM0Mzc5NTgyMTk5OTA1NzM0OQ%3D%3D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLfi9QIQ0YXj8wEYtY7FwwEwAQ&v=APEucNVIvcP4MraefIYEf0igkgpdw1E_eWWIzQsPb9JL0fONSM8d2NZsYmKlNWj7FXLE8_rtYgpuI2Yg3cDeba7dgbxSGim-irSoMHCu-SNLZM0EF6ENKFTIccDzVNLT6C8XsacNxHpA7oi8EwtIvyVXBdoht_d7ebz7C-sYuucIPtsaYs0FDGE
Protocol
H3
Server
142.250.186.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 31 Aug 2022 16:16:23 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Wed, 31 Aug 2022 16:16:23 GMT
X-Proxy-Origin
185.213.155.166; 185.213.155.166; 944.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
AN-X-Request-Uuid
7a8a9a38-7b00-4045-bbdd-59e6ff387ebd
Server
nginx/1.21.3
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NjM0Mzc5NTgyMTk5OTA1NzM0OQ%3D%3D
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
express_html_inpage_rendering_lib_200_276.js
s0.2mdn.net/879366/ Frame 85EA 		106 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_276.js
Requested by
Host: www.publinews.gt
URL: https://www.publinews.gt/gt/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e41d1ae45acbf836b8dcc29544c7e41cced4211214df601d5284a7e9c7134c73
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://b646121064d0d0dec321ab1288f34722.safeframe.googlesyndication.com/
Origin
https://b646121064d0d0dec321ab1288f34722.safeframe.googlesyndication.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Wed, 31 Aug 2022 07:50:56 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
30327
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
37872
x-xss-protection
0
last-modified
Wed, 02 Mar 2022 23:07:26 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Thu, 01 Sep 2022 07:50:56 GMT
omrhp.js
pagead2.googlesyndication.com/pagead/js/r20220829/r20110914/elements/html/ Frame 85EA 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20220829/r20110914/elements/html/omrhp.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-Cc23gTHtn92VKCeOQnEDYK7lcsIkfshRH1RyHzmlG8hskWUJff7hvqcRNnxGfHwBvaI7CV-7GMb5vOeKSAE_l_sSIYvDRe8VTk-_75M7yLbGcrYPz06tQKSF5DN10JJJ0k-MBDb3yn4tjCnmYLv6jK0fkH6g&dbm_d=AKAmf-DNuYs0i0G0CLc8ghzhria7mlEksFKhluN-FCUir7ltaU9zXusU8YaPHTtwLVoBxjBJeSsckGZTcu3Ij9YhfCVxEgbngX4rBpfLl8jtaVHkjXGiK_vdk5Ml-kgY_7be4deyZAvIUFVyC4P9jaWj219InWeeVs2A04jJJunmEHD_FbTGfrqOJOVjAytq-HxW-LfeFvDpSXkW1Ypdl25-xHIyVaoGVRVn37DNisKCz-PWFxEePavcOj2Q4-MgbltFcRDwe6L95Lq_-C19kbanNLfi4hO2GaaCt4dDhWj_gmRbJRxYHmbCDpvmZ62ABeKWgt42rILVbucCYvt2nPkzRhHzHgTbLSl49bn45ouzLO6qpD2vKELUP2hldoeHvdXxRRpt8XL9jD2jco5dtKh3MEXsb1gSQ3zDWX_ebUohF5WVf55OnZ0RV7JVZpzmJKgjU2DcwPStsLJpPpvI5kuDVGwjub_FxJUm0AMOiUi6AQz91hZY1-ZOkoTq_2V7W1dfSVdgKTntJ-FlIKJ-4q6gNx_w-jbjs8hv4CAkTF9sLyfv4C2uZRwgthvfWLjCMUaRHmdIHYj-FPWcFLZwqGHa_kgNzQlyTSPX1-KgnlmIReSuyfOO_6nZhkofRaC0AzOS3MoLJI-R3TeikPp05Z00m4lbcAjvdjxVOHp_Y0FyfYMKtnXmv4dSX5Aiw9rYa9S09nzjT3LlYcdeWG7U3VK6B9P9TKwGlJMM4TuGKA2Jit3_ftcCl2nWTvlI30rXcC16U9V8otkF5-yEQM3DaKTuKg7o5JekJ9kzlB1Txw15zXx3JPNyrhsmhXMYNQniOBqJxKJpaX4bhYvQNgdPG7QfQSHgtI44GdNRqLrZb8WUknJVaI7dzEaVsoMnV1f2LsaBaF4BRFreAqTG9JU8agZ1vLXANNxC-YcjHlUq5-GJEWTH47b32aK3b3Ofu235842mrl0xoeouvyuCpp677mrSObsOVuT5vtpijjUi9OBAiUBN4j2t6JgfJYMlhKmCOjFzIE6ly0mpvoMBpF_GJpYh8hoimEhJ3Y7MS1Bi6up4h9aIR8Kbbptu-Du63g46J_t1vtPe2EljLFc5CZuaf3P91MCY27LwqgrDyfFpIXAqzrkYL196zWUCdQ_Htp5XV2SqZlUTFyEstbq0DGYrkn6i8iW-EPZXVmu-cAmRspjsH-AW9MgOPPhqcNB17TZ6ERaigsJck25u8YHVXYc5PbtqZDxAbK4xXm4eHBL1rxOHi1meuZt3liOvEgghkFw4H2F_O4Ch2ZGjgEhO66CXeI2HcKWgGwkEPLj2B35-VPqq6Y9s9vGpCpd_qyjGbF1ZPgtl8zZUamTQN2SGWgAzEdJx5Fc2m-MyEi_xjl-6iO70VCXXAw_xSzqsAoJC2ZPzOlDId9vac1tlmoXTHt20Oc10_gsiRIry_MzeVx1tWGIUVEploCyb6rJFBpV3sQYtWBzuraUAa4XbE67dJ-BzImx0T0czHodfU0ucac36rBYQ9nFQAAGcdMgQ2FO7f9_Y5b21NlZJCzW785ZDalsOsXXQSJ7lCZnjvNGxo8UdLejBZN2aj7yJ1EKV8C4sArO4m-57v0Zn5iihucYmqg3DjC9HNbWDOXaFmeSJVoZ_8C3EHxwOyX4EJOhUHTks7uSihaDemNAeXwRrFsv644fhEvG22bfiPKzVZrr5nmhZed222C8pATzNPnZkTHFL9omS9N2-iomIke0G1kEGBJgK6dkJnuyKdIOOsXGqOgxRrEfcxOlfvsaWhBelXNzrjoEVhHubz10tyJiid6BBZfN-vdYm7eCUDpge_tVTWewy-61mTX4lHyW6K0onq_jSHssVA7Aa1oZvDyEFbwIs4hEFkPgewjG41ibMgWr6_t7pE5WksFksXPoJJpFABKJqFCBAlBPCYb-oPw41niWPjK1-EFq-s-3yhU4ZJwwHlupHHsbbkJ3ag4cbxSXM4d60xSg0rYKZc2GNU9V712WF5ttNdw3gcSgeGyRx3reDZl8vxIIJ1oR2pYWZ2e06KvUtMgG-8jxM2yUarwHEAX73p17YgECtlWca1ORiAeTsniYWMP-80-8E7fxqHQwv2PRyW7isri6rkuGPr004-YkAsL2W7EOwmNH4XmDMc4XWEU4DLHg-3NVC1flb0PdUiAGANdHDLOmcw01FNRzi272skhq2gGQvdjhV9-a49gc15VYyQ5mQXiFxBREkwiih41S2kgRjC3uSwVzUwKEytgcKhRThgH2h9vmHfX5c-k059VxhTAqmhtfit84dNTmed6QB9SzQOVZDi5kS3VmE200-x8A6LKc5zEqL6IlnlRh6aNlIGcxYw4CEUzJCJdwS5uR9w_-hODR6fhMcAq3JclWejkUfJcW8FZs9UXz4iuYGmw5Mhg5rhw3NaV9vhoxm6DPdjCqLskqNYSaXL1gEF74CXB0-G_j0n44sD4Ha_6l_zSTsJlIthxHZcfXB6gFp8bsiuwanIGMXLABzpdYqlbqyVsZxelSg9pPPINICDNulnuxCtI7Gspcr5G7U-Usg--4G17V4lXXSO7S6HW_9um6hFMDpRE_k9GNF0zyT5jDAmLckDLWVwcTQUQGceowaKXH4LYLOHCLT-BevUxYQWEp4C3a0YJG8TfeEAYvS4CIIyPFBUhM2MZTCjjX_pIqQg6W7RREQSt_r1C5KM4s35WyiIuKMyErp0anjmckeSdeBpPpruDz4_nSQv5X2MZlsqej1AM7MmXPuiw7OpW4hJfkH3LMScd8RUPsl3rzEx823mF9GhyNTgTFwZYB-gTtDQ-KR-44pr0H0yQdPKVfnZS039J8Ju1ApuY9dY-35RZn0hMe-EAeQR7yLFJn7E0v9ixDOlTuC7Jc0WuIcV7cysTy8swbgXxUV554h25ladacflgm87PCKKX8VRoM92sla9Z6HdvVxc9StSG59LO8TnkhRA5nYpfr1qPGcuTyc6bEcD4byhbKv1rKITUI1IikQDdAAFfxVgUZknX3b2QTnWLu61civez-5hFIPt4vQUqBPKr_ZFFyz8Nomg1Vjj_VXGY391qphduO5_ABxD3CxwUkBa686UZFt7N3r1s5LYHz2AdwX4SK7bhlhv3qKGDdVYXKc5tQFzkm5l_bnXjme8FE84oA_JoQAP403YLO_XLtOzLChVcuxQrc9ChLCo1lmviTKobkubNYkFfUt8NYH6vGg66yKymUgKX2BXlA1M6uLhzc3tXufuT9zsSg0CI0ZEtYH7BwUQXdqldd0NPJdZLPOLsC-DRM2gEfqFWFf3w&cid=CAASJORowU4SY5iXnHV-_fiXB2-aUM8C1NPzPwRPhqOw7uHPrKRN7A&rfl=1%2Chttps%253A%252F%252Fwww.publinews.gt%252F%240
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
c9499ea51a2956fd2c1600591ae117fe9ad81065d625b1b2c593c7720e5b228f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://b646121064d0d0dec321ab1288f34722.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Wed, 31 Aug 2022 16:14:54 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
89
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3181
x-xss-protection
0
server
cafe
etag
18418590997839133011
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 14 Sep 2022 16:14:54 GMT
abg_lite.js
pagead2.googlesyndication.com/pagead/js/r20220829/r20110914/ Frame 85EA 		30 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20220829/r20110914/abg_lite.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-Cc23gTHtn92VKCeOQnEDYK7lcsIkfshRH1RyHzmlG8hskWUJff7hvqcRNnxGfHwBvaI7CV-7GMb5vOeKSAE_l_sSIYvDRe8VTk-_75M7yLbGcrYPz06tQKSF5DN10JJJ0k-MBDb3yn4tjCnmYLv6jK0fkH6g&dbm_d=AKAmf-DNuYs0i0G0CLc8ghzhria7mlEksFKhluN-FCUir7ltaU9zXusU8YaPHTtwLVoBxjBJeSsckGZTcu3Ij9YhfCVxEgbngX4rBpfLl8jtaVHkjXGiK_vdk5Ml-kgY_7be4deyZAvIUFVyC4P9jaWj219InWeeVs2A04jJJunmEHD_FbTGfrqOJOVjAytq-HxW-LfeFvDpSXkW1Ypdl25-xHIyVaoGVRVn37DNisKCz-PWFxEePavcOj2Q4-MgbltFcRDwe6L95Lq_-C19kbanNLfi4hO2GaaCt4dDhWj_gmRbJRxYHmbCDpvmZ62ABeKWgt42rILVbucCYvt2nPkzRhHzHgTbLSl49bn45ouzLO6qpD2vKELUP2hldoeHvdXxRRpt8XL9jD2jco5dtKh3MEXsb1gSQ3zDWX_ebUohF5WVf55OnZ0RV7JVZpzmJKgjU2DcwPStsLJpPpvI5kuDVGwjub_FxJUm0AMOiUi6AQz91hZY1-ZOkoTq_2V7W1dfSVdgKTntJ-FlIKJ-4q6gNx_w-jbjs8hv4CAkTF9sLyfv4C2uZRwgthvfWLjCMUaRHmdIHYj-FPWcFLZwqGHa_kgNzQlyTSPX1-KgnlmIReSuyfOO_6nZhkofRaC0AzOS3MoLJI-R3TeikPp05Z00m4lbcAjvdjxVOHp_Y0FyfYMKtnXmv4dSX5Aiw9rYa9S09nzjT3LlYcdeWG7U3VK6B9P9TKwGlJMM4TuGKA2Jit3_ftcCl2nWTvlI30rXcC16U9V8otkF5-yEQM3DaKTuKg7o5JekJ9kzlB1Txw15zXx3JPNyrhsmhXMYNQniOBqJxKJpaX4bhYvQNgdPG7QfQSHgtI44GdNRqLrZb8WUknJVaI7dzEaVsoMnV1f2LsaBaF4BRFreAqTG9JU8agZ1vLXANNxC-YcjHlUq5-GJEWTH47b32aK3b3Ofu235842mrl0xoeouvyuCpp677mrSObsOVuT5vtpijjUi9OBAiUBN4j2t6JgfJYMlhKmCOjFzIE6ly0mpvoMBpF_GJpYh8hoimEhJ3Y7MS1Bi6up4h9aIR8Kbbptu-Du63g46J_t1vtPe2EljLFc5CZuaf3P91MCY27LwqgrDyfFpIXAqzrkYL196zWUCdQ_Htp5XV2SqZlUTFyEstbq0DGYrkn6i8iW-EPZXVmu-cAmRspjsH-AW9MgOPPhqcNB17TZ6ERaigsJck25u8YHVXYc5PbtqZDxAbK4xXm4eHBL1rxOHi1meuZt3liOvEgghkFw4H2F_O4Ch2ZGjgEhO66CXeI2HcKWgGwkEPLj2B35-VPqq6Y9s9vGpCpd_qyjGbF1ZPgtl8zZUamTQN2SGWgAzEdJx5Fc2m-MyEi_xjl-6iO70VCXXAw_xSzqsAoJC2ZPzOlDId9vac1tlmoXTHt20Oc10_gsiRIry_MzeVx1tWGIUVEploCyb6rJFBpV3sQYtWBzuraUAa4XbE67dJ-BzImx0T0czHodfU0ucac36rBYQ9nFQAAGcdMgQ2FO7f9_Y5b21NlZJCzW785ZDalsOsXXQSJ7lCZnjvNGxo8UdLejBZN2aj7yJ1EKV8C4sArO4m-57v0Zn5iihucYmqg3DjC9HNbWDOXaFmeSJVoZ_8C3EHxwOyX4EJOhUHTks7uSihaDemNAeXwRrFsv644fhEvG22bfiPKzVZrr5nmhZed222C8pATzNPnZkTHFL9omS9N2-iomIke0G1kEGBJgK6dkJnuyKdIOOsXGqOgxRrEfcxOlfvsaWhBelXNzrjoEVhHubz10tyJiid6BBZfN-vdYm7eCUDpge_tVTWewy-61mTX4lHyW6K0onq_jSHssVA7Aa1oZvDyEFbwIs4hEFkPgewjG41ibMgWr6_t7pE5WksFksXPoJJpFABKJqFCBAlBPCYb-oPw41niWPjK1-EFq-s-3yhU4ZJwwHlupHHsbbkJ3ag4cbxSXM4d60xSg0rYKZc2GNU9V712WF5ttNdw3gcSgeGyRx3reDZl8vxIIJ1oR2pYWZ2e06KvUtMgG-8jxM2yUarwHEAX73p17YgECtlWca1ORiAeTsniYWMP-80-8E7fxqHQwv2PRyW7isri6rkuGPr004-YkAsL2W7EOwmNH4XmDMc4XWEU4DLHg-3NVC1flb0PdUiAGANdHDLOmcw01FNRzi272skhq2gGQvdjhV9-a49gc15VYyQ5mQXiFxBREkwiih41S2kgRjC3uSwVzUwKEytgcKhRThgH2h9vmHfX5c-k059VxhTAqmhtfit84dNTmed6QB9SzQOVZDi5kS3VmE200-x8A6LKc5zEqL6IlnlRh6aNlIGcxYw4CEUzJCJdwS5uR9w_-hODR6fhMcAq3JclWejkUfJcW8FZs9UXz4iuYGmw5Mhg5rhw3NaV9vhoxm6DPdjCqLskqNYSaXL1gEF74CXB0-G_j0n44sD4Ha_6l_zSTsJlIthxHZcfXB6gFp8bsiuwanIGMXLABzpdYqlbqyVsZxelSg9pPPINICDNulnuxCtI7Gspcr5G7U-Usg--4G17V4lXXSO7S6HW_9um6hFMDpRE_k9GNF0zyT5jDAmLckDLWVwcTQUQGceowaKXH4LYLOHCLT-BevUxYQWEp4C3a0YJG8TfeEAYvS4CIIyPFBUhM2MZTCjjX_pIqQg6W7RREQSt_r1C5KM4s35WyiIuKMyErp0anjmckeSdeBpPpruDz4_nSQv5X2MZlsqej1AM7MmXPuiw7OpW4hJfkH3LMScd8RUPsl3rzEx823mF9GhyNTgTFwZYB-gTtDQ-KR-44pr0H0yQdPKVfnZS039J8Ju1ApuY9dY-35RZn0hMe-EAeQR7yLFJn7E0v9ixDOlTuC7Jc0WuIcV7cysTy8swbgXxUV554h25ladacflgm87PCKKX8VRoM92sla9Z6HdvVxc9StSG59LO8TnkhRA5nYpfr1qPGcuTyc6bEcD4byhbKv1rKITUI1IikQDdAAFfxVgUZknX3b2QTnWLu61civez-5hFIPt4vQUqBPKr_ZFFyz8Nomg1Vjj_VXGY391qphduO5_ABxD3CxwUkBa686UZFt7N3r1s5LYHz2AdwX4SK7bhlhv3qKGDdVYXKc5tQFzkm5l_bnXjme8FE84oA_JoQAP403YLO_XLtOzLChVcuxQrc9ChLCo1lmviTKobkubNYkFfUt8NYH6vGg66yKymUgKX2BXlA1M6uLhzc3tXufuT9zsSg0CI0ZEtYH7BwUQXdqldd0NPJdZLPOLsC-DRM2gEfqFWFf3w&cid=CAASJORowU4SY5iXnHV-_fiXB2-aUM8C1NPzPwRPhqOw7uHPrKRN7A&rfl=1%2Chttps%253A%252F%252Fwww.publinews.gt%252F%240
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
dac404ab5c3fcdc83e30b66349bccf92526406c5fdd63b9c1394acf78348ac52
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://b646121064d0d0dec321ab1288f34722.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Wed, 31 Aug 2022 16:14:59 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
84
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11766
x-xss-protection
0
server
cafe
etag
14053427913132020778
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 14 Sep 2022 16:14:59 GMT
container.html
b646121064d0d0dec321ab1288f34722.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 359B 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://b646121064d0d0dec321ab1288f34722.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022082501.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.publinews.gt/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
1
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, immutable, max-age=31536000
content-encoding
gzip
content-length
3108
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Wed, 31 Aug 2022 16:16:22 GMT
expires
Thu, 31 Aug 2023 16:16:22 GMT
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
downsize_200k_v1
tpc.googlesyndication.com/simgad/8237273814928596136/ Frame ADB5 		158 KB
158 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/8237273814928596136/downsize_200k_v1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6383764698994707&output=html&h=280&slotname=3742502606&adk=174841845&adf=2764318805&pi=t.ma~as.3742502606&w=1200&fwrn=4&fwrnh=100&lmt=1661962582&rafmt=1&psa=0&format=1200x280&url=https%3A%2F%2Fwww.publinews.gt%2Fgt%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1661962582593&bpp=3&bdt=951&idt=79&shv=r20220829&mjsv=m202208250101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D3e919791225ba04a-22279d160fce002a%3AT%3D1661962582%3AS%3DALNI_Ma962-5CeT1YBQGE3h12GnrP9tFJQ&prev_fmts=0x0&nras=1&correlator=7758249439997&frm=20&pv=1&ga_vid=691347407.1661962582&ga_sid=1661962582&ga_hid=1812898241&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=120&ady=3882&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31069217%2C44772915%2C31062931&oid=2&pvsid=370390444806995&tmod=117887328&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7ClEebr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=8&uci=a!8&btvi=1&fsb=1&xpc=g4YKPmXyTo&p=https%3A//www.publinews.gt&dtd=86
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
95d7d3083e81afabb7f98081004127210be1edf60e170cf14b091a014c554205
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Sun, 28 Aug 2022 00:33:15 GMT
x-content-type-options
nosniff
age
315788
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
161579
x-xss-protection
0
last-modified
Sat, 16 Apr 2022 08:29:34 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Mon, 28 Aug 2023 00:33:15 GMT
adview
googleads.g.doubleclick.net/pagead/ Frame ADB5 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/adview?ai=CVnYGVokPY9SfLszEtweA_rewCKHvg9dptICxjKEQ3aq81_ICEAEggrzqJGCV4pCCoAegAdCU58YoyAEJqQIbp_t6LyCxPqgDAcgDywSqBJACT9CFt7OpCi_PNaWmL420FhWvRKmWuf5XqW01pmG0luwVrst0ITQBdG_w697903TO-XrHsOdGroK5y5Fhy8YCSqjkfLqNtZbHLc_W-mXhXl4XeTrnzRpuHN9u0pjAOqudt82x-Uovx16nHfsMDFdT_KxP-NhB8RUjzwnIwRUrScH-OPNPePytaYbt-OhcbEJ9z7Gcpg1EUrzIaPFZLhv2b3MSX-QsaebpgXRUzEmA07DZ8oB5XCtXXHJlUaaincomEMFjp-hJ3nJRLEyGEMRB6KNbNkkmjE_HUOQPE_5FRm8kxCaQKvWiveZnx_l-eQgGCH069djhLgA9PuzPTE3zZt1m3y7EqzYr3lzbNTR3Nw_ABKvl8Pv3A5IFBAgEGAGSBQQIBRgEoAYugAfQzLemA6gHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4b2AcA8gcEENmIGNIIEQiA4YAQEAEYHzICqgI6AoBAgAoByAsBuBPkA9gTCtAVAYAXAbIXHAoaCAASFHB1Yi02MzgzNzY0Njk4OTk0NzA3GAA&sigh=pAetFKxTiE0&uach_m=[UACH]&template_id=484
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6383764698994707&output=html&h=280&slotname=3742502606&adk=174841845&adf=2764318805&pi=t.ma~as.3742502606&w=1200&fwrn=4&fwrnh=100&lmt=1661962582&rafmt=1&psa=0&format=1200x280&url=https%3A%2F%2Fwww.publinews.gt%2Fgt%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1661962582593&bpp=3&bdt=951&idt=79&shv=r20220829&mjsv=m202208250101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D3e919791225ba04a-22279d160fce002a%3AT%3D1661962582%3AS%3DALNI_Ma962-5CeT1YBQGE3h12GnrP9tFJQ&prev_fmts=0x0&nras=1&correlator=7758249439997&frm=20&pv=1&ga_vid=691347407.1661962582&ga_sid=1661962582&ga_hid=1812898241&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=120&ady=3882&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31069217%2C44772915%2C31062931&oid=2&pvsid=370390444806995&tmod=117887328&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7ClEebr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=8&uci=a!8&btvi=1&fsb=1&xpc=g4YKPmXyTo&p=https%3A//www.publinews.gt&dtd=86
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6383764698994707&output=html&h=280&slotname=3742502606&adk=174841845&adf=2764318805&pi=t.ma~as.3742502606&w=1200&fwrn=4&fwrnh=100&lmt=1661962582&rafmt=1&psa=0&format=1200x280&url=https%3A%2F%2Fwww.publinews.gt%2Fgt%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1661962582593&bpp=3&bdt=951&idt=79&shv=r20220829&mjsv=m202208250101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D3e919791225ba04a-22279d160fce002a%3AT%3D1661962582%3AS%3DALNI_Ma962-5CeT1YBQGE3h12GnrP9tFJQ&prev_fmts=0x0&nras=1&correlator=7758249439997&frm=20&pv=1&ga_vid=691347407.1661962582&ga_sid=1661962582&ga_hid=1812898241&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=120&ady=3882&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31069217%2C44772915%2C31062931&oid=2&pvsid=370390444806995&tmod=117887328&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7ClEebr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=8&uci=a!8&btvi=1&fsb=1&xpc=g4YKPmXyTo&p=https%3A//www.publinews.gt&dtd=86
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

timing-allow-origin
*
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
date
Wed, 31 Aug 2022 16:16:23 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame 3710 		1 KB
749 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6383764698994707&output=html&h=280&slotname=3742502606&adk=174841845&adf=2764318805&pi=t.ma~as.3742502606&w=1200&fwrn=4&fwrnh=100&lmt=1661962582&rafmt=1&psa=0&format=1200x280&url=https%3A%2F%2Fwww.publinews.gt%2Fgt%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1661962582593&bpp=3&bdt=951&idt=79&shv=r20220829&mjsv=m202208250101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D3e919791225ba04a-22279d160fce002a%3AT%3D1661962582%3AS%3DALNI_Ma962-5CeT1YBQGE3h12GnrP9tFJQ&prev_fmts=0x0&nras=1&correlator=7758249439997&frm=20&pv=1&ga_vid=691347407.1661962582&ga_sid=1661962582&ga_hid=1812898241&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=120&ady=3882&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31069217%2C44772915%2C31062931&oid=2&pvsid=370390444806995&tmod=117887328&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7ClEebr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=8&uci=a!8&btvi=1&fsb=1&xpc=g4YKPmXyTo&p=https%3A//www.publinews.gt&dtd=86
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
38657
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=86400
content-encoding
gzip
content-length
724
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Wed, 31 Aug 2022 05:32:06 GMT
etag
48472445140208031
expires
Thu, 01 Sep 2022 05:32:06 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
truncated
/ Frame ADB5 		217 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
3fec50f77d2bb360260dbf8f592354dd5c9fd9a77a80e5bb6df38c59cb135a22

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

Content-Type
image/png
activeview
pagead2.googlesyndication.com/pcs/ Frame A312 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssSEATPy_rP73XrGUe8qb25Z6vKIi-E5a_8N3TsWgp78zO3mbj90KbmYCM9EOikCsGuTYCxEUnSotPAPn-5-1ukpvvcVM9Jlve9M7PShjmAoGpV1uprhn28RBfs0pXQSyIF_dCG9W40s0OGLUtQtmCZlTQbuVKJKiNBtJtZ8xyKMhCBEhnABs7VkB3S9cV9ZhoXaP4m71C9HkPQAXBYORJAIHtBbtUoTdMMdIMr6EgVlv3WEDTjNs9uPDixdeIu-hrIWclnM-s_0OgqUARfwX2GPGOKSrDSRoNTVnkCMNzhBui9uQgDq-kiZBRN-PKaCrOfy48rD-h-Pbgj1ty1&sai=AMfl-YSAbRbkwOMSFrBchg2eeBU6rpBL_yhEkoc7Ko5wIDdDChuABy9-pi_woZdi6u1Bu7UiUHzjuKSafHaUmXcrD2VQRLL06Ab7hKgj64_VsCe1SD6CAIugtOACoefDZK-cpQ&sig=Cg0ArKJSzMlgFCI_pY9VEAE&id=lidar2&mcvt=1030&p=8,0,808,1600&mtos=1030,1030,1030,1030,1030&tos=1030,0,0,0,0&v=20220829&bin=7&avms=nio&bs=1600,1200&mc=1&vu=1&app=0&itpl=19&adk=3023400616&rs=4&la=1&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1661962582419&rpt=166&isd=0&lsd=0&met=ie&wmsd=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.publinews.gt/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 31 Aug 2022 16:16:23 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
MGID_plus.svg
cdn.mgid.com/images/logos/ 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.mgid.com/images/logos/MGID_plus.svg
Requested by
Host: www.publinews.gt
URL: https://www.publinews.gt/gt/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:1::6813:884e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
741932350156677164b36a1506347cfd558bc502310bd1d50e246d454c4c1131

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.publinews.gt/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Wed, 31 Aug 2022 16:16:23 GMT
content-encoding
br
cf-cache-status
HIT
age
3087
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id
67ZG7SP8DNFCVTQJ
x-amz-id-2
gBBZPLDQhKmBhK7vlxlqP6K64w2SI1HbhmOh1XyJ5zYwBFOmN7k53HNoa9ktypS8UDIE4nfJgXw=
last-modified
Tue, 23 Feb 2021 16:22:15 GMT
server
cloudflare
x-amz-meta-s3cmd-attrs
atime:1614097325/ctime:1614097325/gid:0/gname:root/md5:f7525f3a5f32c6f4a8e9867e9f57ab45/mode:33206/mtime:1614097325/uid:0/uname:root
etag
W/"f7525f3a5f32c6f4a8e9867e9f57ab45"
vary
Accept-Encoding
content-type
image/svg+xml
cache-control
public, max-age=86400
x-amz-version-id
null
cf-ray
74371203db439097-FRA
expires
Thu, 01 Sep 2022 16:16:23 GMT
Adchoices.svg
cdn.mgid.com/images/logos/ 		836 B
813 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.mgid.com/images/logos/Adchoices.svg
Requested by
Host: www.publinews.gt
URL: https://www.publinews.gt/gt/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:1::6813:884e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7992a4430843ef8b4bbae534358be3193aa1ae9c78f273e8e8a70b6af1244ac5

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.publinews.gt/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Wed, 31 Aug 2022 16:16:23 GMT
content-encoding
br
cf-cache-status
HIT
age
1987
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id
BQQP2P0ZGAY0CMXJ
x-amz-id-2
Cxr/h9GEH2cm2grnKHiXrIw5MioqY/kDhHlX9SIKfHkMPhFjrTu42FaOoPgYIABs4KQfQTtjm/c=
last-modified
Wed, 17 Feb 2021 18:15:53 GMT
server
cloudflare
x-amz-meta-s3cmd-attrs
atime:1613585745/ctime:1613585745/gid:0/gname:root/md5:7d59364b7ed2df3f02507c9f92560df9/mode:33206/mtime:1613585745/uid:0/uname:root
etag
W/"7d59364b7ed2df3f02507c9f92560df9"
vary
Accept-Encoding
content-type
image/svg+xml
cache-control
public, max-age=86400
x-amz-version-id
null
cf-ray
74371203db3f9097-FRA
expires
Thu, 01 Sep 2022 16:16:23 GMT
AVmanager.js
player.aniview.com/script/6.1/ Frame F4DF 		388 KB
110 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5d31fb2628a06116ff22aef3
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/player.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2a02:26f0:3500:595::2c79 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
UploadServer /
Resource Hash
5968deed67db36c17098f115d0fd4318e4ef3616b6c3541da921599e64689040

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.publinews.gt/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Wed, 31 Aug 2022 16:16:23 GMT
content-encoding
gzip
x-guploader-uploadid
ADPycdv9k9cVq92mzNjQVAEk3nvYbWP81vYa42IhLQcO_UqBEfQrr1FitHi7LAqfkL5AI4NrQPmuuFWEDYlCVibPbBi9eG6ZuaDm
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
content-length
111996
last-modified
Tue, 30 Aug 2022 07:41:05 GMT
server
UploadServer
etag
"39abf610a1c41bfb1963220128a9136d"
vary
Accept-Encoding
x-goog-hash
crc32c=ixGcvg==, md5=Oav2EKHEG/sZYyIBKKkTbQ==
x-goog-generation
1661845265455307
access-control-allow-origin
*
access-control-expose-headers
Content-Type
cache-control
max-age=300
x-goog-stored-content-length
111996
accept-ranges
bytes
content-type
application/javascript
expires
Wed, 31 Aug 2022 16:21:23 GMT
UFYwWwmt.js
tpc.googlesyndication.com/sodar/ Frame 85EA 		41 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Requested by
Host: b646121064d0d0dec321ab1288f34722.safeframe.googlesyndication.com
URL: https://b646121064d0d0dec321ab1288f34722.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://b646121064d0d0dec321ab1288f34722.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Wed, 31 Aug 2022 04:57:30 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
40733
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15207
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 31 Aug 2023 04:57:30 GMT
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame 2FDB 		1 KB
749 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: b646121064d0d0dec321ab1288f34722.safeframe.googlesyndication.com
URL: https://b646121064d0d0dec321ab1288f34722.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://b646121064d0d0dec321ab1288f34722.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
38657
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=86400
content-encoding
gzip
content-length
724
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Wed, 31 Aug 2022 05:32:06 GMT
etag
48472445140208031
expires
Thu, 01 Sep 2022 05:32:06 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
truncated
/ Frame 85EA 		212 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
59fd35519fa1bddd6988726bc9326f0c9c0149342d486a62baa39455de2521df

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

Content-Type
image/png
adview
securepubads.g.doubleclick.net/pagead/ Frame 359B 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=C16wUV4kPY9jADqqMx_AP2bS1oASQ4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi00OTIyOTU0Mzk0NTg0NjY1oAHCrujdA8gBCakCi8n6AZ_KsD7gAgCoAwGqBJECT9AiQxi8xUFH8psh-I_uWJSRwHzXA7V1KgJbQ7UbRV_TYfAJySzttm_M--Pdahre2QrXBbdSdaLOUmzeaL2Ca7PznMCXInEURnvBid9EGdace6OpLRIo1CDoruGOF7QAHojTGqIOlretTXYMv1aQIo0Nre1wNTWA1tgYboYKTUBSdPKEOgU2wL4pWrFoYYbcLjZrpxeEj5-4CNSC6L8yN3phxkdDYSmjU4NkfL1BbQGfcMwLX-xu-jueX2bs3oDfPtI4WB459WvUPGW1V6C2R4DAvXItlAfJZyqGDXxROL69YKA5POD346r1v8Y_Zc8xW_j3PUi-n0wBVGZq-DHqiY3_5fJpDA__-bj-Ep_agznS4AQBgAbxur7BzIOftfwBoAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQIAKA_oLAggBgAwB0BUBgBcBshccChoSFHB1Yi00OTIyOTU0Mzk0NTg0NjY1GJysHA&sigh=Xq-tBHFoTWA&uach_m=[UACH]&cid=CAQSOwCsnQUxDkqn7e9z17LTiuF3ZYM4WK8d-TdtVL22hZ11C7Lxtoo18m_7gVdCC3iGcAdZ451V8peHSbfEGAE
Requested by
Host: www.publinews.gt
URL: https://www.publinews.gt/gt/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://b646121064d0d0dec321ab1288f34722.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers
winResponse
prod-rtb.ad4mat.net/ Frame 359B 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://prod-rtb.ad4mat.net/winResponse?a=1hfxm762xg9q4a4me53ezwvp2a97bc198bb7r8et3tdgfsq14sshn33tenar238pxymqdrhyrfheejj7rchrvhgm8jxqar4k0myvwmvzx7x22111gjhpjva8dxmkzeat0s76jgnxrkkay1q1paqy0jsskgzf17cre0p80bb1htaap20sb7kv135pg1apc46n6kkt0j6qrxbb5n1m5sv017ge60ymnsqe1n5sr2d5jzg0vqv8aktmhwbc2ppwncf0ycg2jedzqmpcavnezcs00bfkmsx2daszwc00ffcgbjwear6m956yg0swcqwcapdart28c25x8zet4hzsp3ax59sdrn8fgsq7670r0rdwcak2jmwswt3qm9xtbvwwejb6swsmbrqm2t6krd1zjrf8md0&b=Yw-JVwADoFgIEcYqAA1aWacr-Y-rJdRBVk2QkA
Requested by
Host: www.publinews.gt
URL: https://www.publinews.gt/gt/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2600:1901:0:76b9:: Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://b646121064d0d0dec321ab1288f34722.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

access-control-allow-origin
*
date
Wed, 31 Aug 2022 16:16:23 GMT
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-type
image/gif
dr
as.ad4m.at/ad/ Frame BD17 		2 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://as.ad4m.at/ad/dr?ed=1g0v40230c0n8d1564xeqdx28h7z65jw06mhnsbccs7hwzena23ft2p0mhtempw42sxmyrh3cnjkzbse9rq8rn2qda1rdsw9jdjrvw3ya09sd32h71aycevk8b9g11y55vx5f5qb62nbwx13y66q7p3w3b32ny1w74tq5jwcafvrk4015v33n6ct409ypbngvhf2sgns9q3g5bjadzcq975q4cj3qw9p4h12mqxqw4qs9qm0kzn182v62pk9thv37k01b8mbhbtcg5b97bkt7stgmpyjtwwrbeewsrrx084e88g5yzvt4a6fc4vk6706qdszm8cp5a0gsxqd8j67nsz7jr07ytve2g08s57cn73sacs356q4ws4wktm26262xj4srkessc2ww3hx2f1avrvf1d742skdq0&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC8cfAV4kPY9jADqqMx_AP2bS1oASQ4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi00OTIyOTU0Mzk0NTg0NjY1oAHCrujdA8gBCakCi8n6AZ_KsD7gAgCoAwGqBJQCT9AiQxi8xUFH8psh-I_uWJSRwHzXA7V1KgJbQ7UbRV_TYfAJySzttm_M--Pdahre2QrXBbdSdaLOUmzeaL2Ca7PznMCXInEURnvBid9EGdace6OpLRIo1CDoruGOF7QAHojTGqIOlretTXYMv1aQIo0Nre1wNTWA1tgYboYKTUBSdPKEOgU2wL4pWrFoYYbcLjZrpxeEj5-4CNSC6L8yN3phxkdDYSmjU4NkfL1BbQGfcMwLX-xu-jueX2bs3oDfPtI4WB459WvUPGW1V6C2R4DAvXItlAfJZyqGDXxROL69YKA5POD346r1v4Q9RF3mon-39c_2CZZIxpRT7DtHg6PnOHKrRZ0HbabSCkoGHHkadWfj4AQBgAbxur7BzIOftfwBoAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_20siNFLgsAMdtpW4dXNdS0tC44eg%26client%3Dca-pub-4922954394584665%26adurl%3D
Requested by
Host: b646121064d0d0dec321ab1288f34722.safeframe.googlesyndication.com
URL: https://b646121064d0d0dec321ab1288f34722.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ac03889c4d85051440e557213320be62d5afe4bb76d16d60baba2bd0f92148de
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri *;child-src *;connect-src *;default-src 'self';font-src *;form-action 'none';frame-ancestors * data:;frame-src *;img-src * data:;manifest-src 'none';media-src 'none';navigate-to *;object-src 'none';prefetch-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
Strict-Transport-Security max-age=86400; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://b646121064d0d0dec321ab1288f34722.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate
cf-cache-status
DYNAMIC
cf-ray
743712054898bbb0-FRA
content-encoding
br
content-security-policy
block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri *;child-src *;connect-src *;default-src 'self';font-src *;form-action 'none';frame-ancestors * data:;frame-src *;img-src * data:;manifest-src 'none';media-src 'none';navigate-to *;object-src 'none';prefetch-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
unsafe-none
cross-origin-opener-policy
unsafe-none
cross-origin-resource-policy
cross-origin
date
Wed, 31 Aug 2022 16:16:23 GMT
expires
0
feature-policy
geolocation 'none';midi 'none';sync-xhr 'none';microphone 'none';camera 'none';magnetometer 'none';gyroscope 'none';fullscreen 'none';payment 'none';accelerometer 'none';usb 'none';autoplay 'self'
nel
{"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
pragma
no-cache
referrer-policy
same-origin
report-to
{"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
server
cloudflare
strict-transport-security
max-age=86400; includeSubDomains; preload
surrogate-control
no-store
vary
accept-encoding
via
1.1 google
x-content-type-options
nosniff
x-download-options
noopen
x-xss-protection
1; mode=block
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220829/r20110914/client/ Frame 359B 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220829/r20110914/client/window_focus_fy2021.js
Requested by
Host: b646121064d0d0dec321ab1288f34722.safeframe.googlesyndication.com
URL: https://b646121064d0d0dec321ab1288f34722.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://b646121064d0d0dec321ab1288f34722.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Wed, 31 Aug 2022 16:09:37 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
406
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1359
x-xss-protection
0
server
cafe
etag
1484984001845508991
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 14 Sep 2022 16:09:37 GMT
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame AD89 		1 KB
749 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: b646121064d0d0dec321ab1288f34722.safeframe.googlesyndication.com
URL: https://b646121064d0d0dec321ab1288f34722.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://b646121064d0d0dec321ab1288f34722.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
38657
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=86400
content-encoding
gzip
content-length
724
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Wed, 31 Aug 2022 05:32:06 GMT
etag
48472445140208031
expires
Thu, 01 Sep 2022 05:32:06 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220829/r20110914/client/ Frame 359B 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220829/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: b646121064d0d0dec321ab1288f34722.safeframe.googlesyndication.com
URL: https://b646121064d0d0dec321ab1288f34722.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
57000ea03bfb53734d0858b8fe992e6742226f23f311eb0f9d2177e2a84a5621
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://b646121064d0d0dec321ab1288f34722.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Wed, 31 Aug 2022 16:02:55 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
808
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7599
x-xss-protection
0
server
cafe
etag
9215437806027971270
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 14 Sep 2022 16:02:55 GMT
ext.js
tpc.googlesyndication.com/safeframe/1-0-38/js/ Frame 359B 		22 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/safeframe/1-0-38/js/ext.js
Requested by
Host: b646121064d0d0dec321ab1288f34722.safeframe.googlesyndication.com
URL: https://b646121064d0d0dec321ab1288f34722.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0bcac89d72d5f0b2bef20f815406384ff05489e4294acee57409060c2eccffc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://b646121064d0d0dec321ab1288f34722.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Mon, 29 Aug 2022 20:25:58 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
157825
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7022
x-xss-protection
0
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Tue, 29 Aug 2023 20:25:58 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 359B 		141 KB
44 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: b646121064d0d0dec321ab1288f34722.safeframe.googlesyndication.com
URL: https://b646121064d0d0dec321ab1288f34722.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3d94a91612f816c172c583d17bb06e140969a22fae663e7b8cae7d18d55eb2c6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://b646121064d0d0dec321ab1288f34722.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Wed, 31 Aug 2022 16:16:23 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
44757
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1661773661488070"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Wed, 31 Aug 2022 16:16:23 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame ADB5 		0
20 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=mys&d=Cg4IByoKd2ViX2Jhbm5lcgoHCAgqA2x0cgoWCAEqEmJhbm5lckJXaXRob3V0Qm9keQoKCAIqBnNlcnZlcgoVCAQqEW15c2lkaWFfYW5hbHl0aWNzCg0QKyEAAAAAAAA5QDAECg0QAyEAAABoZuKLQDAECg0QCiEAAACAZmYmQDAECg0QDSEAAAAAAAAAADAECg4QHioIMTIwMHgyODAwBAoOEBkqCDEyMDB4MjgwMAQKDRAOIQAAAAAAAAAAMAQKDRAEIQAAAJqZQYxAMAQKDRAPIQAAAAAAAAAAMAQKDRArIQAAAAAAAENAMAQKDRAFIQAAAAAARIxAMAQSGkNOU2lnSXU5OGZrQ0ZVemk3UW9kQVA4TmhnIhdzY3JlYW0vdGhyb25lX2ltYWdlX29jaCgR
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/mysidia/e2875713480840d8712332133311d4ea.js?tag=pingback
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 31 Aug 2022 16:16:23 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
view.aspx
pb.media01.eu/ Frame DE7B
Redirect Chain
  • https://pv.medialead.de/trck/epv/e99aace94e6e5873e8585f37a737853a?subid=50921200115005400757589012068002&t=htlp
  • https://pb.media01.eu/view.aspx?trackid=529D4F146E3238B0FD87AE72E1190AD4&dt_subid1=52180&dt_subid2=50921200115005400757589012068002&actionid=981741&produktid=&dt_url=
0
629 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pb.media01.eu/view.aspx?trackid=529D4F146E3238B0FD87AE72E1190AD4&dt_subid1=52180&dt_subid2=50921200115005400757589012068002&actionid=981741&produktid=&dt_url=
Requested by
Host: hal90002.redintelligence.net
URL: https://hal90002.redintelligence.net/request.php?zone=4as54di69f4s&nw=20&renderingType=javascript&namespace=9e402249d7&subid=&uid=9aea150153057ab1&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=300x250&scrollPos=0x0&extData[]=&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCUonQVokPY77iEo2ygAe1qaTYDt2t6Khgu4_f1IgK8C4QASDm3vh9YJXikIKgB8gBCakCojANkwrIsD6oAwGqBJgCT9CjDcVg09uQqBv4xvk__UTVPHL5pvCx8Jh_RBUpdav5qv3geswrlq1zXNj221bVb8Nnu-UZ8r-o57v7OZvWVBGH-mSNhpssd5TPA7RduPefg9RkxgTcUomqHUH-vnAy_UVDTpndYsvEBuG7PE1_JBkxjwpNOyQQrMSj-oetxCJdxCF6kojhKzY3D1Cts2B6QO4nxde1wR0e7BqHiINoeV1tpaYFnW4Iw3IhOeDCQ33AFgoRWs48vmx7eHxIcE9JvDHjMnh47_onFnv3Z-920QWh1pLGJ4tHLuPPk9lkg_cFOTDgT-tQwFaUsTjf10bxulFE86nnqmDlFzkGIdR4J7gr81yJZwmuUNzMdolSYwjR-d359R0_ecAEzo67sZYC4AQDkAYBoAZNgAfr5-heqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgH35-xAtgHANIIEgiI4YAQEAEYHTIDqoIBOgKAQIAKA5gLAcgLAYAMAbATms3oDdATANgTA4gUAdgUAdAVAfgWAYAXAQ%26ae%3D1%26num%3D1%26cid%3DCAASKORo1ZdXs_-CgFo2R_bb0sZPRHXa9aAQzmxP-9QWQw2TFSstvOX_I8s%26sig%3DAOD64_3w8Fteqf3Xc3Y9hxTlIq2J8z7Ang%26client%3Dca-pub-4922954394584665%26dbm_c%3DAKAmf-BNLtYooUwo1UjHCmPwdjQiWfUzsiVGRrL2Q8tMA82WdIZnSWN_c4z2BnZM21CahHU1tNt_dEsfanf9pSEgbtQGgpdb_iFuxQdnC0ehlYvTHuTEXSW8c_dlPVXdQgN3CREPNtwjM8iYC4a2PhJD0bRqdXg8sw%26cry%3D1%26dbm_d%3DAKAmf-BId5PRRG_ZdeUGgYE-LgxEKYI9bnnmTI2xGTw2b_ixDx3smJUx6uA4CEXlu5B2gu5OsYEfy-eO-w5LdR0aMGOowE9uK9PYUsI_iafZUMVE-S4BT4fxutHhxvwNKK65pa0UYdm_GRH6nGjBKyLZf3_AEmAGrhNE2SKTRFprnDEfct692AGAb28dewSba-qb4glRw-g0eXfq75n0UvN33OBhMXqXTE_Bqdn5ol8bsOfo0usFefMx___NX-iLDiuVUCDMHP9Vw_9ZUnaTEMFBA0pLUU3OKnjXldsE17TTZEQq1bsN5BwQhKZcg-bfSEsyP8eShcan2NJ3Tj62tDiZx1fLWba9lqx2lZHL_x_GQ1Le6dpdIXIxK4Mid4Ntr1WVrKO9bg_VoDUosVevn7biBrVwrq_xQqveYiP6Yfe0GKqQ95lezd7kpPilMOP2fTruLonCCtY4cvNtQUQ8Mirf23omHc2WDt_l_VQiLrhLllufDB-nEidd2A1Bnmq2BKu5jeLjvw4SQNFk1W2bPffkjpIZwc9Oew%26adurl%3D&documentReferer=https%3A%2F%2Fwww.publinews.gt%2F&ancestorOrigins=https%3A%2F%2Fwww.publinews.gt&random=9769128962088&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
88.198.250.30 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.88-198-250-30.clients.your-server.de
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 1; mode=block

Request headers

Referer
https://b646121064d0d0dec321ab1288f34722.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Content-Type, Content-Range, Content-Disposition, Content-Description, X-XSRF-TOKEN, X-Location
access-control-allow-methods
GET,POST
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
content-length
0
content-type
text/html; charset=UTF-8
date
Wed, 31 Aug 2022 16:16:22 GMT
expires
Mon, 26 Jul 1997 05:00:00 GMT
last-modified
Wed, 31 Aug 2022 06:16:23 GMT
p3p
policyref="https://pb.media01.eu/pb.media01.eu/p3p.xml", CP="NOI NID PSA OUR BUS NAV STA"
pragma
no-cache
server
Microsoft-IIS/10.0
x-aspnet-version
4.0.30319
x-powered-by
ASP.NET
x-xss-protection
1; mode=block

Redirect headers

Content-Length
0
Content-Type
application/javascript
Date
Wed, 31 Aug 2022 16:16:23 GMT
Host
pv.medialead.de
Keep-Alive
timeout=20
Location
https://pb.media01.eu/view.aspx?trackid=529D4F146E3238B0FD87AE72E1190AD4&dt_subid1=52180&dt_subid2=50921200115005400757589012068002&actionid=981741&produktid=&dt_url=
Proxy-Host
pv.medialead.de
Server
nginx/1.17.5
Strict-Transport-Security
max-age=15768000
X-IPLB-Instance
40027
X-IPLB-Request-ID
B9D59BA6:9BC2_91EFC182:01BB_630F8957_690E7A5:2A46B
request_content.php
hal90002.redintelligence.net/ Frame 7ECF 		7 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://hal90002.redintelligence.net/request_content.php?s=50921200115005400757589012068002&a=be0f3559
Requested by
Host: hal90002.redintelligence.net
URL: https://hal90002.redintelligence.net/request.php?zone=4as54di69f4s&nw=20&renderingType=javascript&namespace=9e402249d7&subid=&uid=9aea150153057ab1&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=300x250&scrollPos=0x0&extData[]=&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCUonQVokPY77iEo2ygAe1qaTYDt2t6Khgu4_f1IgK8C4QASDm3vh9YJXikIKgB8gBCakCojANkwrIsD6oAwGqBJgCT9CjDcVg09uQqBv4xvk__UTVPHL5pvCx8Jh_RBUpdav5qv3geswrlq1zXNj221bVb8Nnu-UZ8r-o57v7OZvWVBGH-mSNhpssd5TPA7RduPefg9RkxgTcUomqHUH-vnAy_UVDTpndYsvEBuG7PE1_JBkxjwpNOyQQrMSj-oetxCJdxCF6kojhKzY3D1Cts2B6QO4nxde1wR0e7BqHiINoeV1tpaYFnW4Iw3IhOeDCQ33AFgoRWs48vmx7eHxIcE9JvDHjMnh47_onFnv3Z-920QWh1pLGJ4tHLuPPk9lkg_cFOTDgT-tQwFaUsTjf10bxulFE86nnqmDlFzkGIdR4J7gr81yJZwmuUNzMdolSYwjR-d359R0_ecAEzo67sZYC4AQDkAYBoAZNgAfr5-heqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgH35-xAtgHANIIEgiI4YAQEAEYHTIDqoIBOgKAQIAKA5gLAcgLAYAMAbATms3oDdATANgTA4gUAdgUAdAVAfgWAYAXAQ%26ae%3D1%26num%3D1%26cid%3DCAASKORo1ZdXs_-CgFo2R_bb0sZPRHXa9aAQzmxP-9QWQw2TFSstvOX_I8s%26sig%3DAOD64_3w8Fteqf3Xc3Y9hxTlIq2J8z7Ang%26client%3Dca-pub-4922954394584665%26dbm_c%3DAKAmf-BNLtYooUwo1UjHCmPwdjQiWfUzsiVGRrL2Q8tMA82WdIZnSWN_c4z2BnZM21CahHU1tNt_dEsfanf9pSEgbtQGgpdb_iFuxQdnC0ehlYvTHuTEXSW8c_dlPVXdQgN3CREPNtwjM8iYC4a2PhJD0bRqdXg8sw%26cry%3D1%26dbm_d%3DAKAmf-BId5PRRG_ZdeUGgYE-LgxEKYI9bnnmTI2xGTw2b_ixDx3smJUx6uA4CEXlu5B2gu5OsYEfy-eO-w5LdR0aMGOowE9uK9PYUsI_iafZUMVE-S4BT4fxutHhxvwNKK65pa0UYdm_GRH6nGjBKyLZf3_AEmAGrhNE2SKTRFprnDEfct692AGAb28dewSba-qb4glRw-g0eXfq75n0UvN33OBhMXqXTE_Bqdn5ol8bsOfo0usFefMx___NX-iLDiuVUCDMHP9Vw_9ZUnaTEMFBA0pLUU3OKnjXldsE17TTZEQq1bsN5BwQhKZcg-bfSEsyP8eShcan2NJ3Tj62tDiZx1fLWba9lqx2lZHL_x_GQ1Le6dpdIXIxK4Mid4Ntr1WVrKO9bg_VoDUosVevn7biBrVwrq_xQqveYiP6Yfe0GKqQ95lezd7kpPilMOP2fTruLonCCtY4cvNtQUQ8Mirf23omHc2WDt_l_VQiLrhLllufDB-nEidd2A1Bnmq2BKu5jeLjvw4SQNFk1W2bPffkjpIZwc9Oew%26adurl%3D&documentReferer=https%3A%2F%2Fwww.publinews.gt%2F&ancestorOrigins=https%3A%2F%2Fwww.publinews.gt&random=9769128962088&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
46.4.10.47 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.47.10.4.46.clients.your-server.de
Software
Apache /
Resource Hash
6e1b4bca9098d1b7e3b8573bdb5835a46dec1f8677e6c95b01f989ed483a1b62

Request headers

Referer
https://b646121064d0d0dec321ab1288f34722.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Cache-Control
no-store, no-cache, must-revalidate, max-age=0
Connection
close
Content-Encoding
gzip
Content-Length
2316
Content-Type
text/html; charset=utf-8
Date
Wed, 31 Aug 2022 16:16:23 GMT
Expires
Wed, 31 Aug 2022 17:16:23 +0200
P3P
CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Pragma
no-cache
Server
Apache
Vary
Accept-Encoding
1
servicer.mgid.com/1129387/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://servicer.mgid.com/1129387/1?pv=5&cbuster=1661962583798715789171&uniqId=12bcf&lct=1661299200&niet=4g&nisd=false&jsv=es6&mp4=1&ap=1&w=1360&h=318&maxw_3=326&maxh_3=258&ident_p=true&cols=4&ref=&cxurl=https%3A%2F%2Fwww.publinews.gt%2Fgt%2F&lu=https%3A%2F%2Fwww.publinews.gt%2Fgt%2F&sessionId=630f8957-0f694&pageView=1&pvid=182f4b07da794a4bf21&implVersion=11&dpr=1
Requested by
Host: jsc.mgid.com
URL: https://jsc.mgid.com/p/u/publinews.gt.1129387.es6.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:1::6813:884e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
83be67e0dc60cffd1471cf1cdd4f47172a8235e0612050c8a007975434d369d0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.publinews.gt/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Wed, 31 Aug 2022 16:16:23 GMT
content-encoding
br
cf-cache-status
DYNAMIC
server
cloudflare
vary
Accept-Encoding
content-type
application/x-javascript; charset=utf-8
cf-ray
74371204dc359097-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
widget-ssp-performance
c.mgid.com/ 		43 B
167 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.mgid.com/widget-ssp-performance?time=251
Requested by
Host: www.publinews.gt
URL: https://www.publinews.gt/gt/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:1::6813:884e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.publinews.gt/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Wed, 31 Aug 2022 16:16:23 GMT
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
74371204e8c29b37-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-type
image/gif
truncated
/ Frame 2295 		208 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
8522b8c31ff6966650be1230560444fdc95b499b335075d54fc47b9e240da671

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

Content-Type
image/png
dpixel
cms.quantserve.com/ Frame 3710 		35 B
464 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEM2OF742Ua-tQcXurQpm-gg&google_cver=1&google_push=AehlK4C8pthh8rV7UZJOCanjefRdFbJHOCddSXwbWxw7waKUxmP8HAslVpdyDt_pZ9rdg52eYLsxyDOQdHVrrnejmODEjqFhjes
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6383764698994707&output=html&h=280&slotname=3742502606&adk=174841845&adf=2764318805&pi=t.ma~as.3742502606&w=1200&fwrn=4&fwrnh=100&lmt=1661962582&rafmt=1&psa=0&format=1200x280&url=https%3A%2F%2Fwww.publinews.gt%2Fgt%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1661962582593&bpp=3&bdt=951&idt=79&shv=r20220829&mjsv=m202208250101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D3e919791225ba04a-22279d160fce002a%3AT%3D1661962582%3AS%3DALNI_Ma962-5CeT1YBQGE3h12GnrP9tFJQ&prev_fmts=0x0&nras=1&correlator=7758249439997&frm=20&pv=1&ga_vid=691347407.1661962582&ga_sid=1661962582&ga_hid=1812898241&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=120&ady=3882&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31069217%2C44772915%2C31062931&oid=2&pvsid=370390444806995&tmod=117887328&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7ClEebr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=8&uci=a!8&btvi=1&fsb=1&xpc=g4YKPmXyTo&p=https%3A//www.publinews.gt&dtd=86
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:116:800d:21:e365:4988:e8a7:3270 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 31 Aug 2022 16:16:23 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
cache-control
private, no-cache, no-store, proxy-revalidate
content-type
image/gif
content-length
35
expires
Fri, 04 Aug 1978 12:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 3710
Redirect Chain
  • https://e.dlx.addthis.com/e/a-1189/s-3614?redirect_provider_id=3614&ru=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Ddatalogix_dmp%26google_hm%3D%3CNA_ID%3E%26google_push%3DAehlK4Ab1lLG...
  • https://e.dlx.addthis.com/e/a-1189/s-3614?redirect_provider_id=3614&ru=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Ddatalogix_dmp%26google_hm%3D%3CNA_ID%3E%26google_push%3DAehlK4Ab1lLG...
  • https://cm.g.doubleclick.net/pixel?google_nid=datalogix_dmp&google_hm=MjAyMjA4MzExNjE2MjQwMDA5NDgwODY0MTA2Ng%3D%3D&google_push=AehlK4Ab1lLGepcqR2ke74nZqfKmpY3fRPk8WbLxdkkEZjaTO0IvCUtx2kgoDbA0YhY7Ou...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=datalogix_dmp&google_hm=MjAyMjA4MzExNjE2MjQwMDA5NDgwODY0MTA2Ng%3D%3D&google_push=AehlK4Ab1lLGepcqR2ke74nZqfKmpY3fRPk8WbLxdkkEZjaTO0IvCUtx2kgoDbA0YhY7Ou2U3bEq4LAtqZ12a80kprMNipcnhgI
Requested by
Host: www.publinews.gt
URL: https://www.publinews.gt/gt/
Protocol
H3
Server
142.250.186.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 31 Aug 2022 16:16:24 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=datalogix_dmp&google_hm=MjAyMjA4MzExNjE2MjQwMDA5NDgwODY0MTA2Ng%3D%3D&google_push=AehlK4Ab1lLGepcqR2ke74nZqfKmpY3fRPk8WbLxdkkEZjaTO0IvCUtx2kgoDbA0YhY7Ou2U3bEq4LAtqZ12a80kprMNipcnhgI
pragma
no-cache
date
Wed, 31 Aug 2022 16:16:24 GMT
cache-control
max-age=0, no-cache, no-store
content-length
0
strict-transport-security
max-age=2628000
expires
Wed, 31 Aug 2022 16:16:24 GMT
UCookieSetPug
image6.pubmatic.com/AdServer/ Frame 3710 		0
166 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEO3Rqpb0lNexiGeyp-1uhkM&google_cver=1&google_push=AehlK4BO8VFNovX2eN3uAAYKxZ0EaKVaOq9PeNdkSChLBfN3KvCSlofOLHiyS_ZQRBNM19UfTE_U3RYC93z1eJTQxypG8K4Piw
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6383764698994707&output=html&h=280&slotname=3742502606&adk=174841845&adf=2764318805&pi=t.ma~as.3742502606&w=1200&fwrn=4&fwrnh=100&lmt=1661962582&rafmt=1&psa=0&format=1200x280&url=https%3A%2F%2Fwww.publinews.gt%2Fgt%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1661962582593&bpp=3&bdt=951&idt=79&shv=r20220829&mjsv=m202208250101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D3e919791225ba04a-22279d160fce002a%3AT%3D1661962582%3AS%3DALNI_Ma962-5CeT1YBQGE3h12GnrP9tFJQ&prev_fmts=0x0&nras=1&correlator=7758249439997&frm=20&pv=1&ga_vid=691347407.1661962582&ga_sid=1661962582&ga_hid=1812898241&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=120&ady=3882&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31069217%2C44772915%2C31062931&oid=2&pvsid=370390444806995&tmod=117887328&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7ClEebr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=8&uci=a!8&btvi=1&fsb=1&xpc=g4YKPmXyTo&p=https%3A//www.publinews.gt&dtd=86
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.78 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Wed, 31 Aug 2022 16:16:22 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
0
content-type
text/html; charset=UTF-8
pixel
cm.g.doubleclick.net/ Frame 3710
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESELep0oPrCbym58w7RggwKBU&google_cver=1&google_push=AehlK4B0m5Hg1UrCYkk-bfDUznTSHVjhYWLVL5yo9Eua3IQ9DCg8weFhEJV8xQAQ_f7rXW7or3u...
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDdIVE0wWVItMVctOElOVQ==&google_push=AehlK4B0m5Hg1UrCYkk-bfDUznTSHVjhYWLVL5yo9Eua3IQ9DCg8weFhEJV8xQAQ_f7rXW7or3upKlpSXP2VkcvSI-iESLEypgU
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDdIVE0wWVItMVctOElOVQ==&google_push=AehlK4B0m5Hg1UrCYkk-bfDUznTSHVjhYWLVL5yo9Eua3IQ9DCg8weFhEJV8xQAQ_f7rXW7or3upKlpSXP2VkcvSI-iESLEypgU
Requested by
Host: www.publinews.gt
URL: https://www.publinews.gt/gt/
Protocol
H3
Server
142.250.186.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 31 Aug 2022 16:16:23 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Location
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDdIVE0wWVItMVctOElOVQ==&google_push=AehlK4B0m5Hg1UrCYkk-bfDUznTSHVjhYWLVL5yo9Eua3IQ9DCg8weFhEJV8xQAQ_f7rXW7or3upKlpSXP2VkcvSI-iESLEypgU
Cache-Control
no-cache,no-store,must-revalidate
Content-Type
text/html
content-length
0
X-RPHost
a66cbf3142c6ef39e3614b84a34262cf
Expires
0
pixel
cm.g.doubleclick.net/ Frame 3710
Redirect Chain
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEFXBx1nPUboS6h0L4h-aXhY&google_cver=1&googl...
  • https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEFXBx1nPUboS6h0L4h-aXhY&google_hm=Yw-JV2VdAdTCKpuRnEKM_AAABLEAAAIB&google_nid=index&google_push=AehlK4AJW_WprqGyS61w-gi8K0_ASe4HBj8N-...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEFXBx1nPUboS6h0L4h-aXhY&google_hm=Yw-JV2VdAdTCKpuRnEKM_AAABLEAAAIB&google_nid=index&google_push=AehlK4AJW_WprqGyS61w-gi8K0_ASe4HBj8N-eD0Rdfdc0rzt1e03IwrM5VTUZo-W7O4RUGMeJglc4YlWl-UJWWzjobFVXsUfBw
Requested by
Host: www.publinews.gt
URL: https://www.publinews.gt/gt/
Protocol
H3
Server
142.250.186.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 31 Aug 2022 16:16:23 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Wed, 31 Aug 2022 16:16:23 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=w1z7MvJU6xsxhnpjn1ibh1nlX4shP6UMcJGXdD86Go3WF83A4PGejkn%2B4rqBGIHMVZV%2FOHAnfrErf24BfmAN2tKhl%2FoH5jqMbYC7QAaojAFrdct130VmxNU%2BY7KGaKMCL7jyaEdmD2crfw%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
location
https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEFXBx1nPUboS6h0L4h-aXhY&google_hm=Yw-JV2VdAdTCKpuRnEKM_AAABLEAAAIB&google_nid=index&google_push=AehlK4AJW_WprqGyS61w-gi8K0_ASe4HBj8N-eD0Rdfdc0rzt1e03IwrM5VTUZo-W7O4RUGMeJglc4YlWl-UJWWzjobFVXsUfBw
cache-control
no-cache
cf-ray
74371205790abbb0-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
0
expires
0
trk
ag.innovid.com/ Frame 3710 		43 B
296 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ag.innovid.com/trk?tid=11711&google_gid=CAESECaaKjr-R_7hK0z5nnlzCxY&google_cver=1&google_push=AehlK4B7yHl3HQ1q6jiVk0IB6aTtKHMH1cZTLVJBSSLvVkQWIa6VOANd13VgAOk0gHjD31Y9SxOGnaFyGzM4Op8gcjmtAmu6v_0
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6383764698994707&output=html&h=280&slotname=3742502606&adk=174841845&adf=2764318805&pi=t.ma~as.3742502606&w=1200&fwrn=4&fwrnh=100&lmt=1661962582&rafmt=1&psa=0&format=1200x280&url=https%3A%2F%2Fwww.publinews.gt%2Fgt%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1661962582593&bpp=3&bdt=951&idt=79&shv=r20220829&mjsv=m202208250101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D3e919791225ba04a-22279d160fce002a%3AT%3D1661962582%3AS%3DALNI_Ma962-5CeT1YBQGE3h12GnrP9tFJQ&prev_fmts=0x0&nras=1&correlator=7758249439997&frm=20&pv=1&ga_vid=691347407.1661962582&ga_sid=1661962582&ga_hid=1812898241&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=120&ady=3882&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31069217%2C44772915%2C31062931&oid=2&pvsid=370390444806995&tmod=117887328&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7ClEebr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=8&uci=a!8&btvi=1&fsb=1&xpc=g4YKPmXyTo&p=https%3A//www.publinews.gt&dtd=86
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a05:d01c:1d8:8102:d09f:4639:d8c6:6199 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 31 Aug 2022 16:16:24 GMT
cache-control
no-cache
content-type
image/gif
content-length
43
request-time
1
expires
-1
googleredir
googlecm.hit.gemius.pl/ Frame 3710 		0
0
attr
cm.g.doubleclick.net/pixel/ Frame 3710 		0
12 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13J4t75Cv_CAZFJkVZO5GI6hVq9cctYslKf1K3rOVnmD26KDHMRGNgazoUzZGfy8D47xqTrebg
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6383764698994707&output=html&h=280&slotname=3742502606&adk=174841845&adf=2764318805&pi=t.ma~as.3742502606&w=1200&fwrn=4&fwrnh=100&lmt=1661962582&rafmt=1&psa=0&format=1200x280&url=https%3A%2F%2Fwww.publinews.gt%2Fgt%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1661962582593&bpp=3&bdt=951&idt=79&shv=r20220829&mjsv=m202208250101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D3e919791225ba04a-22279d160fce002a%3AT%3D1661962582%3AS%3DALNI_Ma962-5CeT1YBQGE3h12GnrP9tFJQ&prev_fmts=0x0&nras=1&correlator=7758249439997&frm=20&pv=1&ga_vid=691347407.1661962582&ga_sid=1661962582&ga_hid=1812898241&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=120&ady=3882&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31069217%2C44772915%2C31062931&oid=2&pvsid=370390444806995&tmod=117887328&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7ClEebr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=8&uci=a!8&btvi=1&fsb=1&xpc=g4YKPmXyTo&p=https%3A//www.publinews.gt&dtd=86
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Wed, 31 Aug 2022 16:16:23 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
content-type
text/html
KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame ADB5 		15 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://googleads.g.doubleclick.net
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Sun, 28 Aug 2022 05:29:41 GMT
x-content-type-options
nosniff
age
298002
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15860
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:42 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Mon, 28 Aug 2023 05:29:41 GMT
KFOlCnqEu92Fr1MmSU5fBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame ADB5 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmSU5fBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f75911313e1c7802c23345ab57e754d87801581706780c993fb23ff4e0fe62ef
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://googleads.g.doubleclick.net
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Mon, 29 Aug 2022 11:47:17 GMT
x-content-type-options
nosniff
age
188946
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15740
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:56 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 29 Aug 2023 11:47:17 GMT
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ Frame ADB5 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://googleads.g.doubleclick.net
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Thu, 25 Aug 2022 08:01:51 GMT
x-content-type-options
nosniff
age
548072
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15744
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:48 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 25 Aug 2023 08:01:51 GMT
index.html
s0.2mdn.net/sadbundle/7739233682091568744/ Frame 8767 		4 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/7739233682091568744/index.html
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_276.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
fd31288d9133fab88d67c5aa80f63088543d5a79e11a434f9ef31b97076b709c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://b646121064d0d0dec321ab1288f34722.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
age
98403
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
1567
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy
cross-origin
date
Tue, 30 Aug 2022 12:56:20 GMT
expires
Wed, 30 Aug 2023 12:56:20 GMT
last-modified
Tue, 09 Aug 2022 12:43:58 GMT
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-dns-prefetch-control
off
x-xss-protection
0
view
googleads4.g.doubleclick.net/pcs/ Frame 85EA 		0
622 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsuOaG5OmsUSwll7PB-OWWBnimqFpasPUv_c84KSdrnBbt9BCWe-63w5MkczAEokacHLiTQiT84gomPEQzXa7mURtret976RaGqjoDDlnW9p_G7IzxiGIN1PEr8crTxz18lvZf_C4j-Tj2jAT9Hih3W3uxFMvkAQyc8MrYh1kRFNW5iqP7GdUqa9bHlpCEEAcn_IzGi6oNXVmfDVsLVcgLlehMELSecLsZYRRKqwqAXKZ3fXVFE0wYAkJfxC2cXnugpI_oDHx3P3DPimusIqDgnqVLJSLdNPelqs7-_qpRMsf9VstB-RqqNWY30umc9QscgYyzqqfPiuduWqMYWWphrLoQ6GBgf1qFPAigkl0Nhtk285Bd4wwKGeAa_s6HqOe-rOoVJ66LVzSbw6qiWt75FXsmZcR7SRsYOKNcxqnQ2GJt9GVuSqSMgs78zZ1lBHXBzuHzUXNK_J5nnXzQdGYmGRujrj-RWbM8DCW57OFj8lv7EXU2YNTMe-ozfKvmRO5Brq-91VWgqvSqPo3CqdA67zrCSjbG-58OloVqlonZY_uPEF3e4bJq5WYMEaUUv12eWWV76JprvYdxSXkVVFaHN7c9mWQzhRdciAxdJhPUlDc_mTleotYYJt4xao8heydwt54AkYu2imQCi-OPuLVMTQozSrskd4RrCD5bXsxcDVlETVxshVJPQ_f0q_eoUTOLhIlDEOFMK0-iEKUgvUY7CQAbcbR-JbQln8RObuwbq_XqA5MSZ2Q2EojmYSMNZj9SO_phK52hqzgAyFJ9aIJ2-HUcVztbjR6AhHSmQuVk8ZAxb6ZLqlM3cXeK1eoyGAjBAbChubjXAziC08ecWrANFlRqZ5QzlS68V6juDbv_gn8n2o-nkswGFAOQfBfFQGaP8XQO2q7XpK0zjkUH4FKInelQuxTmVZDSRaWZgUbNxTUu-1Unr__13Wj_EIUiu7kC_PM4-Z6n9OPiu9Xq7paYhy-2xf7j0NcgfBU9cDMS-FjESGHBMzDEVqYWJaTrFRdgkKIbl0HVggJkeA8kwIMBmS-3g5Smh6l6R3_R7o08FNp5QpRy5WWhGj_FEcoKjCXZr-cEo7AuFIS-RhDtkDhlZgPbN808y4Gkh1bTYaEPuCiUBGYrCi40DIFWhe16mfldb4NUFGbAZVKxMTZ42KwWm-nj7oLGQExYf_ZhZ6ZQQbrz_iNajDmtLG53pM8FyeTybD0y4EDoEEPkQDtiNAOL3fOtou_Ptzo83zbdsLirBHfvZB_C7bFAQMcsMtrmcjC9hUos-2Uvx-QbHP-wpqk_m1lolj1zm1Tqud3RiyEuq992VU5LqGZmp5CjiV4uo&sai=AMfl-YToN-hmUYUpOwbj7L9VJIJd7fdmh8xMYcxESQB855xQzlsxZqsUa80UeM0mApTLyNMZb88y4ang6AuyNi_JNeueesfHy-bH-RZ8-EUSSjQp-Ty18J_PXavsyVooW3npvIJG2cECdNonJd-UaoCBhGHgXjRCfRbrsJum6RqpKBH9nnTHmNCP1NeHxcoKyICuTKExOD5ilKXpR2DsU2M1GQ&sig=Cg0ArKJSzLa6tVqlRfq1EAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=320&cbvp=1&cstd=318&cisv=r20220829.54064&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&adurl=
Requested by
Host: www.publinews.gt
URL: https://www.publinews.gt/gt/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://b646121064d0d0dec321ab1288f34722.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

timing-allow-origin
*
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
date
Wed, 31 Aug 2022 16:16:23 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
px.gif
d.adtriba.com/ Frame 85EA
Redirect Chain
  • https://d.adtriba.com/collect?atb_ptid=f65079e0&atb_dcaid=202202_es_ukraine_dv_pros_330033546&atb_dpuid=di_dv&gdpr=&gdpr_consent=
  • https://d.adtriba.com/px.gif
42 B
227 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d.adtriba.com/px.gif
Requested by
Host: b646121064d0d0dec321ab1288f34722.safeframe.googlesyndication.com
URL: https://b646121064d0d0dec321ab1288f34722.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
HTTP/1.1
Server
52.28.54.44 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-28-54-44.eu-central-1.compute.amazonaws.com
Software
nginx/1.16.1 /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://b646121064d0d0dec321ab1288f34722.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

Date
Wed, 31 Aug 2022 16:16:23 GMT
Cache-Control
public, max-age=86400
Server
nginx/1.16.1
Connection
keep-alive
Content-Length
42
Content-Type
image/gif

Redirect headers

Date
Wed, 31 Aug 2022 16:16:23 GMT
Last-Modified
Wed, 31 Aug 2022 16:16:23 GMT
Server
nginx/1.16.1
P3P
CP="This is not a P3P policy! See https://www.adtriba.com/privacy-policy.html for more info."
Location
/px.gif
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Content-Length
0
Expires
Sat, 01 Jan 2000 01:00:00 GMT
Enqz_20U.html
tpc.googlesyndication.com/sodar/ Frame 73DD 		22 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://b646121064d0d0dec321ab1288f34722.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
40731
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
8395
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Wed, 31 Aug 2022 04:57:32 GMT
expires
Thu, 31 Aug 2023 04:57:32 GMT
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
track
track1.aniview.com/ 		0
70 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://track1.aniview.com/track?r=www.publinews.gt&sn=&ic=0&tgt=0&app=&wi=300&he=169&test=&d36=6.2.52&apppkg=&fv=1&proto=https&clsid=e09f143c-785f-4cd8-ad56-8c4b406cabd9&rando=27&pid=5d31fb2628a06116ff22aef3&cid=5f4452d76e685a1c474b9879&stagid=62a37b4eabc9f014c02c6f24&stplid=62a21cd2219bc9403f4ec8d5&e=inventory&vi=100&cb=1661962583904
Requested by
Host: www.publinews.gt
URL: https://www.publinews.gt/gt/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.226.74.25 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-226-74-25.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.publinews.gt/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Wed, 31 Aug 2022 16:16:23 GMT
cache-control
max-age=0, no-cache, no-store
content-length
0
rs
ad4m.at/ Frame B784 		2 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ad4m.at/rs
Requested by
Host: ad4m.at
URL: https://ad4m.at/fxpcopuw.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2ed027d427fd7c20ed8dfea10759d408acf05beab53c871ba83b1f7b942f540f

Request headers

Referer
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
Content-Type
application/json

Response headers

cf-ray
74371205f8259a1b-FRA
date
Wed, 31 Aug 2022 16:16:24 GMT
via
1.1 google
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=AF1EMHF%2BQS8gBl3GYXts80%2Fi0LvgE9h3sh22ANlw8OYkPupWiXqqZSULQVmqFJkor%2BK61wpMSp6imtmSfLvWzvSxZiw0g2CdADSVgV%2FFx%2FHyZxiqDfJ8f9Utz2cqbnhYuRN93T8%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/plain
access-control-allow-origin
https://as.ad4m.at
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
access-control-allow-credentials
true
content-encoding
br
x-backend-server
aa-reachservice-group-europe-west1-h8v1
rs
ad4m.at/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://ad4m.at/rs
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://as.ad4m.at
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
GET,PATCH,POST,OPTIONS,DELETE
access-control-allow-origin
https://as.ad4m.at
access-control-max-age
1800
allow
HEAD,POST,GET,OPTIONS
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
74371205bfd99a1b-FRA
content-length
24
content-type
text/plain
date
Wed, 31 Aug 2022 16:16:23 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4SmXlQRESVD04fhzDeKaEeFkK4QT2eARBdN%2F2hctO92TQ9omScYiV9aMSbBCgu2zBOz1dqTlSRCo%2BEOAk2SzqLCUEhw%2F73eV1pxQu5eE6RAunQIcFTHonyFA6CGYDnqkhJTMQj8%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
via
1.1 google
x-backend-server
aa-reachservice-group-europe-west1-h8v1
truncated
/ 		331 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
c9e42e2c7cd3ec42f6febe248c715522b2e5f6bc92b389b101fbd33a069ee7ed

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		740 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
7a9054758a4808c97c188f5be469879eef19a2f7cbd9bb0e740cee3199a6c747

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		384 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
8030594b4999eca38901464b09383ca988c454a4f7ab6b963be75e6c42da011d

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		782 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
5028f77ac0afdac1bb66eaeeef41e77cea0f2487a66cb1df354d8680db1bb64e

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		395 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
f0d7d05ef7ae154e283b8c8e462aeb6e9b5bca53225c42743e2028c34828c08a

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		449 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
f86a1105ed755e9ae9b75708a5b19d5c478212605b9f8d7c98796b451de18c63

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		480 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
ee9a49aae5d1fc7602361ae5c6d69fc8eb128d007b4dee67d42ce19bbf2c87e0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		577 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
d23484cf0f36a73cc699ceffc6da8f0e9ffd6b372dcb615ec942cdc287845505

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

Content-Type
image/svg+xml
/
go1.aniview.com/api/adserver/tag/ 		26 KB
4 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://go1.aniview.com/api/adserver/tag/?AV_TAGID=62a37b4eabc9f014c02c6f24&AV_PUBLISHERID=5d31fb2628a06116ff22aef3&AV_SECURED=1&AV_LANGUAGE=en&AV_URL=https%3A%2F%2Fwww.publinews.gt%2Fgt%2F&AV_CHANNELID=5f4452d76e685a1c474b9879&tgt=0&AV_SUBID=&AV_CDIM1=&AV_CDIM2=&AV_CDIM3=&AV_ABT=&pce=1&npx=1&AV_DETDOMAIN=www.publinews.gt&AV_DADPOS=1&AV_PLACEMENT=5&AV_TAG=62a37b4eabc9f014c02c6f24&AV_TEMPLATE=62a21cd2219bc9403f4ec8d5&d36=6.2.52&responsive=1&sver=2&avtoken=583903&omv=1.0.1&clsid=e09f143c-785f-4cd8-ad56-8c4b406cabd9&rando=27&AV_WIDTH=300&AV_HEIGHT=169&AV_DNT=0&cb=1661962583948&wfc=1
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5d31fb2628a06116ff22aef3
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.224.43.174 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-224-43-174.compute-1.amazonaws.com
Software
/
Resource Hash
9c56e1ace31e98aeab685b06409cdca2484117d75ad7a3b32b6751ab0fc3b5ae

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.publinews.gt/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Wed, 31 Aug 2022 16:16:24 GMT
content-encoding
gzip
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://www.publinews.gt
cache-control
no-cache
access-control-allow-credentials
true
expires
Sat, 20 Aug 2022 02:29:44 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 6EFE 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BiGPZVokPY5fcOdmT7_UPk5-j8AMAAAAAOAHgBAI&bg=!yMuly4_NAAaXrHhMt6w7ACkAdvg8WmsSfuwQaVCjh_g_qwLKTSNYIrmpZF3eiG6xn_-YJY7L-ERGBQIAAAGLUgAAAAJoAQcKAH9yl7aOT1ZNQAdchMHaEijsdU0LFxvCpt9JQZgMjemb1SpqVXy6thm9da1p58NvCvF02Cq5o-G1yqT4CpE8BDGnVp6csNjIsAd17M71rfVGyoV2w7TroIEUKT_MhI-olRW33zQm7LDS4OzudKvQOXU4OmXhRxCqKd_cuRfW5qQqmQLm81zE0HArVax9Zz67nl2htInBKa84LrZS5PRbOwwIMlDYsChOuhS7MRP4zh79RFDCIiRCwchJSvQftHmsb7HXNHQ2S9jz59G5i029GB0vg785iCjdKXa_zzsFIjytabVFmpVQar1YmeExn8UzPhL1X0qdA2ofuE0eJ3pE-_IvBObY2d_9uhoDM1v8YJMGPZMMEog6mDxA8FZmJQPfGkCjkKIgZyDj4td4K2htpeuYfvEu_jOV_KJhva_RA-GcCCLZ-TVx-GdWrP8q7oPnPhtiGdMwPItvNuXz1DTgU11v9vDo4Eyar6YxiawNAFOhV4T_bcbeAIME_5c8Il8W9pIGrCQESw2RLfY57Bh7nZyYZyyHRakwGmakw14XFUqrQax12PHAh_iYA3afEnqNgrJZQ8WTTaf8siTNvqaBk5e0otfgaAQjochI8b06IiGbvuVeDli-ldtgxxLE8DBr7AxsG-fH0VP7lP39ni-VYj7RrXztnfn3pH2pu7X1EW3vlZ4DSlkySfDaeUD5DhhzH1ytukLe2AZRoQmH7J4p4CgshXC06JQsC8UCnHEjJyY5cRM8V61ecQz9QcXOABZ1n4r1qQEn0uPr6i6iDPpKS8ZWss-qMZM38A8a6wetkVLm7LlKojfss-soNSGV4WhpKlJkdyfqkv8u7SjE6cQckxbEuNzIP4yMINFuHxrJzwu7JJ4V8Li68XXOZt87pFk03XPebw8aRrIzkK7s8YFbEA-zOMILvQ8WXe6pBmRYycOoK3TflQ0uUwp6f2GZ_tu_3nifyO8O4ov6yQZaamnCbd-8osI31xnUki2rDRDyO2PsLivzIdXAe8E9YgYmRWO8oX6Py-yUqYtlutTS_tlE74SGAp1Pl-KXxtTMtFZN2l1MK3wJAnTWd_p_66UHJiFTmhCrTWAqWm-DKBPrAo27QduJLgpwBMc7yEv8gL6LdcDJClT2jH7Cg8dz62x2sP-H15Nx_8bfuaUlsw
Requested by
Host: b646121064d0d0dec321ab1288f34722.safeframe.googlesyndication.com
URL: https://b646121064d0d0dec321ab1288f34722.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 31 Aug 2022 16:16:23 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame ADB5 		0
20 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=mys&d=Cg4IByoKd2ViX2Jhbm5lcgoHCAgqA2x0cgoWCAEqEmJhbm5lckJXaXRob3V0Qm9keQoKCAIqBnNlcnZlcgoVCAQqEW15c2lkaWFfYW5hbHl0aWNzCg0QECEAAAAA4CXhQDAECg0QESEAAAAAACrUQDAECg0QEiEAAAAAAAAgQDAECg0QEyEAAAAAAAAQQDAECg0QFyEAAABnZryRQDAECg0QFCEAAAAAeHIMQTAECg0QFSEAAAAAAAAxQDAECg0QFiEAAAAAAAAYQDAECg0QGCEAAACamXmTQDAEEhpDTlNpZ0l1OThma0NGVXppN1FvZEFQOE5oZyIXc2NyZWFtL3Rocm9uZV9pbWFnZV9vY2goEQ==
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/mysidia/e2875713480840d8712332133311d4ea.js?tag=pingback
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 31 Aug 2022 16:16:23 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ppzs-o_oDTLysEGEkZroIB51IgxzANAUgUjK_Y8VX9I.js
pagead2.googlesyndication.com/bg/ Frame AF11 		36 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/ppzs-o_oDTLysEGEkZroIB51IgxzANAUgUjK_Y8VX9I.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6383764698994707&output=html&h=280&slotname=3742502606&adk=174841845&adf=2764318805&pi=t.ma~as.3742502606&w=1200&fwrn=4&fwrnh=100&lmt=1661962582&rafmt=1&psa=0&format=1200x280&url=https%3A%2F%2Fwww.publinews.gt%2Fgt%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1661962582593&bpp=3&bdt=951&idt=79&shv=r20220829&mjsv=m202208250101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D3e919791225ba04a-22279d160fce002a%3AT%3D1661962582%3AS%3DALNI_Ma962-5CeT1YBQGE3h12GnrP9tFJQ&prev_fmts=0x0&nras=1&correlator=7758249439997&frm=20&pv=1&ga_vid=691347407.1661962582&ga_sid=1661962582&ga_hid=1812898241&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=120&ady=3882&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31069217%2C44772915%2C31062931&oid=2&pvsid=370390444806995&tmod=117887328&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7ClEebr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=8&uci=a!8&btvi=1&fsb=1&xpc=g4YKPmXyTo&p=https%3A//www.publinews.gt&dtd=86
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a69cecfa8fe80d32f2b04184919ae8201e75220c7300d0148148cafd8f155fd2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Wed, 31 Aug 2022 11:57:15 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
15548
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15877
x-xss-protection
0
last-modified
Mon, 22 Aug 2022 11:08:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 31 Aug 2023 11:57:15 GMT
default.css
as.ad4m.at/ad/style/0.1.22/one-ad/ Frame BD17 		85 KB
11 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://as.ad4m.at/ad/style/0.1.22/one-ad/default.css
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/dr?ed=1g0v40230c0n8d1564xeqdx28h7z65jw06mhnsbccs7hwzena23ft2p0mhtempw42sxmyrh3cnjkzbse9rq8rn2qda1rdsw9jdjrvw3ya09sd32h71aycevk8b9g11y55vx5f5qb62nbwx13y66q7p3w3b32ny1w74tq5jwcafvrk4015v33n6ct409ypbngvhf2sgns9q3g5bjadzcq975q4cj3qw9p4h12mqxqw4qs9qm0kzn182v62pk9thv37k01b8mbhbtcg5b97bkt7stgmpyjtwwrbeewsrrx084e88g5yzvt4a6fc4vk6706qdszm8cp5a0gsxqd8j67nsz7jr07ytve2g08s57cn73sacs356q4ws4wktm26262xj4srkessc2ww3hx2f1avrvf1d742skdq0&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC8cfAV4kPY9jADqqMx_AP2bS1oASQ4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi00OTIyOTU0Mzk0NTg0NjY1oAHCrujdA8gBCakCi8n6AZ_KsD7gAgCoAwGqBJQCT9AiQxi8xUFH8psh-I_uWJSRwHzXA7V1KgJbQ7UbRV_TYfAJySzttm_M--Pdahre2QrXBbdSdaLOUmzeaL2Ca7PznMCXInEURnvBid9EGdace6OpLRIo1CDoruGOF7QAHojTGqIOlretTXYMv1aQIo0Nre1wNTWA1tgYboYKTUBSdPKEOgU2wL4pWrFoYYbcLjZrpxeEj5-4CNSC6L8yN3phxkdDYSmjU4NkfL1BbQGfcMwLX-xu-jueX2bs3oDfPtI4WB459WvUPGW1V6C2R4DAvXItlAfJZyqGDXxROL69YKA5POD346r1v4Q9RF3mon-39c_2CZZIxpRT7DtHg6PnOHKrRZ0HbabSCkoGHHkadWfj4AQBgAbxur7BzIOftfwBoAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_20siNFLgsAMdtpW4dXNdS0tC44eg%26client%3Dca-pub-4922954394584665%26adurl%3D
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0d28bd4bc4b8a1ecb41ea341dd43aabbc0322889858d76d406b7dc8a887b8eac
Security Headers
Name Value
Strict-Transport-Security max-age=86400; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://as.ad4m.at/ad/dr?ed=1g0v40230c0n8d1564xeqdx28h7z65jw06mhnsbccs7hwzena23ft2p0mhtempw42sxmyrh3cnjkzbse9rq8rn2qda1rdsw9jdjrvw3ya09sd32h71aycevk8b9g11y55vx5f5qb62nbwx13y66q7p3w3b32ny1w74tq5jwcafvrk4015v33n6ct409ypbngvhf2sgns9q3g5bjadzcq975q4cj3qw9p4h12mqxqw4qs9qm0kzn182v62pk9thv37k01b8mbhbtcg5b97bkt7stgmpyjtwwrbeewsrrx084e88g5yzvt4a6fc4vk6706qdszm8cp5a0gsxqd8j67nsz7jr07ytve2g08s57cn73sacs356q4ws4wktm26262xj4srkessc2ww3hx2f1avrvf1d742skdq0&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC8cfAV4kPY9jADqqMx_AP2bS1oASQ4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi00OTIyOTU0Mzk0NTg0NjY1oAHCrujdA8gBCakCi8n6AZ_KsD7gAgCoAwGqBJQCT9AiQxi8xUFH8psh-I_uWJSRwHzXA7V1KgJbQ7UbRV_TYfAJySzttm_M--Pdahre2QrXBbdSdaLOUmzeaL2Ca7PznMCXInEURnvBid9EGdace6OpLRIo1CDoruGOF7QAHojTGqIOlretTXYMv1aQIo0Nre1wNTWA1tgYboYKTUBSdPKEOgU2wL4pWrFoYYbcLjZrpxeEj5-4CNSC6L8yN3phxkdDYSmjU4NkfL1BbQGfcMwLX-xu-jueX2bs3oDfPtI4WB459WvUPGW1V6C2R4DAvXItlAfJZyqGDXxROL69YKA5POD346r1v4Q9RF3mon-39c_2CZZIxpRT7DtHg6PnOHKrRZ0HbabSCkoGHHkadWfj4AQBgAbxur7BzIOftfwBoAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_20siNFLgsAMdtpW4dXNdS0tC44eg%26client%3Dca-pub-4922954394584665%26adurl%3D
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Wed, 31 Aug 2022 16:16:23 GMT
via
1.1 google
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
age
176862
cross-origin-embedder-policy
unsafe-none
cf-polished
origSize=86775
surrogate-control
no-store
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=86400; includeSubDomains; preload
content-encoding
br
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection
1; mode=block
pragma
no-cache
referrer-policy
same-origin
last-modified
Mon, 29 Aug 2022 15:08:41 GMT
server
cloudflare
cross-origin-opener-policy
unsafe-none
x-download-options
noopen
vary
accept-encoding
report-to
{"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
content-type
text/css; charset=utf-8
expires
0
cache-control
max-age=3600, must-revalidate, proxy-revalidate
cf-ray
74371205d9f6bbb0-FRA
cf-bgj
minify
fxpcopuw.js
ad4m.at/ Frame BD17 		36 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ad4m.at/fxpcopuw.js
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/dr?ed=1g0v40230c0n8d1564xeqdx28h7z65jw06mhnsbccs7hwzena23ft2p0mhtempw42sxmyrh3cnjkzbse9rq8rn2qda1rdsw9jdjrvw3ya09sd32h71aycevk8b9g11y55vx5f5qb62nbwx13y66q7p3w3b32ny1w74tq5jwcafvrk4015v33n6ct409ypbngvhf2sgns9q3g5bjadzcq975q4cj3qw9p4h12mqxqw4qs9qm0kzn182v62pk9thv37k01b8mbhbtcg5b97bkt7stgmpyjtwwrbeewsrrx084e88g5yzvt4a6fc4vk6706qdszm8cp5a0gsxqd8j67nsz7jr07ytve2g08s57cn73sacs356q4ws4wktm26262xj4srkessc2ww3hx2f1avrvf1d742skdq0&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC8cfAV4kPY9jADqqMx_AP2bS1oASQ4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi00OTIyOTU0Mzk0NTg0NjY1oAHCrujdA8gBCakCi8n6AZ_KsD7gAgCoAwGqBJQCT9AiQxi8xUFH8psh-I_uWJSRwHzXA7V1KgJbQ7UbRV_TYfAJySzttm_M--Pdahre2QrXBbdSdaLOUmzeaL2Ca7PznMCXInEURnvBid9EGdace6OpLRIo1CDoruGOF7QAHojTGqIOlretTXYMv1aQIo0Nre1wNTWA1tgYboYKTUBSdPKEOgU2wL4pWrFoYYbcLjZrpxeEj5-4CNSC6L8yN3phxkdDYSmjU4NkfL1BbQGfcMwLX-xu-jueX2bs3oDfPtI4WB459WvUPGW1V6C2R4DAvXItlAfJZyqGDXxROL69YKA5POD346r1v4Q9RF3mon-39c_2CZZIxpRT7DtHg6PnOHKrRZ0HbabSCkoGHHkadWfj4AQBgAbxur7BzIOftfwBoAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_20siNFLgsAMdtpW4dXNdS0tC44eg%26client%3Dca-pub-4922954394584665%26adurl%3D
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
22cadce4f1aad2a4af3657f90efa02d4e3d32217fdf307ff69512771d1fb08ab

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Wed, 31 Aug 2022 16:16:23 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
106565
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Wed, 27 Jul 2022 10:39:36 GMT
server
cloudflare
etag
W/"1a2552545a3303319c45b19addfd8947"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=D3QVcHhRhYyh3AY2l7vCyWNoc8GkPCb6bXMJEXWkxLfU9YkGiNiy8xPcSFO3FvjfYgb%2B8mDUuhvESTihkB%2F4ek340HGlknrdh2HySHFxsafvDjI2%2B7FrI8jRukLzlRzMjFQfJ1Y%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
expires
Wed, 24 Aug 2022 14:07:37 GMT
cache-control
public, max-age=3600, must-revalidate, stale-while-revalidate=300
cf-ray
74371205d9f8bbb0-FRA
cf-bgj
minify
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/1.6.2/ Frame 7ECF 		89 KB
32 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ajax.googleapis.com/ajax/libs/jquery/1.6.2/jquery.min.js
Requested by
Host: hal90002.redintelligence.net
URL: https://hal90002.redintelligence.net/request_content.php?s=50921200115005400757589012068002&a=be0f3559
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d16d07a0353405fcec95f7efc50a2621bc7425f9a5e8895078396fb0dc460c4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hal90002.redintelligence.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Wed, 31 Aug 2022 11:54:59 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
15685
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
32245
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 19:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="hosted-libraries-pushers"
vary
Accept-Encoding
report-to
{"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 31 Aug 2023 11:54:59 GMT
pb_Depot_300x250.gif
ad-server.eu/wm/pb/Depot/ Frame 7ECF
Redirect Chain
  • https://pv.medialead.de/trck/eview/e99aace94e6e5873e8585f37a737853a?subid=50921200115005400757589012068002
  • https://ad-server.eu/wm/pb/Depot/pb_Depot_300x250.gif
49 KB
49 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad-server.eu/wm/pb/Depot/pb_Depot_300x250.gif
Requested by
Host: hal90002.redintelligence.net
URL: https://hal90002.redintelligence.net/request_content.php?s=50921200115005400757589012068002&a=be0f3559
Protocol
HTTP/1.1
Server
54.76.176.197 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-76-176-197.eu-west-1.compute.amazonaws.com
Software
nginx/1.4.6 (Ubuntu) /
Resource Hash
fe340b28201c9015cd61699fb7a202e552eea455bcb9d98a674cb967468e61a6

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hal90002.redintelligence.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

Date
Wed, 31 Aug 2022 16:20:34 GMT
Last-Modified
Thu, 01 Jul 2021 08:01:05 GMT
Server
nginx/1.4.6 (Ubuntu)
ETag
"60dd7641-c4e9"
Content-Type
image/gif
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
50409

Redirect headers

Date
Wed, 31 Aug 2022 16:16:24 GMT
Server
nginx/1.17.5
Host
pv.medialead.de
X-IPLB-Request-ID
B9D59BA6:9BCC_91EFC182:01BB_630F8957_690E7B5:2A46B
X-IPLB-Instance
40027
Strict-Transport-Security
max-age=15768000
Content-Type
application/go
Location
https://ad-server.eu/wm/pb/Depot/pb_Depot_300x250.gif
Keep-Alive
timeout=20
Content-Length
0
Proxy-Host
pv.medialead.de
pixel
cm.g.doubleclick.net/ Frame 2FDB
Redirect Chain
  • https://pixel.everesttech.net/1/m?url=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Deverest%26google_hm%3D__EFGSURFER_USB64__%26google_push%3DAehlK4CYq9YBvOG_XqTaVCUTeR8pH57HjoJkawdeAZg...
  • https://cm.g.doubleclick.net/pixel?google_nid=everest&google_hm=WXdASldBQUFBVjFITDFpMQ&google_push=AehlK4CYq9YBvOG_XqTaVCUTeR8pH57HjoJkawdeAZguZknhqydtmjpoxwx5-c7YoDozCHSht01OYAitsNVhXPnjaLuoXBdz_-...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=everest&google_hm=WXdASldBQUFBVjFITDFpMQ&google_push=AehlK4CYq9YBvOG_XqTaVCUTeR8pH57HjoJkawdeAZguZknhqydtmjpoxwx5-c7YoDozCHSht01OYAitsNVhXPnjaLuoXBdz_-PzPg
Requested by
Host: www.publinews.gt
URL: https://www.publinews.gt/gt/
Protocol
H3
Server
142.250.186.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 31 Aug 2022 16:16:24 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=everest&google_hm=WXdASldBQUFBVjFITDFpMQ&google_push=AehlK4CYq9YBvOG_XqTaVCUTeR8pH57HjoJkawdeAZguZknhqydtmjpoxwx5-c7YoDozCHSht01OYAitsNVhXPnjaLuoXBdz_-PzPg
Date
Wed, 31 Aug 2022 16:16:24 GMT
Server
Apache
Connection
keep-alive
Content-Length
393
Content-Type
text/html; charset=iso-8859-1
pixel
cm.g.doubleclick.net/ Frame 2FDB
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=google&google_gid=CAESEIUFbLn1da8Z6FD6-WRGiyo&google_cver=1&google_push=AehlK4DofEj3g_6bgXwvemHf5ZrfxHhGqGlN7Ccy_hW5ZwRvMzZBagTd82qDadDczIwpVxusc5OlGJXqQgVzewyLe8Ur...
  • https://x.bidswitch.net/ul_cb/sync?ssp=google&google_gid=CAESEIUFbLn1da8Z6FD6-WRGiyo&google_cver=1&google_push=AehlK4DofEj3g_6bgXwvemHf5ZrfxHhGqGlN7Ccy_hW5ZwRvMzZBagTd82qDadDczIwpVxusc5OlGJXqQgVzew...
  • https://ads.avct.cloud/getuid?url=%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D59%26user_id%3D%7B%7BUUID%7D%7D%26ssp%3Dgoogle
  • https://ads.avct.cloud/getuid?bounce=true&url=%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D59%26user_id%3D%7B%7BUUID%7D%7D%26ssp%3Dgoogle
  • https://x.bidswitch.net/sync?dsp_id=59&user_id=6be379e6-f32c-4af3-8ea1-21ff24ddc501&ssp=google
  • https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=AehlK4DofEj3g_6bgXwvemHf5ZrfxHhGqGlN7Ccy_hW5ZwRvMzZBagTd82qDadDczIwpVxusc5OlGJXqQgVzewyLe8UrqhRnzi1R&google_hm=VE5DhysXTHmNYeGINsiiBQ==
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=AehlK4DofEj3g_6bgXwvemHf5ZrfxHhGqGlN7Ccy_hW5ZwRvMzZBagTd82qDadDczIwpVxusc5OlGJXqQgVzewyLe8UrqhRnzi1R&google_hm=VE5DhysXTHmNYeGINsiiBQ==
Requested by
Host: www.publinews.gt
URL: https://www.publinews.gt/gt/
Protocol
H3
Server
142.250.186.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 31 Aug 2022 16:16:24 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
//cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=AehlK4DofEj3g_6bgXwvemHf5ZrfxHhGqGlN7Ccy_hW5ZwRvMzZBagTd82qDadDczIwpVxusc5OlGJXqQgVzewyLe8UrqhRnzi1R&google_hm=VE5DhysXTHmNYeGINsiiBQ==
Date
Wed, 31 Aug 2022 16:16:24 GMT
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Content-Length
0
gg_pixel
sync.adaptv.advertising.com/ Frame 2FDB 		0
0
dot.gif
s0.2mdn.net/ Frame 2FDB 		43 B
65 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/dot.gif?google_gid=CAESEFcmrRvhH1EsryyZAYDvpwY&google_cver=1&google_push=AehlK4BZBKZuDIW-_zK9ivPsfHOw6TeWoGCbZKP02mB8RhzeVcOunF-nSMvai7n-YtxkVXYujF4ohaGjALb4RM0Rtma3iMYawSPKrw
Requested by
Host: b646121064d0d0dec321ab1288f34722.safeframe.googlesyndication.com
URL: https://b646121064d0d0dec321ab1288f34722.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Wed, 31 Aug 2022 16:16:24 GMT
x-content-type-options
nosniff
last-modified
Sun, 01 Feb 2009 08:00:00 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/gif
access-control-allow-origin
*
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
43
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Thu, 01 Sep 2022 16:16:24 GMT
UCookieSetPug
image6.pubmatic.com/AdServer/ Frame 2FDB 		0
41 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEGCVz7PcXlC2TIp9RX1LYOo&google_cver=1&google_push=AehlK4AxUrPt_MH5Ne6cGCqFPvjWCOeV3RNuXnS7_i24SLJnflVIguVInQgvuvnjn6bnuJrpTCHmBDTLiVMrPlkQbKvlh5Hf2rYLGg
Requested by
Host: b646121064d0d0dec321ab1288f34722.safeframe.googlesyndication.com
URL: https://b646121064d0d0dec321ab1288f34722.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.78 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Wed, 31 Aug 2022 16:16:21 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
0
content-type
text/html; charset=UTF-8
pixel
cm.g.doubleclick.net/ Frame 2FDB
Redirect Chain
  • https://s.ad.smaato.net/c/n///-?adNetInit=g&google_gid=CAESEL6eEaaNObWOGVsOcsdtuoU&google_cver=1&google_push=AehlK4ClOrEVMYfbFLbObKFbJTofrwR6DWFmng1RzZxMtpXs8XL0rnskn4eZALidO9NYOmeyUQ1dtJLTZtor9_-v...
  • https://cm.g.doubleclick.net/pixel?google_nid=smaato&google_push=AehlK4ClOrEVMYfbFLbObKFbJTofrwR6DWFmng1RzZxMtpXs8XL0rnskn4eZALidO9NYOmeyUQ1dtJLTZtor9_-vKOMdA2auYth5
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=smaato&google_push=AehlK4ClOrEVMYfbFLbObKFbJTofrwR6DWFmng1RzZxMtpXs8XL0rnskn4eZALidO9NYOmeyUQ1dtJLTZtor9_-vKOMdA2auYth5
Requested by
Host: b646121064d0d0dec321ab1288f34722.safeframe.googlesyndication.com
URL: https://b646121064d0d0dec321ab1288f34722.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Server
142.250.186.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 31 Aug 2022 16:16:24 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Wed, 31 Aug 2022 16:16:24 GMT
via
1.1 3a21078459f955a33f79dacf082781c4.cloudfront.net (CloudFront)
server
CloudFront
x-amz-cf-pop
FRA56-P5
x-cache
FunctionGeneratedResponse from cloudfront
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://cm.g.doubleclick.net/pixel?google_nid=smaato&google_push=AehlK4ClOrEVMYfbFLbObKFbJTofrwR6DWFmng1RzZxMtpXs8XL0rnskn4eZALidO9NYOmeyUQ1dtJLTZtor9_-vKOMdA2auYth5
cache-control
no-cache, must-revalidate
content-length
0
x-amz-cf-id
ReLHtUq2cpqglfL50AgbHWSQDNOh-0eHQSSwG3mFtWAo4ghSGUo1eA==
pixel
cm.g.doubleclick.net/ Frame 2FDB
Redirect Chain
  • https://sync.1rx.io/usersync2/rmpssp?sub=google&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3D%5BRX_SPD%5D%26google_hm%3D%5BRX_UUID_B64_BIN%5D&google_gid=CAESEJ...
  • https://sync.1rx.io/usersync2/rmpssp?sub=google&zcc=1&google_push=AehlK4DjZVxeCXN6Xz4HOs-6KHypXLuSyl_Rn45uuiQhCw9sDx8iSfEDdJ57foUkfQwLXT93qKSDLOJRFIcLPYkB_M3wS7Xkyg_7ug&redir=https%3A%2F%2Fcm.g.dou...
  • https://sync.targeting.unrulymedia.com/csync/RX-8df3ac68-2224-4add-a78f-e992acbeb876-003?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3DAehlK4DjZVxeCXN6Xz4HOs-6K...
  • https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=AehlK4DjZVxeCXN6Xz4HOs-6KHypXLuSyl_Rn45uuiQhCw9sDx8iSfEDdJ57foUkfQwLXT93qKSDLOJRFIcLPYkB_M3wS7Xkyg_7ug&google_hm=A43zrGgiJErdp4_pkqy-uHY
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=AehlK4DjZVxeCXN6Xz4HOs-6KHypXLuSyl_Rn45uuiQhCw9sDx8iSfEDdJ57foUkfQwLXT93qKSDLOJRFIcLPYkB_M3wS7Xkyg_7ug&google_hm=A43zrGgiJErdp4_pkqy-uHY
Requested by
Host: www.publinews.gt
URL: https://www.publinews.gt/gt/
Protocol
H3
Server
142.250.186.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 31 Aug 2022 16:16:24 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=AehlK4DjZVxeCXN6Xz4HOs-6KHypXLuSyl_Rn45uuiQhCw9sDx8iSfEDdJ57foUkfQwLXT93qKSDLOJRFIcLPYkB_M3wS7Xkyg_7ug&google_hm=A43zrGgiJErdp4_pkqy-uHY
date
Wed, 31 Aug 2022 16:16:24 GMT
p3p
CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
etag
RX8df3ac6822244adda78fe992acbeb876003
content-type
text/html
attr
cm.g.doubleclick.net/pixel/ Frame 2FDB 		0
12 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13K3EDIEN5l3Tv-uFjBrK0p5BkcYFyiy7oeQZH_QoBGsY0UXaf_p9WcnMt-MtUz66ZuAU2Uz
Requested by
Host: b646121064d0d0dec321ab1288f34722.safeframe.googlesyndication.com
URL: https://b646121064d0d0dec321ab1288f34722.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Wed, 31 Aug 2022 16:16:24 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
content-type
text/html
widget-ssp-performance
c.mgid.com/ 		43 B
167 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.mgid.com/widget-ssp-performance?time=54
Requested by
Host: www.publinews.gt
URL: https://www.publinews.gt/gt/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:1::6813:884e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.publinews.gt/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Wed, 31 Aug 2022 16:16:24 GMT
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
743712060a9c9b37-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-type
image/gif
truncated
/ Frame 359B 		216 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
6f29a94d02f80580cb332f7d119d75fc1431dfc53cbb3fa269bcab254729b5d5

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

Content-Type
image/png
runtime-d2ba011899a8bc832546.js
platform.twitter.com/_next/static/chunks/ Frame 9C56 		4 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://platform.twitter.com/_next/static/chunks/runtime-d2ba011899a8bc832546.js
Requested by
Host: syndication.twitter.com
URL: https://syndication.twitter.com/srv/timeline-profile/screen-name/PublinewsGT?dnt=false&embedId=twitter-widget-0&frame=false&lang=es&maxHeight=600&origin=https%3A%2F%2Fwww.publinews.gt%2Fgt%2F&sessionId=147a02f0d19ff09125b09e9c7a4d047b596aa85a&showHeader=true&showReplies=false&siteScreenName=PublinewsGT&widgetsVersion=31f0cdc1eaa0f%3A1660602114609
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (frb/6724) /
Resource Hash
9df8804be7bc833a0f7bda128387f950072b9c844a13747e22ae6cfdcb515b00

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://syndication.twitter.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

Date
Wed, 31 Aug 2022 16:16:24 GMT
Content-Encoding
gzip
Age
65995
X-Cache
HIT
P3P
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server-Timing
x-cache;desc= HIT,x-tw-cdn;desc=VZ,edge;dur=1
Content-Length
2102
x-tw-cdn
VZ
Last-Modified
Wed, 17 Aug 2022 17:37:20 GMT
Server
ECS (frb/6724)
Etag
"9f542b1e6fbe41a0a4865d93098693f4+gzip"
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET
Content-Type
application/javascript; charset=utf-8
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=315360000
modules.c7def0268c66f6a548ed.js
platform.twitter.com/_next/static/chunks/ Frame 9C56 		286 KB
94 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://platform.twitter.com/_next/static/chunks/modules.c7def0268c66f6a548ed.js
Requested by
Host: syndication.twitter.com
URL: https://syndication.twitter.com/srv/timeline-profile/screen-name/PublinewsGT?dnt=false&embedId=twitter-widget-0&frame=false&lang=es&maxHeight=600&origin=https%3A%2F%2Fwww.publinews.gt%2Fgt%2F&sessionId=147a02f0d19ff09125b09e9c7a4d047b596aa85a&showHeader=true&showReplies=false&siteScreenName=PublinewsGT&widgetsVersion=31f0cdc1eaa0f%3A1660602114609
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (frb/67BC) /
Resource Hash
cdc46119f82b8cc0c4fa0ad51203da3154d0aee0e887aaf26a46988e5f359070

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://syndication.twitter.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

Date
Wed, 31 Aug 2022 16:16:24 GMT
Content-Encoding
gzip
Age
65995
X-Cache
HIT
P3P
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server-Timing
x-cache;desc= HIT,x-tw-cdn;desc=VZ,edge;dur=1
Content-Length
95749
x-tw-cdn
VZ
Last-Modified
Wed, 17 Aug 2022 17:37:21 GMT
Server
ECS (frb/67BC)
Etag
"51acddf0dbfab928b183f36c1ee67619+gzip"
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET
Content-Type
application/javascript; charset=utf-8
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=315360000
main-e9db78f5e7b3d83edd5e.js
platform.twitter.com/_next/static/chunks/ Frame 9C56 		90 B
653 B 		Script
General
Check archive.org
Download Go to
Full URL
https://platform.twitter.com/_next/static/chunks/main-e9db78f5e7b3d83edd5e.js
Requested by
Host: syndication.twitter.com
URL: https://syndication.twitter.com/srv/timeline-profile/screen-name/PublinewsGT?dnt=false&embedId=twitter-widget-0&frame=false&lang=es&maxHeight=600&origin=https%3A%2F%2Fwww.publinews.gt%2Fgt%2F&sessionId=147a02f0d19ff09125b09e9c7a4d047b596aa85a&showHeader=true&showReplies=false&siteScreenName=PublinewsGT&widgetsVersion=31f0cdc1eaa0f%3A1660602114609
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (frb/673A) /
Resource Hash
80534a6e1ec41d37acec8be383f8d1112dbbeea31dd51ead47463095c13bff3a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://syndication.twitter.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

Date
Wed, 31 Aug 2022 16:16:24 GMT
Access-Control-Allow-Methods
GET
Last-Modified
Wed, 17 Aug 2022 17:37:20 GMT
Server
ECS (frb/673A)
Age
65995
Etag
"8e33207e7b788da9abde5b6d33da0b00"
x-tw-cdn
VZ
P3P
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=315360000
X-Cache
HIT
Server-Timing
x-cache;desc= HIT,x-tw-cdn;desc=,edge;dur=1
Accept-Ranges
bytes
Content-Type
application/javascript; charset=utf-8
Content-Length
90
_app-f921177a8618779237dd.js
platform.twitter.com/_next/static/chunks/pages/ Frame 9C56 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://platform.twitter.com/_next/static/chunks/pages/_app-f921177a8618779237dd.js
Requested by
Host: syndication.twitter.com
URL: https://syndication.twitter.com/srv/timeline-profile/screen-name/PublinewsGT?dnt=false&embedId=twitter-widget-0&frame=false&lang=es&maxHeight=600&origin=https%3A%2F%2Fwww.publinews.gt%2Fgt%2F&sessionId=147a02f0d19ff09125b09e9c7a4d047b596aa85a&showHeader=true&showReplies=false&siteScreenName=PublinewsGT&widgetsVersion=31f0cdc1eaa0f%3A1660602114609
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (frb/6727) /
Resource Hash
0b646f6a0117000d7a12cb08668222c21cd3ae0194b31cb4a12a60547171e380

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://syndication.twitter.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

Date
Wed, 31 Aug 2022 16:16:24 GMT
Content-Encoding
gzip
Age
65995
X-Cache
HIT
P3P
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server-Timing
x-cache;desc= HIT,x-tw-cdn;desc=VZ,edge;dur=1
Content-Length
668
x-tw-cdn
VZ
Last-Modified
Wed, 17 Aug 2022 17:37:20 GMT
Server
ECS (frb/6727)
Etag
"be3e428d416daa9027cecf70b5f26bf9+gzip"
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET
Content-Type
application/javascript; charset=utf-8
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=315360000
%5BscreenName%5D-18c5091b9b3426f0194f.js
platform.twitter.com/_next/static/chunks/pages/timeline-profile/screen-name/ Frame 9C56 		13 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://platform.twitter.com/_next/static/chunks/pages/timeline-profile/screen-name/%5BscreenName%5D-18c5091b9b3426f0194f.js
Requested by
Host: syndication.twitter.com
URL: https://syndication.twitter.com/srv/timeline-profile/screen-name/PublinewsGT?dnt=false&embedId=twitter-widget-0&frame=false&lang=es&maxHeight=600&origin=https%3A%2F%2Fwww.publinews.gt%2Fgt%2F&sessionId=147a02f0d19ff09125b09e9c7a4d047b596aa85a&showHeader=true&showReplies=false&siteScreenName=PublinewsGT&widgetsVersion=31f0cdc1eaa0f%3A1660602114609
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (frb/6712) /
Resource Hash
32e5acf1b97e30e8721e8a3ee93bac752bc702eafd176b57074ea17f07063585

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://syndication.twitter.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

Date
Wed, 31 Aug 2022 16:16:24 GMT
Content-Encoding
gzip
Age
65995
X-Cache
HIT
P3P
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server-Timing
x-cache;desc= HIT,x-tw-cdn;desc=VZ,edge;dur=1
Content-Length
1228
x-tw-cdn
VZ
Last-Modified
Wed, 17 Aug 2022 17:37:20 GMT
Server
ECS (frb/6712)
Etag
"894f10ff8654944198f92198524998a4+gzip"
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET
Content-Type
application/javascript; charset=utf-8
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=315360000
_buildManifest.js
platform.twitter.com/_next/static/zCh8LVg1_TSeSe2HMSR25/ Frame 9C56 		1 KB
1012 B 		Script
General
Check archive.org
Download Go to
Full URL
https://platform.twitter.com/_next/static/zCh8LVg1_TSeSe2HMSR25/_buildManifest.js
Requested by
Host: syndication.twitter.com
URL: https://syndication.twitter.com/srv/timeline-profile/screen-name/PublinewsGT?dnt=false&embedId=twitter-widget-0&frame=false&lang=es&maxHeight=600&origin=https%3A%2F%2Fwww.publinews.gt%2Fgt%2F&sessionId=147a02f0d19ff09125b09e9c7a4d047b596aa85a&showHeader=true&showReplies=false&siteScreenName=PublinewsGT&widgetsVersion=31f0cdc1eaa0f%3A1660602114609
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (frb/6725) /
Resource Hash
6796ccb15426d91d3311ea27d429c2d35605243125f7e30fb554271b393a9c27

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://syndication.twitter.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

Date
Wed, 31 Aug 2022 16:16:24 GMT
Content-Encoding
gzip
Age
65995
X-Cache
HIT
P3P
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server-Timing
x-cache;desc= HIT,x-tw-cdn;desc=VZ,edge;dur=1
Content-Length
416
x-tw-cdn
VZ
Last-Modified
Wed, 17 Aug 2022 17:37:20 GMT
Server
ECS (frb/6725)
Etag
"ac61950c88e23d04701a0e7b53c34aff+gzip"
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET
Content-Type
application/javascript; charset=utf-8
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=315360000
_ssgManifest.js
platform.twitter.com/_next/static/zCh8LVg1_TSeSe2HMSR25/ Frame 9C56 		76 B
639 B 		Script
General
Check archive.org
Download Go to
Full URL
https://platform.twitter.com/_next/static/zCh8LVg1_TSeSe2HMSR25/_ssgManifest.js
Requested by
Host: syndication.twitter.com
URL: https://syndication.twitter.com/srv/timeline-profile/screen-name/PublinewsGT?dnt=false&embedId=twitter-widget-0&frame=false&lang=es&maxHeight=600&origin=https%3A%2F%2Fwww.publinews.gt%2Fgt%2F&sessionId=147a02f0d19ff09125b09e9c7a4d047b596aa85a&showHeader=true&showReplies=false&siteScreenName=PublinewsGT&widgetsVersion=31f0cdc1eaa0f%3A1660602114609
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (frb/674D) /
Resource Hash
653f3e53e89b4f8548ff86c19e92bb3c6b84b6be7485a320b1e00893ed877479

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://syndication.twitter.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

Date
Wed, 31 Aug 2022 16:16:24 GMT
Access-Control-Allow-Methods
GET
Last-Modified
Wed, 17 Aug 2022 17:37:20 GMT
Server
ECS (frb/674D)
Age
65995
Etag
"abee47769bf307639ace4945f9cfd4ff"
x-tw-cdn
VZ
P3P
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=315360000
X-Cache
HIT
Server-Timing
x-cache;desc= HIT,x-tw-cdn;desc=,edge;dur=1
Accept-Ranges
bytes
Content-Type
application/javascript; charset=utf-8
Content-Length
76
gen_204
pagead2.googlesyndication.com/pagead/ Frame ADB5 		0
20 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=mys&d=Cg4IByoKd2ViX2Jhbm5lcgoHCAgqA2x0cgoWCAEqEmJhbm5lckJXaXRob3V0Qm9keQoKCAIqBnNlcnZlcgoVCAQqEW15c2lkaWFfYW5hbHl0aWNzCg0QMiEAAAAAoJnJPzAECg0QMyEAAAAAoJnJPzAECg0QNCEAAAAAoJnJPzAECg0QNSEAAAAAoJnJPzAECg0QNiEAAAAAoJnJPzAECg0QNyEAAAAAoJnJPzAECg0QOCEAAAAAAMBGQDAECg0QOSEAAACamcmEQDAECg0QOiEAAADOzFSFQDAECg0QOyEAAAAAALCRQDAECg0QPCEAAAAAALCRQDAECg0QPSEAAADNzLyRQDAECg0QPiEAAADNzFyTQDAECg0QPyEAAAA0M12TQDAECg0QQCEAAAAAAIKTQDAEEhpDTlNpZ0l1OThma0NGVXppN1FvZEFQOE5oZyIXc2NyZWFtL3Rocm9uZV9pbWFnZV9vY2goEQ==
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/mysidia/e2875713480840d8712332133311d4ea.js?tag=pingback
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 31 Aug 2022 16:16:24 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
AdxPixel
tr.blismedia.com/v1/api/sync/ Frame AD89 		0
173 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tr.blismedia.com/v1/api/sync/AdxPixel?google_gid=CAESEGRJVC-5Jh-I9IdXavA76q0&google_cver=1&google_push=AehlK4BZ1N4hYVzl--6I2v51KSsBGQz9NS1DWUEQP3e0os_-rCbzHNlAJ_zZ_ebUZ8GO9Gc8dvBZ_kHWJZ60nmtG_G4fM_exOuQ
Requested by
Host: b646121064d0d0dec321ab1288f34722.safeframe.googlesyndication.com
URL: https://b646121064d0d0dec321ab1288f34722.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.96.105.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.105.96.34.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Wed, 31 Aug 2022 16:16:24 GMT
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
pixel
cm.g.doubleclick.net/ Frame AD89
Redirect Chain
  • https://sync.tidaltv.com/genericusersync.ashx?dpid=glrdr&google_gid=CAESEELsrgoAJ5WjBMF65phI_Ps&google_cver=1&google_push=AehlK4AKe1CpSEVZx5xTQmdlW0DAYSr52AsxdFouxEK1P9A90k9sygBePgfqLKKkfxOQKqoVPUg...
  • https://cm.g.doubleclick.net/pixel?google_nid=lucid1&google_push&google_hm=CLkWK5PsTXqknZk9LTBYEw&gdpr=1&gdpr_consent=
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=lucid1&google_push&google_hm=CLkWK5PsTXqknZk9LTBYEw&gdpr=1&gdpr_consent=
Requested by
Host: b646121064d0d0dec321ab1288f34722.safeframe.googlesyndication.com
URL: https://b646121064d0d0dec321ab1288f34722.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Server
142.250.186.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 31 Aug 2022 16:16:24 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=lucid1&google_push&google_hm=CLkWK5PsTXqknZk9LTBYEw&gdpr=1&gdpr_consent=
pragma
no-cache
date
Wed, 31 Aug 2022 16:16:24 GMT
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-length
0
x-xss-protection
1; mode=block
expires
0
dot.gif
s0.2mdn.net/ Frame AD89 		43 B
65 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/dot.gif?google_gid=CAESEJ1yxCjqs5AguDRiAEIesO4&google_cver=1&google_push=AehlK4Bl_tPnzA8DeqmXPZnxNe3GOEpbJCSRFkPyHo8TcCZPptZoNQ40DSfA7LNsUraGPgCD0pw_5-XSIxJfa5esHK-uSv9WtK8
Requested by
Host: b646121064d0d0dec321ab1288f34722.safeframe.googlesyndication.com
URL: https://b646121064d0d0dec321ab1288f34722.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Wed, 31 Aug 2022 16:16:24 GMT
x-content-type-options
nosniff
last-modified
Sun, 01 Feb 2009 08:00:00 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/gif
access-control-allow-origin
*
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
43
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Thu, 01 Sep 2022 16:16:24 GMT
pixel
cm.g.doubleclick.net/ Frame AD89
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESELep0oPrCbym58w7RggwKBU&google_cver=1&google_push=AehlK4CsEEnk8N6rV-Sflh22YC_tfQ9CIlUzaJTSPZZA8kOCR-9P1zXCbx9vPTuAljz9uOMSvxV...
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDdIVE0xMkwtMUEtOVFNRA==&google_push=AehlK4CsEEnk8N6rV-Sflh22YC_tfQ9CIlUzaJTSPZZA8kOCR-9P1zXCbx9vPTuAljz9uOMSvxVjA_lFGAD6yNkPg-OeSYEZqQ
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDdIVE0xMkwtMUEtOVFNRA==&google_push=AehlK4CsEEnk8N6rV-Sflh22YC_tfQ9CIlUzaJTSPZZA8kOCR-9P1zXCbx9vPTuAljz9uOMSvxVjA_lFGAD6yNkPg-OeSYEZqQ
Requested by
Host: b646121064d0d0dec321ab1288f34722.safeframe.googlesyndication.com
URL: https://b646121064d0d0dec321ab1288f34722.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Server
142.250.186.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 31 Aug 2022 16:16:24 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Location
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDdIVE0xMkwtMUEtOVFNRA==&google_push=AehlK4CsEEnk8N6rV-Sflh22YC_tfQ9CIlUzaJTSPZZA8kOCR-9P1zXCbx9vPTuAljz9uOMSvxVjA_lFGAD6yNkPg-OeSYEZqQ
Cache-Control
no-cache,no-store,must-revalidate
Content-Type
text/html
content-length
0
X-RPHost
a66cbf3142c6ef39e3614b84a34262cf
Expires
0
pixel
cm.g.doubleclick.net/ Frame AD89
Redirect Chain
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEFXBx1nPUboS6h0L4h-aXhY&google_cver=1&googl...
  • https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEFXBx1nPUboS6h0L4h-aXhY&google_hm=Yw-JV2VdAdTCKpuRnEKM_AAABLEAAAIB&google_nid=index&google_push=AehlK4ACMYZyyMFGzRugtamn7S1nrd-QfRUZz...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEFXBx1nPUboS6h0L4h-aXhY&google_hm=Yw-JV2VdAdTCKpuRnEKM_AAABLEAAAIB&google_nid=index&google_push=AehlK4ACMYZyyMFGzRugtamn7S1nrd-QfRUZz0DDf3lDUCj_elaEU32nrwhIrj-mm95s2TxPzUYGeoE5Vf6I77zF0is-qZ5RQ8E
Requested by
Host: b646121064d0d0dec321ab1288f34722.safeframe.googlesyndication.com
URL: https://b646121064d0d0dec321ab1288f34722.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Server
142.250.186.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 31 Aug 2022 16:16:24 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Wed, 31 Aug 2022 16:16:24 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=aUuaKgirimiwYGQGH%2B7l8LmvrHBKQWu%2FJ%2BqjPbe2aLd8Wo8oEac%2BhWE%2FKiTqtMpd4rur%2BFgTHjcZIvNi2Srv%2BtbBhmdO18vLkgj0Mmi6F0iBu8jQ4QK%2Fk%2BOZ6MUzXKhtSgqwHRAM1bCbTQ%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
location
https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEFXBx1nPUboS6h0L4h-aXhY&google_hm=Yw-JV2VdAdTCKpuRnEKM_AAABLEAAAIB&google_nid=index&google_push=AehlK4ACMYZyyMFGzRugtamn7S1nrd-QfRUZz0DDf3lDUCj_elaEU32nrwhIrj-mm95s2TxPzUYGeoE5Vf6I77zF0is-qZ5RQ8E
cache-control
no-cache
cf-ray
743712065c119a0c-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
0
expires
0
pixel
cm.g.doubleclick.net/ Frame AD89
Redirect Chain
  • https://onetag-sys.com/match/?int_id=19&redir=1&google_gid=CAESEBMN_2Q9KvNyo1P4CtNH0WA&google_cver=1&google_push=AehlK4CWvCPzzO_NMqknPP_J8UCMF5C8w3xjZK_aFpMg7DAQUe49jp67bYixWX8U4Rx40ERi-puuuukaZDCn...
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AehlK4CWvCPzzO_NMqknPP_J8UCMF5C8w3xjZK_aFpMg7DAQUe49jp67bYixWX8U4Rx40ERi-puuuukaZDCnMPcI_x5pgX2Vag
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AehlK4CWvCPzzO_NMqknPP_J8UCMF5C8w3xjZK_aFpMg7DAQUe49jp67bYixWX8U4Rx40ERi-puuuukaZDCnMPcI_x5pgX2Vag
Requested by
Host: b646121064d0d0dec321ab1288f34722.safeframe.googlesyndication.com
URL: https://b646121064d0d0dec321ab1288f34722.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Server
142.250.186.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 31 Aug 2022 16:16:24 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AehlK4CWvCPzzO_NMqknPP_J8UCMF5C8w3xjZK_aFpMg7DAQUe49jp67bYixWX8U4Rx40ERi-puuuukaZDCnMPcI_x5pgX2Vag
strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
um
sync.teads.tv/ Frame AD89 		23 B
172 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.teads.tv/um?eid=3&uid=&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_ab%26google_hm%3D%5BVID_B64%5D&google_gid=CAESEAlIeUzyCuiWZTnNl00vlAU&google_cver=1&google_push=AehlK4DQr-it-9dqspUiVxW7Tx6JIieaV58hmc1JwqDfpXE79dLXLTnpe-KLJjfCfGcbCdeizV4YrRgAe2K7Ga80Br3SnpSrSIIX
Requested by
Host: b646121064d0d0dec321ab1288f34722.safeframe.googlesyndication.com
URL: https://b646121064d0d0dec321ab1288f34722.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.21.185.49 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-21-185-49.deploy.static.akamaitechnologies.com
Software
akka-http/10.2.8 /
Resource Hash
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 31 Aug 2022 16:16:24 GMT
cache-control
max-age=0, no-cache, no-store
expires
Wed, 31 Aug 2022 16:16:24 GMT
server
akka-http/10.2.8
content-length
23
content-type
image/gif
attr
cm.g.doubleclick.net/pixel/ Frame AD89 		0
12 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13KkfcOEKHSir2u6hWdNYi8V_Pk2ohDKHobmi1geVfayIPBAh7E9x69Amphkq5zaWi54z-BUvA
Requested by
Host: b646121064d0d0dec321ab1288f34722.safeframe.googlesyndication.com
URL: https://b646121064d0d0dec321ab1288f34722.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Wed, 31 Aug 2022 16:16:24 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
content-type
text/html
ppzs-o_oDTLysEGEkZroIB51IgxzANAUgUjK_Y8VX9I.js
pagead2.googlesyndication.com/bg/ Frame 73DD 		36 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/ppzs-o_oDTLysEGEkZroIB51IgxzANAUgUjK_Y8VX9I.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a69cecfa8fe80d32f2b04184919ae8201e75220c7300d0148148cafd8f155fd2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Wed, 31 Aug 2022 11:57:15 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
15549
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15877
x-xss-protection
0
last-modified
Mon, 22 Aug 2022 11:08:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 31 Aug 2023 11:57:15 GMT
styles.css
s0.2mdn.net/sadbundle/7739233682091568744/ Frame 8767 		1 KB
519 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/7739233682091568744/styles.css
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/7739233682091568744/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
9c298a31ead738600a8744e593f0dcbc2822385db4759e0757ac4e3f0567cb1a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/7739233682091568744/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Tue, 30 Aug 2022 12:56:21 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
98403
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
490
x-xss-protection
0
last-modified
Tue, 09 Aug 2022 12:43:58 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 30 Aug 2023 12:56:21 GMT
tweenmax_1.19.0_643d6911392a3398cb1607993edabfa7_min.js
s0.2mdn.net/ads/studio/cached_libs/ Frame 8767 		109 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/ads/studio/cached_libs/tweenmax_1.19.0_643d6911392a3398cb1607993edabfa7_min.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/7739233682091568744/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
36c0ec05d79bd9d3164effc3eca0f1962cd6f82bb1f41cb212e080910be24153
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/7739233682091568744/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Wed, 31 Aug 2022 16:16:24 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
0
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
37530
x-xss-protection
0
last-modified
Tue, 06 Sep 2016 20:51:14 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=0
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 31 Aug 2022 16:16:24 GMT
main.js
s0.2mdn.net/sadbundle/7739233682091568744/ Frame 8767 		8 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/7739233682091568744/main.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/7739233682091568744/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
69441dcfb941a2e5b4ad898b22589d40edf42108aca20e07799d4ec0668536eb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/7739233682091568744/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Tue, 30 Aug 2022 12:56:21 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
98403
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2182
x-xss-protection
0
last-modified
Tue, 09 Aug 2022 12:43:58 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 30 Aug 2023 12:56:21 GMT
rar
as.ad4m.at/ad/ Frame 0871 		11 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://as.ad4m.at/ad/rar?a=196438%2C24673%2C34817&b=GjeTBfpfXwx9UKHeHGtPt31dHZSYTeA9tE%2C4rehEf5fRAzhGH9HdtAtmJAsbSpTr6XuK%2Cr2GcQf9fwMQUAH7HjtqtgdXaYS8TKxdhd&f=Vx7fwfmfDjJEfVHbHAtXC8j4cBSzTzQkTQ%2Cr2GcQf9fd3jTAH7HjtJCBwxuYS8TKxdhd%2CPxefBfbfG17F9HjHbtgCrD6tJS9TPM7Fp&c=300&d=600&e=&g=ea4d1e2242c4cccaa937fb57af9526dd%2F5045102898133266633&i=25174%2C20430%2C27788&j=16%2C21%2C22&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&r=1661962584011&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1g7wwmgwvwhb06g0gmkc30zdataskx208qfknckm8bns7zr54rp58gaqsdeb8sfrwf72j74vyc7166yxbyab5mehfsxss37fja8w6swj71hhep869jt0x66t8jnr4qy2mhc56853hbsapqvbs4jqrknb9q48s30xzax8a0bxm87zw1rxbda93cq5ys0f2jcshp9n7fztyrrkc4h3k42kkaamdv4kxtq1wgxxy5pe05px20n3e9p5x8t00nce091phb3fjaz2mnexj%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCX5LxVokPY4DtJMTtgQeEg6H4AZDhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTQ5MjI5NTQzOTQ1ODQ2NjWgAcKu6N0DyAEJqQKLyfoBn8qwPuACAKgDAaoElAJP0HiLrnkivyadFVGiFcalUA72NXlrnWxFvxIAh0-6l-1xkihUJsB9GRIGfEUbzpxxa21zZ1K-orfX6D-UyZKU_QocCojREOaHHW_oEITVOM57ZT9UcaiXbd0VPetUH9jQZnY_P3bA6U05SnkCuKZ_OtRKSZ7cuHwAvIIg2jKAss8Ox2jLf15AaHByWj7P9prLeEHGHvf-iZBLArml2q7ckhVeNy3o_952I7VmO7mzeiBNaMK_vuONY_DPJvIJYNa_m4Re4C7QedQYfHjGSee-xMMkirCKusGto7MP-t8onkpZxKTMiLFcAbQZigJVUg6gQlxGVkpfrK0Bq9ACv4LBZgp_pk9V89aaALT60f5b_zLMeOHgBAGABuPMp6eF8Y2wSqAGIagHipixAqgHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_26JN6B9s3jbrknJI8aorEoKy2UJQ%2526client%253Dca-pub-4922954394584665%2526adurl%253D&y=1&s=&z=0
Requested by
Host: ad4m.at
URL: https://ad4m.at/fxpcopuw.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
65b8ebcf8536329a03a279d3a916eac3ae64d7fdb31fe00a15b8bcaa26dabf25
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri *;child-src *;connect-src *;default-src 'self';font-src *;form-action 'none';frame-ancestors * data:;frame-src *;img-src * data:;manifest-src 'none';media-src 'none';navigate-to *;object-src 'none';prefetch-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
Strict-Transport-Security max-age=86400; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://as.ad4m.at/ad/dr?ed=1gvyhcpkj2rxmc89tf0dqka9sk70jpp0n2skms53tqpya2zb3gz9jkb620bevjgp8b9pqzrd2mv1fkamg3kyxjskb3a0ex8p53xz5ejnwpe9bhmcen8b4vsfnxc8maj7e54ap06ff9f4vgj728vs6anpz2g3x8qcsrp685dp7r6e18zqfezxe1r43av39d9hszedxkzbbb7krppx9t7tms4kek7wbkrgee5sc0ybs8m0t4bfjjwxmdkj0k76px8v4q1t2set1s4jkjpz719yyvfsgmwy83q9agkx41702ptjstt195mbefh6311z9aw900qhchghn61m42neqd9v5bdya72w2r3e3p4th3zj53x7gxjzw9m5vbes4armv70fy49cawwyeaqt1nmsybwv67pjjxd6m5ar6m&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCX5LxVokPY4DtJMTtgQeEg6H4AZDhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTQ5MjI5NTQzOTQ1ODQ2NjWgAcKu6N0DyAEJqQKLyfoBn8qwPuACAKgDAaoElAJP0HiLrnkivyadFVGiFcalUA72NXlrnWxFvxIAh0-6l-1xkihUJsB9GRIGfEUbzpxxa21zZ1K-orfX6D-UyZKU_QocCojREOaHHW_oEITVOM57ZT9UcaiXbd0VPetUH9jQZnY_P3bA6U05SnkCuKZ_OtRKSZ7cuHwAvIIg2jKAss8Ox2jLf15AaHByWj7P9prLeEHGHvf-iZBLArml2q7ckhVeNy3o_952I7VmO7mzeiBNaMK_vuONY_DPJvIJYNa_m4Re4C7QedQYfHjGSee-xMMkirCKusGto7MP-t8onkpZxKTMiLFcAbQZigJVUg6gQlxGVkpfrK0Bq9ACv4LBZgp_pk9V89aaALT60f5b_zLMeOHgBAGABuPMp6eF8Y2wSqAGIagHipixAqgHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_26JN6B9s3jbrknJI8aorEoKy2UJQ%26client%3Dca-pub-4922954394584665%26adurl%3D
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate
cf-cache-status
DYNAMIC
cf-ray
743712064b1abbb0-FRA
content-encoding
br
content-security-policy
block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri *;child-src *;connect-src *;default-src 'self';font-src *;form-action 'none';frame-ancestors * data:;frame-src *;img-src * data:;manifest-src 'none';media-src 'none';navigate-to *;object-src 'none';prefetch-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
unsafe-none
cross-origin-opener-policy
unsafe-none
cross-origin-resource-policy
cross-origin
date
Wed, 31 Aug 2022 16:16:24 GMT
expires
0
feature-policy
geolocation 'none';midi 'none';sync-xhr 'none';microphone 'none';camera 'none';magnetometer 'none';gyroscope 'none';fullscreen 'none';payment 'none';accelerometer 'none';usb 'none';autoplay 'self'
nel
{"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
pragma
no-cache
referrer-policy
same-origin
report-to
{"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
server
cloudflare
strict-transport-security
max-age=86400; includeSubDomains; preload
surrogate-control
no-store
vary
accept-encoding
via
1.1 google
x-content-type-options
nosniff
x-download-options
noopen
x-xss-protection
1; mode=block
adchoices_default.png
static-de.ad4mat.net/ads/img/ad_markers_folder/ Frame BD17 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static-de.ad4mat.net/ads/img/ad_markers_folder/adchoices_default.png
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/style/0.1.22/one-ad/default.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:61b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2eeaed1b310e214596abec926291c1a41c6333ddaeac312886fc0b5930d71f0e

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

x-goog-hash
crc32c=v7nNsg==, md5=eUyE0w4hPsahRNZCFfB1UQ==
date
Wed, 31 Aug 2022 16:16:24 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
18866866
x-guploader-uploadid
ADPycdvwP-NwgXqNEbyI2qkcz3h5-Ehsvrbo1BzPr2w5R7YEx4A4494G82MbZGb67-CgTESrTtVZjLf5PX4N9CeItuw
x-goog-storage-class
STANDARD
x-goog-custom-time
1970-01-01T00:00:00Z
x-goog-metageneration
2
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
3262
x-goog-meta-
last-modified
Wed, 09 Jun 2021 12:35:14 GMT
server
cloudflare
etag
"794c84d30e213ec6a144d64215f07551"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=91qJs1NpPOGXN9ef1cTpFHw7nZ41H%2B3F7PNFpVgv0OvxhtGwA0%2FMxZ4rbrzB%2FsG2pEZRel62ALIuWGNPSEy6p8VtUQeIfAO7bIpCxXRvQsRUJht9bNaQf85b1CMX7v9ay91tTAH8m48SqQLGQPQqJYCx"}],"group":"cf-nel","max_age":604800}
x-goog-generation
1623242114099744
content-type
image/png
cache-control
public, max-age=31536000, immutable
x-goog-stored-content-length
3262
accept-ranges
bytes
cf-ray
74371206ce269078-FRA
expires
Wed, 25 Jan 2023 07:28:38 GMT
default.css
as.ad4m.at/ad/style/0.1.22/one-ad/ Frame 0871 		85 KB
11 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://as.ad4m.at/ad/style/0.1.22/one-ad/default.css
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=196438%2C24673%2C34817&b=GjeTBfpfXwx9UKHeHGtPt31dHZSYTeA9tE%2C4rehEf5fRAzhGH9HdtAtmJAsbSpTr6XuK%2Cr2GcQf9fwMQUAH7HjtqtgdXaYS8TKxdhd&f=Vx7fwfmfDjJEfVHbHAtXC8j4cBSzTzQkTQ%2Cr2GcQf9fd3jTAH7HjtJCBwxuYS8TKxdhd%2CPxefBfbfG17F9HjHbtgCrD6tJS9TPM7Fp&c=300&d=600&e=&g=ea4d1e2242c4cccaa937fb57af9526dd%2F5045102898133266633&i=25174%2C20430%2C27788&j=16%2C21%2C22&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&r=1661962584011&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1g7wwmgwvwhb06g0gmkc30zdataskx208qfknckm8bns7zr54rp58gaqsdeb8sfrwf72j74vyc7166yxbyab5mehfsxss37fja8w6swj71hhep869jt0x66t8jnr4qy2mhc56853hbsapqvbs4jqrknb9q48s30xzax8a0bxm87zw1rxbda93cq5ys0f2jcshp9n7fztyrrkc4h3k42kkaamdv4kxtq1wgxxy5pe05px20n3e9p5x8t00nce091phb3fjaz2mnexj%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCX5LxVokPY4DtJMTtgQeEg6H4AZDhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTQ5MjI5NTQzOTQ1ODQ2NjWgAcKu6N0DyAEJqQKLyfoBn8qwPuACAKgDAaoElAJP0HiLrnkivyadFVGiFcalUA72NXlrnWxFvxIAh0-6l-1xkihUJsB9GRIGfEUbzpxxa21zZ1K-orfX6D-UyZKU_QocCojREOaHHW_oEITVOM57ZT9UcaiXbd0VPetUH9jQZnY_P3bA6U05SnkCuKZ_OtRKSZ7cuHwAvIIg2jKAss8Ox2jLf15AaHByWj7P9prLeEHGHvf-iZBLArml2q7ckhVeNy3o_952I7VmO7mzeiBNaMK_vuONY_DPJvIJYNa_m4Re4C7QedQYfHjGSee-xMMkirCKusGto7MP-t8onkpZxKTMiLFcAbQZigJVUg6gQlxGVkpfrK0Bq9ACv4LBZgp_pk9V89aaALT60f5b_zLMeOHgBAGABuPMp6eF8Y2wSqAGIagHipixAqgHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_26JN6B9s3jbrknJI8aorEoKy2UJQ%2526client%253Dca-pub-4922954394584665%2526adurl%253D&y=1&s=&z=0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0d28bd4bc4b8a1ecb41ea341dd43aabbc0322889858d76d406b7dc8a887b8eac
Security Headers
Name Value
Strict-Transport-Security max-age=86400; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://as.ad4m.at/ad/rar?a=196438%2C24673%2C34817&b=GjeTBfpfXwx9UKHeHGtPt31dHZSYTeA9tE%2C4rehEf5fRAzhGH9HdtAtmJAsbSpTr6XuK%2Cr2GcQf9fwMQUAH7HjtqtgdXaYS8TKxdhd&f=Vx7fwfmfDjJEfVHbHAtXC8j4cBSzTzQkTQ%2Cr2GcQf9fd3jTAH7HjtJCBwxuYS8TKxdhd%2CPxefBfbfG17F9HjHbtgCrD6tJS9TPM7Fp&c=300&d=600&e=&g=ea4d1e2242c4cccaa937fb57af9526dd%2F5045102898133266633&i=25174%2C20430%2C27788&j=16%2C21%2C22&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&r=1661962584011&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1g7wwmgwvwhb06g0gmkc30zdataskx208qfknckm8bns7zr54rp58gaqsdeb8sfrwf72j74vyc7166yxbyab5mehfsxss37fja8w6swj71hhep869jt0x66t8jnr4qy2mhc56853hbsapqvbs4jqrknb9q48s30xzax8a0bxm87zw1rxbda93cq5ys0f2jcshp9n7fztyrrkc4h3k42kkaamdv4kxtq1wgxxy5pe05px20n3e9p5x8t00nce091phb3fjaz2mnexj%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCX5LxVokPY4DtJMTtgQeEg6H4AZDhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTQ5MjI5NTQzOTQ1ODQ2NjWgAcKu6N0DyAEJqQKLyfoBn8qwPuACAKgDAaoElAJP0HiLrnkivyadFVGiFcalUA72NXlrnWxFvxIAh0-6l-1xkihUJsB9GRIGfEUbzpxxa21zZ1K-orfX6D-UyZKU_QocCojREOaHHW_oEITVOM57ZT9UcaiXbd0VPetUH9jQZnY_P3bA6U05SnkCuKZ_OtRKSZ7cuHwAvIIg2jKAss8Ox2jLf15AaHByWj7P9prLeEHGHvf-iZBLArml2q7ckhVeNy3o_952I7VmO7mzeiBNaMK_vuONY_DPJvIJYNa_m4Re4C7QedQYfHjGSee-xMMkirCKusGto7MP-t8onkpZxKTMiLFcAbQZigJVUg6gQlxGVkpfrK0Bq9ACv4LBZgp_pk9V89aaALT60f5b_zLMeOHgBAGABuPMp6eF8Y2wSqAGIagHipixAqgHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_26JN6B9s3jbrknJI8aorEoKy2UJQ%2526client%253Dca-pub-4922954394584665%2526adurl%253D&y=1&s=&z=0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Wed, 31 Aug 2022 16:16:24 GMT
via
1.1 google
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
age
176863
cross-origin-embedder-policy
unsafe-none
cf-polished
origSize=86775
surrogate-control
no-store
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=86400; includeSubDomains; preload
content-encoding
br
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection
1; mode=block
pragma
no-cache
referrer-policy
same-origin
last-modified
Mon, 29 Aug 2022 15:08:41 GMT
server
cloudflare
cross-origin-opener-policy
unsafe-none
x-download-options
noopen
vary
accept-encoding
report-to
{"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
content-type
text/css; charset=utf-8
expires
0
cache-control
max-age=3600, must-revalidate, proxy-revalidate
cf-ray
74371206bc20bbb0-FRA
cf-bgj
minify
188CB8AAD064EA4A8191591B373E95EFBB15091EC45B736DE282B2519499BCCBCAB6FDEDC5113C2A7BE7DE03216809B9DDF8A0A0594CFE95168D455C315D4410
assets.ad4m.at/logo/ Frame 0871 		8 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.ad4m.at/logo/188CB8AAD064EA4A8191591B373E95EFBB15091EC45B736DE282B2519499BCCBCAB6FDEDC5113C2A7BE7DE03216809B9DDF8A0A0594CFE95168D455C315D4410
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=196438%2C24673%2C34817&b=GjeTBfpfXwx9UKHeHGtPt31dHZSYTeA9tE%2C4rehEf5fRAzhGH9HdtAtmJAsbSpTr6XuK%2Cr2GcQf9fwMQUAH7HjtqtgdXaYS8TKxdhd&f=Vx7fwfmfDjJEfVHbHAtXC8j4cBSzTzQkTQ%2Cr2GcQf9fd3jTAH7HjtJCBwxuYS8TKxdhd%2CPxefBfbfG17F9HjHbtgCrD6tJS9TPM7Fp&c=300&d=600&e=&g=ea4d1e2242c4cccaa937fb57af9526dd%2F5045102898133266633&i=25174%2C20430%2C27788&j=16%2C21%2C22&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&r=1661962584011&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1g7wwmgwvwhb06g0gmkc30zdataskx208qfknckm8bns7zr54rp58gaqsdeb8sfrwf72j74vyc7166yxbyab5mehfsxss37fja8w6swj71hhep869jt0x66t8jnr4qy2mhc56853hbsapqvbs4jqrknb9q48s30xzax8a0bxm87zw1rxbda93cq5ys0f2jcshp9n7fztyrrkc4h3k42kkaamdv4kxtq1wgxxy5pe05px20n3e9p5x8t00nce091phb3fjaz2mnexj%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCX5LxVokPY4DtJMTtgQeEg6H4AZDhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTQ5MjI5NTQzOTQ1ODQ2NjWgAcKu6N0DyAEJqQKLyfoBn8qwPuACAKgDAaoElAJP0HiLrnkivyadFVGiFcalUA72NXlrnWxFvxIAh0-6l-1xkihUJsB9GRIGfEUbzpxxa21zZ1K-orfX6D-UyZKU_QocCojREOaHHW_oEITVOM57ZT9UcaiXbd0VPetUH9jQZnY_P3bA6U05SnkCuKZ_OtRKSZ7cuHwAvIIg2jKAss8Ox2jLf15AaHByWj7P9prLeEHGHvf-iZBLArml2q7ckhVeNy3o_952I7VmO7mzeiBNaMK_vuONY_DPJvIJYNa_m4Re4C7QedQYfHjGSee-xMMkirCKusGto7MP-t8onkpZxKTMiLFcAbQZigJVUg6gQlxGVkpfrK0Bq9ACv4LBZgp_pk9V89aaALT60f5b_zLMeOHgBAGABuPMp6eF8Y2wSqAGIagHipixAqgHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_26JN6B9s3jbrknJI8aorEoKy2UJQ%2526client%253Dca-pub-4922954394584665%2526adurl%253D&y=1&s=&z=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8e49b984d20b3e7cb3f2c4a08805dc3f66bb8a58ec08c365d0cf955dd57c77c7

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Wed, 31 Aug 2022 16:16:24 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
676686
cf-polished
qual=85, origFmt=jpeg, origSize=16723
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
8354
last-modified
Wed, 22 Jan 2020 13:13:07 GMT
server
cloudflare
etag
"04cb7ec205cea351157aeffb998f3a85"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1moy3SrY2P7%2B8Adh%2BoMW2GVfxNmpPOLzxVQDEkURdJDul2UH%2FMM0CXgvesX9QC7QHgfCknuW5QfErYLiig9sbYirlOq7XtY004bECm2hBhwwFSwWZDxjG%2BXkqlokLXzp8nqgwI1AdyhuV26e"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
expires
Thu, 01 Sep 2022 16:16:24 GMT
cache-control
public, max-age=86400
accept-ranges
bytes
cf-ray
74371206cd078fe8-FRA
cf-bgj
imgq:85,h2pri
18B94174251C2CF76EA99FD460FAC2CAEA3A9035BC0DAFA1AFA37FFB175B78880F10C9B121A8ACC31AC23630DA7466A11649951F161682DA76B2C6E951030B12
assets.ad4m.at/product_image/ Frame 0871 		317 KB
318 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.ad4m.at/product_image/18B94174251C2CF76EA99FD460FAC2CAEA3A9035BC0DAFA1AFA37FFB175B78880F10C9B121A8ACC31AC23630DA7466A11649951F161682DA76B2C6E951030B12
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=196438%2C24673%2C34817&b=GjeTBfpfXwx9UKHeHGtPt31dHZSYTeA9tE%2C4rehEf5fRAzhGH9HdtAtmJAsbSpTr6XuK%2Cr2GcQf9fwMQUAH7HjtqtgdXaYS8TKxdhd&f=Vx7fwfmfDjJEfVHbHAtXC8j4cBSzTzQkTQ%2Cr2GcQf9fd3jTAH7HjtJCBwxuYS8TKxdhd%2CPxefBfbfG17F9HjHbtgCrD6tJS9TPM7Fp&c=300&d=600&e=&g=ea4d1e2242c4cccaa937fb57af9526dd%2F5045102898133266633&i=25174%2C20430%2C27788&j=16%2C21%2C22&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&r=1661962584011&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1g7wwmgwvwhb06g0gmkc30zdataskx208qfknckm8bns7zr54rp58gaqsdeb8sfrwf72j74vyc7166yxbyab5mehfsxss37fja8w6swj71hhep869jt0x66t8jnr4qy2mhc56853hbsapqvbs4jqrknb9q48s30xzax8a0bxm87zw1rxbda93cq5ys0f2jcshp9n7fztyrrkc4h3k42kkaamdv4kxtq1wgxxy5pe05px20n3e9p5x8t00nce091phb3fjaz2mnexj%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCX5LxVokPY4DtJMTtgQeEg6H4AZDhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTQ5MjI5NTQzOTQ1ODQ2NjWgAcKu6N0DyAEJqQKLyfoBn8qwPuACAKgDAaoElAJP0HiLrnkivyadFVGiFcalUA72NXlrnWxFvxIAh0-6l-1xkihUJsB9GRIGfEUbzpxxa21zZ1K-orfX6D-UyZKU_QocCojREOaHHW_oEITVOM57ZT9UcaiXbd0VPetUH9jQZnY_P3bA6U05SnkCuKZ_OtRKSZ7cuHwAvIIg2jKAss8Ox2jLf15AaHByWj7P9prLeEHGHvf-iZBLArml2q7ckhVeNy3o_952I7VmO7mzeiBNaMK_vuONY_DPJvIJYNa_m4Re4C7QedQYfHjGSee-xMMkirCKusGto7MP-t8onkpZxKTMiLFcAbQZigJVUg6gQlxGVkpfrK0Bq9ACv4LBZgp_pk9V89aaALT60f5b_zLMeOHgBAGABuPMp6eF8Y2wSqAGIagHipixAqgHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_26JN6B9s3jbrknJI8aorEoKy2UJQ%2526client%253Dca-pub-4922954394584665%2526adurl%253D&y=1&s=&z=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2bcef052d0d99b56c7a9b9b0ce076ca020219e6ecccad2b46b0267ffc2fc8bc8

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Wed, 31 Aug 2022 16:16:24 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
675825
cf-polished
origFmt=png, origSize=451997
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
324760
last-modified
Tue, 14 Jun 2022 08:21:28 GMT
server
cloudflare
etag
"7dada3f3f6321a7ee4badc53b11da1f3"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fUla%2F4XUGeugQ9HsmEkSWDwnWqG9fqC4q%2FI7qHeeFOidLIaaqznfo3d6N66MoXoAmyJSvdfzj7leE2mON1h%2FGnYYATr2GkTcBneVaURJ5R%2BOyRApjyLLgwn5cSYYDJklwcDTt2EnHtAx2%2BQ0"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
expires
Thu, 01 Sep 2022 16:16:24 GMT
cache-control
public, max-age=86400
accept-ranges
bytes
cf-ray
74371206dd158fe8-FRA
cf-bgj
imgq:85,h2pri
/
banner.congstar.de/cookie/ Frame 0871
Redirect Chain
  • https://www.awin1.com/cawshow.php?v=11938&s=2542680&q=367022&r=412871&pv=1&pref3=pv_oneidGjeTBfpfXwx9UKHeHGtPt31dHZSYTeA9tEoneid__dc_reach_suite02wkz&gdpr_consent=&gdpr=0&gdpr_pd=0
  • https://banner.congstar.de/cookie/?sp=awin&spfr=412871&awc=11938_412871_1661962584_42619930-2948-11ed-96ab-2230957fd0f4
0
518 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://banner.congstar.de/cookie/?sp=awin&spfr=412871&awc=11938_412871_1661962584_42619930-2948-11ed-96ab-2230957fd0f4
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=196438%2C24673%2C34817&b=GjeTBfpfXwx9UKHeHGtPt31dHZSYTeA9tE%2C4rehEf5fRAzhGH9HdtAtmJAsbSpTr6XuK%2Cr2GcQf9fwMQUAH7HjtqtgdXaYS8TKxdhd&f=Vx7fwfmfDjJEfVHbHAtXC8j4cBSzTzQkTQ%2Cr2GcQf9fd3jTAH7HjtJCBwxuYS8TKxdhd%2CPxefBfbfG17F9HjHbtgCrD6tJS9TPM7Fp&c=300&d=600&e=&g=ea4d1e2242c4cccaa937fb57af9526dd%2F5045102898133266633&i=25174%2C20430%2C27788&j=16%2C21%2C22&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&r=1661962584011&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1g7wwmgwvwhb06g0gmkc30zdataskx208qfknckm8bns7zr54rp58gaqsdeb8sfrwf72j74vyc7166yxbyab5mehfsxss37fja8w6swj71hhep869jt0x66t8jnr4qy2mhc56853hbsapqvbs4jqrknb9q48s30xzax8a0bxm87zw1rxbda93cq5ys0f2jcshp9n7fztyrrkc4h3k42kkaamdv4kxtq1wgxxy5pe05px20n3e9p5x8t00nce091phb3fjaz2mnexj%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCX5LxVokPY4DtJMTtgQeEg6H4AZDhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTQ5MjI5NTQzOTQ1ODQ2NjWgAcKu6N0DyAEJqQKLyfoBn8qwPuACAKgDAaoElAJP0HiLrnkivyadFVGiFcalUA72NXlrnWxFvxIAh0-6l-1xkihUJsB9GRIGfEUbzpxxa21zZ1K-orfX6D-UyZKU_QocCojREOaHHW_oEITVOM57ZT9UcaiXbd0VPetUH9jQZnY_P3bA6U05SnkCuKZ_OtRKSZ7cuHwAvIIg2jKAss8Ox2jLf15AaHByWj7P9prLeEHGHvf-iZBLArml2q7ckhVeNy3o_952I7VmO7mzeiBNaMK_vuONY_DPJvIJYNa_m4Re4C7QedQYfHjGSee-xMMkirCKusGto7MP-t8onkpZxKTMiLFcAbQZigJVUg6gQlxGVkpfrK0Bq9ACv4LBZgp_pk9V89aaALT60f5b_zLMeOHgBAGABuPMp6eF8Y2wSqAGIagHipixAqgHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_26JN6B9s3jbrknJI8aorEoKy2UJQ%2526client%253Dca-pub-4922954394584665%2526adurl%253D&y=1&s=&z=0
Protocol
HTTP/1.1
Server
148.251.139.77 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.77.139.251.148.clients.your-server.de
Software
Apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 31 Aug 2022 16:16:24 GMT
Server
Apache
P3P
CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
Cache-Control
no-cache, no-store, must-revalidate
Connection
Keep-Alive
Keep-Alive
timeout=5, max=100
Content-Length
0

Redirect headers

Date
Wed, 31 Aug 2022 16:16:24 GMT
Strict-Transport-Security
max-age=86400
P3P
policyref="http://www.awin1.com/w3c/p3p.xml", CP="NOI NID CURa ADMa PSAa HISa OUR IND UNI PUR COM NAV"
Location
https://banner.congstar.de/cookie/?sp=awin&spfr=412871&awc=11938_412871_1661962584_42619930-2948-11ed-96ab-2230957fd0f4
Awin-Akamai-Rule-Set
default
Node
Helix
Connection
keep-alive
Content-Length
0
E8A0B3404CF65D67FABF74F38D2E787E97D75F650E6720B8A047EFE226A7A598DA94FFCF3CDCC52A3B206A422DD3D5082778689277BC79BF962DEE607C6331D8
assets.ad4m.at/logo/ Frame 0871 		38 KB
38 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.ad4m.at/logo/E8A0B3404CF65D67FABF74F38D2E787E97D75F650E6720B8A047EFE226A7A598DA94FFCF3CDCC52A3B206A422DD3D5082778689277BC79BF962DEE607C6331D8
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=196438%2C24673%2C34817&b=GjeTBfpfXwx9UKHeHGtPt31dHZSYTeA9tE%2C4rehEf5fRAzhGH9HdtAtmJAsbSpTr6XuK%2Cr2GcQf9fwMQUAH7HjtqtgdXaYS8TKxdhd&f=Vx7fwfmfDjJEfVHbHAtXC8j4cBSzTzQkTQ%2Cr2GcQf9fd3jTAH7HjtJCBwxuYS8TKxdhd%2CPxefBfbfG17F9HjHbtgCrD6tJS9TPM7Fp&c=300&d=600&e=&g=ea4d1e2242c4cccaa937fb57af9526dd%2F5045102898133266633&i=25174%2C20430%2C27788&j=16%2C21%2C22&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&r=1661962584011&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1g7wwmgwvwhb06g0gmkc30zdataskx208qfknckm8bns7zr54rp58gaqsdeb8sfrwf72j74vyc7166yxbyab5mehfsxss37fja8w6swj71hhep869jt0x66t8jnr4qy2mhc56853hbsapqvbs4jqrknb9q48s30xzax8a0bxm87zw1rxbda93cq5ys0f2jcshp9n7fztyrrkc4h3k42kkaamdv4kxtq1wgxxy5pe05px20n3e9p5x8t00nce091phb3fjaz2mnexj%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCX5LxVokPY4DtJMTtgQeEg6H4AZDhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTQ5MjI5NTQzOTQ1ODQ2NjWgAcKu6N0DyAEJqQKLyfoBn8qwPuACAKgDAaoElAJP0HiLrnkivyadFVGiFcalUA72NXlrnWxFvxIAh0-6l-1xkihUJsB9GRIGfEUbzpxxa21zZ1K-orfX6D-UyZKU_QocCojREOaHHW_oEITVOM57ZT9UcaiXbd0VPetUH9jQZnY_P3bA6U05SnkCuKZ_OtRKSZ7cuHwAvIIg2jKAss8Ox2jLf15AaHByWj7P9prLeEHGHvf-iZBLArml2q7ckhVeNy3o_952I7VmO7mzeiBNaMK_vuONY_DPJvIJYNa_m4Re4C7QedQYfHjGSee-xMMkirCKusGto7MP-t8onkpZxKTMiLFcAbQZigJVUg6gQlxGVkpfrK0Bq9ACv4LBZgp_pk9V89aaALT60f5b_zLMeOHgBAGABuPMp6eF8Y2wSqAGIagHipixAqgHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_26JN6B9s3jbrknJI8aorEoKy2UJQ%2526client%253Dca-pub-4922954394584665%2526adurl%253D&y=1&s=&z=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d997fba7832cb78b0933a9eb2ce191d53234c978e25c6c8fc50c75923ea8405e

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Wed, 31 Aug 2022 16:16:24 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
680520
cf-polished
origFmt=png, origSize=77267
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
38696
last-modified
Wed, 22 Jan 2020 13:11:48 GMT
server
cloudflare
etag
"2b0e02e9dde77e31d38d78d73dc69e4f"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wvcs1Fx1b%2FSwtJDSdXM4rNRMcth023c0T3N2VL%2FJXYm5%2F3%2FtTLdBukl3ytSGSS6AS1wS1LuNXFWbY31w51X0qZHPuLr6ozCTIBRX801BnCZKkonzqrDT%2BFMkh8aLrGeZK2EbwozyxIuknfX2"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
expires
Thu, 01 Sep 2022 16:16:24 GMT
cache-control
public, max-age=86400
accept-ranges
bytes
cf-ray
74371206dd1a8fe8-FRA
cf-bgj
imgq:85,h2pri
B45F893E9FFC024BF63F31BCCBD125167CBC3446F3678FC31F706A695A83CDCA7427229BCA4C5992B83E2F60A147FCD1B6148725AA0AF3ABB801A6BB7EA78390
assets.ad4m.at/ Frame 0871 		84 KB
84 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.ad4m.at/B45F893E9FFC024BF63F31BCCBD125167CBC3446F3678FC31F706A695A83CDCA7427229BCA4C5992B83E2F60A147FCD1B6148725AA0AF3ABB801A6BB7EA78390
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=196438%2C24673%2C34817&b=GjeTBfpfXwx9UKHeHGtPt31dHZSYTeA9tE%2C4rehEf5fRAzhGH9HdtAtmJAsbSpTr6XuK%2Cr2GcQf9fwMQUAH7HjtqtgdXaYS8TKxdhd&f=Vx7fwfmfDjJEfVHbHAtXC8j4cBSzTzQkTQ%2Cr2GcQf9fd3jTAH7HjtJCBwxuYS8TKxdhd%2CPxefBfbfG17F9HjHbtgCrD6tJS9TPM7Fp&c=300&d=600&e=&g=ea4d1e2242c4cccaa937fb57af9526dd%2F5045102898133266633&i=25174%2C20430%2C27788&j=16%2C21%2C22&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&r=1661962584011&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1g7wwmgwvwhb06g0gmkc30zdataskx208qfknckm8bns7zr54rp58gaqsdeb8sfrwf72j74vyc7166yxbyab5mehfsxss37fja8w6swj71hhep869jt0x66t8jnr4qy2mhc56853hbsapqvbs4jqrknb9q48s30xzax8a0bxm87zw1rxbda93cq5ys0f2jcshp9n7fztyrrkc4h3k42kkaamdv4kxtq1wgxxy5pe05px20n3e9p5x8t00nce091phb3fjaz2mnexj%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCX5LxVokPY4DtJMTtgQeEg6H4AZDhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTQ5MjI5NTQzOTQ1ODQ2NjWgAcKu6N0DyAEJqQKLyfoBn8qwPuACAKgDAaoElAJP0HiLrnkivyadFVGiFcalUA72NXlrnWxFvxIAh0-6l-1xkihUJsB9GRIGfEUbzpxxa21zZ1K-orfX6D-UyZKU_QocCojREOaHHW_oEITVOM57ZT9UcaiXbd0VPetUH9jQZnY_P3bA6U05SnkCuKZ_OtRKSZ7cuHwAvIIg2jKAss8Ox2jLf15AaHByWj7P9prLeEHGHvf-iZBLArml2q7ckhVeNy3o_952I7VmO7mzeiBNaMK_vuONY_DPJvIJYNa_m4Re4C7QedQYfHjGSee-xMMkirCKusGto7MP-t8onkpZxKTMiLFcAbQZigJVUg6gQlxGVkpfrK0Bq9ACv4LBZgp_pk9V89aaALT60f5b_zLMeOHgBAGABuPMp6eF8Y2wSqAGIagHipixAqgHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_26JN6B9s3jbrknJI8aorEoKy2UJQ%2526client%253Dca-pub-4922954394584665%2526adurl%253D&y=1&s=&z=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3c3a0321547809818914bf6666db8a6b4f882b487d3e08e334566d25d5d38e55

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Wed, 31 Aug 2022 16:16:24 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
637671
cf-polished
origSize=90165, status=webp_bigger
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
85727
last-modified
Wed, 09 Oct 2019 16:06:53 GMT
server
cloudflare
etag
"a6c89bb079950765946aeeda42e13d01"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UJXFU1TEpgMoUmityacgKGmLabuCPGVkFa8LF6Z9L5dzVqDtmHoX94bwARyhAm37y8%2BWqyCHFiqFrqsWydTkjBpQvZwnq7gtxmY5R%2FJvelCWMAiCscHhgOpzsnHilR9amWcxFjljFyzndpx5"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
expires
Thu, 01 Sep 2022 16:16:24 GMT
cache-control
public, max-age=86400
accept-ranges
bytes
cf-ray
74371206dd1b8fe8-FRA
cf-bgj
imgq:85,h2pri
A936526A7BBD1A3667304FF9801CD69D64491F536141498A04EE917B95C4F41805FB0684491C85587102A447B68BEB66A82BA2BA68F7C41066BBF7DD19871BB8
assets.ad4m.at/logo/ Frame 0871 		15 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.ad4m.at/logo/A936526A7BBD1A3667304FF9801CD69D64491F536141498A04EE917B95C4F41805FB0684491C85587102A447B68BEB66A82BA2BA68F7C41066BBF7DD19871BB8
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=196438%2C24673%2C34817&b=GjeTBfpfXwx9UKHeHGtPt31dHZSYTeA9tE%2C4rehEf5fRAzhGH9HdtAtmJAsbSpTr6XuK%2Cr2GcQf9fwMQUAH7HjtqtgdXaYS8TKxdhd&f=Vx7fwfmfDjJEfVHbHAtXC8j4cBSzTzQkTQ%2Cr2GcQf9fd3jTAH7HjtJCBwxuYS8TKxdhd%2CPxefBfbfG17F9HjHbtgCrD6tJS9TPM7Fp&c=300&d=600&e=&g=ea4d1e2242c4cccaa937fb57af9526dd%2F5045102898133266633&i=25174%2C20430%2C27788&j=16%2C21%2C22&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&r=1661962584011&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1g7wwmgwvwhb06g0gmkc30zdataskx208qfknckm8bns7zr54rp58gaqsdeb8sfrwf72j74vyc7166yxbyab5mehfsxss37fja8w6swj71hhep869jt0x66t8jnr4qy2mhc56853hbsapqvbs4jqrknb9q48s30xzax8a0bxm87zw1rxbda93cq5ys0f2jcshp9n7fztyrrkc4h3k42kkaamdv4kxtq1wgxxy5pe05px20n3e9p5x8t00nce091phb3fjaz2mnexj%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCX5LxVokPY4DtJMTtgQeEg6H4AZDhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTQ5MjI5NTQzOTQ1ODQ2NjWgAcKu6N0DyAEJqQKLyfoBn8qwPuACAKgDAaoElAJP0HiLrnkivyadFVGiFcalUA72NXlrnWxFvxIAh0-6l-1xkihUJsB9GRIGfEUbzpxxa21zZ1K-orfX6D-UyZKU_QocCojREOaHHW_oEITVOM57ZT9UcaiXbd0VPetUH9jQZnY_P3bA6U05SnkCuKZ_OtRKSZ7cuHwAvIIg2jKAss8Ox2jLf15AaHByWj7P9prLeEHGHvf-iZBLArml2q7ckhVeNy3o_952I7VmO7mzeiBNaMK_vuONY_DPJvIJYNa_m4Re4C7QedQYfHjGSee-xMMkirCKusGto7MP-t8onkpZxKTMiLFcAbQZigJVUg6gQlxGVkpfrK0Bq9ACv4LBZgp_pk9V89aaALT60f5b_zLMeOHgBAGABuPMp6eF8Y2wSqAGIagHipixAqgHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_26JN6B9s3jbrknJI8aorEoKy2UJQ%2526client%253Dca-pub-4922954394584665%2526adurl%253D&y=1&s=&z=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d5661858a1ac96084163595f8a5da3f9c0208037dbe609d6a8bbe48ada46c3b5

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Wed, 31 Aug 2022 16:16:24 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
601739
cf-polished
origFmt=png, origSize=26777
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
15238
last-modified
Tue, 07 Jul 2020 09:20:40 GMT
server
cloudflare
etag
"018a5f3736332bfa050998ec8f72beb4"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=IcHaJ6C4C%2F40q8JWd4%2FM%2BSf%2Fo%2BRLGGDLX1ONirECHtWNAmm07NWK1OeQ67SzubP299NOQNQfM%2BlJdMl2DkMWCagrddOWZv1VX6RBVH1hnsyl4F2f8w9Co%2FV21T0XNINXDSXRSxwQ7GXtif8D"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
expires
Thu, 01 Sep 2022 16:16:24 GMT
cache-control
public, max-age=86400
accept-ranges
bytes
cf-ray
74371206dd1c8fe8-FRA
cf-bgj
imgq:85,h2pri
52C7C866C7F644A8C39C4B78EFE0EFBE1B0FFFD5D2B44A8751709DAD31620FC583834239268074FF9E49DB6C08DE61E47C3537B120811B878B4ABF91B03376DA
assets.ad4m.at/product_image/ Frame 0871 		403 KB
404 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.ad4m.at/product_image/52C7C866C7F644A8C39C4B78EFE0EFBE1B0FFFD5D2B44A8751709DAD31620FC583834239268074FF9E49DB6C08DE61E47C3537B120811B878B4ABF91B03376DA
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=196438%2C24673%2C34817&b=GjeTBfpfXwx9UKHeHGtPt31dHZSYTeA9tE%2C4rehEf5fRAzhGH9HdtAtmJAsbSpTr6XuK%2Cr2GcQf9fwMQUAH7HjtqtgdXaYS8TKxdhd&f=Vx7fwfmfDjJEfVHbHAtXC8j4cBSzTzQkTQ%2Cr2GcQf9fd3jTAH7HjtJCBwxuYS8TKxdhd%2CPxefBfbfG17F9HjHbtgCrD6tJS9TPM7Fp&c=300&d=600&e=&g=ea4d1e2242c4cccaa937fb57af9526dd%2F5045102898133266633&i=25174%2C20430%2C27788&j=16%2C21%2C22&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&r=1661962584011&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1g7wwmgwvwhb06g0gmkc30zdataskx208qfknckm8bns7zr54rp58gaqsdeb8sfrwf72j74vyc7166yxbyab5mehfsxss37fja8w6swj71hhep869jt0x66t8jnr4qy2mhc56853hbsapqvbs4jqrknb9q48s30xzax8a0bxm87zw1rxbda93cq5ys0f2jcshp9n7fztyrrkc4h3k42kkaamdv4kxtq1wgxxy5pe05px20n3e9p5x8t00nce091phb3fjaz2mnexj%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCX5LxVokPY4DtJMTtgQeEg6H4AZDhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTQ5MjI5NTQzOTQ1ODQ2NjWgAcKu6N0DyAEJqQKLyfoBn8qwPuACAKgDAaoElAJP0HiLrnkivyadFVGiFcalUA72NXlrnWxFvxIAh0-6l-1xkihUJsB9GRIGfEUbzpxxa21zZ1K-orfX6D-UyZKU_QocCojREOaHHW_oEITVOM57ZT9UcaiXbd0VPetUH9jQZnY_P3bA6U05SnkCuKZ_OtRKSZ7cuHwAvIIg2jKAss8Ox2jLf15AaHByWj7P9prLeEHGHvf-iZBLArml2q7ckhVeNy3o_952I7VmO7mzeiBNaMK_vuONY_DPJvIJYNa_m4Re4C7QedQYfHjGSee-xMMkirCKusGto7MP-t8onkpZxKTMiLFcAbQZigJVUg6gQlxGVkpfrK0Bq9ACv4LBZgp_pk9V89aaALT60f5b_zLMeOHgBAGABuPMp6eF8Y2wSqAGIagHipixAqgHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_26JN6B9s3jbrknJI8aorEoKy2UJQ%2526client%253Dca-pub-4922954394584665%2526adurl%253D&y=1&s=&z=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
643cf24f7569d3cda7d4598dd4b96f90d8d60671dc4b6c243f5c6914611f9492

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Wed, 31 Aug 2022 16:16:24 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
672738
cf-polished
origFmt=png, origSize=669222
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
412660
last-modified
Mon, 22 Aug 2022 11:16:04 GMT
server
cloudflare
etag
"ad814cb2316f0d12219f879b7a2dee5e"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zm2qI4nNnDuNw9T4gmi%2FLynHtaZML3lD%2FXawpupOTZAk7m0AqRYpzkLbSjafuuiNLw3tZOFck%2FbVT7M%2BhSXXKT1QFzsCmtrkEoGK%2B5sO22c9y6QRkhDonU1c%2FRTvh75vAD%2BJhQlOvGLOFARN"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
expires
Thu, 01 Sep 2022 16:16:24 GMT
cache-control
public, max-age=86400
accept-ranges
bytes
cf-ray
74371206dd1d8fe8-FRA
cf-bgj
imgq:85,h2pri
view.aspx
pb.media01.eu/ Frame 0871
Redirect Chain
  • https://pv.medialead.de/trck/epv/2aed39855b5f46b7a748752d73036483?t=htlp&subid=oneidr2GcQf9fwMQUAH7HjtqtgdXaYS8TKxdhdoneid__dc_reach_suite02wkz&gdpr_consent=&gdpr=0&gdpr_pd=0
  • https://pb.media01.eu/view.aspx?trackid=529D4F146E3238B0FD87AE72E1190AD4&dt_subid1=57372&dt_subid2=oneidr2GcQf9fwMQUAH7HjtqtgdXaYS8TKxdhdoneid__dc_reach_suite02wkz&actionid=981741&produktid=&dt_url=
0
36 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pb.media01.eu/view.aspx?trackid=529D4F146E3238B0FD87AE72E1190AD4&dt_subid1=57372&dt_subid2=oneidr2GcQf9fwMQUAH7HjtqtgdXaYS8TKxdhdoneid__dc_reach_suite02wkz&actionid=981741&produktid=&dt_url=
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=196438%2C24673%2C34817&b=GjeTBfpfXwx9UKHeHGtPt31dHZSYTeA9tE%2C4rehEf5fRAzhGH9HdtAtmJAsbSpTr6XuK%2Cr2GcQf9fwMQUAH7HjtqtgdXaYS8TKxdhd&f=Vx7fwfmfDjJEfVHbHAtXC8j4cBSzTzQkTQ%2Cr2GcQf9fd3jTAH7HjtJCBwxuYS8TKxdhd%2CPxefBfbfG17F9HjHbtgCrD6tJS9TPM7Fp&c=300&d=600&e=&g=ea4d1e2242c4cccaa937fb57af9526dd%2F5045102898133266633&i=25174%2C20430%2C27788&j=16%2C21%2C22&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&r=1661962584011&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1g7wwmgwvwhb06g0gmkc30zdataskx208qfknckm8bns7zr54rp58gaqsdeb8sfrwf72j74vyc7166yxbyab5mehfsxss37fja8w6swj71hhep869jt0x66t8jnr4qy2mhc56853hbsapqvbs4jqrknb9q48s30xzax8a0bxm87zw1rxbda93cq5ys0f2jcshp9n7fztyrrkc4h3k42kkaamdv4kxtq1wgxxy5pe05px20n3e9p5x8t00nce091phb3fjaz2mnexj%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCX5LxVokPY4DtJMTtgQeEg6H4AZDhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTQ5MjI5NTQzOTQ1ODQ2NjWgAcKu6N0DyAEJqQKLyfoBn8qwPuACAKgDAaoElAJP0HiLrnkivyadFVGiFcalUA72NXlrnWxFvxIAh0-6l-1xkihUJsB9GRIGfEUbzpxxa21zZ1K-orfX6D-UyZKU_QocCojREOaHHW_oEITVOM57ZT9UcaiXbd0VPetUH9jQZnY_P3bA6U05SnkCuKZ_OtRKSZ7cuHwAvIIg2jKAss8Ox2jLf15AaHByWj7P9prLeEHGHvf-iZBLArml2q7ckhVeNy3o_952I7VmO7mzeiBNaMK_vuONY_DPJvIJYNa_m4Re4C7QedQYfHjGSee-xMMkirCKusGto7MP-t8onkpZxKTMiLFcAbQZigJVUg6gQlxGVkpfrK0Bq9ACv4LBZgp_pk9V89aaALT60f5b_zLMeOHgBAGABuPMp6eF8Y2wSqAGIagHipixAqgHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_26JN6B9s3jbrknJI8aorEoKy2UJQ%2526client%253Dca-pub-4922954394584665%2526adurl%253D&y=1&s=&z=0
Protocol
H2
Server
88.198.250.30 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.88-198-250-30.clients.your-server.de
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Wed, 31 Aug 2022 16:16:22 GMT
x-aspnet-version
4.0.30319
x-powered-by
ASP.NET
p3p
policyref="https://pb.media01.eu/pb.media01.eu/p3p.xml", CP="NOI NID PSA OUR BUS NAV STA"
content-length
0
x-xss-protection
1; mode=block
pragma
no-cache
last-modified
Wed, 31 Aug 2022 06:16:23 GMT
server
Microsoft-IIS/10.0
access-control-allow-methods
GET,POST
content-type
text/html; charset=UTF-8
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
access-control-allow-headers
Content-Type, Content-Range, Content-Disposition, Content-Description, X-XSRF-TOKEN, X-Location
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

Date
Wed, 31 Aug 2022 16:16:24 GMT
Server
nginx/1.17.5
Host
pv.medialead.de
X-IPLB-Request-ID
B9D59BA6:9BCC_91EFC182:01BB_630F8958_690E7C6:2A46B
X-IPLB-Instance
40027
Strict-Transport-Security
max-age=15768000
Content-Type
application/javascript
Location
https://pb.media01.eu/view.aspx?trackid=529D4F146E3238B0FD87AE72E1190AD4&dt_subid1=57372&dt_subid2=oneidr2GcQf9fwMQUAH7HjtqtgdXaYS8TKxdhdoneid__dc_reach_suite02wkz&actionid=981741&produktid=&dt_url=
Keep-Alive
timeout=20
Content-Length
0
Proxy-Host
pv.medialead.de
frame.html
ad4m.at/ Frame 14CB 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ad4m.at/frame.html
Requested by
Host: ad4m.at
URL: https://ad4m.at/fxpcopuw.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5d485f783c7cc440cba21bb750ce67e191bce0783bfc6cff5f98e236e401b7ab

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
504673
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
public, max-age=3600
cf-cache-status
HIT
cf-ray
74371206cc46bbb0-FRA
content-encoding
br
content-language
en
content-type
text/html; charset=utf-8
date
Wed, 31 Aug 2022 16:16:24 GMT
expires
Thu, 25 Aug 2022 20:10:16 GMT
last-modified
Thu, 25 Aug 2022 14:12:41 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cUxBXM5iUBTtduJ9bbzOzRAVStYsDCPS6N%2BlwZ9y3VigkTh3YmKjnB2d4gdQKR2srw0l1RLctnyf4jzaeolOX%2FvMMHHR%2Fgdd3YL9%2BwDVZh65Srd8dI9j8eAvU3HwQkrMthAKVps%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
2.691622e4391d1973cb65.js
platform.twitter.com/_next/static/chunks/ Frame 9C56 		23 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://platform.twitter.com/_next/static/chunks/2.691622e4391d1973cb65.js
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/_next/static/chunks/runtime-d2ba011899a8bc832546.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (frb/669E) /
Resource Hash
2adcd0a627dee2ac4ab782a00745d7678e374dc4625ddf673a88121977d77c67

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://syndication.twitter.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

Date
Wed, 31 Aug 2022 16:16:24 GMT
Content-Encoding
gzip
Age
65995
X-Cache
HIT
P3P
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server-Timing
x-cache;desc= HIT,x-tw-cdn;desc=VZ,edge;dur=1
Content-Length
7674
x-tw-cdn
VZ
Last-Modified
Wed, 17 Aug 2022 17:37:20 GMT
Server
ECS (frb/669E)
Etag
"942b5b928a24465d1906b4716131d896+gzip"
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET
Content-Type
application/javascript; charset=utf-8
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=315360000
14.8d9ed21e253369e85f0a.js
platform.twitter.com/_next/static/chunks/ Frame 9C56 		40 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://platform.twitter.com/_next/static/chunks/14.8d9ed21e253369e85f0a.js
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/_next/static/chunks/runtime-d2ba011899a8bc832546.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (frb/67F3) /
Resource Hash
a9abb833a0d3df0d1c33e6cee9bd8e40655483413e1e202c47d9cecb24418584

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://syndication.twitter.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

Date
Wed, 31 Aug 2022 16:16:24 GMT
Content-Encoding
gzip
Age
65991
X-Cache
HIT
P3P
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server-Timing
x-cache;desc= HIT,x-tw-cdn;desc=VZ,edge;dur=1
Content-Length
12745
x-tw-cdn
VZ
Last-Modified
Wed, 17 Aug 2022 17:37:20 GMT
Server
ECS (frb/67F3)
Etag
"6a6ada61cc54ce359670b337884e3973+gzip"
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET
Content-Type
application/javascript; charset=utf-8
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=315360000
aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE2OjksY19maWxsLGVfc2hhcnBlbjoxMDAsZl9qcGcsZ19mYWNlczphdXRvLHFfYXV0bzpnb29kLHdfMTAyMC9odHRwOi8vaW1naG9zdHMuY29tL3QvMjAyMi0wOC8xMjUzMDgvMzU5M...
s-img.mgid.com/g/13801735/492x277/-/ 		18 KB
18 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s-img.mgid.com/g/13801735/492x277/-/aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE2OjksY19maWxsLGVfc2hhcnBlbjoxMDAsZl9qcGcsZ19mYWNlczphdXRvLHFfYXV0bzpnb29kLHdfMTAyMC9odHRwOi8vaW1naG9zdHMuY29tL3QvMjAyMi0wOC8xMjUzMDgvMzU5MGFjODU2YzQzNzQ5NWU3MmVkZmFiMjRhNmIwNGQucG5n.webp?v=1661962583-Rm2hCiRlV2jGHo0rZHGge04lIaCgfmSBsNBY0892oDo
Requested by
Host: www.publinews.gt
URL: https://www.publinews.gt/gt/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:1::6813:844e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8ab2e236a9d9c8ab68da49e83a457d58223c9485146143695b11a71e27936035

Request headers

Referer
https://www.publinews.gt/
Origin
https://www.publinews.gt
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Wed, 31 Aug 2022 16:16:24 GMT
cf-cache-status
HIT
last-modified
Tue, 16 Aug 2022 10:03:43 GMT
x-mg-request-uuid
a0a3dc69-08b5-4a00-b457-557183302c78
age
1318361
vary
Accept-Encoding
content-type
image/webp
access-control-allow-origin
*
cache-control
immutable, max-age=31536000
accept-ranges
bytes
cf-ray
743712073de59202-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
17982
server
cloudflare
aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE2OjksY19maWxsLGVfc2hhcnBlbjoxMDAsZl9qcGcsZ19mYWNlczphdXRvLHFfYXV0bzpnb29kLHdfMTAyMC9odHRwOi8vaW1naG9zdHMuY29tL3QvMjAyMi0wOC82MTc4MDQvYTE0Y...
s-img.mgid.com/g/13789370/492x277/-/ 		34 KB
35 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s-img.mgid.com/g/13789370/492x277/-/aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE2OjksY19maWxsLGVfc2hhcnBlbjoxMDAsZl9qcGcsZ19mYWNlczphdXRvLHFfYXV0bzpnb29kLHdfMTAyMC9odHRwOi8vaW1naG9zdHMuY29tL3QvMjAyMi0wOC82MTc4MDQvYTE0YWMxYjRiYjg4MzkxN2U0YTQ3YzI5NWJiMWI2NWEuanBn.webp?v=1661962583-OWbrf9_syEqJBxSiAVvVsOV-8AAb3uESUYcX1X50MmA
Requested by
Host: www.publinews.gt
URL: https://www.publinews.gt/gt/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:1::6813:844e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
67c76dc49e784d88116f5822e4cc1f368adbad41575c6d7f9c5970e97917a40a

Request headers

Referer
https://www.publinews.gt/
Origin
https://www.publinews.gt
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Wed, 31 Aug 2022 16:16:24 GMT
cf-cache-status
HIT
last-modified
Mon, 29 Aug 2022 05:07:48 GMT
x-mg-request-uuid
6f981994-4fa9-4b23-9c64-ebacb04c4481
age
205990
vary
Accept-Encoding
content-type
image/webp
access-control-allow-origin
*
cache-control
immutable, max-age=31536000
accept-ranges
bytes
cf-ray
743712073de69202-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
34880
server
cloudflare
aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE2OjksY19maWxsLGVfc2hhcnBlbjoxMDAsZl9qcGcsZ19mYWNlczphdXRvLHdfMTAyMC9odHRwOi8vaW1naG9zdHMuY29tL3QvMjAyMi0wMy81NjkyOTkvOGRjMmE3NDNkZjAyNzZhM...
s-img.mgid.com/g/12569707/492x277/-/ 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s-img.mgid.com/g/12569707/492x277/-/aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE2OjksY19maWxsLGVfc2hhcnBlbjoxMDAsZl9qcGcsZ19mYWNlczphdXRvLHdfMTAyMC9odHRwOi8vaW1naG9zdHMuY29tL3QvMjAyMi0wMy81NjkyOTkvOGRjMmE3NDNkZjAyNzZhMTdiNWY5NWM0OTJiYWU5MDIuanBlZw.webp?v=1661962583-v9CFE0MAeLVGo-I2bKfDcJyyexmsaxFPJkHJO8cGz6o
Requested by
Host: www.publinews.gt
URL: https://www.publinews.gt/gt/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:1::6813:844e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
eb8bb874ced68a143fee84a02bd867070bdada50718cddbf7cab321a4434e37b

Request headers

Referer
https://www.publinews.gt/
Origin
https://www.publinews.gt
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Wed, 31 Aug 2022 16:16:24 GMT
cf-cache-status
HIT
last-modified
Wed, 01 Jun 2022 13:15:00 GMT
x-mg-request-uuid
ffd1de5c-9d4d-4f98-a909-86423430b0bd
age
6178166
vary
Accept-Encoding
content-type
image/webp
access-control-allow-origin
*
cache-control
immutable, max-age=31536000
accept-ranges
bytes
cf-ray
743712073de79202-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
5854
server
cloudflare
aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE2OjksY19maWxsLGVfc2hhcnBlbjoxMDAsZl9qcGcsZ19mYWNlczphdXRvLHdfMTAyMC9odHRwOi8vaW1naG9zdHMuY29tL3QvMjAyMS0wOS82NjM2NjEvZWEyOGI1NWE2NDBjMzU0N...
s-img.mgid.com/g/10570877/492x277/-/ 		10 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s-img.mgid.com/g/10570877/492x277/-/aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE2OjksY19maWxsLGVfc2hhcnBlbjoxMDAsZl9qcGcsZ19mYWNlczphdXRvLHdfMTAyMC9odHRwOi8vaW1naG9zdHMuY29tL3QvMjAyMS0wOS82NjM2NjEvZWEyOGI1NWE2NDBjMzU0NmIwNTQ1N2UwNWRkNmM5NWUuanBn.webp?v=1661962583-5w6z-9KEAZJ-05A4_OBW8YFsukABg3_XdDaO-5tI5kY
Requested by
Host: www.publinews.gt
URL: https://www.publinews.gt/gt/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:1::6813:844e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3b6f3efd187f04f21473a169ee06ef416610cfe21b4675d1c5bf562dd0364311

Request headers

Referer
https://www.publinews.gt/
Origin
https://www.publinews.gt
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Wed, 31 Aug 2022 16:16:24 GMT
cf-cache-status
HIT
last-modified
Wed, 31 Aug 2022 07:30:29 GMT
x-mg-request-uuid
bfd234f8-f6f2-4378-a715-b3209f553791
age
31481
vary
Accept-Encoding
content-type
image/webp
access-control-allow-origin
*
cache-control
immutable, max-age=31536000
accept-ranges
bytes
cf-ray
743712073de89202-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
10442
server
cloudflare
bg1.jpg
s0.2mdn.net/sadbundle/7739233682091568744/ Frame 8767 		73 KB
73 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/7739233682091568744/bg1.jpg
Requested by
Host: b646121064d0d0dec321ab1288f34722.safeframe.googlesyndication.com
URL: https://b646121064d0d0dec321ab1288f34722.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
50deacfc0374b281980e3e8a2d68a8b961c687d2b73f22994ed41fb3ccb7d377
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/7739233682091568744/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Tue, 30 Aug 2022 12:56:22 GMT
x-content-type-options
nosniff
age
98402
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
74362
x-xss-protection
0
last-modified
Tue, 09 Aug 2022 12:43:58 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 30 Aug 2023 12:56:22 GMT
b1.png
s0.2mdn.net/sadbundle/7739233682091568744/ Frame 8767 		877 B
904 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/7739233682091568744/b1.png
Requested by
Host: b646121064d0d0dec321ab1288f34722.safeframe.googlesyndication.com
URL: https://b646121064d0d0dec321ab1288f34722.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5d9451e75d7a60b38e38003cd5b072b870271d8a9921d47991df2cba06863128
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/7739233682091568744/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Tue, 30 Aug 2022 12:56:22 GMT
x-content-type-options
nosniff
age
98402
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
877
x-xss-protection
0
last-modified
Tue, 09 Aug 2022 12:43:58 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 30 Aug 2023 12:56:22 GMT
h1.png
s0.2mdn.net/sadbundle/7739233682091568744/ Frame 8767 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/7739233682091568744/h1.png
Requested by
Host: b646121064d0d0dec321ab1288f34722.safeframe.googlesyndication.com
URL: https://b646121064d0d0dec321ab1288f34722.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c64eb30e934bbee8993ae2e2f7df1d6079953bb8a948567e2686624591d26d98
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/7739233682091568744/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Tue, 30 Aug 2022 12:56:22 GMT
x-content-type-options
nosniff
age
98402
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2955
x-xss-protection
0
last-modified
Tue, 09 Aug 2022 12:43:58 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 30 Aug 2023 12:56:22 GMT
h2.png
s0.2mdn.net/sadbundle/7739233682091568744/ Frame 8767 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/7739233682091568744/h2.png
Requested by
Host: b646121064d0d0dec321ab1288f34722.safeframe.googlesyndication.com
URL: https://b646121064d0d0dec321ab1288f34722.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
2976de7df6625cf8186411b0ba90f8afc10717c1f2f55ebe62b3371941e18697
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/7739233682091568744/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Tue, 30 Aug 2022 12:56:22 GMT
x-content-type-options
nosniff
age
98402
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4989
x-xss-protection
0
last-modified
Tue, 09 Aug 2022 12:43:58 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 30 Aug 2023 12:56:22 GMT
h3.png
s0.2mdn.net/sadbundle/7739233682091568744/ Frame 8767 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/7739233682091568744/h3.png
Requested by
Host: b646121064d0d0dec321ab1288f34722.safeframe.googlesyndication.com
URL: https://b646121064d0d0dec321ab1288f34722.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
78abd74417e0310e10523e6ec498536ec9afb793de4b72fde0001aeb4c55a0e9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/7739233682091568744/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Tue, 30 Aug 2022 12:56:22 GMT
x-content-type-options
nosniff
age
98402
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3217
x-xss-protection
0
last-modified
Tue, 09 Aug 2022 12:43:58 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 30 Aug 2023 12:56:22 GMT
cta.png
s0.2mdn.net/sadbundle/7739233682091568744/ Frame 8767 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/7739233682091568744/cta.png
Requested by
Host: b646121064d0d0dec321ab1288f34722.safeframe.googlesyndication.com
URL: https://b646121064d0d0dec321ab1288f34722.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0656e68659a6f67205f929ca07bfc39ba8636ac997bb47ddccd590547a0e0661
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/7739233682091568744/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Tue, 30 Aug 2022 12:56:22 GMT
x-content-type-options
nosniff
age
98402
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2178
x-xss-protection
0
last-modified
Tue, 09 Aug 2022 12:43:58 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 30 Aug 2023 12:56:22 GMT
logo.png
s0.2mdn.net/sadbundle/7739233682091568744/ Frame 8767 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/7739233682091568744/logo.png
Requested by
Host: b646121064d0d0dec321ab1288f34722.safeframe.googlesyndication.com
URL: https://b646121064d0d0dec321ab1288f34722.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
9b8a9b490d2e412d04433ba53b222bbc8578a2e40e62daac1fcfb0605a29da5a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/7739233682091568744/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Tue, 30 Aug 2022 12:56:22 GMT
x-content-type-options
nosniff
age
98402
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1517
x-xss-protection
0
last-modified
Tue, 09 Aug 2022 12:43:58 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 30 Aug 2023 12:56:22 GMT
view
googleads4.g.doubleclick.net/pcs/ Frame 85EA 		0
26 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsuOaG5OmsUSwll7PB-OWWBnimqFpasPUv_c84KSdrnBbt9BCWe-63w5MkczAEokacHLiTQiT84gomPEQzXa7mURtret976RaGqjoDDlnW9p_G7IzxiGIN1PEr8crTxz18lvZf_C4j-Tj2jAT9Hih3W3uxFMvkAQyc8MrYh1kRFNW5iqP7GdUqa9bHlpCEEAcn_IzGi6oNXVmfDVsLVcgLlehMELSecLsZYRRKqwqAXKZ3fXVFE0wYAkJfxC2cXnugpI_oDHx3P3DPimusIqDgnqVLJSLdNPelqs7-_qpRMsf9VstB-RqqNWY30umc9QscgYyzqqfPiuduWqMYWWphrLoQ6GBgf1qFPAigkl0Nhtk285Bd4wwKGeAa_s6HqOe-rOoVJ66LVzSbw6qiWt75FXsmZcR7SRsYOKNcxqnQ2GJt9GVuSqSMgs78zZ1lBHXBzuHzUXNK_J5nnXzQdGYmGRujrj-RWbM8DCW57OFj8lv7EXU2YNTMe-ozfKvmRO5Brq-91VWgqvSqPo3CqdA67zrCSjbG-58OloVqlonZY_uPEF3e4bJq5WYMEaUUv12eWWV76JprvYdxSXkVVFaHN7c9mWQzhRdciAxdJhPUlDc_mTleotYYJt4xao8heydwt54AkYu2imQCi-OPuLVMTQozSrskd4RrCD5bXsxcDVlETVxshVJPQ_f0q_eoUTOLhIlDEOFMK0-iEKUgvUY7CQAbcbR-JbQln8RObuwbq_XqA5MSZ2Q2EojmYSMNZj9SO_phK52hqzgAyFJ9aIJ2-HUcVztbjR6AhHSmQuVk8ZAxb6ZLqlM3cXeK1eoyGAjBAbChubjXAziC08ecWrANFlRqZ5QzlS68V6juDbv_gn8n2o-nkswGFAOQfBfFQGaP8XQO2q7XpK0zjkUH4FKInelQuxTmVZDSRaWZgUbNxTUu-1Unr__13Wj_EIUiu7kC_PM4-Z6n9OPiu9Xq7paYhy-2xf7j0NcgfBU9cDMS-FjESGHBMzDEVqYWJaTrFRdgkKIbl0HVggJkeA8kwIMBmS-3g5Smh6l6R3_R7o08FNp5QpRy5WWhGj_FEcoKjCXZr-cEo7AuFIS-RhDtkDhlZgPbN808y4Gkh1bTYaEPuCiUBGYrCi40DIFWhe16mfldb4NUFGbAZVKxMTZ42KwWm-nj7oLGQExYf_ZhZ6ZQQbrz_iNajDmtLG53pM8FyeTybD0y4EDoEEPkQDtiNAOL3fOtou_Ptzo83zbdsLirBHfvZB_C7bFAQMcsMtrmcjC9hUos-2Uvx-QbHP-wpqk_m1lolj1zm1Tqud3RiyEuq992VU5LqGZmp5CjiV4uo&sai=AMfl-YToN-hmUYUpOwbj7L9VJIJd7fdmh8xMYcxESQB855xQzlsxZqsUa80UeM0mApTLyNMZb88y4ang6AuyNi_JNeueesfHy-bH-RZ8-EUSSjQp-Ty18J_PXavsyVooW3npvIJG2cECdNonJd-UaoCBhGHgXjRCfRbrsJum6RqpKBH9nnTHmNCP1NeHxcoKyICuTKExOD5ilKXpR2DsU2M1GQ&sig=Cg0ArKJSzLa6tVqlRfq1EAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=623&vt=11&dtpt=303&dett=3&cstd=318&cisv=r20220829.54064&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&adurl=
Requested by
Host: www.publinews.gt
URL: https://www.publinews.gt/gt/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://b646121064d0d0dec321ab1288f34722.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 31 Aug 2022 16:16:24 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
link.html
track.webgains.com/ Frame 0871 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://track.webgains.com/link.html?wglinkid=713569&wgcampaignid=1384975&js=1&nw=1&wgtarget=https%3A%2F%2Fas.ad4m.at%2Fad%2Frct%3Fed%3D1jmjzqmrzwqg6qpj640t60txyfddady2e0nwwgg5bg0m6ceydmvat5485tje0mazm58ssyaebmdg7q1e7g6r723jqanee8qq4sr2ttsnsyxdgbq5y62ysjb5yps81hgrsd0f571a5hqdzttjjc3kwdwp9ghjxw3nb3zs07y3fme5dder56zkxsywpcx346d97cjaag7hp9xm1fzq77nekfk9h212a1sq57vv5yvxykdzdd4fqmc4hdrcrdfekzt4a0%26a%3Dhttps%253A%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1g7wwmgwvwhb06g0gmkc30zdataskx208qfknckm8bns7zr54rp58gaqsdeb8sfrwf72j74vyc7166yxbyab5mehfsxss37fja8w6swj71hhep869jt0x66t8jnr4qy2mhc56853hbsapqvbs4jqrknb9q48s30xzax8a0bxm87zw1rxbda93cq5ys0f2jcshp9n7fztyrrkc4h3k42kkaamdv4kxtq1wgxxy5pe05px20n3e9p5x8t00nce091phb3fjaz2mnexj%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DCX5LxVokPY4DtJMTtgQeEg6H4AZDhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTQ5MjI5NTQzOTQ1ODQ2NjWgAcKu6N0DyAEJqQKLyfoBn8qwPuACAKgDAaoElAJP0HiLrnkivyadFVGiFcalUA72NXlrnWxFvxIAh0-6l-1xkihUJsB9GRIGfEUbzpxxa21zZ1K-orfX6D-UyZKU_QocCojREOaHHW_oEITVOM57ZT9UcaiXbd0VPetUH9jQZnY_P3bA6U05SnkCuKZ_OtRKSZ7cuHwAvIIg2jKAss8Ox2jLf15AaHByWj7P9prLeEHGHvf-iZBLArml2q7ckhVeNy3o_952I7VmO7mzeiBNaMK_vuONY_DPJvIJYNa_m4Re4C7QedQYfHjGSee-xMMkirCKusGto7MP-t8onkpZxKTMiLFcAbQZigJVUg6gQlxGVkpfrK0Bq9ACv4LBZgp_pk9V89aaALT60f5b_zLMeOHgBAGABuPMp6eF8Y2wSqAGIagHipixAqgHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%252526num%25253D1%252526sig%25253DAOD64_26JN6B9s3jbrknJI8aorEoKy2UJQ%252526client%25253Dca-pub-4922954394584665%252526adurl%25253D&clickref=oneidr2GcQf9fd3jTAH7HjtJCBwxuYS8TKxdhdoneid__dc_reach_suite02wkz&viewref=oneid4rehEf5fRAzhGH9HdtAtmJAsbSpTr6XuKoneid__dc_reach_suite02wkz
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=196438%2C24673%2C34817&b=GjeTBfpfXwx9UKHeHGtPt31dHZSYTeA9tE%2C4rehEf5fRAzhGH9HdtAtmJAsbSpTr6XuK%2Cr2GcQf9fwMQUAH7HjtqtgdXaYS8TKxdhd&f=Vx7fwfmfDjJEfVHbHAtXC8j4cBSzTzQkTQ%2Cr2GcQf9fd3jTAH7HjtJCBwxuYS8TKxdhd%2CPxefBfbfG17F9HjHbtgCrD6tJS9TPM7Fp&c=300&d=600&e=&g=ea4d1e2242c4cccaa937fb57af9526dd%2F5045102898133266633&i=25174%2C20430%2C27788&j=16%2C21%2C22&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&r=1661962584011&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1g7wwmgwvwhb06g0gmkc30zdataskx208qfknckm8bns7zr54rp58gaqsdeb8sfrwf72j74vyc7166yxbyab5mehfsxss37fja8w6swj71hhep869jt0x66t8jnr4qy2mhc56853hbsapqvbs4jqrknb9q48s30xzax8a0bxm87zw1rxbda93cq5ys0f2jcshp9n7fztyrrkc4h3k42kkaamdv4kxtq1wgxxy5pe05px20n3e9p5x8t00nce091phb3fjaz2mnexj%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCX5LxVokPY4DtJMTtgQeEg6H4AZDhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTQ5MjI5NTQzOTQ1ODQ2NjWgAcKu6N0DyAEJqQKLyfoBn8qwPuACAKgDAaoElAJP0HiLrnkivyadFVGiFcalUA72NXlrnWxFvxIAh0-6l-1xkihUJsB9GRIGfEUbzpxxa21zZ1K-orfX6D-UyZKU_QocCojREOaHHW_oEITVOM57ZT9UcaiXbd0VPetUH9jQZnY_P3bA6U05SnkCuKZ_OtRKSZ7cuHwAvIIg2jKAss8Ox2jLf15AaHByWj7P9prLeEHGHvf-iZBLArml2q7ckhVeNy3o_952I7VmO7mzeiBNaMK_vuONY_DPJvIJYNa_m4Re4C7QedQYfHjGSee-xMMkirCKusGto7MP-t8onkpZxKTMiLFcAbQZigJVUg6gQlxGVkpfrK0Bq9ACv4LBZgp_pk9V89aaALT60f5b_zLMeOHgBAGABuPMp6eF8Y2wSqAGIagHipixAqgHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_26JN6B9s3jbrknJI8aorEoKy2UJQ%2526client%253Dca-pub-4922954394584665%2526adurl%253D&y=1&s=&z=0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.11.195.34 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-11-195-34.eu-west-2.compute.amazonaws.com
Software
nginx / PHP/7.4.26
Resource Hash
901fd916d0a59d9f1194de56f8d579b6b6f73b4e7a961f9ed2eaa734e80cd3b4

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Wed, 31 Aug 2022 16:16:24 GMT
last-modified
Wed, 31 Aug 2022 16:16:24 GMT
server
nginx
x-powered-by
PHP/7.4.26
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
content-type
text/html; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=60
access-control-allow-headers
Authorization
expires
Wed, 31 Aug 2022 16:17:24 GMT
viewability
hal90002.redintelligence.net/ Frame 7ECF 		0
150 B 		Script
General
Check archive.org
Download Go to
Full URL
https://hal90002.redintelligence.net/viewability?s=50921200115005400757589012068002&a=080c6ce6&vb=m
Requested by
Host: hal90002.redintelligence.net
URL: https://hal90002.redintelligence.net/request_content.php?s=50921200115005400757589012068002&a=be0f3559
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
46.4.10.47 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.47.10.4.46.clients.your-server.de
Software
Apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hal90002.redintelligence.net/request_content.php?s=50921200115005400757589012068002&a=be0f3559
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

Date
Wed, 31 Aug 2022 16:16:24 GMT
Server
Apache
Connection
close
Content-Length
0
Content-Type
text/html; charset=UTF-8
truncated
/ Frame 7ECF 		43 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

Content-Type
image/gif
0.8f205dbb7b06b224e307.js
platform.twitter.com/_next/static/chunks/ Frame 9C56 		595 KB
183 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://platform.twitter.com/_next/static/chunks/0.8f205dbb7b06b224e307.js
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/_next/static/chunks/runtime-d2ba011899a8bc832546.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (frb/6763) /
Resource Hash
dfde5485c4fc9e9acca625d86fbeb240c9bd3ab78a395721aae49aa97b091c93

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://syndication.twitter.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

Date
Wed, 31 Aug 2022 16:16:24 GMT
Content-Encoding
gzip
Age
65995
X-Cache
HIT
P3P
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server-Timing
x-cache;desc= HIT,x-tw-cdn;desc=VZ,edge;dur=1
Content-Length
186671
x-tw-cdn
VZ
Last-Modified
Wed, 17 Aug 2022 17:37:22 GMT
Server
ECS (frb/6763)
Etag
"11f6449263029b9f59f18afa52cc99ed+gzip"
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET
Content-Type
application/javascript; charset=utf-8
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=315360000
1.5e254e44cdee3fa37dc8.js
platform.twitter.com/_next/static/chunks/ Frame 9C56 		1 MB
289 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://platform.twitter.com/_next/static/chunks/1.5e254e44cdee3fa37dc8.js
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/_next/static/chunks/runtime-d2ba011899a8bc832546.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (frb/6731) /
Resource Hash
61723fe95f866398ae8490661ffb77e0fcd3d5eb598eeebb1ed5e593049487e2

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://syndication.twitter.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

Date
Wed, 31 Aug 2022 16:16:24 GMT
Content-Encoding
gzip
Age
65995
X-Cache
HIT
P3P
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server-Timing
x-cache;desc= HIT,x-tw-cdn;desc=VZ,edge;dur=1
Content-Length
295182
x-tw-cdn
VZ
Last-Modified
Wed, 17 Aug 2022 17:37:20 GMT
Server
ECS (frb/6731)
Etag
"8ed3dcb9e2dee09ff8ca7e94a8527825+gzip"
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET
Content-Type
application/javascript; charset=utf-8
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=315360000
4.5238eaaf6e1b92b24f7e.js
platform.twitter.com/_next/static/chunks/ Frame 9C56 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://platform.twitter.com/_next/static/chunks/4.5238eaaf6e1b92b24f7e.js
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/_next/static/chunks/runtime-d2ba011899a8bc832546.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (frb/67D3) /
Resource Hash
7f9ae5335d4db51a427fcbd9d291958b98ac28713fa8b6dc8de328d9298a8735

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://syndication.twitter.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

Date
Wed, 31 Aug 2022 16:16:24 GMT
Content-Encoding
gzip
Age
65995
X-Cache
HIT
P3P
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server-Timing
x-cache;desc= HIT,x-tw-cdn;desc=,edge;dur=1
Content-Length
1220
x-tw-cdn
VZ
Last-Modified
Wed, 17 Aug 2022 17:37:20 GMT
Server
ECS (frb/67D3)
Etag
"5686b744ee1b68496ce70aace8e12820+gzip"
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET
Content-Type
application/javascript; charset=utf-8
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=315360000
rs
ad4m.at/ Frame BD17 		2 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ad4m.at/rs
Requested by
Host: ad4m.at
URL: https://ad4m.at/fxpcopuw.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8c5adf27e128161ea839fbef8772c2d83973870b34c44b8bbfeba7e41a49a669

Request headers

Referer
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
Content-Type
application/json

Response headers

cf-ray
743712080b7a9a1b-FRA
date
Wed, 31 Aug 2022 16:16:24 GMT
via
1.1 google
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=IyFzpZzd4oYvoJ3%2FdHFhydlLhVepF4pq0bUyQa0lvGdcWE11CCnCeNRS5kw06z3%2F%2Fvs7KySrhEUF%2BsATtgE1DFQtiFFWDtjV1D4uFu5UJ7tnH3LC7jysPe7y5%2FMHO1PV9iAhy7s%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/plain
access-control-allow-origin
https://as.ad4m.at
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
access-control-allow-credentials
true
content-encoding
br
x-backend-server
aa-reachservice-group-europe-west1-h8v1
rs
ad4m.at/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://ad4m.at/rs
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://as.ad4m.at
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
GET,PATCH,POST,OPTIONS,DELETE
access-control-allow-origin
https://as.ad4m.at
access-control-max-age
1800
allow
HEAD,POST,GET,OPTIONS
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
74371207cb0f9a1b-FRA
content-length
24
content-type
text/plain
date
Wed, 31 Aug 2022 16:16:24 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RSxjKTA0GCPU%2Fw3KPa6zmse6WRoD%2FmYkHLq6UUhhmrYF5CccuxpnehsyLexGA6woI3KDMlgPDLxd5zkDG0O3BWzHwvxNJqA36vMOz63p5ykzq%2B3%2BBNK27Iy02YKvgqsJ68FUHGU%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
via
1.1 google
x-backend-server
aa-reachservice-group-europe-west1-h8v1
ondemand.Dropdown.439f5863d42d2c4e587d.js
platform.twitter.com/_next/static/chunks/ Frame 9C56 		6 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://platform.twitter.com/_next/static/chunks/ondemand.Dropdown.439f5863d42d2c4e587d.js
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/_next/static/chunks/runtime-d2ba011899a8bc832546.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (frb/669F) /
Resource Hash
edb75c328dc364054a6afb3d5fecddde3c6298d89b15c96f9b77858a93d5df4c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://syndication.twitter.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

Date
Wed, 31 Aug 2022 16:16:24 GMT
Content-Encoding
gzip
Age
65995
X-Cache
HIT
P3P
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server-Timing
x-cache;desc= HIT,x-tw-cdn;desc=VZ,edge;dur=1
Content-Length
2595
x-tw-cdn
VZ
Last-Modified
Wed, 17 Aug 2022 17:37:20 GMT
Server
ECS (frb/669F)
Etag
"ecb940ef53fa7c0bf625b22f9af2b345+gzip"
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET
Content-Type
application/javascript; charset=utf-8
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=315360000
vendors~ondemand.LottieWeb.84a69543ec64b75cae2a.js
platform.twitter.com/_next/static/chunks/ Frame 9C56 		148 KB
42 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://platform.twitter.com/_next/static/chunks/vendors~ondemand.LottieWeb.84a69543ec64b75cae2a.js
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/_next/static/chunks/runtime-d2ba011899a8bc832546.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (frb/67BC) /
Resource Hash
222fa391f26a0b6f4b5d8459ada308e078e6d2e69707766e247692a6f45676c8

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://syndication.twitter.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

Date
Wed, 31 Aug 2022 16:16:24 GMT
Content-Encoding
gzip
Age
65995
X-Cache
HIT
P3P
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server-Timing
x-cache;desc= HIT,x-tw-cdn;desc=VZ,edge;dur=1
Content-Length
41941
x-tw-cdn
VZ
Last-Modified
Wed, 17 Aug 2022 17:37:21 GMT
Server
ECS (frb/67BC)
Etag
"72929dff5e574c1b877555fd36c7683a+gzip"
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET
Content-Type
application/javascript; charset=utf-8
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=315360000
like.3.json
abs.twimg.com/sticky/animations/ Frame 9C56 		19 KB
2 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://abs.twimg.com/sticky/animations/like.3.json
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/_next/static/chunks/1.5e254e44cdee3fa37dc8.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:233:8173:898f:63b3:95c3:79d2 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (frd/E2B0) /
Resource Hash
7d2cdcfb9a06ae6226f06b3cb14c4a53fa0f94ec5048dfb469d6834f6fb4e124
Security Headers
Name Value
Strict-Transport-Security max-age=631138519
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://syndication.twitter.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Wed, 31 Aug 2022 16:16:24 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
2778833
x-ton-expected-size
19835
x-cache
HIT
vary
Accept-Encoding
content-length
1627
x-response-time
9
surrogate-key
twitter-assets
last-modified
Tue, 15 Feb 2022 21:43:54 GMT
server
ECAcc (frd/E2B0)
etag
"b9munHAdxNyPtNl2GaO2bw=="
strict-transport-security
max-age=631138519
content-type
application/json
access-control-allow-origin
*
x-connection-hash
b2416fb8c94532ef46b2069f2a8d4ab6aa32507f9132cb6f6efe61940801c5b3
accept-ranges
bytes
timing-allow-origin
https://twitter.com, https://mobile.twitter.com
expires
Thu, 31 Aug 2023 16:16:24 GMT
FbgGk8lXkAEj4nH.jpg
pbs.twimg.com/tweet_video_thumb/ Frame 9C56 		17 KB
17 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pbs.twimg.com/tweet_video_thumb/FbgGk8lXkAEj4nH.jpg
Requested by
Host: syndication.twitter.com
URL: https://syndication.twitter.com/srv/timeline-profile/screen-name/PublinewsGT?dnt=false&embedId=twitter-widget-0&frame=false&lang=es&maxHeight=600&origin=https%3A%2F%2Fwww.publinews.gt%2Fgt%2F&sessionId=147a02f0d19ff09125b09e9c7a4d047b596aa85a&showHeader=true&showReplies=false&siteScreenName=PublinewsGT&widgetsVersion=31f0cdc1eaa0f%3A1660602114609
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42:41::159 Vienna, Austria, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
3f2974438a69463a4f473185623d3eccb715ceb3f02b8882daed5bb9758cf741
Security Headers
Name Value
Strict-Transport-Security max-age=631138519
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://syndication.twitter.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

strict-transport-security
max-age=631138519
x-content-type-options
nosniff
last-modified
Wed, 31 Aug 2022 16:04:22 GMT
date
Wed, 31 Aug 2022 16:16:24 GMT
x-tw-cdn
FT
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
max-age=604800, must-revalidate
x-cache
HIT, MISS
server-timing
x-cache;desc=MISS, x-tw-cdn;desc=FT
accept-ranges
bytes
timing-allow-origin
https://twitter.com, https://mobile.twitter.com
content-length
17246
x-served-by
cache-lhr6622-LHR, cache-vie6369-VIE, cache-tw-ZZZ1
FbgGcsgWIAIB6w9.jpg
pbs.twimg.com/tweet_video_thumb/ Frame 9C56 		17 KB
17 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pbs.twimg.com/tweet_video_thumb/FbgGcsgWIAIB6w9.jpg
Requested by
Host: syndication.twitter.com
URL: https://syndication.twitter.com/srv/timeline-profile/screen-name/PublinewsGT?dnt=false&embedId=twitter-widget-0&frame=false&lang=es&maxHeight=600&origin=https%3A%2F%2Fwww.publinews.gt%2Fgt%2F&sessionId=147a02f0d19ff09125b09e9c7a4d047b596aa85a&showHeader=true&showReplies=false&siteScreenName=PublinewsGT&widgetsVersion=31f0cdc1eaa0f%3A1660602114609
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42:41::159 Vienna, Austria, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
3f2974438a69463a4f473185623d3eccb715ceb3f02b8882daed5bb9758cf741
Security Headers
Name Value
Strict-Transport-Security max-age=631138519
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://syndication.twitter.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

strict-transport-security
max-age=631138519
x-content-type-options
nosniff
last-modified
Wed, 31 Aug 2022 16:03:48 GMT
date
Wed, 31 Aug 2022 16:16:24 GMT
x-tw-cdn
FT
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
max-age=604800, must-revalidate
x-cache
HIT, MISS
server-timing
x-cache;desc=MISS, x-tw-cdn;desc=FT
accept-ranges
bytes
timing-allow-origin
https://twitter.com, https://mobile.twitter.com
content-length
17246
x-served-by
cache-lhr7365-LHR, cache-vie6369-VIE, cache-tw-ZZZ1
LuRpxXV2_RAMSqDL.jpg
pbs.twimg.com/ext_tw_video_thumb/1565007271578505217/pu/img/ Frame 9C56 		77 KB
78 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pbs.twimg.com/ext_tw_video_thumb/1565007271578505217/pu/img/LuRpxXV2_RAMSqDL.jpg
Requested by
Host: syndication.twitter.com
URL: https://syndication.twitter.com/srv/timeline-profile/screen-name/PublinewsGT?dnt=false&embedId=twitter-widget-0&frame=false&lang=es&maxHeight=600&origin=https%3A%2F%2Fwww.publinews.gt%2Fgt%2F&sessionId=147a02f0d19ff09125b09e9c7a4d047b596aa85a&showHeader=true&showReplies=false&siteScreenName=PublinewsGT&widgetsVersion=31f0cdc1eaa0f%3A1660602114609
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42:41::159 Vienna, Austria, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
8bf7a7b8f6a4308ab1f43290220289403832769fd02ee219a4f5e7a74346f40e
Security Headers
Name Value
Strict-Transport-Security max-age=631138519
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://syndication.twitter.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

strict-transport-security
max-age=631138519
x-content-type-options
nosniff
last-modified
Wed, 31 Aug 2022 16:01:04 GMT
date
Wed, 31 Aug 2022 16:16:24 GMT
x-tw-cdn
FT
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
max-age=604800, must-revalidate
x-cache
HIT, MISS
server-timing
x-cache;desc=MISS, x-tw-cdn;desc=FT
accept-ranges
bytes
timing-allow-origin
https://twitter.com, https://mobile.twitter.com
content-length
79234
x-served-by
cache-lhr7334-LHR, cache-vie6369-VIE, cache-tw-ZZZ1
FbgESz0XwAMSgxP.jpg
pbs.twimg.com/tweet_video_thumb/ Frame 9C56 		17 KB
17 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pbs.twimg.com/tweet_video_thumb/FbgESz0XwAMSgxP.jpg
Requested by
Host: syndication.twitter.com
URL: https://syndication.twitter.com/srv/timeline-profile/screen-name/PublinewsGT?dnt=false&embedId=twitter-widget-0&frame=false&lang=es&maxHeight=600&origin=https%3A%2F%2Fwww.publinews.gt%2Fgt%2F&sessionId=147a02f0d19ff09125b09e9c7a4d047b596aa85a&showHeader=true&showReplies=false&siteScreenName=PublinewsGT&widgetsVersion=31f0cdc1eaa0f%3A1660602114609
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42:41::159 Vienna, Austria, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
3f2974438a69463a4f473185623d3eccb715ceb3f02b8882daed5bb9758cf741
Security Headers
Name Value
Strict-Transport-Security max-age=631138519
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://syndication.twitter.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

strict-transport-security
max-age=631138519
x-content-type-options
nosniff
last-modified
Wed, 31 Aug 2022 15:54:24 GMT
date
Wed, 31 Aug 2022 16:16:24 GMT
x-tw-cdn
FT
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
max-age=604800, must-revalidate
x-cache
HIT, MISS
server-timing
x-cache;desc=MISS, x-tw-cdn;desc=FT
accept-ranges
bytes
timing-allow-origin
https://twitter.com, https://mobile.twitter.com
content-length
17246
x-served-by
cache-lhr6626-LHR, cache-vie6369-VIE, cache-tw-ZZZ1
FbgBJAZXoAAjz4P.jpg
pbs.twimg.com/tweet_video_thumb/ Frame 9C56 		17 KB
17 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pbs.twimg.com/tweet_video_thumb/FbgBJAZXoAAjz4P.jpg
Requested by
Host: syndication.twitter.com
URL: https://syndication.twitter.com/srv/timeline-profile/screen-name/PublinewsGT?dnt=false&embedId=twitter-widget-0&frame=false&lang=es&maxHeight=600&origin=https%3A%2F%2Fwww.publinews.gt%2Fgt%2F&sessionId=147a02f0d19ff09125b09e9c7a4d047b596aa85a&showHeader=true&showReplies=false&siteScreenName=PublinewsGT&widgetsVersion=31f0cdc1eaa0f%3A1660602114609
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42:41::159 Vienna, Austria, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
3f2974438a69463a4f473185623d3eccb715ceb3f02b8882daed5bb9758cf741
Security Headers
Name Value
Strict-Transport-Security max-age=631138519
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://syndication.twitter.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

strict-transport-security
max-age=631138519
x-content-type-options
nosniff
last-modified
Wed, 31 Aug 2022 15:40:37 GMT
date
Wed, 31 Aug 2022 16:16:24 GMT
x-tw-cdn
FT
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
max-age=604800, must-revalidate
x-cache
HIT, MISS
server-timing
x-cache;desc=MISS, x-tw-cdn;desc=FT
accept-ranges
bytes
timing-allow-origin
https://twitter.com, https://mobile.twitter.com
content-length
17246
x-served-by
cache-lhr7375-LHR, cache-vie6369-VIE, cache-tw-ZZZ1
1f3a5.svg
abs-0.twimg.com/emoji/v2/svg/ Frame 9C56 		771 B
775 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://abs-0.twimg.com/emoji/v2/svg/1f3a5.svg
Requested by
Host: syndication.twitter.com
URL: https://syndication.twitter.com/srv/timeline-profile/screen-name/PublinewsGT?dnt=false&embedId=twitter-widget-0&frame=false&lang=es&maxHeight=600&origin=https%3A%2F%2Fwww.publinews.gt%2Fgt%2F&sessionId=147a02f0d19ff09125b09e9c7a4d047b596aa85a&showHeader=true&showReplies=false&siteScreenName=PublinewsGT&widgetsVersion=31f0cdc1eaa0f%3A1660602114609
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.244.43.131 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
a6841d2c4a12ed948dd6c51720e62a032135ccd7f50cc17b7d8d37b20f43c2cb
Security Headers
Name Value
Strict-Transport-Security max-age=631138519
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://syndication.twitter.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

strict-transport-security
max-age=631138519
content-encoding
gzip
x-content-type-options
nosniff
x-cache
HIT, HIT
server-timing
x-cache;desc=HIT, x-tw-cdn;desc=FT
content-length
420
etag
"czoNuUs5Cy/V2odAgoWgeQ=="
x-served-by
cache-fty21375-FTY, cache-hhn4031-HHN
last-modified
Mon, 17 Sep 2018 19:14:56 GMT
date
Wed, 31 Aug 2022 16:16:24 GMT
vary
Accept-Encoding
x-tw-cdn
FT
content-type
image/svg+xml
access-control-allow-origin
*
accept-ranges
bytes
timing-allow-origin
https://twitter.com, https://mobile.twitter.com
expires
Fri, 28 Oct 2022 07:47:34 GMT
1f91d-1f3fb.svg
abs-0.twimg.com/emoji/v2/svg/ Frame 9C56 		3 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://abs-0.twimg.com/emoji/v2/svg/1f91d-1f3fb.svg
Requested by
Host: syndication.twitter.com
URL: https://syndication.twitter.com/srv/timeline-profile/screen-name/PublinewsGT?dnt=false&embedId=twitter-widget-0&frame=false&lang=es&maxHeight=600&origin=https%3A%2F%2Fwww.publinews.gt%2Fgt%2F&sessionId=147a02f0d19ff09125b09e9c7a4d047b596aa85a&showHeader=true&showReplies=false&siteScreenName=PublinewsGT&widgetsVersion=31f0cdc1eaa0f%3A1660602114609
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.244.43.131 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
048dc69d73f3ad0096a139da264b1aef01ec8b90b877d6e6515d08b14054bd53
Security Headers
Name Value
Strict-Transport-Security max-age=631138519
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://syndication.twitter.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

strict-transport-security
max-age=631138519
content-encoding
gzip
x-content-type-options
nosniff
x-cache
HIT, HIT
server-timing
x-cache;desc=HIT, x-tw-cdn;desc=FT
content-length
1154
etag
"c0Xe440wLKf4cdOClHmJTQ=="
x-served-by
cache-fty21364-FTY, cache-hhn4031-HHN
last-modified
Tue, 08 Mar 2022 20:11:22 GMT
date
Wed, 31 Aug 2022 16:16:24 GMT
vary
Accept-Encoding
x-tw-cdn
FT
content-type
image/svg+xml
access-control-allow-origin
*
accept-ranges
bytes
timing-allow-origin
https://twitter.com, https://mobile.twitter.com
expires
Thu, 16 Mar 2023 07:09:52 GMT
1f535.svg
abs-0.twimg.com/emoji/v2/svg/ Frame 9C56 		113 B
314 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://abs-0.twimg.com/emoji/v2/svg/1f535.svg
Requested by
Host: syndication.twitter.com
URL: https://syndication.twitter.com/srv/timeline-profile/screen-name/PublinewsGT?dnt=false&embedId=twitter-widget-0&frame=false&lang=es&maxHeight=600&origin=https%3A%2F%2Fwww.publinews.gt%2Fgt%2F&sessionId=147a02f0d19ff09125b09e9c7a4d047b596aa85a&showHeader=true&showReplies=false&siteScreenName=PublinewsGT&widgetsVersion=31f0cdc1eaa0f%3A1660602114609
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.244.43.131 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
b44a2fe208e998b56df46211e07ab012140f047e0b0621ab6b4f17ba434bfca5
Security Headers
Name Value
Strict-Transport-Security max-age=631138519
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://syndication.twitter.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

strict-transport-security
max-age=631138519
content-encoding
gzip
x-content-type-options
nosniff
x-cache
HIT, HIT
timing-server-allow
https://twitter.com;https://mobile.twitter.com
server-timing
x-cache;desc=HIT, x-tw-cdn;desc=FT
content-length
125
x-served-by
cache-fty21380-FTY, cache-hhn4031-HHN
last-modified
Wed, 21 Feb 2018 22:31:06 GMT
etag
"NfzlnF0XpW1pw949iGTtIg=="
vary
Accept-Encoding
x-tw-cdn
FT
content-type
image/svg+xml
access-control-allow-origin
*
accept-ranges
bytes
date
Wed, 31 Aug 2022 16:16:24 GMT
expires
Thu, 03 Mar 2022 11:09:06 GMT
1f6b4-1f3fb-200d-2640-fe0f.svg
abs-0.twimg.com/emoji/v2/svg/ Frame 9C56 		3 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://abs-0.twimg.com/emoji/v2/svg/1f6b4-1f3fb-200d-2640-fe0f.svg
Requested by
Host: syndication.twitter.com
URL: https://syndication.twitter.com/srv/timeline-profile/screen-name/PublinewsGT?dnt=false&embedId=twitter-widget-0&frame=false&lang=es&maxHeight=600&origin=https%3A%2F%2Fwww.publinews.gt%2Fgt%2F&sessionId=147a02f0d19ff09125b09e9c7a4d047b596aa85a&showHeader=true&showReplies=false&siteScreenName=PublinewsGT&widgetsVersion=31f0cdc1eaa0f%3A1660602114609
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.244.43.131 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
21b3ea6a2f91609c3767f12b0d1f70f7c8c9939f346e777733edaa8b0891a072
Security Headers
Name Value
Strict-Transport-Security max-age=631138519
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://syndication.twitter.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

strict-transport-security
max-age=631138519
content-encoding
gzip
x-content-type-options
nosniff
x-cache
HIT, HIT
server-timing
x-cache;desc=HIT, x-tw-cdn;desc=FT
content-length
1394
etag
"uqkwe0F1cdsROBuMZIaS+A=="
x-served-by
cache-fty21343-FTY, cache-hhn4031-HHN
last-modified
Wed, 19 Jun 2019 23:22:04 GMT
date
Wed, 31 Aug 2022 16:16:24 GMT
vary
Accept-Encoding
x-tw-cdn
FT
content-type
image/svg+xml
access-control-allow-origin
*
accept-ranges
bytes
timing-allow-origin
https://twitter.com, https://mobile.twitter.com
expires
Wed, 09 Aug 2023 06:55:17 GMT
1f6b4-1f3fb-200d-2642-fe0f.svg
abs-0.twimg.com/emoji/v2/svg/ Frame 9C56 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://abs-0.twimg.com/emoji/v2/svg/1f6b4-1f3fb-200d-2642-fe0f.svg
Requested by
Host: syndication.twitter.com
URL: https://syndication.twitter.com/srv/timeline-profile/screen-name/PublinewsGT?dnt=false&embedId=twitter-widget-0&frame=false&lang=es&maxHeight=600&origin=https%3A%2F%2Fwww.publinews.gt%2Fgt%2F&sessionId=147a02f0d19ff09125b09e9c7a4d047b596aa85a&showHeader=true&showReplies=false&siteScreenName=PublinewsGT&widgetsVersion=31f0cdc1eaa0f%3A1660602114609
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.244.43.131 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
b2831cb9703dae3b9d18ab76276a67a65de573cc498aeddaf085942f0d96c18c
Security Headers
Name Value
Strict-Transport-Security max-age=631138519
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://syndication.twitter.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

strict-transport-security
max-age=631138519
content-encoding
gzip
x-content-type-options
nosniff
x-cache
HIT, HIT
server-timing
x-cache;desc=HIT, x-tw-cdn;desc=FT
content-length
1208
etag
"sIb2rTy6Hpty5P3amZledA=="
x-served-by
cache-fty21348-FTY, cache-hhn4031-HHN
last-modified
Wed, 21 Feb 2018 22:31:12 GMT
date
Wed, 31 Aug 2022 16:16:24 GMT
vary
Accept-Encoding
x-tw-cdn
FT
content-type
image/svg+xml
access-control-allow-origin
*
accept-ranges
bytes
timing-allow-origin
https://twitter.com, https://mobile.twitter.com
expires
Thu, 17 Aug 2023 10:07:38 GMT
1f6b4-1f3fb.svg
abs-0.twimg.com/emoji/v2/svg/ Frame 9C56 		3 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://abs-0.twimg.com/emoji/v2/svg/1f6b4-1f3fb.svg
Requested by
Host: syndication.twitter.com
URL: https://syndication.twitter.com/srv/timeline-profile/screen-name/PublinewsGT?dnt=false&embedId=twitter-widget-0&frame=false&lang=es&maxHeight=600&origin=https%3A%2F%2Fwww.publinews.gt%2Fgt%2F&sessionId=147a02f0d19ff09125b09e9c7a4d047b596aa85a&showHeader=true&showReplies=false&siteScreenName=PublinewsGT&widgetsVersion=31f0cdc1eaa0f%3A1660602114609
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.244.43.131 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
300fc9cbe06e256f2244ebfdbde4beee7736091b392f6ba791e39a1026a13e0b
Security Headers
Name Value
Strict-Transport-Security max-age=631138519
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://syndication.twitter.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

strict-transport-security
max-age=631138519
content-encoding
gzip
x-content-type-options
nosniff
x-cache
HIT, HIT
server-timing
x-cache;desc=HIT, x-tw-cdn;desc=FT
content-length
1329
etag
"eBCr2yPLO8ei/7U6E9yPgw=="
x-served-by
cache-fty21360-FTY, cache-hhn4031-HHN
last-modified
Thu, 31 Oct 2019 20:41:51 GMT
date
Wed, 31 Aug 2022 16:16:24 GMT
vary
Accept-Encoding
x-tw-cdn
FT
content-type
image/svg+xml
access-control-allow-origin
*
accept-ranges
bytes
timing-allow-origin
https://twitter.com, https://mobile.twitter.com
expires
Thu, 27 Jul 2023 22:25:14 GMT
jot
syndication.twitter.com/i/ Frame 9C56 		43 B
126 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://syndication.twitter.com/i/jot?l=%7B%22_category_%22%3A%22tfw_client_event%22%2C%22triggered_on%22%3A1661962584699%2C%22event_namespace%22%3A%7B%22action%22%3A%22results%22%2C%22client%22%3A%22tfw%22%2C%22page%22%3A%22timeline-profile%22%2C%22section%22%3A%22main%22%7D%2C%22context%22%3A%22horizon%22%2C%22client_version%22%3A%2231f0cdc1eaa0f%3A1660602114609%22%2C%22dnt%22%3Afalse%2C%22widget_id%22%3A%22twitter-widget-0%22%2C%22widget_origin%22%3A%22https%3A%2F%2Fwww.publinews.gt%2Fgt%2F%22%2C%22widget_frame%22%3A%22false%22%2C%22widget_partner%22%3A%22%22%2C%22widget_site_screen_name%22%3A%22PublinewsGT%22%2C%22widget_site_user_id%22%3A%22%22%2C%22widget_creator_screen_name%22%3A%22%22%2C%22widget_creator_user_id%22%3A%22%22%2C%22widget_iframe_version%22%3A%2231005a7%3A1660755999885%22%2C%22widget_data_source%22%3A%22screen-name%3APublinewsGT%22%7D&session_id=147a02f0d19ff09125b09e9c7a4d047b596aa85a
Requested by
Host: syndication.twitter.com
URL: https://syndication.twitter.com/srv/timeline-profile/screen-name/PublinewsGT?dnt=false&embedId=twitter-widget-0&frame=false&lang=es&maxHeight=600&origin=https%3A%2F%2Fwww.publinews.gt%2Fgt%2F&sessionId=147a02f0d19ff09125b09e9c7a4d047b596aa85a&showHeader=true&showReplies=false&siteScreenName=PublinewsGT&widgetsVersion=31f0cdc1eaa0f%3A1660602114609
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.244.42.136 , United States, ASN13414 (TWITTER, US),
Reverse DNS
Software
tsa_o /
Resource Hash
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
Security Headers
Name Value
Strict-Transport-Security max-age=631138519

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://syndication.twitter.com/srv/timeline-profile/screen-name/PublinewsGT?dnt=false&embedId=twitter-widget-0&frame=false&lang=es&maxHeight=600&origin=https%3A%2F%2Fwww.publinews.gt%2Fgt%2F&sessionId=147a02f0d19ff09125b09e9c7a4d047b596aa85a&showHeader=true&showReplies=false&siteScreenName=PublinewsGT&widgetsVersion=31f0cdc1eaa0f%3A1660602114609
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

x-response-time
109
date
Wed, 31 Aug 2022 16:16:24 GMT
last-modified
Wed, 31 Aug 2022 16:16:24 GMT
server
tsa_o
vary
Origin
content-type
image/gif
cache-control
must-revalidate, max-age=600
x-connection-hash
2f259f94a17e2ea9dbe19c47c0803ce3c3dbd00f780d177cf6f50e55a674a06c
strict-transport-security
max-age=631138519
content-length
43
pwt.js
ads.pubmatic.com/AdServer/js/pwt/161774/6973/ Frame F4DF 		208 KB
64 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/pwt/161774/6973/pwt.js
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5d31fb2628a06116ff22aef3
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.21.184.200 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-21-184-200.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
568efc96387466861d25131636346187542ea3924ee342be4bf3e40dfcb11a73

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.publinews.gt/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Wed, 31 Aug 2022 16:16:24 GMT
content-encoding
gzip
last-modified
Wed, 01 Jun 2022 17:42:40 GMT
server
Apache
etag
"198200e-33efe-5e0666a75f342"
vary
Accept-Encoding
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
max-age=120447
accept-ranges
bytes
content-type
text/javascript
content-length
64989
expires
Fri, 02 Sep 2022 01:43:51 GMT
pixel
ap.lijit.com/ Frame 30E7 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://ap.lijit.com/pixel?us_privacy=1---&gdpr=1&gdpr_consent=&redir=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1661962584249-915558184916-007205-002-006677%26biddername%3D18%26key%3D%24UID
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5d31fb2628a06116ff22aef3
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
216.52.2.30 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://www.publinews.gt/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
X-Requested-With, Content-Type
access-control-allow-methods
GET, POST, DELETE, PUT
access-control-allow-origin
*
date
Wed, 31 Aug 2022 16:16:24 GMT
pod
X-Sovrn-Pod: ad_ap6ams1
cookiesyncendpoint
sync.aniview.com/ Frame 58AA
Redirect Chain
  • https://sync.1rx.io/usersync2/rmpssp?sub=aniview&gdpr=1&gdpr_pd=0&gdpr_consent=&redir=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1661962584249-915558184916-007205-002-006677%26bid...
  • https://sync.aniview.com/cookiesyncendpoint?auid=1661962584249-915558184916-007205-002-006677&biddername=200&key=OPTOUT
0
200 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.aniview.com/cookiesyncendpoint?auid=1661962584249-915558184916-007205-002-006677&biddername=200&key=OPTOUT
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5d31fb2628a06116ff22aef3
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.208.23.128 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-208-23-128.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.publinews.gt/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

content-length
0
date
Wed, 31 Aug 2022 16:16:25 GMT

Redirect headers

cache-control
no-store, no-cache, must-revalidate
content-type
text/html
date
Wed, 31 Aug 2022 16:16:24 GMT
etag
OPTOUT
expires
0
location
https://sync.aniview.com/cookiesyncendpoint?auid=1661962584249-915558184916-007205-002-006677&biddername=200&key=OPTOUT
pragma
no-cache
cookiesyncendpoint
sync.aniview.com/ Frame CDD9
Redirect Chain
  • https://ad.360yield.com/server_match?partner_id=1581&r=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1661962584249-915558184916-007205-002-006677%26biddername%3D22%26key%3D%7BPUB_USE...
  • https://ad.360yield.com/ul_cb/server_match?partner_id=1581&r=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1661962584249-915558184916-007205-002-006677%26biddername%3D22%26key%3D%7BP...
  • https://sync.aniview.com/cookiesyncendpoint?auid=1661962584249-915558184916-007205-002-006677&biddername=22&key=6585fe84-1325-496b-b805-3da3a97c944c
0
37 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.aniview.com/cookiesyncendpoint?auid=1661962584249-915558184916-007205-002-006677&biddername=22&key=6585fe84-1325-496b-b805-3da3a97c944c
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5d31fb2628a06116ff22aef3
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.208.23.128 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-208-23-128.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.publinews.gt/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

content-length
0
date
Wed, 31 Aug 2022 16:16:25 GMT

Redirect headers

access-control-allow-origin
*
content-length
0
content-type
text/plain
date
Wed, 31 Aug 2022 16:16:24 GMT
location
https://sync.aniview.com/cookiesyncendpoint?auid=1661962584249-915558184916-007205-002-006677&biddername=22&key=6585fe84-1325-496b-b805-3da3a97c944c
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cookiesyncendpoint
sync.aniview.com/ Frame D8FA
Redirect Chain
  • https://csync.loopme.me/?redirect=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1661962584249-915558184916-007205-002-006677%26biddername%3D56%26pid%3D59c9148628a0612da3689288%26key%...
  • https://sync.aniview.com/cookiesyncendpoint?auid=1661962584249-915558184916-007205-002-006677&biddername=56&pid=59c9148628a0612da3689288&key=8054a25d-7ff0-4918-b275-d01f1afe9208
0
37 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.aniview.com/cookiesyncendpoint?auid=1661962584249-915558184916-007205-002-006677&biddername=56&pid=59c9148628a0612da3689288&key=8054a25d-7ff0-4918-b275-d01f1afe9208
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5d31fb2628a06116ff22aef3
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.208.23.128 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-208-23-128.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.publinews.gt/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

content-length
0
date
Wed, 31 Aug 2022 16:16:25 GMT

Redirect headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
7437120bcad1926d-FRA
content-length
0
date
Wed, 31 Aug 2022 16:16:24 GMT
location
https://sync.aniview.com/cookiesyncendpoint?auid=1661962584249-915558184916-007205-002-006677&biddername=56&pid=59c9148628a0612da3689288&key=8054a25d-7ff0-4918-b275-d01f1afe9208
server
cloudflare
cookiesyncendpoint
sync.aniview.com/ Frame E828
Redirect Chain
  • https://bh.contextweb.com/bh/rtset?pid=562704&ev=1&us_privacy=${us_privacy}&rurl=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1661962584249-915558184916-007205-002-006677%26bidderna...
  • https://sync.aniview.com/cookiesyncendpoint?auid=1661962584249-915558184916-007205-002-006677&biddername=10&pid=59c9148628a0612da3689288&key=Z6T4uN2keg3N&ev=1&us_privacy=${us_privacy}&pid=562704
0
37 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.aniview.com/cookiesyncendpoint?auid=1661962584249-915558184916-007205-002-006677&biddername=10&pid=59c9148628a0612da3689288&key=Z6T4uN2keg3N&ev=1&us_privacy=${us_privacy}&pid=562704
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5d31fb2628a06116ff22aef3
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.208.23.128 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-208-23-128.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.publinews.gt/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

content-length
0
date
Wed, 31 Aug 2022 16:16:25 GMT

Redirect headers

cache-control
private, max-age=0, no-cache, no-store
content-language
de-DE
cw-server
bh-deployment-dd6bdcf45-2j4qm
expires
-1
location
https://sync.aniview.com/cookiesyncendpoint?auid=1661962584249-915558184916-007205-002-006677&biddername=10&pid=59c9148628a0612da3689288&key=Z6T4uN2keg3N&ev=1&us_privacy=${us_privacy}&pid=562704
p3p
policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
server
Jetty(9.4.14.v20181114)
strict-transport-security
max-age=15768000
cm
u.openx.net/w/1.0/ Frame 81A9 		43 B
304 B 		Document
General
Check archive.org
Download Go to
Full URL
https://u.openx.net/w/1.0/cm?id=ec4c2ec9-18b8-454e-98be-3ee1e6bfea65&gdpr=1&gdpr_consent=&r=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1661962584249-915558184916-007205-002-006677%26biddername%3D23%26key%3D
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5d31fb2628a06116ff22aef3
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
e963e7196beb9123059ec3534b042ebcd1ef0a470fa568bfbebfeab2f33c4fda

Request headers

Referer
https://www.publinews.gt/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=0, no-cache
content-encoding
gzip
content-length
56
content-type
text/html
date
Wed, 31 Aug 2022 16:16:24 GMT
expires
Mon, 26 Jul 1997 05:00:00 GMT
p3p
CP="CUR ADM OUR NOR STA NID"
pragma
no-cache
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
via
1.1 google
avpb6.27.0.js
player.aniview.com/script/6.1/libs/prebid/ Frame F4DF 		178 KB
54 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://player.aniview.com/script/6.1/libs/prebid/avpb6.27.0.js
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5d31fb2628a06116ff22aef3
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2a02:26f0:3500:595::2c79 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
UploadServer /
Resource Hash
3c94d07090acdd3c44fa5f23a2c957c961c7413129f068acecf17f1402102c4d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.publinews.gt/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Wed, 31 Aug 2022 16:16:24 GMT
content-encoding
gzip
x-guploader-uploadid
ADPycdvKvmWiVVXqMOFMSLysgndQnGEPDx0nqD6Zcajt4xV4bEb04CJXMqNHUIs2942eutasnP2Bj9JZdFOkzhuVmtgALSFXnhsL
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
content-length
54791
last-modified
Tue, 30 Aug 2022 07:41:06 GMT
server
UploadServer
etag
"f119bcda7895dcafdf1afb9e057db96a"
vary
Accept-Encoding
x-goog-hash
crc32c=g/uFjQ==, md5=8Rm82niV3K/fGvueBX25ag==
x-goog-generation
1661845265993220
access-control-allow-origin
*
access-control-expose-headers
Content-Type
cache-control
public, max-age=300
x-goog-stored-content-length
54791
accept-ranges
bytes
content-type
application/javascript
expires
Wed, 31 Aug 2022 16:21:24 GMT
avpb6.27.0a0.js
player.aniview.com/script/6.1/libs/prebid/ Frame F4DF 		73 KB
25 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://player.aniview.com/script/6.1/libs/prebid/avpb6.27.0a0.js
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5d31fb2628a06116ff22aef3
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2a02:26f0:3500:595::2c79 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
UploadServer /
Resource Hash
57a18b6c18cc1cb382fc80abd6302ee9c092d472b15d257fd911d942e6def986

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.publinews.gt/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Wed, 31 Aug 2022 16:16:24 GMT
content-encoding
gzip
x-guploader-uploadid
ADPycdtYvuvgdH0dvr3lYthE4-z56WhdGsx3Lhx58OIb-kR1-FhmFa_o7Tky_VENmRGteyhQR7-NSeDeZM9e-G9kxC9J3h43ums2
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
content-length
24663
last-modified
Tue, 30 Aug 2022 07:41:06 GMT
server
UploadServer
etag
"d58c8aa0ae95a47cd8d2b96d1378a627"
vary
Accept-Encoding
x-goog-hash
crc32c=zBdP+A==, md5=1YyKoK6VpHzY0rltE3imJw==
x-goog-generation
1661845266160999
access-control-allow-origin
*
access-control-expose-headers
Content-Type
cache-control
public, max-age=300
x-goog-stored-content-length
24663
accept-ranges
bytes
content-type
application/javascript
expires
Wed, 31 Aug 2022 16:21:24 GMT
avpb6.27.0a1.js
player.aniview.com/script/6.1/libs/prebid/ Frame F4DF 		71 KB
22 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://player.aniview.com/script/6.1/libs/prebid/avpb6.27.0a1.js
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5d31fb2628a06116ff22aef3
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2a02:26f0:3500:595::2c79 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
UploadServer /
Resource Hash
9ff07ed2c891ed887a0e9eb61461ca9c00277a27fd98d73e40d60b91b2eb86f0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.publinews.gt/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Wed, 31 Aug 2022 16:16:24 GMT
content-encoding
gzip
x-guploader-uploadid
ADPycdurohrl6uDs0_vddVf0UC67b2ByCU3sLBDWKIQzXDaZzT3JRf128I5yVA0gf9FSYAxo08WoIKuacg_hqwq_mL5Mjg
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
content-length
22126
last-modified
Tue, 30 Aug 2022 07:41:06 GMT
server
UploadServer
etag
"5c353f7870f0b95d052916a0d375be59"
vary
Accept-Encoding
x-goog-hash
crc32c=xmKZqQ==, md5=XDU/eHDwuV0FKRag03W+WQ==
x-goog-generation
1661845266168810
access-control-allow-origin
*
access-control-expose-headers
Content-Type
cache-control
public, max-age=300
x-goog-stored-content-length
22126
accept-ranges
bytes
content-type
application/javascript
expires
Wed, 31 Aug 2022 16:21:24 GMT
avpb6.27.0a3.js
player.aniview.com/script/6.1/libs/prebid/ Frame F4DF 		66 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://player.aniview.com/script/6.1/libs/prebid/avpb6.27.0a3.js
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5d31fb2628a06116ff22aef3
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2a02:26f0:3500:595::2c79 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
UploadServer /
Resource Hash
737ecccfd5058eeb7a46e5ea9616822be78a60668342b22f2fcfae3130f7d8c1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.publinews.gt/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Wed, 31 Aug 2022 16:16:24 GMT
content-encoding
gzip
x-guploader-uploadid
ADPycdv3uiVaM4yh7eB2c3bRObq1_Y7lUF0NYkfM1QG0ESzbxhYqneFkcZuWyPt9wG6JIW0x2G2uLoI0TwKLe7duHYDT8w
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
content-length
20155
last-modified
Tue, 30 Aug 2022 07:41:06 GMT
server
UploadServer
etag
"395e7c9c54f101472de0d326d39eee5e"
vary
Accept-Encoding
x-goog-hash
crc32c=MDfEzg==, md5=OV58nFTxAUct4NMm057uXg==
x-goog-generation
1661845266183553
access-control-allow-origin
*
access-control-expose-headers
Content-Type
cache-control
public, max-age=300
x-goog-stored-content-length
20155
accept-ranges
bytes
content-type
application/javascript
expires
Wed, 31 Aug 2022 16:21:24 GMT
vast.xml
optimized-by.rubiconproject.com/a/api/
Redirect Chain
  • https://video-ads.rubiconproject.com/video/12948/312596/1590248/201/vast.xml?tg_c.language=es&rp_schain=1.0,1!latinon.com,2087,1,,,
  • https://optimized-by.rubiconproject.com/a/api/vast.xml?account_id=12948&site_id=312596&zone_id=1590248&size_id=201&tg_c.language=es&rp_schain=1.0%2C1%21latinon.com%2C2087%2C1%2C%2C%2C&p_aso.video.a...
28 B
669 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://optimized-by.rubiconproject.com/a/api/vast.xml?account_id=12948&site_id=312596&zone_id=1590248&size_id=201&tg_c.language=es&rp_schain=1.0%2C1%21latinon.com%2C2087%2C1%2C%2C%2C&p_aso.video.api=2&p_aso.video.mimes=application%2Fjavascript%2Cvideo%2Fmp4&tk_vpaid=1&cb=28529542.232179
Requested by
Host: www.publinews.gt
URL: https://www.publinews.gt/gt/
Protocol
H2
Server
18.158.81.117 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-158-81-117.eu-central-1.compute.amazonaws.com
Software
nginx/1.21.4 /
Resource Hash
a8fb181a797b4e48bb5d239ab5030f33ed65ebf339e38a5131ce966331226cef

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.publinews.gt/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 31 Aug 2022 16:16:25 GMT
server
nginx/1.21.4
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
p3p
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
access-control-allow-origin
null
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-type
application/xml
content-length
28
expires
Wed, 17 Sep 1975 21:32:10 GMT

Redirect headers

Date
Wed, 31 Aug 2022 16:16:24 GMT
Server
Apache/2.4.6 (CentOS) PHP/5.4.16
X-Powered-By
PHP/5.4.16
Location
https://optimized-by.rubiconproject.com/a/api/vast.xml?account_id=12948&site_id=312596&zone_id=1590248&size_id=201&tg_c.language=es&rp_schain=1.0%2C1%21latinon.com%2C2087%2C1%2C%2C%2C&p_aso.video.api=2&p_aso.video.mimes=application%2Fjavascript%2Cvideo%2Fmp4&tk_vpaid=1&cb=28529542.232179
Access-Control-Allow-Methods
POST, GET, PUT, OPTIONS, PATCH, DELETE
Content-Type
text/html; charset=UTF-8
Access-Control-Allow-Origin
https://www.publinews.gt
Access-Control-Allow-Credentials
true
Connection
keep-alive
Access-Control-Allow-Headers
X-Accept-Charset,X-Accept,Content-Type
Content-Length
0
/
onetag-sys.com/vast/57e618150c70d90/ 		479 B
692 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/vast/57e618150c70d90/?placement_id=190507835&placement_type=1&encoded_location_url=https%3A%2F%2Fwww.publinews.gt%2Fgt%2F&player_width=300&player_height=169&muted=1&autoplay=1&vpaid_supported=1&gdpr_consent_string=1&cbb=1962584793
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5d31fb2628a06116ff22aef3
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.38.120.206 , France, ASN16276 (OVH, FR),
Reverse DNS
ip206.ip-51-38-120.eu
Software
/
Resource Hash
d1395737dc86c70163a025aea31c989ccbc8c99dabb6a1d347b27c03d86e9846
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.publinews.gt/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

strict-transport-security
max-age=15552000
content-encoding
gzip
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
access-control-allow-origin
https://www.publinews.gt
cache-control
no-transform, no-cache
access-control-allow-credentials
true
content-type
application/xml;charset=UTF-8
access-control-allow-headers
content-type, origin, referer, user-agent
content-length
356
advast
ice.360yield.com/ 		27 B
243 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ice.360yield.com/advast?p=22556513&w=16&h=9&player_width=300&player_height=169&referrer=https%3A%2F%2Fwww.publinews.gt%2Fgt%2F&schain=1.0,1!latinon.com,2087,1,,,!aniview.com,5d31fb2628a06116ff22aef3,1,,,&us_privacy=1---&GDPR=&cbb=1962584793
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5d31fb2628a06116ff22aef3
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.77.56.172 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-77-56-172.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
a71702232a771b558b12f8c0012a15f5652b500fd2e33464d283406cee36754d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.publinews.gt/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

access-control-allow-origin
https://www.publinews.gt
date
Wed, 31 Aug 2022 16:16:24 GMT
access-control-allow-credentials
true
content-type
application/xml; charset=UTF-8
content-length
27
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
track
track1.aniview.com/ 		0
70 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://track1.aniview.com/track?d=Chrome&cou=DE&cos=Windows&r=www.publinews.gt&rs=www.publinews.gt&sid=70379&t=1661962584&cip=185.213.155.166&sn=&tgt=0&osv=10&bv=105.0&brn=Chrome&wi=300&he=169&app=&AV_PUBLISHERID=5d31fb2628a06116ff22aef3&test=&aafaid=&proto=https&uid=1661962584249-915558184916-007205-002-006677&cha=0.7&stagid=62a37b4eabc9f014c02c6f24&stplid=62a21cd2219bc9403f4ec8d5&d35=&d36=6.2.52&cb=48065694989&d39=&d65=&apppkg=&d9=1000&d37=realtime&AV_WIDTH=300&AV_HEIGHT=169&nid=5d31fb2628a06116ff22aef3&ncid=5f4452d76e685a1c474b9879&e=request&cb=1661962584795&asid=5e4aca1528a06178f4750a16%2C6250f5858cda5d14c60a666b%2C5e583b0828a06105212c3308%2C614b5d12cc8c9824961a92b1%2C61dcbe8785e4c27ffc7abdc4%2C621e56649c72bb64646a6007%2C62a105fbd99aaa52977a3ad6%2C62d065d4402db17fd24fd864%2C61929720db3611235a75f084%2C62696a383bb9733bf220f5f4&ofpr=%2C0.1%2C0.3%2C0.1%2C0.1%2C0.1%2C0.1%2C0.1%2C0.1%2C0.1&fpo=%2C%2C%2C%2C%2C%2C%2C%2C%2C
Requested by
Host: www.publinews.gt
URL: https://www.publinews.gt/gt/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.226.74.25 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-226-74-25.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.publinews.gt/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Wed, 31 Aug 2022 16:16:24 GMT
cache-control
max-age=0, no-cache, no-store
content-length
0
track
track1.aniview.com/ 		0
70 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://track1.aniview.com/track?d=Chrome&cou=DE&cos=Windows&r=www.publinews.gt&rs=www.publinews.gt&sid=70379&t=1661962584&cip=185.213.155.166&sn=&tgt=0&osv=10&bv=105.0&brn=Chrome&wi=300&he=169&app=&AV_PUBLISHERID=5d31fb2628a06116ff22aef3&test=&aafaid=&proto=https&uid=1661962584249-915558184916-007205-002-006677&cha=0.7&stagid=62a37b4eabc9f014c02c6f24&stplid=62a21cd2219bc9403f4ec8d5&d35=&d36=6.2.52&cb=48065694989&d39=&d65=&apppkg=&d9=1000&d37=realtime&AV_WIDTH=300&AV_HEIGHT=169&&copid=5d31fb2628a06116ff22aef3&nid=59c9148628a0612da3689288&cocid=5f4452d76e685a1c474b9879&ncid=5db803de28a061465a6e2f41&coasid=5db8052928a061555326a05e&e=request&cb=1661962584795&asid=6144aa230cebf5605a7f98ce%2C6132225956a60e6ea97d89b8%2C5f4ba7502216727dc61b2e90%2C5f4ba70bf46e4d6c61511abc&ofpr=%2C%2C0.5%2C0.65&fpo=%2C%2C%2C
Requested by
Host: www.publinews.gt
URL: https://www.publinews.gt/gt/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.226.74.25 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-226-74-25.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.publinews.gt/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Wed, 31 Aug 2022 16:16:24 GMT
cache-control
max-age=0, no-cache, no-store
content-length
0
rar
as.ad4m.at/ad/ Frame 16F5 		11 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://as.ad4m.at/ad/rar?a=14019%2C183975%2C14044&b=Rx6fgfQfZx7TkHwH3tQtdWgf9SzTmqbF7%2Ce7RC3fVfrkRMajHZHet1t4jXTwSQTx8Ja1%2CXxVfzfrfqw7U6H4HetqtxD7UQSkTXKPfJ&f=Qxef4fjfbV7txH5HYt9CZekh6S4T5qBcV%2CDjeT3fwfGA3rF3HmH9twCZ3kTxSmTk8rFV%2Ce7RC3fVfxBVcjHZHet2CeW3swSQTx8Ja1&c=300&d=250&e=&g=8510404f2dc1b2020e3829f2b1854606%2F9244079190627054995&i=21596%2C20597%2C25007&j=16%2C21%2C16&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&r=1661962584354&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1jjzb52rqscb4zwhmk39htfm5z4yy77fqdkx5ckkd0z5mq3r9n7y9qq5h49hb6ja5h4hnk00wv75ksrgn27bdb73s3bg53v38b7z9x7a1430gpfkgfb0m2mq75n0xx9vy35hrcpsm596e5tx432vthe5xxe9zm21v061kx65hj8p35dg9p4vpjj3e8bn2t6p5esr4nfc7ct3djhwacse32a9njh3sss5x6wzz26z2bcn76b4ermpgrptg91sr5kp25nq86r252bz0%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DC8cfAV4kPY9jADqqMx_AP2bS1oASQ4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi00OTIyOTU0Mzk0NTg0NjY1oAHCrujdA8gBCakCi8n6AZ_KsD7gAgCoAwGqBJQCT9AiQxi8xUFH8psh-I_uWJSRwHzXA7V1KgJbQ7UbRV_TYfAJySzttm_M--Pdahre2QrXBbdSdaLOUmzeaL2Ca7PznMCXInEURnvBid9EGdace6OpLRIo1CDoruGOF7QAHojTGqIOlretTXYMv1aQIo0Nre1wNTWA1tgYboYKTUBSdPKEOgU2wL4pWrFoYYbcLjZrpxeEj5-4CNSC6L8yN3phxkdDYSmjU4NkfL1BbQGfcMwLX-xu-jueX2bs3oDfPtI4WB459WvUPGW1V6C2R4DAvXItlAfJZyqGDXxROL69YKA5POD346r1v4Q9RF3mon-39c_2CZZIxpRT7DtHg6PnOHKrRZ0HbabSCkoGHHkadWfj4AQBgAbxur7BzIOftfwBoAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_20siNFLgsAMdtpW4dXNdS0tC44eg%2526client%253Dca-pub-4922954394584665%2526adurl%253D&y=1&s=&z=0
Requested by
Host: ad4m.at
URL: https://ad4m.at/fxpcopuw.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
29790a5c3d2243631b1c9b4a39f968782c7a8f69bd8edd6e39821a3c23070398
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri *;child-src *;connect-src *;default-src 'self';font-src *;form-action 'none';frame-ancestors * data:;frame-src *;img-src * data:;manifest-src 'none';media-src 'none';navigate-to *;object-src 'none';prefetch-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
Strict-Transport-Security max-age=86400; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://as.ad4m.at/ad/dr?ed=1g0v40230c0n8d1564xeqdx28h7z65jw06mhnsbccs7hwzena23ft2p0mhtempw42sxmyrh3cnjkzbse9rq8rn2qda1rdsw9jdjrvw3ya09sd32h71aycevk8b9g11y55vx5f5qb62nbwx13y66q7p3w3b32ny1w74tq5jwcafvrk4015v33n6ct409ypbngvhf2sgns9q3g5bjadzcq975q4cj3qw9p4h12mqxqw4qs9qm0kzn182v62pk9thv37k01b8mbhbtcg5b97bkt7stgmpyjtwwrbeewsrrx084e88g5yzvt4a6fc4vk6706qdszm8cp5a0gsxqd8j67nsz7jr07ytve2g08s57cn73sacs356q4ws4wktm26262xj4srkessc2ww3hx2f1avrvf1d742skdq0&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC8cfAV4kPY9jADqqMx_AP2bS1oASQ4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi00OTIyOTU0Mzk0NTg0NjY1oAHCrujdA8gBCakCi8n6AZ_KsD7gAgCoAwGqBJQCT9AiQxi8xUFH8psh-I_uWJSRwHzXA7V1KgJbQ7UbRV_TYfAJySzttm_M--Pdahre2QrXBbdSdaLOUmzeaL2Ca7PznMCXInEURnvBid9EGdace6OpLRIo1CDoruGOF7QAHojTGqIOlretTXYMv1aQIo0Nre1wNTWA1tgYboYKTUBSdPKEOgU2wL4pWrFoYYbcLjZrpxeEj5-4CNSC6L8yN3phxkdDYSmjU4NkfL1BbQGfcMwLX-xu-jueX2bs3oDfPtI4WB459WvUPGW1V6C2R4DAvXItlAfJZyqGDXxROL69YKA5POD346r1v4Q9RF3mon-39c_2CZZIxpRT7DtHg6PnOHKrRZ0HbabSCkoGHHkadWfj4AQBgAbxur7BzIOftfwBoAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_20siNFLgsAMdtpW4dXNdS0tC44eg%26client%3Dca-pub-4922954394584665%26adurl%3D
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate
cf-cache-status
DYNAMIC
cf-ray
7437120bcdcfbbb0-FRA
content-encoding
br
content-security-policy
block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri *;child-src *;connect-src *;default-src 'self';font-src *;form-action 'none';frame-ancestors * data:;frame-src *;img-src * data:;manifest-src 'none';media-src 'none';navigate-to *;object-src 'none';prefetch-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
unsafe-none
cross-origin-opener-policy
unsafe-none
cross-origin-resource-policy
cross-origin
date
Wed, 31 Aug 2022 16:16:24 GMT
expires
0
feature-policy
geolocation 'none';midi 'none';sync-xhr 'none';microphone 'none';camera 'none';magnetometer 'none';gyroscope 'none';fullscreen 'none';payment 'none';accelerometer 'none';usb 'none';autoplay 'self'
nel
{"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
pragma
no-cache
referrer-policy
same-origin
report-to
{"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
server
cloudflare
strict-transport-security
max-age=86400; includeSubDomains; preload
surrogate-control
no-store
vary
accept-encoding
via
1.1 google
x-content-type-options
nosniff
x-download-options
noopen
x-xss-protection
1; mode=block
fQ0Oq5VP_normal.jpg
pbs.twimg.com/profile_images/1364237200343392258/ Frame 9C56 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pbs.twimg.com/profile_images/1364237200343392258/fQ0Oq5VP_normal.jpg
Requested by
Host: syndication.twitter.com
URL: https://syndication.twitter.com/srv/timeline-profile/screen-name/PublinewsGT?dnt=false&embedId=twitter-widget-0&frame=false&lang=es&maxHeight=600&origin=https%3A%2F%2Fwww.publinews.gt%2Fgt%2F&sessionId=147a02f0d19ff09125b09e9c7a4d047b596aa85a&showHeader=true&showReplies=false&siteScreenName=PublinewsGT&widgetsVersion=31f0cdc1eaa0f%3A1660602114609
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42:41::159 Vienna, Austria, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
9d9ca589b914280e196d256a2ddc2ca3af11118b3fc9002f6323a568d3cfc0de
Security Headers
Name Value
Strict-Transport-Security max-age=631138519
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://syndication.twitter.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

strict-transport-security
max-age=631138519
x-content-type-options
nosniff
last-modified
Tue, 23 Feb 2021 15:32:29 GMT
date
Wed, 31 Aug 2022 16:16:24 GMT
x-tw-cdn
FT
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
max-age=604800, must-revalidate
x-cache
HIT, MISS
server-timing
x-cache;desc=MISS, x-tw-cdn;desc=FT
accept-ranges
bytes
timing-allow-origin
https://twitter.com, https://mobile.twitter.com
content-length
2263
x-served-by
cache-lhr7334-LHR, cache-vie6369-VIE, cache-tw-ZZZ1
FbgHYQKXkAEx1yu
pbs.twimg.com/media/ Frame 9C56 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pbs.twimg.com/media/FbgHYQKXkAEx1yu?format=jpg&name=120x120
Requested by
Host: syndication.twitter.com
URL: https://syndication.twitter.com/srv/timeline-profile/screen-name/PublinewsGT?dnt=false&embedId=twitter-widget-0&frame=false&lang=es&maxHeight=600&origin=https%3A%2F%2Fwww.publinews.gt%2Fgt%2F&sessionId=147a02f0d19ff09125b09e9c7a4d047b596aa85a&showHeader=true&showReplies=false&siteScreenName=PublinewsGT&widgetsVersion=31f0cdc1eaa0f%3A1660602114609
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42:41::159 Vienna, Austria, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
cfdd15102d492bf9584699c07b8eb89518a895701f104906993fcfad0c039487
Security Headers
Name Value
Strict-Transport-Security max-age=631138519
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://syndication.twitter.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

strict-transport-security
max-age=631138519
x-content-type-options
nosniff
last-modified
Wed, 31 Aug 2022 16:07:52 GMT
date
Wed, 31 Aug 2022 16:16:25 GMT
x-tw-cdn
FT
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
max-age=604800, must-revalidate
x-cache
MISS, MISS
server-timing
x-cache;desc=MISS, x-tw-cdn;desc=FT
accept-ranges
bytes
timing-allow-origin
https://twitter.com, https://mobile.twitter.com
content-length
3669
x-served-by
cache-lhr7328-LHR, cache-vie6369-VIE, cache-tw-ZZZ1
5WO8rYzz_normal.jpg
pbs.twimg.com/profile_images/1468801485173624832/ Frame 9C56 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pbs.twimg.com/profile_images/1468801485173624832/5WO8rYzz_normal.jpg
Requested by
Host: syndication.twitter.com
URL: https://syndication.twitter.com/srv/timeline-profile/screen-name/PublinewsGT?dnt=false&embedId=twitter-widget-0&frame=false&lang=es&maxHeight=600&origin=https%3A%2F%2Fwww.publinews.gt%2Fgt%2F&sessionId=147a02f0d19ff09125b09e9c7a4d047b596aa85a&showHeader=true&showReplies=false&siteScreenName=PublinewsGT&widgetsVersion=31f0cdc1eaa0f%3A1660602114609
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42:41::159 Vienna, Austria, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
8c63d262b420ac15948cdd4ec6763573dd783686323b8e965927aebc410b089a
Security Headers
Name Value
Strict-Transport-Security max-age=631138519
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://syndication.twitter.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

strict-transport-security
max-age=631138519
x-content-type-options
nosniff
last-modified
Thu, 09 Dec 2021 04:33:37 GMT
date
Wed, 31 Aug 2022 16:16:25 GMT
x-tw-cdn
FT
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
max-age=604800, must-revalidate
x-cache
HIT, HIT
server-timing
x-cache;desc=HIT, x-tw-cdn;desc=FT
accept-ranges
bytes
timing-allow-origin
https://twitter.com, https://mobile.twitter.com
content-length
2415
x-served-by
cache-lhr7365-LHR, cache-vie6369-VIE, cache-tw-ZZZ1
FbgHFk3XEAA3hu3
pbs.twimg.com/media/ Frame 9C56 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pbs.twimg.com/media/FbgHFk3XEAA3hu3?format=jpg&name=120x120
Requested by
Host: syndication.twitter.com
URL: https://syndication.twitter.com/srv/timeline-profile/screen-name/PublinewsGT?dnt=false&embedId=twitter-widget-0&frame=false&lang=es&maxHeight=600&origin=https%3A%2F%2Fwww.publinews.gt%2Fgt%2F&sessionId=147a02f0d19ff09125b09e9c7a4d047b596aa85a&showHeader=true&showReplies=false&siteScreenName=PublinewsGT&widgetsVersion=31f0cdc1eaa0f%3A1660602114609
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42:41::159 Vienna, Austria, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
f645cf00c4662b62086a57f5e100391fdb538db7487480552929801e5e0bed40
Security Headers
Name Value
Strict-Transport-Security max-age=631138519
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://syndication.twitter.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

strict-transport-security
max-age=631138519
x-content-type-options
nosniff
last-modified
Wed, 31 Aug 2022 16:06:36 GMT
date
Wed, 31 Aug 2022 16:16:25 GMT
x-tw-cdn
FT
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
max-age=604800, must-revalidate
x-cache
MISS, MISS
server-timing
x-cache;desc=MISS, x-tw-cdn;desc=FT
accept-ranges
bytes
timing-allow-origin
https://twitter.com, https://mobile.twitter.com
content-length
5839
x-served-by
cache-lhr7349-LHR, cache-vie6369-VIE, cache-tw-ZZZ1
JDgMG8OX_normal.jpg
pbs.twimg.com/profile_images/1524019508922486789/ Frame 9C56 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pbs.twimg.com/profile_images/1524019508922486789/JDgMG8OX_normal.jpg
Requested by
Host: syndication.twitter.com
URL: https://syndication.twitter.com/srv/timeline-profile/screen-name/PublinewsGT?dnt=false&embedId=twitter-widget-0&frame=false&lang=es&maxHeight=600&origin=https%3A%2F%2Fwww.publinews.gt%2Fgt%2F&sessionId=147a02f0d19ff09125b09e9c7a4d047b596aa85a&showHeader=true&showReplies=false&siteScreenName=PublinewsGT&widgetsVersion=31f0cdc1eaa0f%3A1660602114609
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42:41::159 Vienna, Austria, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
1baadc9204bcfe5d648f9a2181c2ea2f1795be70a9d8e863852ea8ce880084ac
Security Headers
Name Value
Strict-Transport-Security max-age=631138519
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://syndication.twitter.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

strict-transport-security
max-age=631138519
x-content-type-options
nosniff
last-modified
Tue, 10 May 2022 13:30:20 GMT
date
Wed, 31 Aug 2022 16:16:25 GMT
x-tw-cdn
FT
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
max-age=604800, must-revalidate
x-cache
HIT, HIT
server-timing
x-cache;desc=HIT, x-tw-cdn;desc=FT
accept-ranges
bytes
timing-allow-origin
https://twitter.com, https://mobile.twitter.com
content-length
2035
x-served-by
cache-lhr7344-LHR, cache-vie6369-VIE, cache-tw-ZZZ1
EMjplUO0
pbs.twimg.com/card_img/1565006518059028481/ Frame 9C56 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pbs.twimg.com/card_img/1565006518059028481/EMjplUO0?format=jpg&name=120x120
Requested by
Host: syndication.twitter.com
URL: https://syndication.twitter.com/srv/timeline-profile/screen-name/PublinewsGT?dnt=false&embedId=twitter-widget-0&frame=false&lang=es&maxHeight=600&origin=https%3A%2F%2Fwww.publinews.gt%2Fgt%2F&sessionId=147a02f0d19ff09125b09e9c7a4d047b596aa85a&showHeader=true&showReplies=false&siteScreenName=PublinewsGT&widgetsVersion=31f0cdc1eaa0f%3A1660602114609
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42:41::159 Vienna, Austria, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
1a6e4d2e32c765f09b7df419485600a75821cf5b703c6d66107cd27021fe6fba
Security Headers
Name Value
Strict-Transport-Security max-age=631138519
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://syndication.twitter.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

strict-transport-security
max-age=631138519
x-content-type-options
nosniff
last-modified
Wed, 31 Aug 2022 15:58:04 GMT
date
Wed, 31 Aug 2022 16:16:25 GMT
x-tw-cdn
FT
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
max-age=604800, must-revalidate
x-cache
MISS, MISS
server-timing
x-cache;desc=MISS, x-tw-cdn;desc=FT
accept-ranges
bytes
timing-allow-origin
https://twitter.com, https://mobile.twitter.com
content-length
4354
x-served-by
cache-lhr6620-LHR, cache-vie6369-VIE, cache-tw-ZZZ1
TjpU7hzI
pbs.twimg.com/card_img/1564693165260554247/ Frame 9C56 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pbs.twimg.com/card_img/1564693165260554247/TjpU7hzI?format=jpg&name=120x120
Requested by
Host: syndication.twitter.com
URL: https://syndication.twitter.com/srv/timeline-profile/screen-name/PublinewsGT?dnt=false&embedId=twitter-widget-0&frame=false&lang=es&maxHeight=600&origin=https%3A%2F%2Fwww.publinews.gt%2Fgt%2F&sessionId=147a02f0d19ff09125b09e9c7a4d047b596aa85a&showHeader=true&showReplies=false&siteScreenName=PublinewsGT&widgetsVersion=31f0cdc1eaa0f%3A1660602114609
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42:41::159 Vienna, Austria, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
698daf2a3566453c7b7229e3ddd0ba9c3ae6b381a8e1e3399e8ae79ea69412f9
Security Headers
Name Value
Strict-Transport-Security max-age=631138519
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://syndication.twitter.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

strict-transport-security
max-age=631138519
x-content-type-options
nosniff
last-modified
Tue, 30 Aug 2022 19:12:55 GMT
date
Wed, 31 Aug 2022 16:16:25 GMT
x-tw-cdn
FT
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
max-age=604800, must-revalidate
x-cache
HIT, MISS
server-timing
x-cache;desc=MISS, x-tw-cdn;desc=FT
accept-ranges
bytes
timing-allow-origin
https://twitter.com, https://mobile.twitter.com
content-length
4776
x-served-by
cache-lhr7358-LHR, cache-vie6369-VIE, cache-tw-ZZZ1
KUslRBBk
pbs.twimg.com/card_img/1564998955275939840/ Frame 9C56 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pbs.twimg.com/card_img/1564998955275939840/KUslRBBk?format=jpg&name=120x120
Requested by
Host: syndication.twitter.com
URL: https://syndication.twitter.com/srv/timeline-profile/screen-name/PublinewsGT?dnt=false&embedId=twitter-widget-0&frame=false&lang=es&maxHeight=600&origin=https%3A%2F%2Fwww.publinews.gt%2Fgt%2F&sessionId=147a02f0d19ff09125b09e9c7a4d047b596aa85a&showHeader=true&showReplies=false&siteScreenName=PublinewsGT&widgetsVersion=31f0cdc1eaa0f%3A1660602114609
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42:41::159 Vienna, Austria, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
03187f74e9a4ce55f6a7474ff78d6487d56293723726faca10245a3c9f30de06
Security Headers
Name Value
Strict-Transport-Security max-age=631138519
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://syndication.twitter.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

strict-transport-security
max-age=631138519
x-content-type-options
nosniff
last-modified
Wed, 31 Aug 2022 15:28:01 GMT
date
Wed, 31 Aug 2022 16:16:25 GMT
x-tw-cdn
FT
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
max-age=604800, must-revalidate
x-cache
HIT, MISS
server-timing
x-cache;desc=MISS, x-tw-cdn;desc=FT
accept-ranges
bytes
timing-allow-origin
https://twitter.com, https://mobile.twitter.com
content-length
4098
x-served-by
cache-lhr7325-LHR, cache-vie6369-VIE, cache-tw-ZZZ1
FbfzqTwXoAIYOuf
pbs.twimg.com/media/ Frame 9C56 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pbs.twimg.com/media/FbfzqTwXoAIYOuf?format=jpg&name=120x120
Requested by
Host: syndication.twitter.com
URL: https://syndication.twitter.com/srv/timeline-profile/screen-name/PublinewsGT?dnt=false&embedId=twitter-widget-0&frame=false&lang=es&maxHeight=600&origin=https%3A%2F%2Fwww.publinews.gt%2Fgt%2F&sessionId=147a02f0d19ff09125b09e9c7a4d047b596aa85a&showHeader=true&showReplies=false&siteScreenName=PublinewsGT&widgetsVersion=31f0cdc1eaa0f%3A1660602114609
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42:41::159 Vienna, Austria, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
cd44180ac100ad42b75db164501fcf9a6b8d66efa44c6aa654f9628b0bde0567
Security Headers
Name Value
Strict-Transport-Security max-age=631138519
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://syndication.twitter.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

strict-transport-security
max-age=631138519
x-content-type-options
nosniff
last-modified
Wed, 31 Aug 2022 14:41:43 GMT
date
Wed, 31 Aug 2022 16:16:25 GMT
x-tw-cdn
FT
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
max-age=604800, must-revalidate
x-cache
HIT, MISS
server-timing
x-cache;desc=MISS, x-tw-cdn;desc=FT
accept-ranges
bytes
timing-allow-origin
https://twitter.com, https://mobile.twitter.com
content-length
3819
x-served-by
cache-lhr7380-LHR, cache-vie6369-VIE, cache-tw-ZZZ1
FbfzqTuXEAAcDBc
pbs.twimg.com/media/ Frame 9C56 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pbs.twimg.com/media/FbfzqTuXEAAcDBc?format=jpg&name=120x120
Requested by
Host: syndication.twitter.com
URL: https://syndication.twitter.com/srv/timeline-profile/screen-name/PublinewsGT?dnt=false&embedId=twitter-widget-0&frame=false&lang=es&maxHeight=600&origin=https%3A%2F%2Fwww.publinews.gt%2Fgt%2F&sessionId=147a02f0d19ff09125b09e9c7a4d047b596aa85a&showHeader=true&showReplies=false&siteScreenName=PublinewsGT&widgetsVersion=31f0cdc1eaa0f%3A1660602114609
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42:41::159 Vienna, Austria, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
2a40e48add0bdfafa972042f5dc16b2a3c01963696b4e28ee004a3f848685654
Security Headers
Name Value
Strict-Transport-Security max-age=631138519
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://syndication.twitter.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

strict-transport-security
max-age=631138519
x-content-type-options
nosniff
last-modified
Wed, 31 Aug 2022 14:41:43 GMT
date
Wed, 31 Aug 2022 16:16:25 GMT
x-tw-cdn
FT
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
max-age=604800, must-revalidate
x-cache
HIT, MISS
server-timing
x-cache;desc=MISS, x-tw-cdn;desc=FT
accept-ranges
bytes
timing-allow-origin
https://twitter.com, https://mobile.twitter.com
content-length
2706
x-served-by
cache-lhr6627-LHR, cache-vie6369-VIE, cache-tw-ZZZ1
Fbfu-mbXwAMh0Nb
pbs.twimg.com/media/ Frame 9C56 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pbs.twimg.com/media/Fbfu-mbXwAMh0Nb?format=jpg&name=120x120
Requested by
Host: syndication.twitter.com
URL: https://syndication.twitter.com/srv/timeline-profile/screen-name/PublinewsGT?dnt=false&embedId=twitter-widget-0&frame=false&lang=es&maxHeight=600&origin=https%3A%2F%2Fwww.publinews.gt%2Fgt%2F&sessionId=147a02f0d19ff09125b09e9c7a4d047b596aa85a&showHeader=true&showReplies=false&siteScreenName=PublinewsGT&widgetsVersion=31f0cdc1eaa0f%3A1660602114609
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42:41::159 Vienna, Austria, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
da1b3e1c7ec456b6db1160ea606a50e228743d1b2c740d32cf772c5387ef7e5b
Security Headers
Name Value
Strict-Transport-Security max-age=631138519
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://syndication.twitter.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

strict-transport-security
max-age=631138519
x-content-type-options
nosniff
last-modified
Wed, 31 Aug 2022 14:21:16 GMT
date
Wed, 31 Aug 2022 16:16:25 GMT
x-tw-cdn
FT
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
max-age=604800, must-revalidate
x-cache
HIT, MISS
server-timing
x-cache;desc=MISS, x-tw-cdn;desc=FT
accept-ranges
bytes
timing-allow-origin
https://twitter.com, https://mobile.twitter.com
content-length
5190
x-served-by
cache-lhr7339-LHR, cache-vie6369-VIE, cache-tw-ZZZ1
3cA2e-Mp
pbs.twimg.com/card_img/1564972239728119808/ Frame 9C56 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pbs.twimg.com/card_img/1564972239728119808/3cA2e-Mp?format=jpg&name=120x120
Requested by
Host: syndication.twitter.com
URL: https://syndication.twitter.com/srv/timeline-profile/screen-name/PublinewsGT?dnt=false&embedId=twitter-widget-0&frame=false&lang=es&maxHeight=600&origin=https%3A%2F%2Fwww.publinews.gt%2Fgt%2F&sessionId=147a02f0d19ff09125b09e9c7a4d047b596aa85a&showHeader=true&showReplies=false&siteScreenName=PublinewsGT&widgetsVersion=31f0cdc1eaa0f%3A1660602114609
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42:41::159 Vienna, Austria, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
c1dfd4798acc0ff18360293f0622138167322700d64c5b1bbc6dbcf21fc28204
Security Headers
Name Value
Strict-Transport-Security max-age=631138519
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://syndication.twitter.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

strict-transport-security
max-age=631138519
x-content-type-options
nosniff
last-modified
Wed, 31 Aug 2022 13:41:52 GMT
date
Wed, 31 Aug 2022 16:16:25 GMT
x-tw-cdn
FT
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
max-age=604800, must-revalidate
x-cache
HIT, MISS
server-timing
x-cache;desc=MISS, x-tw-cdn;desc=FT
accept-ranges
bytes
timing-allow-origin
https://twitter.com, https://mobile.twitter.com
content-length
2997
x-served-by
cache-lhr7336-LHR, cache-vie6369-VIE, cache-tw-ZZZ1
FbfpME_WQAASRf1
pbs.twimg.com/media/ Frame 9C56 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pbs.twimg.com/media/FbfpME_WQAASRf1?format=jpg&name=120x120
Requested by
Host: syndication.twitter.com
URL: https://syndication.twitter.com/srv/timeline-profile/screen-name/PublinewsGT?dnt=false&embedId=twitter-widget-0&frame=false&lang=es&maxHeight=600&origin=https%3A%2F%2Fwww.publinews.gt%2Fgt%2F&sessionId=147a02f0d19ff09125b09e9c7a4d047b596aa85a&showHeader=true&showReplies=false&siteScreenName=PublinewsGT&widgetsVersion=31f0cdc1eaa0f%3A1660602114609
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42:41::159 Vienna, Austria, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
91974b47f306b283eaa6ca1ce2fad0aca0f8d0d7e712dbea00baf46d4294c138
Security Headers
Name Value
Strict-Transport-Security max-age=631138519
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://syndication.twitter.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

strict-transport-security
max-age=631138519
x-content-type-options
nosniff
last-modified
Wed, 31 Aug 2022 13:55:58 GMT
date
Wed, 31 Aug 2022 16:16:25 GMT
x-tw-cdn
FT
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
max-age=604800, must-revalidate
x-cache
HIT, MISS
server-timing
x-cache;desc=MISS, x-tw-cdn;desc=FT
accept-ranges
bytes
timing-allow-origin
https://twitter.com, https://mobile.twitter.com
content-length
4506
x-served-by
cache-lhr7375-LHR, cache-vie6369-VIE, cache-tw-ZZZ1
Fbfn3c6WAAICMaA
pbs.twimg.com/media/ Frame 9C56 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pbs.twimg.com/media/Fbfn3c6WAAICMaA?format=jpg&name=120x120
Requested by
Host: syndication.twitter.com
URL: https://syndication.twitter.com/srv/timeline-profile/screen-name/PublinewsGT?dnt=false&embedId=twitter-widget-0&frame=false&lang=es&maxHeight=600&origin=https%3A%2F%2Fwww.publinews.gt%2Fgt%2F&sessionId=147a02f0d19ff09125b09e9c7a4d047b596aa85a&showHeader=true&showReplies=false&siteScreenName=PublinewsGT&widgetsVersion=31f0cdc1eaa0f%3A1660602114609
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42:41::159 Vienna, Austria, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
0decddc06b93f573dc4d1d51522ac0c4634d599a848946a7a8793a98f3f4ef56
Security Headers
Name Value
Strict-Transport-Security max-age=631138519
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://syndication.twitter.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

strict-transport-security
max-age=631138519
x-content-type-options
nosniff
last-modified
Wed, 31 Aug 2022 13:50:12 GMT
date
Wed, 31 Aug 2022 16:16:25 GMT
x-tw-cdn
FT
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
max-age=604800, must-revalidate
x-cache
HIT, MISS
server-timing
x-cache;desc=MISS, x-tw-cdn;desc=FT
accept-ranges
bytes
timing-allow-origin
https://twitter.com, https://mobile.twitter.com
content-length
4184
x-served-by
cache-lhr7338-LHR, cache-vie6369-VIE, cache-tw-ZZZ1
Fbfno1uXEAAiGxx
pbs.twimg.com/media/ Frame 9C56 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pbs.twimg.com/media/Fbfno1uXEAAiGxx?format=jpg&name=120x120
Requested by
Host: syndication.twitter.com
URL: https://syndication.twitter.com/srv/timeline-profile/screen-name/PublinewsGT?dnt=false&embedId=twitter-widget-0&frame=false&lang=es&maxHeight=600&origin=https%3A%2F%2Fwww.publinews.gt%2Fgt%2F&sessionId=147a02f0d19ff09125b09e9c7a4d047b596aa85a&showHeader=true&showReplies=false&siteScreenName=PublinewsGT&widgetsVersion=31f0cdc1eaa0f%3A1660602114609
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42:41::159 Vienna, Austria, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
a6a29f11745ce1c159fe4ccb3584b6b24eedef4f1e688919a893a5ba501afbf6
Security Headers
Name Value
Strict-Transport-Security max-age=631138519
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://syndication.twitter.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

strict-transport-security
max-age=631138519
x-content-type-options
nosniff
last-modified
Wed, 31 Aug 2022 13:49:12 GMT
date
Wed, 31 Aug 2022 16:16:25 GMT
x-tw-cdn
FT
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
max-age=604800, must-revalidate
x-cache
HIT, MISS
server-timing
x-cache;desc=MISS, x-tw-cdn;desc=FT
accept-ranges
bytes
timing-allow-origin
https://twitter.com, https://mobile.twitter.com
content-length
3204
x-served-by
cache-lhr7375-LHR, cache-vie6369-VIE, cache-tw-ZZZ1
zT6PWYSp
pbs.twimg.com/card_img/1564766045507928064/ Frame 9C56 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pbs.twimg.com/card_img/1564766045507928064/zT6PWYSp?format=jpg&name=120x120
Requested by
Host: syndication.twitter.com
URL: https://syndication.twitter.com/srv/timeline-profile/screen-name/PublinewsGT?dnt=false&embedId=twitter-widget-0&frame=false&lang=es&maxHeight=600&origin=https%3A%2F%2Fwww.publinews.gt%2Fgt%2F&sessionId=147a02f0d19ff09125b09e9c7a4d047b596aa85a&showHeader=true&showReplies=false&siteScreenName=PublinewsGT&widgetsVersion=31f0cdc1eaa0f%3A1660602114609
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42:41::159 Vienna, Austria, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
fa9805d642c30f5324b073d965bb3871ba41911e6ca4272a6008cb80fada01c2
Security Headers
Name Value
Strict-Transport-Security max-age=631138519
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://syndication.twitter.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

strict-transport-security
max-age=631138519
x-content-type-options
nosniff
last-modified
Wed, 31 Aug 2022 00:02:31 GMT
date
Wed, 31 Aug 2022 16:16:25 GMT
x-tw-cdn
FT
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
max-age=604800, must-revalidate
x-cache
HIT, MISS
server-timing
x-cache;desc=MISS, x-tw-cdn;desc=FT
accept-ranges
bytes
timing-allow-origin
https://twitter.com, https://mobile.twitter.com
content-length
3597
x-served-by
cache-lhr7358-LHR, cache-vie6369-VIE, cache-tw-ZZZ1
activeview
pagead2.googlesyndication.com/pcs/ Frame 2295 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuRQrAzTpqlTWnd1qcXuWMEYhYsOcfoXNBXlPlTTeH176jz8098ohgw6hrwi3K0QcdfsWidVq-AFZcY5bE3wPZmQ37fPWJjC4xOZnUsTS98sBlBUZmh__Q2LG2aqQ&sai=AMfl-YTXre4i-pNiA05DaWSagSnZH_9Io4_Zt8KUBBlCOB47hQluEvO12tU1FhD0pR7zC-DxzfxL6y6v6dkJT3azXjhLMJHyUoBf9eF8Rl_io83aCCB7urBc_2UnXtPskygc&sig=Cg0ArKJSzJHoICLY5M71EAE&cid=CAASKORo1ZdXs_-CgFo2R_bb0sZPRHXa9aAQzmxP-9QWQw2TFSstvOX_I8s&id=lidar2&mcvt=1017&p=8,650,258,950&mtos=1017,1017,1017,1017,1017&tos=1017,0,0,0,0&v=20220829&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=20&adk=3455657583&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1661962582688&rpt=1151&isd=0&lsd=0&met=mue&wmsd=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://b646121064d0d0dec321ab1288f34722.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 31 Aug 2022 16:16:24 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pvClk.min.js
analytics.webgains.io/ Frame 0871 		85 KB
85 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://analytics.webgains.io/pvClk.min.js
Requested by
Host: track.webgains.com
URL: https://track.webgains.com/link.html?wglinkid=713569&wgcampaignid=1384975&js=1&nw=1&wgtarget=https%3A%2F%2Fas.ad4m.at%2Fad%2Frct%3Fed%3D1jmjzqmrzwqg6qpj640t60txyfddady2e0nwwgg5bg0m6ceydmvat5485tje0mazm58ssyaebmdg7q1e7g6r723jqanee8qq4sr2ttsnsyxdgbq5y62ysjb5yps81hgrsd0f571a5hqdzttjjc3kwdwp9ghjxw3nb3zs07y3fme5dder56zkxsywpcx346d97cjaag7hp9xm1fzq77nekfk9h212a1sq57vv5yvxykdzdd4fqmc4hdrcrdfekzt4a0%26a%3Dhttps%253A%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1g7wwmgwvwhb06g0gmkc30zdataskx208qfknckm8bns7zr54rp58gaqsdeb8sfrwf72j74vyc7166yxbyab5mehfsxss37fja8w6swj71hhep869jt0x66t8jnr4qy2mhc56853hbsapqvbs4jqrknb9q48s30xzax8a0bxm87zw1rxbda93cq5ys0f2jcshp9n7fztyrrkc4h3k42kkaamdv4kxtq1wgxxy5pe05px20n3e9p5x8t00nce091phb3fjaz2mnexj%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DCX5LxVokPY4DtJMTtgQeEg6H4AZDhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTQ5MjI5NTQzOTQ1ODQ2NjWgAcKu6N0DyAEJqQKLyfoBn8qwPuACAKgDAaoElAJP0HiLrnkivyadFVGiFcalUA72NXlrnWxFvxIAh0-6l-1xkihUJsB9GRIGfEUbzpxxa21zZ1K-orfX6D-UyZKU_QocCojREOaHHW_oEITVOM57ZT9UcaiXbd0VPetUH9jQZnY_P3bA6U05SnkCuKZ_OtRKSZ7cuHwAvIIg2jKAss8Ox2jLf15AaHByWj7P9prLeEHGHvf-iZBLArml2q7ckhVeNy3o_952I7VmO7mzeiBNaMK_vuONY_DPJvIJYNa_m4Re4C7QedQYfHjGSee-xMMkirCKusGto7MP-t8onkpZxKTMiLFcAbQZigJVUg6gQlxGVkpfrK0Bq9ACv4LBZgp_pk9V89aaALT60f5b_zLMeOHgBAGABuPMp6eF8Y2wSqAGIagHipixAqgHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%252526num%25253D1%252526sig%25253DAOD64_26JN6B9s3jbrknJI8aorEoKy2UJQ%252526client%25253Dca-pub-4922954394584665%252526adurl%25253D&clickref=oneidr2GcQf9fd3jTAH7HjtJCBwxuYS8TKxdhdoneid__dc_reach_suite02wkz&viewref=oneid4rehEf5fRAzhGH9HdtAtmJAsbSpTr6XuKoneid__dc_reach_suite02wkz
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.84.88.32 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-84-88-32.muc50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
ddf89cdacf98bb3a625393cc6301c0e57d1a40b9aab4e246c21c9a37301580dc

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Wed, 31 Aug 2022 05:03:55 GMT
via
1.1 47225389ee58add3b9e790ead940cda4.cloudfront.net (CloudFront)
last-modified
Tue, 23 Aug 2022 13:40:24 GMT
server
AmazonS3
age
40350
etag
"42f12532a1be9c2d028e26e9b82a99a2"
x-cache
Hit from cloudfront
content-type
text/javascript
x-amz-cf-pop
MUC50-C1
content-length
86537
x-amz-cf-id
vgZg1qRv78BE9XIkQBd2xbC8iHspg_P2pOOcFQBy7td6YeXbixaG1w==
Logo%20RGB.png
cdn.track.production.webgains.team/12607/ Frame 0871 		85 KB
85 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.track.production.webgains.team/12607/Logo%20RGB.png?Expires=1661962884&Signature=ipmY9bXKvXLjT5JdibPjaTqz-8zO1jStWLlb3LLLR0t3U98Cl0s~YrXCEKWiiY3lTlr4--uG7n23GwAIarbFidb1jn2UikgJdV5HZlOiiw9mGg5S-tPe4PWSYrJ8NUFYLgZtYmpREgcZ5umlKxLNIFidhGRdibapWycIbrw09-2xxRY2j7fcbnzVJP4hMJqTeh7lPZfxBaaMEmHvYrbvhm77bwvX4c6JZGG4yIz6fqDVKgwg3ecZDkceDE~bcggophumU8RS2hLAQ1t9dlKwitNDWvXw8vAyx0qKRzS9tj0UszwcFj43NNABCauw24FatO0GRq5pV~Iut3lnAgFTcg__&Key-Pair-Id=K28VXAGA7VWE0O
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=196438%2C24673%2C34817&b=GjeTBfpfXwx9UKHeHGtPt31dHZSYTeA9tE%2C4rehEf5fRAzhGH9HdtAtmJAsbSpTr6XuK%2Cr2GcQf9fwMQUAH7HjtqtgdXaYS8TKxdhd&f=Vx7fwfmfDjJEfVHbHAtXC8j4cBSzTzQkTQ%2Cr2GcQf9fd3jTAH7HjtJCBwxuYS8TKxdhd%2CPxefBfbfG17F9HjHbtgCrD6tJS9TPM7Fp&c=300&d=600&e=&g=ea4d1e2242c4cccaa937fb57af9526dd%2F5045102898133266633&i=25174%2C20430%2C27788&j=16%2C21%2C22&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&r=1661962584011&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1g7wwmgwvwhb06g0gmkc30zdataskx208qfknckm8bns7zr54rp58gaqsdeb8sfrwf72j74vyc7166yxbyab5mehfsxss37fja8w6swj71hhep869jt0x66t8jnr4qy2mhc56853hbsapqvbs4jqrknb9q48s30xzax8a0bxm87zw1rxbda93cq5ys0f2jcshp9n7fztyrrkc4h3k42kkaamdv4kxtq1wgxxy5pe05px20n3e9p5x8t00nce091phb3fjaz2mnexj%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCX5LxVokPY4DtJMTtgQeEg6H4AZDhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTQ5MjI5NTQzOTQ1ODQ2NjWgAcKu6N0DyAEJqQKLyfoBn8qwPuACAKgDAaoElAJP0HiLrnkivyadFVGiFcalUA72NXlrnWxFvxIAh0-6l-1xkihUJsB9GRIGfEUbzpxxa21zZ1K-orfX6D-UyZKU_QocCojREOaHHW_oEITVOM57ZT9UcaiXbd0VPetUH9jQZnY_P3bA6U05SnkCuKZ_OtRKSZ7cuHwAvIIg2jKAss8Ox2jLf15AaHByWj7P9prLeEHGHvf-iZBLArml2q7ckhVeNy3o_952I7VmO7mzeiBNaMK_vuONY_DPJvIJYNa_m4Re4C7QedQYfHjGSee-xMMkirCKusGto7MP-t8onkpZxKTMiLFcAbQZigJVUg6gQlxGVkpfrK0Bq9ACv4LBZgp_pk9V89aaALT60f5b_zLMeOHgBAGABuPMp6eF8Y2wSqAGIagHipixAqgHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_26JN6B9s3jbrknJI8aorEoKy2UJQ%2526client%253Dca-pub-4922954394584665%2526adurl%253D&y=1&s=&z=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.147.95 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-147-95.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
272d25a3bc4e780b90797dc968a382dbccaa40157d7612ace2f59f2768a6bb86

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

x-amz-version-id
null
via
1.1 19dbc4cbbe0be3dca8e57283a83b57c6.cloudfront.net (CloudFront)
last-modified
Fri, 06 May 2022 09:41:36 GMT
server
AmazonS3
age
31576
etag
"92f323c42d6018008b4cf82e90ac9639"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
image/png
date
Wed, 31 Aug 2022 07:30:09 GMT
x-amz-cf-pop
FRA60-P4
accept-ranges
bytes
content-length
86991
x-amz-cf-id
BHoUwzc-wRXcO2v8M3NF25hTFniDI8uvAPNsDC67xCednjRCaDiSvQ==
gen_204
pagead2.googlesyndication.com/pagead/ Frame 73DD 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BjL55V4kPY5zxGsi6x_AP4I6fyAwAAAAAOAHgBAI&bg=!39yl3JjNAAaXrHhMt6w7ACkAdvg8Wp6_n-g1TBGm5VGFxxukmlZ1fAYGtUFe-gl0zHyKU1tOtP1bPgIAAAKjUgAAAAJoAQeZAvYXVDv9hBiUD5-Oa0sfWQfYEwVdk4gqozrhgmd8n-DzpXfkLf25YGFddFcJEXfWZLIr9pb0LfWQLmQ2zQG-xjZXVxwYR8wio_CvPOogkIajekLjCmpA8O7zb_9I8vRmxl8XOTyFyC57cbLvuG_bk_1NFUHscb1n8a2L_gIFC4uvTWn0kECAQBRNv_6-0SzBT3ANnrocttgBdZq1uwnJOEWaWRbpJs05LK2CfKFGS18ZszL2jqJ6DsP4EDydUyLMj5361rD2KNbH5iALeLuxW1bNJmHinqXoU4lQVAUi2Hqo2NoFhW1I-QXmMcwhXShuDoxh89C-lgIscVQ5NQXTD3rKJJxKQ7dG6wZkvl4wHkiWbIRdIFuXLZ0VjRn66kg3ascMgs6bI9wm8JJ2crDgnejLPgzRLRflZR91nV9UCZgoUH7TmqB7QnkQ1BgprHnJWdojtnPFI5_gwhr0TVA3-bnCu6iN0nKTIfXI3iHkuS9kEnKlbuHQkSop-LERDydb9sLLgs7vafn6TsrABcFNMu0Ur7w-iKwTYXyOoYeJbEWPPS3Fej3J5Dl93X8igar4JbtBDBBzfdP0REGcyofP_x4t8k41fnlOLUIdFNAZuru8sr1UzkWd2Bd_p5LAWaLBM34p-UM3ajTD7uTBe-P-cYVZ1A564pF-nuj6_kzB-1QhBkcMJKzd8V1VbxR-uiXftUsYdkPIHyMBKyaxn7TitFux2gM5YADyoJ_a_Zu_NTDW6KccNqh2BbeZ2PMVRe9Frb4AvMbEHZLnlbm8VdxgUbjitVyDPLUCdkW4zo56rNe9WXpPplTtVtbMKKypFPEn35fnIggOixarPwA-gDpyidqJ0bUKWUUK8lShjIcdct80dSOpRPUoc88Cf-GDGZSOquA09Bt1gZemN9z9z-1gGZZsO-dfRbFpjHMveOcWYcdjNQtmz_BlDeYccMfATES_I-dOUCimMk7Mlo500s0q5aWouIL9qYga5z9jWdPaH2Q1dPBIYhfrfg
Requested by
Host: www.publinews.gt
URL: https://www.publinews.gt/gt/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 31 Aug 2022 16:16:24 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
viewability
hal90002.redintelligence.net/ Frame 7ECF 		0
150 B 		Script
General
Check archive.org
Download Go to
Full URL
https://hal90002.redintelligence.net/viewability?s=50921200115005400757589012068002&a=080c6ce6&vb=v
Requested by
Host: hal90002.redintelligence.net
URL: https://hal90002.redintelligence.net/request_content.php?s=50921200115005400757589012068002&a=be0f3559
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
46.4.10.47 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.47.10.4.46.clients.your-server.de
Software
Apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hal90002.redintelligence.net/request_content.php?s=50921200115005400757589012068002&a=be0f3559
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

Date
Wed, 31 Aug 2022 16:16:25 GMT
Server
Apache
Connection
close
Content-Length
0
Content-Type
text/html; charset=UTF-8
default.css
as.ad4m.at/ad/style/0.1.22/one-ad/ Frame 16F5 		85 KB
11 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://as.ad4m.at/ad/style/0.1.22/one-ad/default.css
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=14019%2C183975%2C14044&b=Rx6fgfQfZx7TkHwH3tQtdWgf9SzTmqbF7%2Ce7RC3fVfrkRMajHZHet1t4jXTwSQTx8Ja1%2CXxVfzfrfqw7U6H4HetqtxD7UQSkTXKPfJ&f=Qxef4fjfbV7txH5HYt9CZekh6S4T5qBcV%2CDjeT3fwfGA3rF3HmH9twCZ3kTxSmTk8rFV%2Ce7RC3fVfxBVcjHZHet2CeW3swSQTx8Ja1&c=300&d=250&e=&g=8510404f2dc1b2020e3829f2b1854606%2F9244079190627054995&i=21596%2C20597%2C25007&j=16%2C21%2C16&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&r=1661962584354&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1jjzb52rqscb4zwhmk39htfm5z4yy77fqdkx5ckkd0z5mq3r9n7y9qq5h49hb6ja5h4hnk00wv75ksrgn27bdb73s3bg53v38b7z9x7a1430gpfkgfb0m2mq75n0xx9vy35hrcpsm596e5tx432vthe5xxe9zm21v061kx65hj8p35dg9p4vpjj3e8bn2t6p5esr4nfc7ct3djhwacse32a9njh3sss5x6wzz26z2bcn76b4ermpgrptg91sr5kp25nq86r252bz0%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DC8cfAV4kPY9jADqqMx_AP2bS1oASQ4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi00OTIyOTU0Mzk0NTg0NjY1oAHCrujdA8gBCakCi8n6AZ_KsD7gAgCoAwGqBJQCT9AiQxi8xUFH8psh-I_uWJSRwHzXA7V1KgJbQ7UbRV_TYfAJySzttm_M--Pdahre2QrXBbdSdaLOUmzeaL2Ca7PznMCXInEURnvBid9EGdace6OpLRIo1CDoruGOF7QAHojTGqIOlretTXYMv1aQIo0Nre1wNTWA1tgYboYKTUBSdPKEOgU2wL4pWrFoYYbcLjZrpxeEj5-4CNSC6L8yN3phxkdDYSmjU4NkfL1BbQGfcMwLX-xu-jueX2bs3oDfPtI4WB459WvUPGW1V6C2R4DAvXItlAfJZyqGDXxROL69YKA5POD346r1v4Q9RF3mon-39c_2CZZIxpRT7DtHg6PnOHKrRZ0HbabSCkoGHHkadWfj4AQBgAbxur7BzIOftfwBoAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_20siNFLgsAMdtpW4dXNdS0tC44eg%2526client%253Dca-pub-4922954394584665%2526adurl%253D&y=1&s=&z=0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0d28bd4bc4b8a1ecb41ea341dd43aabbc0322889858d76d406b7dc8a887b8eac
Security Headers
Name Value
Strict-Transport-Security max-age=86400; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://as.ad4m.at/ad/rar?a=14019%2C183975%2C14044&b=Rx6fgfQfZx7TkHwH3tQtdWgf9SzTmqbF7%2Ce7RC3fVfrkRMajHZHet1t4jXTwSQTx8Ja1%2CXxVfzfrfqw7U6H4HetqtxD7UQSkTXKPfJ&f=Qxef4fjfbV7txH5HYt9CZekh6S4T5qBcV%2CDjeT3fwfGA3rF3HmH9twCZ3kTxSmTk8rFV%2Ce7RC3fVfxBVcjHZHet2CeW3swSQTx8Ja1&c=300&d=250&e=&g=8510404f2dc1b2020e3829f2b1854606%2F9244079190627054995&i=21596%2C20597%2C25007&j=16%2C21%2C16&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&r=1661962584354&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1jjzb52rqscb4zwhmk39htfm5z4yy77fqdkx5ckkd0z5mq3r9n7y9qq5h49hb6ja5h4hnk00wv75ksrgn27bdb73s3bg53v38b7z9x7a1430gpfkgfb0m2mq75n0xx9vy35hrcpsm596e5tx432vthe5xxe9zm21v061kx65hj8p35dg9p4vpjj3e8bn2t6p5esr4nfc7ct3djhwacse32a9njh3sss5x6wzz26z2bcn76b4ermpgrptg91sr5kp25nq86r252bz0%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DC8cfAV4kPY9jADqqMx_AP2bS1oASQ4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi00OTIyOTU0Mzk0NTg0NjY1oAHCrujdA8gBCakCi8n6AZ_KsD7gAgCoAwGqBJQCT9AiQxi8xUFH8psh-I_uWJSRwHzXA7V1KgJbQ7UbRV_TYfAJySzttm_M--Pdahre2QrXBbdSdaLOUmzeaL2Ca7PznMCXInEURnvBid9EGdace6OpLRIo1CDoruGOF7QAHojTGqIOlretTXYMv1aQIo0Nre1wNTWA1tgYboYKTUBSdPKEOgU2wL4pWrFoYYbcLjZrpxeEj5-4CNSC6L8yN3phxkdDYSmjU4NkfL1BbQGfcMwLX-xu-jueX2bs3oDfPtI4WB459WvUPGW1V6C2R4DAvXItlAfJZyqGDXxROL69YKA5POD346r1v4Q9RF3mon-39c_2CZZIxpRT7DtHg6PnOHKrRZ0HbabSCkoGHHkadWfj4AQBgAbxur7BzIOftfwBoAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_20siNFLgsAMdtpW4dXNdS0tC44eg%2526client%253Dca-pub-4922954394584665%2526adurl%253D&y=1&s=&z=0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Wed, 31 Aug 2022 16:16:25 GMT
via
1.1 google
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
age
176864
cross-origin-embedder-policy
unsafe-none
cf-polished
origSize=86775
surrogate-control
no-store
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=86400; includeSubDomains; preload
content-encoding
br
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection
1; mode=block
pragma
no-cache
referrer-policy
same-origin
last-modified
Mon, 29 Aug 2022 15:08:41 GMT
server
cloudflare
cross-origin-opener-policy
unsafe-none
x-download-options
noopen
vary
accept-encoding
report-to
{"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
content-type
text/css; charset=utf-8
expires
0
cache-control
max-age=3600, must-revalidate, proxy-revalidate
cf-ray
7437120dd99fbbb0-FRA
cf-bgj
minify
CE11F4A269236C0AF074ADB7F1ADA1F8C472CD7AC3290EFBF4A7DADA0100B8792254D4F2CF871D3311E6317269487774B650CDD0B207BED389DBEA35CD2DBC8F
assets.ad4m.at/logo/ Frame 16F5 		16 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.ad4m.at/logo/CE11F4A269236C0AF074ADB7F1ADA1F8C472CD7AC3290EFBF4A7DADA0100B8792254D4F2CF871D3311E6317269487774B650CDD0B207BED389DBEA35CD2DBC8F
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=14019%2C183975%2C14044&b=Rx6fgfQfZx7TkHwH3tQtdWgf9SzTmqbF7%2Ce7RC3fVfrkRMajHZHet1t4jXTwSQTx8Ja1%2CXxVfzfrfqw7U6H4HetqtxD7UQSkTXKPfJ&f=Qxef4fjfbV7txH5HYt9CZekh6S4T5qBcV%2CDjeT3fwfGA3rF3HmH9twCZ3kTxSmTk8rFV%2Ce7RC3fVfxBVcjHZHet2CeW3swSQTx8Ja1&c=300&d=250&e=&g=8510404f2dc1b2020e3829f2b1854606%2F9244079190627054995&i=21596%2C20597%2C25007&j=16%2C21%2C16&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&r=1661962584354&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1jjzb52rqscb4zwhmk39htfm5z4yy77fqdkx5ckkd0z5mq3r9n7y9qq5h49hb6ja5h4hnk00wv75ksrgn27bdb73s3bg53v38b7z9x7a1430gpfkgfb0m2mq75n0xx9vy35hrcpsm596e5tx432vthe5xxe9zm21v061kx65hj8p35dg9p4vpjj3e8bn2t6p5esr4nfc7ct3djhwacse32a9njh3sss5x6wzz26z2bcn76b4ermpgrptg91sr5kp25nq86r252bz0%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DC8cfAV4kPY9jADqqMx_AP2bS1oASQ4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi00OTIyOTU0Mzk0NTg0NjY1oAHCrujdA8gBCakCi8n6AZ_KsD7gAgCoAwGqBJQCT9AiQxi8xUFH8psh-I_uWJSRwHzXA7V1KgJbQ7UbRV_TYfAJySzttm_M--Pdahre2QrXBbdSdaLOUmzeaL2Ca7PznMCXInEURnvBid9EGdace6OpLRIo1CDoruGOF7QAHojTGqIOlretTXYMv1aQIo0Nre1wNTWA1tgYboYKTUBSdPKEOgU2wL4pWrFoYYbcLjZrpxeEj5-4CNSC6L8yN3phxkdDYSmjU4NkfL1BbQGfcMwLX-xu-jueX2bs3oDfPtI4WB459WvUPGW1V6C2R4DAvXItlAfJZyqGDXxROL69YKA5POD346r1v4Q9RF3mon-39c_2CZZIxpRT7DtHg6PnOHKrRZ0HbabSCkoGHHkadWfj4AQBgAbxur7BzIOftfwBoAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_20siNFLgsAMdtpW4dXNdS0tC44eg%2526client%253Dca-pub-4922954394584665%2526adurl%253D&y=1&s=&z=0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7024493525030ecd098ce0dcb2f0aea839373775120b40580028137b1d125ac9

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Wed, 31 Aug 2022 16:16:25 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
678207
cf-polished
origFmt=png, origSize=39979
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
15996
last-modified
Wed, 22 Jan 2020 13:07:55 GMT
server
cloudflare
etag
"ad9334664514d900a0c3b76d17ca960f"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fKddZB9cVzQpAWxTLmDEkWc0ytEUfB6A7%2BW8Zvvb4Sa4QTbg21mwHTC%2FXQXAd37MYiJChntIZeazCSOJQmEprruON28ms%2BVUSpo4ai3KiuwoGozhwDg34fWBLS6BDgkKh34Uy4vlbVLYexfY"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
expires
Thu, 01 Sep 2022 16:16:25 GMT
cache-control
public, max-age=86400
accept-ranges
bytes
cf-ray
7437120dd9a2bbb0-FRA
cf-bgj
imgq:85,h2pri
EC9093D4AF3799CF781B1E590A25D192F3BFBB8EF4C33117758FB5ADF524B34A287AF80FDD08D80A46541DEAE1FFA692B6F4CA688E7C199182253AEB01A2863C
assets.ad4m.at/product_image/ Frame 16F5 		222 KB
222 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.ad4m.at/product_image/EC9093D4AF3799CF781B1E590A25D192F3BFBB8EF4C33117758FB5ADF524B34A287AF80FDD08D80A46541DEAE1FFA692B6F4CA688E7C199182253AEB01A2863C
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=14019%2C183975%2C14044&b=Rx6fgfQfZx7TkHwH3tQtdWgf9SzTmqbF7%2Ce7RC3fVfrkRMajHZHet1t4jXTwSQTx8Ja1%2CXxVfzfrfqw7U6H4HetqtxD7UQSkTXKPfJ&f=Qxef4fjfbV7txH5HYt9CZekh6S4T5qBcV%2CDjeT3fwfGA3rF3HmH9twCZ3kTxSmTk8rFV%2Ce7RC3fVfxBVcjHZHet2CeW3swSQTx8Ja1&c=300&d=250&e=&g=8510404f2dc1b2020e3829f2b1854606%2F9244079190627054995&i=21596%2C20597%2C25007&j=16%2C21%2C16&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&r=1661962584354&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1jjzb52rqscb4zwhmk39htfm5z4yy77fqdkx5ckkd0z5mq3r9n7y9qq5h49hb6ja5h4hnk00wv75ksrgn27bdb73s3bg53v38b7z9x7a1430gpfkgfb0m2mq75n0xx9vy35hrcpsm596e5tx432vthe5xxe9zm21v061kx65hj8p35dg9p4vpjj3e8bn2t6p5esr4nfc7ct3djhwacse32a9njh3sss5x6wzz26z2bcn76b4ermpgrptg91sr5kp25nq86r252bz0%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DC8cfAV4kPY9jADqqMx_AP2bS1oASQ4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi00OTIyOTU0Mzk0NTg0NjY1oAHCrujdA8gBCakCi8n6AZ_KsD7gAgCoAwGqBJQCT9AiQxi8xUFH8psh-I_uWJSRwHzXA7V1KgJbQ7UbRV_TYfAJySzttm_M--Pdahre2QrXBbdSdaLOUmzeaL2Ca7PznMCXInEURnvBid9EGdace6OpLRIo1CDoruGOF7QAHojTGqIOlretTXYMv1aQIo0Nre1wNTWA1tgYboYKTUBSdPKEOgU2wL4pWrFoYYbcLjZrpxeEj5-4CNSC6L8yN3phxkdDYSmjU4NkfL1BbQGfcMwLX-xu-jueX2bs3oDfPtI4WB459WvUPGW1V6C2R4DAvXItlAfJZyqGDXxROL69YKA5POD346r1v4Q9RF3mon-39c_2CZZIxpRT7DtHg6PnOHKrRZ0HbabSCkoGHHkadWfj4AQBgAbxur7BzIOftfwBoAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_20siNFLgsAMdtpW4dXNdS0tC44eg%2526client%253Dca-pub-4922954394584665%2526adurl%253D&y=1&s=&z=0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9bfc7d34cd8bc7df36a984d6f3da50799752e33c48bbf07a4a1ee959b51476d0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Wed, 31 Aug 2022 16:16:25 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
677161
cf-polished
origFmt=png, origSize=342797
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
226950
last-modified
Wed, 15 Jun 2022 14:01:11 GMT
server
cloudflare
etag
"82c7de0f42ff55fdd0acc07731664031"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KnB%2B2EN1x%2B4v382GAUtcQ1VoFJjKTQ7xk2zpmnQ8%2BARN5MrGD%2BVC1EGs6mL6Wt%2FHkWTBMTbGC2hHKTMTm9lOvELDg6WaBFLmwfoJr4c87IITytM1%2BE2gGibN6ybf4v8qgJgep6NDsBGBCOHT"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
expires
Thu, 01 Sep 2022 16:16:25 GMT
cache-control
public, max-age=86400
accept-ranges
bytes
cf-ray
7437120e2a1bbbb0-FRA
cf-bgj
imgq:85,h2pri
ztpv.php
www.conrad.de/ Frame 16F5
Redirect Chain
  • https://www.awin1.com/cshow.php?s=2470185&v=11354&q=377129&r=412871&pv=1&pref3=oneidRx6fgfQfZx7TkHwH3tQtdWgf9SzTmqbF7oneid__dc_reach_suite02wkz&gdpr_consent=&gdpr=0&gdpr_pd=0
  • https://www.zenaps.com/cshow.php?pvr=42d01270-2948-11ed-b38a-2238c37626e7&v=11354&r=412871&q=377129&s=2470185&viewref3=oneidRx6fgfQfZx7TkHwH3tQtdWgf9SzTmqbF7oneid__dc_reach_suite02wkz&pv=1&gdpr=0&g...
  • https://www.conrad.de/ztpv.php?awc=11354_412871_1661962585_42d01270-2948-11ed-b38a-2238c37626e7&insert=AW&&gdpr=0&gdpr_consent=
0
654 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.conrad.de/ztpv.php?awc=11354_412871_1661962585_42d01270-2948-11ed-b38a-2238c37626e7&insert=AW&&gdpr=0&gdpr_consent=
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=14019%2C183975%2C14044&b=Rx6fgfQfZx7TkHwH3tQtdWgf9SzTmqbF7%2Ce7RC3fVfrkRMajHZHet1t4jXTwSQTx8Ja1%2CXxVfzfrfqw7U6H4HetqtxD7UQSkTXKPfJ&f=Qxef4fjfbV7txH5HYt9CZekh6S4T5qBcV%2CDjeT3fwfGA3rF3HmH9twCZ3kTxSmTk8rFV%2Ce7RC3fVfxBVcjHZHet2CeW3swSQTx8Ja1&c=300&d=250&e=&g=8510404f2dc1b2020e3829f2b1854606%2F9244079190627054995&i=21596%2C20597%2C25007&j=16%2C21%2C16&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&r=1661962584354&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1jjzb52rqscb4zwhmk39htfm5z4yy77fqdkx5ckkd0z5mq3r9n7y9qq5h49hb6ja5h4hnk00wv75ksrgn27bdb73s3bg53v38b7z9x7a1430gpfkgfb0m2mq75n0xx9vy35hrcpsm596e5tx432vthe5xxe9zm21v061kx65hj8p35dg9p4vpjj3e8bn2t6p5esr4nfc7ct3djhwacse32a9njh3sss5x6wzz26z2bcn76b4ermpgrptg91sr5kp25nq86r252bz0%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DC8cfAV4kPY9jADqqMx_AP2bS1oASQ4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi00OTIyOTU0Mzk0NTg0NjY1oAHCrujdA8gBCakCi8n6AZ_KsD7gAgCoAwGqBJQCT9AiQxi8xUFH8psh-I_uWJSRwHzXA7V1KgJbQ7UbRV_TYfAJySzttm_M--Pdahre2QrXBbdSdaLOUmzeaL2Ca7PznMCXInEURnvBid9EGdace6OpLRIo1CDoruGOF7QAHojTGqIOlretTXYMv1aQIo0Nre1wNTWA1tgYboYKTUBSdPKEOgU2wL4pWrFoYYbcLjZrpxeEj5-4CNSC6L8yN3phxkdDYSmjU4NkfL1BbQGfcMwLX-xu-jueX2bs3oDfPtI4WB459WvUPGW1V6C2R4DAvXItlAfJZyqGDXxROL69YKA5POD346r1v4Q9RF3mon-39c_2CZZIxpRT7DtHg6PnOHKrRZ0HbabSCkoGHHkadWfj4AQBgAbxur7BzIOftfwBoAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_20siNFLgsAMdtpW4dXNdS0tC44eg%2526client%253Dca-pub-4922954394584665%2526adurl%253D&y=1&s=&z=0
Protocol
H2
Server
2606:4700::6812:7e05 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Wed, 31 Aug 2022 16:16:26 GMT
via
1.1 varnish (Varnish/6.6)
cf-cache-status
DYNAMIC
server
cloudflare
age
0
strict-transport-security
max-age=15552000
p3p
policyref="http://www.conrad.de/w3c/p3p.xml", CP="NOI NID STP STA CUR OUR"
content-type
text/html; charset=UTF-8
content-encoding
br
cache-control
no-cache
x-varnish
575764523
server-timing
intid;desc=9778ab1b62ca86d3
cf-ray
743712127b8d9b77-FRA
expires
-1

Redirect headers

Date
Wed, 31 Aug 2022 16:16:25 GMT
Strict-Transport-Security
max-age=86400
P3P
policyref="http://www.awin1.com/w3c/p3p.xml", CP="NOI NID CURa ADMa PSAa HISa OUR IND UNI PUR COM NAV"
Location
https://www.conrad.de/ztpv.php?awc=11354_412871_1661962585_42d01270-2948-11ed-b38a-2238c37626e7&insert=AW&&gdpr=0&gdpr_consent=
Awin-Akamai-Rule-Set
default
Node
Helix
Connection
keep-alive
Content-Length
0
F9B39585BFA0505D63AEC15D6DB1B02D9089CB0BB1445FD9678DBB04C32C81A56DC3B966E24F60B1752A92F908AA27DE3F0994E5B1621436EB0D2328EC61055B
assets.ad4m.at/logo/ Frame 16F5 		127 KB
128 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.ad4m.at/logo/F9B39585BFA0505D63AEC15D6DB1B02D9089CB0BB1445FD9678DBB04C32C81A56DC3B966E24F60B1752A92F908AA27DE3F0994E5B1621436EB0D2328EC61055B
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=14019%2C183975%2C14044&b=Rx6fgfQfZx7TkHwH3tQtdWgf9SzTmqbF7%2Ce7RC3fVfrkRMajHZHet1t4jXTwSQTx8Ja1%2CXxVfzfrfqw7U6H4HetqtxD7UQSkTXKPfJ&f=Qxef4fjfbV7txH5HYt9CZekh6S4T5qBcV%2CDjeT3fwfGA3rF3HmH9twCZ3kTxSmTk8rFV%2Ce7RC3fVfxBVcjHZHet2CeW3swSQTx8Ja1&c=300&d=250&e=&g=8510404f2dc1b2020e3829f2b1854606%2F9244079190627054995&i=21596%2C20597%2C25007&j=16%2C21%2C16&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&r=1661962584354&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1jjzb52rqscb4zwhmk39htfm5z4yy77fqdkx5ckkd0z5mq3r9n7y9qq5h49hb6ja5h4hnk00wv75ksrgn27bdb73s3bg53v38b7z9x7a1430gpfkgfb0m2mq75n0xx9vy35hrcpsm596e5tx432vthe5xxe9zm21v061kx65hj8p35dg9p4vpjj3e8bn2t6p5esr4nfc7ct3djhwacse32a9njh3sss5x6wzz26z2bcn76b4ermpgrptg91sr5kp25nq86r252bz0%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DC8cfAV4kPY9jADqqMx_AP2bS1oASQ4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi00OTIyOTU0Mzk0NTg0NjY1oAHCrujdA8gBCakCi8n6AZ_KsD7gAgCoAwGqBJQCT9AiQxi8xUFH8psh-I_uWJSRwHzXA7V1KgJbQ7UbRV_TYfAJySzttm_M--Pdahre2QrXBbdSdaLOUmzeaL2Ca7PznMCXInEURnvBid9EGdace6OpLRIo1CDoruGOF7QAHojTGqIOlretTXYMv1aQIo0Nre1wNTWA1tgYboYKTUBSdPKEOgU2wL4pWrFoYYbcLjZrpxeEj5-4CNSC6L8yN3phxkdDYSmjU4NkfL1BbQGfcMwLX-xu-jueX2bs3oDfPtI4WB459WvUPGW1V6C2R4DAvXItlAfJZyqGDXxROL69YKA5POD346r1v4Q9RF3mon-39c_2CZZIxpRT7DtHg6PnOHKrRZ0HbabSCkoGHHkadWfj4AQBgAbxur7BzIOftfwBoAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_20siNFLgsAMdtpW4dXNdS0tC44eg%2526client%253Dca-pub-4922954394584665%2526adurl%253D&y=1&s=&z=0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4e249aef61e2d675b41a8d764b5b9c9a8ee9ebc5e512386625516f6d2c8a4977

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Wed, 31 Aug 2022 16:16:25 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
675160
cf-polished
origFmt=png, origSize=233620
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
130164
last-modified
Tue, 29 Mar 2022 07:10:51 GMT
server
cloudflare
etag
"d1d171dd651522f41a2fc0dba256a546"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fhWnzw96lcEGPluJGaka4hSIsy%2F3TDXp0JlOLII97ioODo%2Bw016vhsAWmveLM7iH%2BPhLlyrJxseVzfUhU7y71fOLRFUrbSbJ4G7JrpKPVhrZjMuPnmrl5BZZHy0wQZXM7K%2Fc6X1Awjz0mj9P"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
expires
Thu, 01 Sep 2022 16:16:25 GMT
cache-control
public, max-age=86400
accept-ranges
bytes
cf-ray
7437120e2a1fbbb0-FRA
cf-bgj
imgq:85,h2pri
1408E404D125984EC307986C30204BFB93CEF5A079A8B664A2AB24EB8E10E04B06FC2810F2A3432611FA8E4EB56D40C4CE476E3578F76162AC45AD15ADEE2CC0
assets.ad4m.at/product_image/ Frame 16F5 		461 KB
461 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.ad4m.at/product_image/1408E404D125984EC307986C30204BFB93CEF5A079A8B664A2AB24EB8E10E04B06FC2810F2A3432611FA8E4EB56D40C4CE476E3578F76162AC45AD15ADEE2CC0
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=14019%2C183975%2C14044&b=Rx6fgfQfZx7TkHwH3tQtdWgf9SzTmqbF7%2Ce7RC3fVfrkRMajHZHet1t4jXTwSQTx8Ja1%2CXxVfzfrfqw7U6H4HetqtxD7UQSkTXKPfJ&f=Qxef4fjfbV7txH5HYt9CZekh6S4T5qBcV%2CDjeT3fwfGA3rF3HmH9twCZ3kTxSmTk8rFV%2Ce7RC3fVfxBVcjHZHet2CeW3swSQTx8Ja1&c=300&d=250&e=&g=8510404f2dc1b2020e3829f2b1854606%2F9244079190627054995&i=21596%2C20597%2C25007&j=16%2C21%2C16&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&r=1661962584354&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1jjzb52rqscb4zwhmk39htfm5z4yy77fqdkx5ckkd0z5mq3r9n7y9qq5h49hb6ja5h4hnk00wv75ksrgn27bdb73s3bg53v38b7z9x7a1430gpfkgfb0m2mq75n0xx9vy35hrcpsm596e5tx432vthe5xxe9zm21v061kx65hj8p35dg9p4vpjj3e8bn2t6p5esr4nfc7ct3djhwacse32a9njh3sss5x6wzz26z2bcn76b4ermpgrptg91sr5kp25nq86r252bz0%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DC8cfAV4kPY9jADqqMx_AP2bS1oASQ4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi00OTIyOTU0Mzk0NTg0NjY1oAHCrujdA8gBCakCi8n6AZ_KsD7gAgCoAwGqBJQCT9AiQxi8xUFH8psh-I_uWJSRwHzXA7V1KgJbQ7UbRV_TYfAJySzttm_M--Pdahre2QrXBbdSdaLOUmzeaL2Ca7PznMCXInEURnvBid9EGdace6OpLRIo1CDoruGOF7QAHojTGqIOlretTXYMv1aQIo0Nre1wNTWA1tgYboYKTUBSdPKEOgU2wL4pWrFoYYbcLjZrpxeEj5-4CNSC6L8yN3phxkdDYSmjU4NkfL1BbQGfcMwLX-xu-jueX2bs3oDfPtI4WB459WvUPGW1V6C2R4DAvXItlAfJZyqGDXxROL69YKA5POD346r1v4Q9RF3mon-39c_2CZZIxpRT7DtHg6PnOHKrRZ0HbabSCkoGHHkadWfj4AQBgAbxur7BzIOftfwBoAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_20siNFLgsAMdtpW4dXNdS0tC44eg%2526client%253Dca-pub-4922954394584665%2526adurl%253D&y=1&s=&z=0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ec335cbc056796d69797fd1ef82fc0abd9159579add0bf72e3f54fc0acba786b

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Wed, 31 Aug 2022 16:16:25 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
674586
cf-polished
origFmt=png, origSize=731561
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
471752
last-modified
Tue, 29 Mar 2022 07:03:31 GMT
server
cloudflare
etag
"1b69278243c107df5b11186b1f6ca585"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GksVYhF%2BnEaT%2F5o5YMZCrV9%2Bk3k0L94xFWj8LdtGp8liYBcoaqEtfsLjsTb1mOWzP8BSKLv6SuvyUcGyovsShqMTvmfmW9QtN17pUUxliOJKuTG3uNSmnJ0rjYlb32zpZemJp%2BqZ4nrdwduI"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
expires
Thu, 01 Sep 2022 16:16:25 GMT
cache-control
public, max-age=86400
accept-ranges
bytes
cf-ray
7437120e2a21bbb0-FRA
cf-bgj
imgq:85,h2pri
B4CB880477BA810028D7D7613EE7E9E1448DC35AF48781E4B95EC6ECB7049A9AA27B107B317198EC504A03E948F7EC5A02BC2426A27879C893669BA93941B528
assets.ad4m.at/logo/ Frame 16F5 		18 KB
19 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.ad4m.at/logo/B4CB880477BA810028D7D7613EE7E9E1448DC35AF48781E4B95EC6ECB7049A9AA27B107B317198EC504A03E948F7EC5A02BC2426A27879C893669BA93941B528
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=14019%2C183975%2C14044&b=Rx6fgfQfZx7TkHwH3tQtdWgf9SzTmqbF7%2Ce7RC3fVfrkRMajHZHet1t4jXTwSQTx8Ja1%2CXxVfzfrfqw7U6H4HetqtxD7UQSkTXKPfJ&f=Qxef4fjfbV7txH5HYt9CZekh6S4T5qBcV%2CDjeT3fwfGA3rF3HmH9twCZ3kTxSmTk8rFV%2Ce7RC3fVfxBVcjHZHet2CeW3swSQTx8Ja1&c=300&d=250&e=&g=8510404f2dc1b2020e3829f2b1854606%2F9244079190627054995&i=21596%2C20597%2C25007&j=16%2C21%2C16&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&r=1661962584354&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1jjzb52rqscb4zwhmk39htfm5z4yy77fqdkx5ckkd0z5mq3r9n7y9qq5h49hb6ja5h4hnk00wv75ksrgn27bdb73s3bg53v38b7z9x7a1430gpfkgfb0m2mq75n0xx9vy35hrcpsm596e5tx432vthe5xxe9zm21v061kx65hj8p35dg9p4vpjj3e8bn2t6p5esr4nfc7ct3djhwacse32a9njh3sss5x6wzz26z2bcn76b4ermpgrptg91sr5kp25nq86r252bz0%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DC8cfAV4kPY9jADqqMx_AP2bS1oASQ4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi00OTIyOTU0Mzk0NTg0NjY1oAHCrujdA8gBCakCi8n6AZ_KsD7gAgCoAwGqBJQCT9AiQxi8xUFH8psh-I_uWJSRwHzXA7V1KgJbQ7UbRV_TYfAJySzttm_M--Pdahre2QrXBbdSdaLOUmzeaL2Ca7PznMCXInEURnvBid9EGdace6OpLRIo1CDoruGOF7QAHojTGqIOlretTXYMv1aQIo0Nre1wNTWA1tgYboYKTUBSdPKEOgU2wL4pWrFoYYbcLjZrpxeEj5-4CNSC6L8yN3phxkdDYSmjU4NkfL1BbQGfcMwLX-xu-jueX2bs3oDfPtI4WB459WvUPGW1V6C2R4DAvXItlAfJZyqGDXxROL69YKA5POD346r1v4Q9RF3mon-39c_2CZZIxpRT7DtHg6PnOHKrRZ0HbabSCkoGHHkadWfj4AQBgAbxur7BzIOftfwBoAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_20siNFLgsAMdtpW4dXNdS0tC44eg%2526client%253Dca-pub-4922954394584665%2526adurl%253D&y=1&s=&z=0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
54d35e66675f9cc2ab471d0c389573b5ab0902937b397914a177712b27678a46

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Wed, 31 Aug 2022 16:16:25 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
675167
cf-polished
origFmt=png, origSize=35453
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
18872
last-modified
Mon, 18 May 2020 12:30:29 GMT
server
cloudflare
etag
"e18c9634cdd319e69c2765475f29cd13"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PiLYqXakZrlHs5YrtD7I6p4N%2BU7BZOSe5GsY%2FYZWdzwchIQsto3AaJZLqa6kPrOXYYg6oBb4sxqwPcMB1w%2FSUiEgTDSu2q2bcRJxdM4iLEbHOeDLMAsgZ%2FSupMn%2FA%2FXqSjC8QS7Uz2vrvYgd"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
expires
Thu, 01 Sep 2022 16:16:25 GMT
cache-control
public, max-age=86400
accept-ranges
bytes
cf-ray
7437120e2a24bbb0-FRA
cf-bgj
imgq:85,h2pri
285DE9FE17F697DA1B3C600D8F320A9D948FC7BBE696D077F9175DFE5ECD143923061A8E9DA395B492694AC69B9D920D397618A0BB22BBF5834FED5EDAA72A95
assets.ad4m.at/product_image/ Frame 16F5 		9 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.ad4m.at/product_image/285DE9FE17F697DA1B3C600D8F320A9D948FC7BBE696D077F9175DFE5ECD143923061A8E9DA395B492694AC69B9D920D397618A0BB22BBF5834FED5EDAA72A95
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=14019%2C183975%2C14044&b=Rx6fgfQfZx7TkHwH3tQtdWgf9SzTmqbF7%2Ce7RC3fVfrkRMajHZHet1t4jXTwSQTx8Ja1%2CXxVfzfrfqw7U6H4HetqtxD7UQSkTXKPfJ&f=Qxef4fjfbV7txH5HYt9CZekh6S4T5qBcV%2CDjeT3fwfGA3rF3HmH9twCZ3kTxSmTk8rFV%2Ce7RC3fVfxBVcjHZHet2CeW3swSQTx8Ja1&c=300&d=250&e=&g=8510404f2dc1b2020e3829f2b1854606%2F9244079190627054995&i=21596%2C20597%2C25007&j=16%2C21%2C16&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&r=1661962584354&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1jjzb52rqscb4zwhmk39htfm5z4yy77fqdkx5ckkd0z5mq3r9n7y9qq5h49hb6ja5h4hnk00wv75ksrgn27bdb73s3bg53v38b7z9x7a1430gpfkgfb0m2mq75n0xx9vy35hrcpsm596e5tx432vthe5xxe9zm21v061kx65hj8p35dg9p4vpjj3e8bn2t6p5esr4nfc7ct3djhwacse32a9njh3sss5x6wzz26z2bcn76b4ermpgrptg91sr5kp25nq86r252bz0%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DC8cfAV4kPY9jADqqMx_AP2bS1oASQ4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi00OTIyOTU0Mzk0NTg0NjY1oAHCrujdA8gBCakCi8n6AZ_KsD7gAgCoAwGqBJQCT9AiQxi8xUFH8psh-I_uWJSRwHzXA7V1KgJbQ7UbRV_TYfAJySzttm_M--Pdahre2QrXBbdSdaLOUmzeaL2Ca7PznMCXInEURnvBid9EGdace6OpLRIo1CDoruGOF7QAHojTGqIOlretTXYMv1aQIo0Nre1wNTWA1tgYboYKTUBSdPKEOgU2wL4pWrFoYYbcLjZrpxeEj5-4CNSC6L8yN3phxkdDYSmjU4NkfL1BbQGfcMwLX-xu-jueX2bs3oDfPtI4WB459WvUPGW1V6C2R4DAvXItlAfJZyqGDXxROL69YKA5POD346r1v4Q9RF3mon-39c_2CZZIxpRT7DtHg6PnOHKrRZ0HbabSCkoGHHkadWfj4AQBgAbxur7BzIOftfwBoAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_20siNFLgsAMdtpW4dXNdS0tC44eg%2526client%253Dca-pub-4922954394584665%2526adurl%253D&y=1&s=&z=0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
48f67a152acf6ef2df67acd63779bee22382effa8a37b241811e04b683e312b1

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Wed, 31 Aug 2022 16:16:25 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
679407
cf-polished
qual=85, origFmt=jpeg, origSize=83479
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
9260
last-modified
Mon, 29 Nov 2021 15:03:15 GMT
server
cloudflare
etag
"70d78c6b26d24e038cbf23832e1bb538"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DTE9ju0hyaBe3BYU31IUBrZYyTeR7CXUfS90a3qjS5oWY9DpTiJEKJAGsSAO%2BZLeB2TL59yn5MSToT5LnUnu3GgsQ18CB3J6C%2BLV3L1AE8KJGRB3xoFlmEI6N1QiS90ZkSJA6LhCvtUBnnWN"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
expires
Thu, 01 Sep 2022 16:16:25 GMT
cache-control
public, max-age=86400
accept-ranges
bytes
cf-ray
7437120e2a26bbb0-FRA
cf-bgj
imgq:85,h2pri
cshow.php
www.awin1.com/ Frame 16F5 		43 B
705 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.awin1.com/cshow.php?s=2519498&v=14098&q=368694&r=412871&pv=1&pref3=oneidXxVfzfrfqw7U6H4HetqtxD7UQSkTXKPfJoneid__dc_reach_suite02wkz&gdpr_consent=&gdpr=0&gdpr_pd=0
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=14019%2C183975%2C14044&b=Rx6fgfQfZx7TkHwH3tQtdWgf9SzTmqbF7%2Ce7RC3fVfrkRMajHZHet1t4jXTwSQTx8Ja1%2CXxVfzfrfqw7U6H4HetqtxD7UQSkTXKPfJ&f=Qxef4fjfbV7txH5HYt9CZekh6S4T5qBcV%2CDjeT3fwfGA3rF3HmH9twCZ3kTxSmTk8rFV%2Ce7RC3fVfxBVcjHZHet2CeW3swSQTx8Ja1&c=300&d=250&e=&g=8510404f2dc1b2020e3829f2b1854606%2F9244079190627054995&i=21596%2C20597%2C25007&j=16%2C21%2C16&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&r=1661962584354&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1jjzb52rqscb4zwhmk39htfm5z4yy77fqdkx5ckkd0z5mq3r9n7y9qq5h49hb6ja5h4hnk00wv75ksrgn27bdb73s3bg53v38b7z9x7a1430gpfkgfb0m2mq75n0xx9vy35hrcpsm596e5tx432vthe5xxe9zm21v061kx65hj8p35dg9p4vpjj3e8bn2t6p5esr4nfc7ct3djhwacse32a9njh3sss5x6wzz26z2bcn76b4ermpgrptg91sr5kp25nq86r252bz0%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DC8cfAV4kPY9jADqqMx_AP2bS1oASQ4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi00OTIyOTU0Mzk0NTg0NjY1oAHCrujdA8gBCakCi8n6AZ_KsD7gAgCoAwGqBJQCT9AiQxi8xUFH8psh-I_uWJSRwHzXA7V1KgJbQ7UbRV_TYfAJySzttm_M--Pdahre2QrXBbdSdaLOUmzeaL2Ca7PznMCXInEURnvBid9EGdace6OpLRIo1CDoruGOF7QAHojTGqIOlretTXYMv1aQIo0Nre1wNTWA1tgYboYKTUBSdPKEOgU2wL4pWrFoYYbcLjZrpxeEj5-4CNSC6L8yN3phxkdDYSmjU4NkfL1BbQGfcMwLX-xu-jueX2bs3oDfPtI4WB459WvUPGW1V6C2R4DAvXItlAfJZyqGDXxROL69YKA5POD346r1v4Q9RF3mon-39c_2CZZIxpRT7DtHg6PnOHKrRZ0HbabSCkoGHHkadWfj4AQBgAbxur7BzIOftfwBoAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_20siNFLgsAMdtpW4dXNdS0tC44eg%2526client%253Dca-pub-4922954394584665%2526adurl%253D&y=1&s=&z=0
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
92.123.17.141 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a92-123-17-141.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 31 Aug 2022 16:16:25 GMT
Strict-Transport-Security
max-age=86400
P3P
policyref="http://www.awin1.com/w3c/p3p.xml", CP="NOI NID CURa ADMa PSAa HISa OUR IND UNI PUR COM NAV"
Cache-Control
no-store, no-cache, max-age=0, must-revalidate
Awin-Akamai-Rule-Set
default
Node
Helix
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
0
i.js
cm.mgid.com/ 		0
124 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cm.mgid.com/i.js?&cbuster=1661962585259900985667
Requested by
Host: jsc.mgid.com
URL: https://jsc.mgid.com/p/u/publinews.gt.1129387.es6.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:1::6813:884e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.publinews.gt/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 31 Aug 2022 16:16:25 GMT
cf-cache-status
DYNAMIC
server
cloudflare
content-type
application/javascript
cache-control
no-store, no-cache, must-revalidate, max-age=0
cf-ray
7437120dfe319097-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
0
ads
googleads.g.doubleclick.net/pagead/ 		0
0
PBJS
c2shb.pubgw.yahoo.com/admax/bid/partners/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://c2shb.pubgw.yahoo.com/admax/bid/partners/PBJS
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
18.156.195.47 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-156-195-47.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.10.25 /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-openrtb-version
Access-Control-Request-Method
POST
Origin
https://www.publinews.gt
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
X-Requested-With,Content-Type,X-Openrtb-Version
access-control-allow-methods
GET,POST,OPTIONS
access-control-allow-origin
https://www.publinews.gt
access-control-max-age
600
age
0
content-length
0
date
Wed, 31 Aug 2022 16:16:25 GMT
server
ATS/9.1.10.25
swfIndex.php
ads.stickyadstv.com/www/delivery/ 		67 B
581 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.stickyadstv.com/www/delivery/swfIndex.php?reqType=AdsSetup&protocolVersion=2.0&zoneId=13706367&componentId=prebid&componentSubId=mustang&timestamp=1661962585287&pKey=410579003&schain=1.0%2C1!latinon.com%2C2087%2C1%2C%2C%2C&loc=https%3A%2F%2Fwww.publinews.gt%2Fgt%2F&playerSize=300x169
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/libs/prebid/avpb6.27.0.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2.18.79.136 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-18-79-136.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
291437ea71e62b1c35d4ec5d3c5ad02cfa930343b41b1472fba70243089c8bbe

Request headers

Referer
https://www.publinews.gt/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Wed, 31 Aug 2022 16:16:25 GMT
Server
nginx
Content-Type
application/xml;charset=UTF-8
Access-Control-Allow-Origin
https://www.publinews.gt
Cache-Control
max-age=0, no-cache, no-store
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
67
x-sticky-vk
1661962585364088-521
Expires
Wed, 31 Aug 2022 16:16:25 GMT
prebid-request
onetag-sys.com/ 		15 B
363 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/prebid-request
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/libs/prebid/avpb6.27.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.38.120.206 , France, ASN16276 (OVH, FR),
Reverse DNS
ip206.ip-51-38-120.eu
Software
/
Resource Hash
663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://www.publinews.gt/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
Content-Type
text/plain

Response headers

strict-transport-security
max-age=15552000
content-encoding
gzip
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
access-control-allow-origin
https://www.publinews.gt
cache-control
no-transform, no-cache
access-control-allow-credentials
true
content-type
application/json
access-control-allow-headers
content-type, origin, referer, user-agent
content-length
41
auction
prebid-server.rubiconproject.com/openrtb2/ 		184 B
410 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid-server.rubiconproject.com/openrtb2/auction
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/libs/prebid/avpb6.27.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.184.57.192 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-184-57-192.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
687d4831a25458efb4fbb56928363fab39fe5f29d48e32dc668c8a8c2fd7dbc9

Request headers

Referer
https://www.publinews.gt/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 31 Aug 2022 16:16:25 GMT
content-encoding
gzip
x-prebid
pbs-java/1.97.0
content-type
application/json
access-control-allow-origin
https://www.publinews.gt
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
174
expires
0
prebid-request
onetag-sys.com/ 		15 B
363 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/prebid-request
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/libs/prebid/avpb6.27.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.38.120.206 , France, ASN16276 (OVH, FR),
Reverse DNS
ip206.ip-51-38-120.eu
Software
/
Resource Hash
663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://www.publinews.gt/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
Content-Type
text/plain

Response headers

strict-transport-security
max-age=15552000
content-encoding
gzip
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
access-control-allow-origin
https://www.publinews.gt
cache-control
no-transform, no-cache
access-control-allow-credentials
true
content-type
application/json
access-control-allow-headers
content-type, origin, referer, user-agent
content-length
41
PBJS
c2shb.pubgw.yahoo.com/admax/bid/partners/ 		0
196 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.pubgw.yahoo.com/admax/bid/partners/PBJS
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/libs/prebid/avpb6.27.0.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
18.156.195.47 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-156-195-47.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.10.25 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.publinews.gt/
x-openrtb-version
2.5
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
Content-Type
application/json

Response headers

access-control-allow-origin
https://www.publinews.gt
date
Wed, 31 Aug 2022 16:16:25 GMT
access-control-allow-credentials
true
server
ATS/9.1.10.25
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods
POST,GET,HEAD,OPTIONS
prebid
prebid.media.net/rtb/ 		892 B
696 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.media.net/rtb/prebid?cid=8CUK67P42
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/libs/prebid/avpb6.27.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.107.148.139 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
139.148.107.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
aeabe22430b63ef61376be15d765d23d879eab30586fadbe056a0ef30dc974bf

Request headers

Referer
https://www.publinews.gt/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 31 Aug 2022 16:16:25 GMT
content-encoding
gzip
server
nginx
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://www.publinews.gt
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
alt-svc
clear
via
1.1 google
translator
hbopenbid.pubmatic.com/ 		0
117 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/libs/prebid/avpb6.27.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.publinews.gt/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.publinews.gt
date
Wed, 31 Aug 2022 16:16:23 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
mvo
tag.1rx.io/rmp/237356/0/ 		0
164 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://tag.1rx.io/rmp/237356/0/mvo?z=1r&hbv=6.27,2.1
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/libs/prebid/avpb6.27.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
213.19.147.42 Beverwijk, Netherlands, ASN3356 (LEVEL3, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.publinews.gt/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.publinews.gt
pragma
no-cache
date
Wed, 31 Aug 2022 16:16:25 GMT
cache-control
private, max-age=0, no-cache, no-store
access-control-allow-credentials
true
v1
prg.smartadserver.com/prebid/ 		171 B
558 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prg.smartadserver.com/prebid/v1
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/libs/prebid/avpb6.27.0.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.86.138.121 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
966ae054fb01b6518dd949476622ad377803b83ff8f0bc5bfd6fecfb91930068

Request headers

Referer
https://www.publinews.gt/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 31 Aug 2022 16:16:24 GMT
content-encoding
br
vary
Accept-Encoding, Origin
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
access-control-allow-origin
https://www.publinews.gt
cache-control
no-cache,no-store
transfer-encoding
chunked
access-control-allow-credentials
true
content-type
application/json; charset=UTF-8
swfIndex.php
ads.stickyadstv.com/www/delivery/ 		67 B
581 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.stickyadstv.com/www/delivery/swfIndex.php?reqType=AdsSetup&protocolVersion=2.0&zoneId=31810354&componentId=prebid&componentSubId=mustang&timestamp=1661962585298&pKey=288585563&schain=1.0%2C1!latinon.com%2C2087%2C1%2C%2C%2C&loc=https%3A%2F%2Fwww.publinews.gt%2Fgt%2F&playerSize=300x169
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/libs/prebid/avpb6.27.0.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2.18.79.136 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-18-79-136.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
291437ea71e62b1c35d4ec5d3c5ad02cfa930343b41b1472fba70243089c8bbe

Request headers

Referer
https://www.publinews.gt/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Wed, 31 Aug 2022 16:16:25 GMT
Server
nginx
Content-Type
application/xml;charset=UTF-8
Access-Control-Allow-Origin
https://www.publinews.gt
Cache-Control
max-age=0, no-cache, no-store
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
67
x-sticky-vk
1661962585415031-553
Expires
Wed, 31 Aug 2022 16:16:25 GMT
prebid-request
onetag-sys.com/ 		15 B
363 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/prebid-request
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/libs/prebid/avpb6.27.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.38.120.206 , France, ASN16276 (OVH, FR),
Reverse DNS
ip206.ip-51-38-120.eu
Software
/
Resource Hash
663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://www.publinews.gt/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
Content-Type
text/plain

Response headers

strict-transport-security
max-age=15552000
content-encoding
gzip
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
access-control-allow-origin
https://www.publinews.gt
cache-control
no-transform, no-cache
access-control-allow-credentials
true
content-type
application/json
access-control-allow-headers
content-type, origin, referer, user-agent
content-length
41
1f3a5.svg
abs-0.twimg.com/emoji/v2/svg/ Frame 9C56 		771 B
582 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://abs-0.twimg.com/emoji/v2/svg/1f3a5.svg
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/_next/static/chunks/modules.c7def0268c66f6a548ed.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.244.43.131 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
a6841d2c4a12ed948dd6c51720e62a032135ccd7f50cc17b7d8d37b20f43c2cb
Security Headers
Name Value
Strict-Transport-Security max-age=631138519
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://syndication.twitter.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

strict-transport-security
max-age=631138519
content-encoding
gzip
x-content-type-options
nosniff
x-cache
HIT, HIT
server-timing
x-cache;desc=HIT, x-tw-cdn;desc=FT
content-length
420
etag
"czoNuUs5Cy/V2odAgoWgeQ=="
x-served-by
cache-fty21375-FTY, cache-hhn4031-HHN
last-modified
Mon, 17 Sep 2018 19:14:56 GMT
date
Wed, 31 Aug 2022 16:16:25 GMT
vary
Accept-Encoding
x-tw-cdn
FT
content-type
image/svg+xml
access-control-allow-origin
*
accept-ranges
bytes
timing-allow-origin
https://twitter.com, https://mobile.twitter.com
expires
Fri, 28 Oct 2022 07:47:34 GMT
1f91d-1f3fb.svg
abs-0.twimg.com/emoji/v2/svg/ Frame 9C56 		3 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://abs-0.twimg.com/emoji/v2/svg/1f91d-1f3fb.svg
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/_next/static/chunks/modules.c7def0268c66f6a548ed.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.244.43.131 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
048dc69d73f3ad0096a139da264b1aef01ec8b90b877d6e6515d08b14054bd53
Security Headers
Name Value
Strict-Transport-Security max-age=631138519
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://syndication.twitter.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

strict-transport-security
max-age=631138519
content-encoding
gzip
x-content-type-options
nosniff
x-cache
HIT, HIT
server-timing
x-cache;desc=HIT, x-tw-cdn;desc=FT
content-length
1154
etag
"c0Xe440wLKf4cdOClHmJTQ=="
x-served-by
cache-fty21364-FTY, cache-hhn4031-HHN
last-modified
Tue, 08 Mar 2022 20:11:22 GMT
date
Wed, 31 Aug 2022 16:16:25 GMT
vary
Accept-Encoding
x-tw-cdn
FT
content-type
image/svg+xml
access-control-allow-origin
*
accept-ranges
bytes
timing-allow-origin
https://twitter.com, https://mobile.twitter.com
expires
Thu, 16 Mar 2023 07:09:52 GMT
1f535.svg
abs-0.twimg.com/emoji/v2/svg/ Frame 9C56 		113 B
166 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://abs-0.twimg.com/emoji/v2/svg/1f535.svg
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/_next/static/chunks/modules.c7def0268c66f6a548ed.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.244.43.131 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
b44a2fe208e998b56df46211e07ab012140f047e0b0621ab6b4f17ba434bfca5
Security Headers
Name Value
Strict-Transport-Security max-age=631138519
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://syndication.twitter.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

strict-transport-security
max-age=631138519
content-encoding
gzip
x-content-type-options
nosniff
x-cache
HIT, HIT
timing-server-allow
https://twitter.com;https://mobile.twitter.com
server-timing
x-cache;desc=HIT, x-tw-cdn;desc=FT
content-length
125
x-served-by
cache-fty21380-FTY, cache-hhn4031-HHN
last-modified
Wed, 21 Feb 2018 22:31:06 GMT
etag
"NfzlnF0XpW1pw949iGTtIg=="
vary
Accept-Encoding
x-tw-cdn
FT
content-type
image/svg+xml
access-control-allow-origin
*
accept-ranges
bytes
date
Wed, 31 Aug 2022 16:16:25 GMT
expires
Thu, 03 Mar 2022 11:09:06 GMT
1f6b4-1f3fb-200d-2640-fe0f.svg
abs-0.twimg.com/emoji/v2/svg/ Frame 9C56 		3 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://abs-0.twimg.com/emoji/v2/svg/1f6b4-1f3fb-200d-2640-fe0f.svg
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/_next/static/chunks/modules.c7def0268c66f6a548ed.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.244.43.131 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
21b3ea6a2f91609c3767f12b0d1f70f7c8c9939f346e777733edaa8b0891a072
Security Headers
Name Value
Strict-Transport-Security max-age=631138519
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://syndication.twitter.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

strict-transport-security
max-age=631138519
content-encoding
gzip
x-content-type-options
nosniff
x-cache
HIT, HIT
server-timing
x-cache;desc=HIT, x-tw-cdn;desc=FT
content-length
1394
etag
"uqkwe0F1cdsROBuMZIaS+A=="
x-served-by
cache-fty21343-FTY, cache-hhn4031-HHN
last-modified
Wed, 19 Jun 2019 23:22:04 GMT
date
Wed, 31 Aug 2022 16:16:25 GMT
vary
Accept-Encoding
x-tw-cdn
FT
content-type
image/svg+xml
access-control-allow-origin
*
accept-ranges
bytes
timing-allow-origin
https://twitter.com, https://mobile.twitter.com
expires
Wed, 09 Aug 2023 06:55:17 GMT
1f6b4-1f3fb-200d-2642-fe0f.svg
abs-0.twimg.com/emoji/v2/svg/ Frame 9C56 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://abs-0.twimg.com/emoji/v2/svg/1f6b4-1f3fb-200d-2642-fe0f.svg
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/_next/static/chunks/modules.c7def0268c66f6a548ed.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.244.43.131 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
b2831cb9703dae3b9d18ab76276a67a65de573cc498aeddaf085942f0d96c18c
Security Headers
Name Value
Strict-Transport-Security max-age=631138519
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://syndication.twitter.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

strict-transport-security
max-age=631138519
content-encoding
gzip
x-content-type-options
nosniff
x-cache
HIT, HIT
server-timing
x-cache;desc=HIT, x-tw-cdn;desc=FT
content-length
1208
etag
"sIb2rTy6Hpty5P3amZledA=="
x-served-by
cache-fty21348-FTY, cache-hhn4031-HHN
last-modified
Wed, 21 Feb 2018 22:31:12 GMT
date
Wed, 31 Aug 2022 16:16:25 GMT
vary
Accept-Encoding
x-tw-cdn
FT
content-type
image/svg+xml
access-control-allow-origin
*
accept-ranges
bytes
timing-allow-origin
https://twitter.com, https://mobile.twitter.com
expires
Thu, 17 Aug 2023 10:07:38 GMT
1f6b4-1f3fb.svg
abs-0.twimg.com/emoji/v2/svg/ Frame 9C56 		3 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://abs-0.twimg.com/emoji/v2/svg/1f6b4-1f3fb.svg
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/_next/static/chunks/modules.c7def0268c66f6a548ed.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.244.43.131 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
300fc9cbe06e256f2244ebfdbde4beee7736091b392f6ba791e39a1026a13e0b
Security Headers
Name Value
Strict-Transport-Security max-age=631138519
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://syndication.twitter.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

strict-transport-security
max-age=631138519
content-encoding
gzip
x-content-type-options
nosniff
x-cache
HIT, HIT
server-timing
x-cache;desc=HIT, x-tw-cdn;desc=FT
content-length
1329
etag
"eBCr2yPLO8ei/7U6E9yPgw=="
x-served-by
cache-fty21360-FTY, cache-hhn4031-HHN
last-modified
Thu, 31 Oct 2019 20:41:51 GMT
date
Wed, 31 Aug 2022 16:16:25 GMT
vary
Accept-Encoding
x-tw-cdn
FT
content-type
image/svg+xml
access-control-allow-origin
*
accept-ranges
bytes
timing-allow-origin
https://twitter.com, https://mobile.twitter.com
expires
Thu, 27 Jul 2023 22:25:14 GMT
FbgHYQKXkAEx1yu
pbs.twimg.com/media/ Frame 9C56 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pbs.twimg.com/media/FbgHYQKXkAEx1yu?format=jpg&name=120x120
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/_next/static/chunks/0.8f205dbb7b06b224e307.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42:41::159 Vienna, Austria, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
cfdd15102d492bf9584699c07b8eb89518a895701f104906993fcfad0c039487
Security Headers
Name Value
Strict-Transport-Security max-age=631138519
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://syndication.twitter.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

strict-transport-security
max-age=631138519
x-content-type-options
nosniff
last-modified
Wed, 31 Aug 2022 16:07:52 GMT
date
Wed, 31 Aug 2022 16:16:25 GMT
x-tw-cdn
FT
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
max-age=604800, must-revalidate
x-cache
MISS, HIT
server-timing
x-cache;desc=HIT, x-tw-cdn;desc=FT
accept-ranges
bytes
timing-allow-origin
https://twitter.com, https://mobile.twitter.com
content-length
3669
x-served-by
cache-lhr7328-LHR, cache-vie6369-VIE, cache-tw-ZZZ1
FbgHFk3XEAA3hu3
pbs.twimg.com/media/ Frame 9C56 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pbs.twimg.com/media/FbgHFk3XEAA3hu3?format=jpg&name=120x120
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/_next/static/chunks/0.8f205dbb7b06b224e307.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42:41::159 Vienna, Austria, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
f645cf00c4662b62086a57f5e100391fdb538db7487480552929801e5e0bed40
Security Headers
Name Value
Strict-Transport-Security max-age=631138519
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://syndication.twitter.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

strict-transport-security
max-age=631138519
x-content-type-options
nosniff
last-modified
Wed, 31 Aug 2022 16:06:36 GMT
date
Wed, 31 Aug 2022 16:16:25 GMT
x-tw-cdn
FT
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
max-age=604800, must-revalidate
x-cache
MISS, HIT
server-timing
x-cache;desc=HIT, x-tw-cdn;desc=FT
accept-ranges
bytes
timing-allow-origin
https://twitter.com, https://mobile.twitter.com
content-length
5839
x-served-by
cache-lhr7349-LHR, cache-vie6369-VIE, cache-tw-ZZZ1
FbgGk8lXkAEj4nH.jpg
pbs.twimg.com/tweet_video_thumb/ Frame 9C56 		17 KB
17 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pbs.twimg.com/tweet_video_thumb/FbgGk8lXkAEj4nH.jpg
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/_next/static/chunks/0.8f205dbb7b06b224e307.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42:41::159 Vienna, Austria, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
3f2974438a69463a4f473185623d3eccb715ceb3f02b8882daed5bb9758cf741
Security Headers
Name Value
Strict-Transport-Security max-age=631138519
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://syndication.twitter.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

strict-transport-security
max-age=631138519
x-content-type-options
nosniff
last-modified
Wed, 31 Aug 2022 16:04:22 GMT
date
Wed, 31 Aug 2022 16:16:25 GMT
x-tw-cdn
FT
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
max-age=604800, must-revalidate
x-cache
HIT, HIT
server-timing
x-cache;desc=HIT, x-tw-cdn;desc=FT
accept-ranges
bytes
timing-allow-origin
https://twitter.com, https://mobile.twitter.com
content-length
17246
x-served-by
cache-lhr6622-LHR, cache-vie6369-VIE, cache-tw-ZZZ1
FbgGcsgWIAIB6w9.jpg
pbs.twimg.com/tweet_video_thumb/ Frame 9C56 		17 KB
17 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pbs.twimg.com/tweet_video_thumb/FbgGcsgWIAIB6w9.jpg
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/_next/static/chunks/0.8f205dbb7b06b224e307.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42:41::159 Vienna, Austria, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
3f2974438a69463a4f473185623d3eccb715ceb3f02b8882daed5bb9758cf741
Security Headers
Name Value
Strict-Transport-Security max-age=631138519
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://syndication.twitter.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

strict-transport-security
max-age=631138519
x-content-type-options
nosniff
last-modified
Wed, 31 Aug 2022 16:03:48 GMT
date
Wed, 31 Aug 2022 16:16:25 GMT
x-tw-cdn
FT
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
max-age=604800, must-revalidate
x-cache
HIT, HIT
server-timing
x-cache;desc=HIT, x-tw-cdn;desc=FT
accept-ranges
bytes
timing-allow-origin
https://twitter.com, https://mobile.twitter.com
content-length
17246
x-served-by
cache-lhr7365-LHR, cache-vie6369-VIE, cache-tw-ZZZ1
LuRpxXV2_RAMSqDL.jpg
pbs.twimg.com/ext_tw_video_thumb/1565007271578505217/pu/img/ Frame 9C56 		77 KB
78 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pbs.twimg.com/ext_tw_video_thumb/1565007271578505217/pu/img/LuRpxXV2_RAMSqDL.jpg
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/_next/static/chunks/0.8f205dbb7b06b224e307.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42:41::159 Vienna, Austria, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
8bf7a7b8f6a4308ab1f43290220289403832769fd02ee219a4f5e7a74346f40e
Security Headers
Name Value
Strict-Transport-Security max-age=631138519
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://syndication.twitter.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

strict-transport-security
max-age=631138519
x-content-type-options
nosniff
last-modified
Wed, 31 Aug 2022 16:01:04 GMT
date
Wed, 31 Aug 2022 16:16:25 GMT
x-tw-cdn
FT
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
max-age=604800, must-revalidate
x-cache
HIT, HIT
server-timing
x-cache;desc=HIT, x-tw-cdn;desc=FT
accept-ranges
bytes
timing-allow-origin
https://twitter.com, https://mobile.twitter.com
content-length
79234
x-served-by
cache-lhr7334-LHR, cache-vie6369-VIE, cache-tw-ZZZ1
FbgESz0XwAMSgxP.jpg
pbs.twimg.com/tweet_video_thumb/ Frame 9C56 		17 KB
17 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pbs.twimg.com/tweet_video_thumb/FbgESz0XwAMSgxP.jpg
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/_next/static/chunks/0.8f205dbb7b06b224e307.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42:41::159 Vienna, Austria, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
3f2974438a69463a4f473185623d3eccb715ceb3f02b8882daed5bb9758cf741
Security Headers
Name Value
Strict-Transport-Security max-age=631138519
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://syndication.twitter.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

strict-transport-security
max-age=631138519
x-content-type-options
nosniff
last-modified
Wed, 31 Aug 2022 15:54:24 GMT
date
Wed, 31 Aug 2022 16:16:25 GMT
x-tw-cdn
FT
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
max-age=604800, must-revalidate
x-cache
HIT, HIT
server-timing
x-cache;desc=HIT, x-tw-cdn;desc=FT
accept-ranges
bytes
timing-allow-origin
https://twitter.com, https://mobile.twitter.com
content-length
17246
x-served-by
cache-lhr6626-LHR, cache-vie6369-VIE, cache-tw-ZZZ1
FbgBJAZXoAAjz4P.jpg
pbs.twimg.com/tweet_video_thumb/ Frame 9C56 		17 KB
17 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pbs.twimg.com/tweet_video_thumb/FbgBJAZXoAAjz4P.jpg
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/_next/static/chunks/0.8f205dbb7b06b224e307.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42:41::159 Vienna, Austria, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
3f2974438a69463a4f473185623d3eccb715ceb3f02b8882daed5bb9758cf741
Security Headers
Name Value
Strict-Transport-Security max-age=631138519
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://syndication.twitter.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

strict-transport-security
max-age=631138519
x-content-type-options
nosniff
last-modified
Wed, 31 Aug 2022 15:40:37 GMT
date
Wed, 31 Aug 2022 16:16:25 GMT
x-tw-cdn
FT
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
max-age=604800, must-revalidate
x-cache
HIT, HIT
server-timing
x-cache;desc=HIT, x-tw-cdn;desc=FT
accept-ranges
bytes
timing-allow-origin
https://twitter.com, https://mobile.twitter.com
content-length
17246
x-served-by
cache-lhr7375-LHR, cache-vie6369-VIE, cache-tw-ZZZ1
FbfzqTwXoAIYOuf
pbs.twimg.com/media/ Frame 9C56 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pbs.twimg.com/media/FbfzqTwXoAIYOuf?format=jpg&name=120x120
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/_next/static/chunks/0.8f205dbb7b06b224e307.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42:41::159 Vienna, Austria, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
cd44180ac100ad42b75db164501fcf9a6b8d66efa44c6aa654f9628b0bde0567
Security Headers
Name Value
Strict-Transport-Security max-age=631138519
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://syndication.twitter.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

strict-transport-security
max-age=631138519
x-content-type-options
nosniff
last-modified
Wed, 31 Aug 2022 14:41:43 GMT
date
Wed, 31 Aug 2022 16:16:25 GMT
x-tw-cdn
FT
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
max-age=604800, must-revalidate
x-cache
HIT, HIT
server-timing
x-cache;desc=HIT, x-tw-cdn;desc=FT
accept-ranges
bytes
timing-allow-origin
https://twitter.com, https://mobile.twitter.com
content-length
3819
x-served-by
cache-lhr7380-LHR, cache-vie6369-VIE, cache-tw-ZZZ1
FbfzqTuXEAAcDBc
pbs.twimg.com/media/ Frame 9C56 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pbs.twimg.com/media/FbfzqTuXEAAcDBc?format=jpg&name=120x120
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/_next/static/chunks/0.8f205dbb7b06b224e307.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42:41::159 Vienna, Austria, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
2a40e48add0bdfafa972042f5dc16b2a3c01963696b4e28ee004a3f848685654
Security Headers
Name Value
Strict-Transport-Security max-age=631138519
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://syndication.twitter.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

strict-transport-security
max-age=631138519
x-content-type-options
nosniff
last-modified
Wed, 31 Aug 2022 14:41:43 GMT
date
Wed, 31 Aug 2022 16:16:25 GMT
x-tw-cdn
FT
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
max-age=604800, must-revalidate
x-cache
HIT, HIT
server-timing
x-cache;desc=HIT, x-tw-cdn;desc=FT
accept-ranges
bytes
timing-allow-origin
https://twitter.com, https://mobile.twitter.com
content-length
2706
x-served-by
cache-lhr6627-LHR, cache-vie6369-VIE, cache-tw-ZZZ1
Fbfu-mbXwAMh0Nb
pbs.twimg.com/media/ Frame 9C56 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pbs.twimg.com/media/Fbfu-mbXwAMh0Nb?format=jpg&name=120x120
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/_next/static/chunks/0.8f205dbb7b06b224e307.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42:41::159 Vienna, Austria, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
da1b3e1c7ec456b6db1160ea606a50e228743d1b2c740d32cf772c5387ef7e5b
Security Headers
Name Value
Strict-Transport-Security max-age=631138519
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://syndication.twitter.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

strict-transport-security
max-age=631138519
x-content-type-options
nosniff
last-modified
Wed, 31 Aug 2022 14:21:16 GMT
date
Wed, 31 Aug 2022 16:16:25 GMT
x-tw-cdn
FT
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
max-age=604800, must-revalidate
x-cache
HIT, HIT
server-timing
x-cache;desc=HIT, x-tw-cdn;desc=FT
accept-ranges
bytes
timing-allow-origin
https://twitter.com, https://mobile.twitter.com
content-length
5190
x-served-by
cache-lhr7339-LHR, cache-vie6369-VIE, cache-tw-ZZZ1
FbfpME_WQAASRf1
pbs.twimg.com/media/ Frame 9C56 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pbs.twimg.com/media/FbfpME_WQAASRf1?format=jpg&name=120x120
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/_next/static/chunks/0.8f205dbb7b06b224e307.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42:41::159 Vienna, Austria, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
91974b47f306b283eaa6ca1ce2fad0aca0f8d0d7e712dbea00baf46d4294c138
Security Headers
Name Value
Strict-Transport-Security max-age=631138519
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://syndication.twitter.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

strict-transport-security
max-age=631138519
x-content-type-options
nosniff
last-modified
Wed, 31 Aug 2022 13:55:58 GMT
date
Wed, 31 Aug 2022 16:16:25 GMT
x-tw-cdn
FT
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
max-age=604800, must-revalidate
x-cache
HIT, HIT
server-timing
x-cache;desc=HIT, x-tw-cdn;desc=FT
accept-ranges
bytes
timing-allow-origin
https://twitter.com, https://mobile.twitter.com
content-length
4506
x-served-by
cache-lhr7375-LHR, cache-vie6369-VIE, cache-tw-ZZZ1
Fbfn3c6WAAICMaA
pbs.twimg.com/media/ Frame 9C56 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pbs.twimg.com/media/Fbfn3c6WAAICMaA?format=jpg&name=120x120
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/_next/static/chunks/0.8f205dbb7b06b224e307.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42:41::159 Vienna, Austria, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
0decddc06b93f573dc4d1d51522ac0c4634d599a848946a7a8793a98f3f4ef56
Security Headers
Name Value
Strict-Transport-Security max-age=631138519
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://syndication.twitter.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

strict-transport-security
max-age=631138519
x-content-type-options
nosniff
last-modified
Wed, 31 Aug 2022 13:50:12 GMT
date
Wed, 31 Aug 2022 16:16:25 GMT
x-tw-cdn
FT
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
max-age=604800, must-revalidate
x-cache
HIT, HIT
server-timing
x-cache;desc=HIT, x-tw-cdn;desc=FT
accept-ranges
bytes
timing-allow-origin
https://twitter.com, https://mobile.twitter.com
content-length
4184
x-served-by
cache-lhr7338-LHR, cache-vie6369-VIE, cache-tw-ZZZ1
Fbfno1uXEAAiGxx
pbs.twimg.com/media/ Frame 9C56 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pbs.twimg.com/media/Fbfno1uXEAAiGxx?format=jpg&name=120x120
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/_next/static/chunks/0.8f205dbb7b06b224e307.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42:41::159 Vienna, Austria, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
a6a29f11745ce1c159fe4ccb3584b6b24eedef4f1e688919a893a5ba501afbf6
Security Headers
Name Value
Strict-Transport-Security max-age=631138519
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://syndication.twitter.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

strict-transport-security
max-age=631138519
x-content-type-options
nosniff
last-modified
Wed, 31 Aug 2022 13:49:12 GMT
date
Wed, 31 Aug 2022 16:16:25 GMT
x-tw-cdn
FT
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
max-age=604800, must-revalidate
x-cache
HIT, HIT
server-timing
x-cache;desc=HIT, x-tw-cdn;desc=FT
accept-ranges
bytes
timing-allow-origin
https://twitter.com, https://mobile.twitter.com
content-length
3204
x-served-by
cache-lhr7375-LHR, cache-vie6369-VIE, cache-tw-ZZZ1
i-noref.js
cm.mgid.com/ Frame DD2A 		0
163 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cm.mgid.com/i-noref.js?cbuster=1661962585718206304159
Requested by
Host: jsc.mgid.com
URL: https://jsc.mgid.com/p/u/publinews.gt.1129387.es6.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:1::6813:884e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 31 Aug 2022 16:16:25 GMT
cf-cache-status
DYNAMIC
server
cloudflare
content-type
application/javascript
cache-control
no-store, no-cache, must-revalidate, max-age=0
cf-ray
74371210ca2e9b37-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
0
link.html
track.webgains.com/ Frame 16F5 		1 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://track.webgains.com/link.html?wglinkid=2194035&wgcampaignid=1384975&js=1&nw=1&wgtarget=https%3A%2F%2Fas.ad4m.at%2Fad%2Frct%3Fed%3D1g2yv8kj16cztt0k6qv9cjy3xs7q728nq6fbhc809t18r842wqpzvr55gdhywk46p9rftagmjxbwp1ycpn73cd7dy8vz2xmskn6rp79vpn08mhcx2x7dph4ms4sr7rym3xpaxs5zp6gxmxmzga3yfps1fygvp1etf21e0xxnckqntsxk5zc7p4gma19c6b0xq0r8bxv90kvj0xgf8bzw9r0wp5jan4fjdq9sbq5yh6pqfn0bpgvmjwxvtjrpv309vy3g%26a%3Dhttps%253A%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1jjzb52rqscb4zwhmk39htfm5z4yy77fqdkx5ckkd0z5mq3r9n7y9qq5h49hb6ja5h4hnk00wv75ksrgn27bdb73s3bg53v38b7z9x7a1430gpfkgfb0m2mq75n0xx9vy35hrcpsm596e5tx432vthe5xxe9zm21v061kx65hj8p35dg9p4vpjj3e8bn2t6p5esr4nfc7ct3djhwacse32a9njh3sss5x6wzz26z2bcn76b4ermpgrptg91sr5kp25nq86r252bz0%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DC8cfAV4kPY9jADqqMx_AP2bS1oASQ4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi00OTIyOTU0Mzk0NTg0NjY1oAHCrujdA8gBCakCi8n6AZ_KsD7gAgCoAwGqBJQCT9AiQxi8xUFH8psh-I_uWJSRwHzXA7V1KgJbQ7UbRV_TYfAJySzttm_M--Pdahre2QrXBbdSdaLOUmzeaL2Ca7PznMCXInEURnvBid9EGdace6OpLRIo1CDoruGOF7QAHojTGqIOlretTXYMv1aQIo0Nre1wNTWA1tgYboYKTUBSdPKEOgU2wL4pWrFoYYbcLjZrpxeEj5-4CNSC6L8yN3phxkdDYSmjU4NkfL1BbQGfcMwLX-xu-jueX2bs3oDfPtI4WB459WvUPGW1V6C2R4DAvXItlAfJZyqGDXxROL69YKA5POD346r1v4Q9RF3mon-39c_2CZZIxpRT7DtHg6PnOHKrRZ0HbabSCkoGHHkadWfj4AQBgAbxur7BzIOftfwBoAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%252526num%25253D1%252526sig%25253DAOD64_20siNFLgsAMdtpW4dXNdS0tC44eg%252526client%25253Dca-pub-4922954394584665%252526adurl%25253D&clickref=oneidDjeT3fwfGA3rF3HmH9twCZ3kTxSmTk8rFVoneid__dc_reach_suite02wkz&viewref=oneide7RC3fVfrkRMajHZHet1t4jXTwSQTx8Ja1oneid__dc_reach_suite02wkz
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=14019%2C183975%2C14044&b=Rx6fgfQfZx7TkHwH3tQtdWgf9SzTmqbF7%2Ce7RC3fVfrkRMajHZHet1t4jXTwSQTx8Ja1%2CXxVfzfrfqw7U6H4HetqtxD7UQSkTXKPfJ&f=Qxef4fjfbV7txH5HYt9CZekh6S4T5qBcV%2CDjeT3fwfGA3rF3HmH9twCZ3kTxSmTk8rFV%2Ce7RC3fVfxBVcjHZHet2CeW3swSQTx8Ja1&c=300&d=250&e=&g=8510404f2dc1b2020e3829f2b1854606%2F9244079190627054995&i=21596%2C20597%2C25007&j=16%2C21%2C16&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&r=1661962584354&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1jjzb52rqscb4zwhmk39htfm5z4yy77fqdkx5ckkd0z5mq3r9n7y9qq5h49hb6ja5h4hnk00wv75ksrgn27bdb73s3bg53v38b7z9x7a1430gpfkgfb0m2mq75n0xx9vy35hrcpsm596e5tx432vthe5xxe9zm21v061kx65hj8p35dg9p4vpjj3e8bn2t6p5esr4nfc7ct3djhwacse32a9njh3sss5x6wzz26z2bcn76b4ermpgrptg91sr5kp25nq86r252bz0%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DC8cfAV4kPY9jADqqMx_AP2bS1oASQ4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi00OTIyOTU0Mzk0NTg0NjY1oAHCrujdA8gBCakCi8n6AZ_KsD7gAgCoAwGqBJQCT9AiQxi8xUFH8psh-I_uWJSRwHzXA7V1KgJbQ7UbRV_TYfAJySzttm_M--Pdahre2QrXBbdSdaLOUmzeaL2Ca7PznMCXInEURnvBid9EGdace6OpLRIo1CDoruGOF7QAHojTGqIOlretTXYMv1aQIo0Nre1wNTWA1tgYboYKTUBSdPKEOgU2wL4pWrFoYYbcLjZrpxeEj5-4CNSC6L8yN3phxkdDYSmjU4NkfL1BbQGfcMwLX-xu-jueX2bs3oDfPtI4WB459WvUPGW1V6C2R4DAvXItlAfJZyqGDXxROL69YKA5POD346r1v4Q9RF3mon-39c_2CZZIxpRT7DtHg6PnOHKrRZ0HbabSCkoGHHkadWfj4AQBgAbxur7BzIOftfwBoAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_20siNFLgsAMdtpW4dXNdS0tC44eg%2526client%253Dca-pub-4922954394584665%2526adurl%253D&y=1&s=&z=0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.11.195.34 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-11-195-34.eu-west-2.compute.amazonaws.com
Software
nginx / PHP/7.4.26
Resource Hash
254d96fd44d2f413a0d6c491f820343c4fd9bc1135b2e2d4258625e0802be615

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Wed, 31 Aug 2022 16:16:25 GMT
last-modified
Wed, 31 Aug 2022 16:16:25 GMT
server
nginx
x-powered-by
PHP/7.4.26
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
content-type
text/html; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=60
access-control-allow-headers
Authorization
expires
Wed, 31 Aug 2022 16:17:25 GMT
ads
googleads.g.doubleclick.net/pagead/ 		0
0
1.jpg
ads.emisorasunidas.com/2022/08/upa/layerdk/ Frame 713B 		66 KB
66 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.emisorasunidas.com/2022/08/upa/layerdk/1.jpg
Requested by
Host: www.publinews.gt
URL: https://www.publinews.gt/gt/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
144.76.115.197 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.197.115.76.144.clients.your-server.de
Software
Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.3.33 /
Resource Hash
6a2ed5ccc657769550051988637259f4d1df3e1df38d522c6811c1db2cb5681d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.emisorasunidas.com/2022/08/upa/layerdk/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

Date
Wed, 31 Aug 2022 16:16:25 GMT
Last-Modified
Wed, 27 Jul 2022 15:08:12 GMT
Server
Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.3.33
ETag
"106d2-5e4cac9205881"
Content-Type
image/jpeg
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=98
Content-Length
67282
2.jpg
ads.emisorasunidas.com/2022/08/upa/layerdk/ Frame 713B 		66 KB
66 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.emisorasunidas.com/2022/08/upa/layerdk/2.jpg
Requested by
Host: www.publinews.gt
URL: https://www.publinews.gt/gt/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
144.76.115.197 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.197.115.76.144.clients.your-server.de
Software
Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.3.33 /
Resource Hash
6a2ed5ccc657769550051988637259f4d1df3e1df38d522c6811c1db2cb5681d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.emisorasunidas.com/2022/08/upa/layerdk/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

Date
Wed, 31 Aug 2022 16:16:25 GMT
Last-Modified
Wed, 27 Jul 2022 15:08:11 GMT
Server
Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.3.33
ETag
"106d2-5e4cac916bf77"
Content-Type
image/jpeg
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=99
Content-Length
67282
3.jpg
ads.emisorasunidas.com/2022/08/upa/layerdk/ Frame 713B 		66 KB
66 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.emisorasunidas.com/2022/08/upa/layerdk/3.jpg
Requested by
Host: www.publinews.gt
URL: https://www.publinews.gt/gt/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
144.76.115.197 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.197.115.76.144.clients.your-server.de
Software
Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.3.33 /
Resource Hash
6a2ed5ccc657769550051988637259f4d1df3e1df38d522c6811c1db2cb5681d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.emisorasunidas.com/2022/08/upa/layerdk/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

Date
Wed, 31 Aug 2022 16:16:25 GMT
Last-Modified
Wed, 27 Jul 2022 15:08:11 GMT
Server
Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.3.33
ETag
"106d2-5e4cac9176b58"
Content-Type
image/jpeg
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=100
Content-Length
67282
4.jpg
ads.emisorasunidas.com/2022/08/upa/layerdk/ Frame 713B 		66 KB
66 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.emisorasunidas.com/2022/08/upa/layerdk/4.jpg
Requested by
Host: www.publinews.gt
URL: https://www.publinews.gt/gt/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
144.76.115.197 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.197.115.76.144.clients.your-server.de
Software
Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.3.33 /
Resource Hash
6a2ed5ccc657769550051988637259f4d1df3e1df38d522c6811c1db2cb5681d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.emisorasunidas.com/2022/08/upa/layerdk/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

Date
Wed, 31 Aug 2022 16:16:25 GMT
Last-Modified
Wed, 27 Jul 2022 15:08:11 GMT
Server
Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.3.33
ETag
"106d2-5e4cac90d266e"
Content-Type
image/jpeg
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=100
Content-Length
67282
1.jpg
ads.emisorasunidas.com/2022/08/upa/layerdk/ Frame 90CA 		66 KB
66 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.emisorasunidas.com/2022/08/upa/layerdk/1.jpg
Requested by
Host: ads.emisorasunidas.com
URL: https://ads.emisorasunidas.com/2022/08/upa/layerdk/index.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
144.76.115.197 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.197.115.76.144.clients.your-server.de
Software
Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.3.33 /
Resource Hash
6a2ed5ccc657769550051988637259f4d1df3e1df38d522c6811c1db2cb5681d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.emisorasunidas.com/2022/08/upa/layerdk/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

Date
Wed, 31 Aug 2022 16:16:25 GMT
Last-Modified
Wed, 27 Jul 2022 15:08:12 GMT
Server
Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.3.33
ETag
"106d2-5e4cac9205881"
Content-Type
image/jpeg
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=100
Content-Length
67282
2.jpg
ads.emisorasunidas.com/2022/08/upa/layerdk/ Frame 90CA 		66 KB
66 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.emisorasunidas.com/2022/08/upa/layerdk/2.jpg
Requested by
Host: ads.emisorasunidas.com
URL: https://ads.emisorasunidas.com/2022/08/upa/layerdk/index.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
144.76.115.197 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.197.115.76.144.clients.your-server.de
Software
Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.3.33 /
Resource Hash
6a2ed5ccc657769550051988637259f4d1df3e1df38d522c6811c1db2cb5681d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.emisorasunidas.com/2022/08/upa/layerdk/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

Date
Wed, 31 Aug 2022 16:16:25 GMT
Last-Modified
Wed, 27 Jul 2022 15:08:11 GMT
Server
Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.3.33
ETag
"106d2-5e4cac916bf77"
Content-Type
image/jpeg
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=100
Content-Length
67282
3.jpg
ads.emisorasunidas.com/2022/08/upa/layerdk/ Frame 90CA 		66 KB
66 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.emisorasunidas.com/2022/08/upa/layerdk/3.jpg
Requested by
Host: ads.emisorasunidas.com
URL: https://ads.emisorasunidas.com/2022/08/upa/layerdk/index.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
144.76.115.197 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.197.115.76.144.clients.your-server.de
Software
Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.3.33 /
Resource Hash
6a2ed5ccc657769550051988637259f4d1df3e1df38d522c6811c1db2cb5681d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.emisorasunidas.com/2022/08/upa/layerdk/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

Date
Wed, 31 Aug 2022 16:16:25 GMT
Last-Modified
Wed, 27 Jul 2022 15:08:11 GMT
Server
Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.3.33
ETag
"106d2-5e4cac9176b58"
Content-Type
image/jpeg
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=97
Content-Length
67282
4.jpg
ads.emisorasunidas.com/2022/08/upa/layerdk/ Frame 90CA 		66 KB
66 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.emisorasunidas.com/2022/08/upa/layerdk/4.jpg
Requested by
Host: ads.emisorasunidas.com
URL: https://ads.emisorasunidas.com/2022/08/upa/layerdk/index.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
144.76.115.197 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.197.115.76.144.clients.your-server.de
Software
Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.3.33 /
Resource Hash
6a2ed5ccc657769550051988637259f4d1df3e1df38d522c6811c1db2cb5681d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.emisorasunidas.com/2022/08/upa/layerdk/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

Date
Wed, 31 Aug 2022 16:16:25 GMT
Last-Modified
Wed, 27 Jul 2022 15:08:11 GMT
Server
Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.3.33
ETag
"106d2-5e4cac90d266e"
Content-Type
image/jpeg
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=99
Content-Length
67282
1.jpg
ads.emisorasunidas.com/2022/08/upa/layerdk/ Frame 0295 		66 KB
66 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.emisorasunidas.com/2022/08/upa/layerdk/1.jpg
Requested by
Host: ads.emisorasunidas.com
URL: https://ads.emisorasunidas.com/2022/08/upa/layerdk/index.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
144.76.115.197 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.197.115.76.144.clients.your-server.de
Software
Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.3.33 /
Resource Hash
6a2ed5ccc657769550051988637259f4d1df3e1df38d522c6811c1db2cb5681d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.emisorasunidas.com/2022/08/upa/layerdk/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

Date
Wed, 31 Aug 2022 16:16:25 GMT
Last-Modified
Wed, 27 Jul 2022 15:08:12 GMT
Server
Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.3.33
ETag
"106d2-5e4cac9205881"
Content-Type
image/jpeg
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=98
Content-Length
67282
2.jpg
ads.emisorasunidas.com/2022/08/upa/layerdk/ Frame 0295 		66 KB
66 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.emisorasunidas.com/2022/08/upa/layerdk/2.jpg
Requested by
Host: ads.emisorasunidas.com
URL: https://ads.emisorasunidas.com/2022/08/upa/layerdk/index.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
144.76.115.197 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.197.115.76.144.clients.your-server.de
Software
Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.3.33 /
Resource Hash
6a2ed5ccc657769550051988637259f4d1df3e1df38d522c6811c1db2cb5681d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.emisorasunidas.com/2022/08/upa/layerdk/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

Date
Wed, 31 Aug 2022 16:16:25 GMT
Last-Modified
Wed, 27 Jul 2022 15:08:11 GMT
Server
Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.3.33
ETag
"106d2-5e4cac916bf77"
Content-Type
image/jpeg
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=96
Content-Length
67282
3.jpg
ads.emisorasunidas.com/2022/08/upa/layerdk/ Frame 0295 		66 KB
66 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.emisorasunidas.com/2022/08/upa/layerdk/3.jpg
Requested by
Host: ads.emisorasunidas.com
URL: https://ads.emisorasunidas.com/2022/08/upa/layerdk/index.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
144.76.115.197 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.197.115.76.144.clients.your-server.de
Software
Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.3.33 /
Resource Hash
6a2ed5ccc657769550051988637259f4d1df3e1df38d522c6811c1db2cb5681d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.emisorasunidas.com/2022/08/upa/layerdk/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

Date
Wed, 31 Aug 2022 16:16:25 GMT
Last-Modified
Wed, 27 Jul 2022 15:08:11 GMT
Server
Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.3.33
ETag
"106d2-5e4cac9176b58"
Content-Type
image/jpeg
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=98
Content-Length
67282
4.jpg
ads.emisorasunidas.com/2022/08/upa/layerdk/ Frame 0295 		66 KB
66 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.emisorasunidas.com/2022/08/upa/layerdk/4.jpg
Requested by
Host: ads.emisorasunidas.com
URL: https://ads.emisorasunidas.com/2022/08/upa/layerdk/index.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
144.76.115.197 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.197.115.76.144.clients.your-server.de
Software
Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.3.33 /
Resource Hash
6a2ed5ccc657769550051988637259f4d1df3e1df38d522c6811c1db2cb5681d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.emisorasunidas.com/2022/08/upa/layerdk/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

Date
Wed, 31 Aug 2022 16:16:25 GMT
Last-Modified
Wed, 27 Jul 2022 15:08:11 GMT
Server
Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.3.33
ETag
"106d2-5e4cac90d266e"
Content-Type
image/jpeg
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=99
Content-Length
67282
pwt.js
ads.pubmatic.com/AdServer/js/pwt/161673/7165/ 		209 KB
67 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/pwt/161673/7165/pwt.js
Requested by
Host: jsc.mgid.com
URL: https://jsc.mgid.com/p/u/publinews.gt.1129387.es6.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.21.184.200 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-21-184-200.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
e44c56414d6d7edd75f68e972b2c7161626f82d4d3df26d8b76c237a223c090a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.publinews.gt/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Wed, 31 Aug 2022 16:16:25 GMT
content-encoding
gzip
last-modified
Tue, 30 Aug 2022 10:48:20 GMT
server
Apache
vary
Accept-Encoding
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
max-age=66764
accept-ranges
bytes
content-type
application/javascript
content-length
68097
expires
Thu, 01 Sep 2022 10:49:09 GMT
id5-api.js
cdn.id5-sync.com/api/1.0/ 		48 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.id5-sync.com/api/1.0/id5-api.js
Requested by
Host: jsc.mgid.com
URL: https://jsc.mgid.com/p/u/publinews.gt.1129387.es6.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:3556 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e85815908064ec7977f13468af609ac980317a21b5b519cfa107948cf76b8ce9
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.publinews.gt/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

x-amz-server-side-encryption
AES256
date
Wed, 31 Aug 2022 16:16:25 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Wed, 31 Aug 2022 11:00:45 GMT
server
cloudflare
age
2189
etag
W/"b17c28d6fd88a6b12feea5c52e9a7485"
vary
Accept-Encoding
content-type
text/javascript;charset=utf-8
cache-control
public, max-age=3600
strict-transport-security
max-age=15552000; includeSubDomains; preload
cf-ray
743712114a4bbbaf-FRA
x-amz-request-id
JVQRCSBMKJYY255K
x-amz-id-2
EefCMa4XdsHjSZq/I6imclRq9hHA/w+ajeRCa5qACFBK2hxi92R82+D48g3nz2eoMbdSh8PJRL4=
pvClk.min.js
analytics.webgains.io/ Frame 16F5 		85 KB
85 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://analytics.webgains.io/pvClk.min.js
Requested by
Host: track.webgains.com
URL: https://track.webgains.com/link.html?wglinkid=2194035&wgcampaignid=1384975&js=1&nw=1&wgtarget=https%3A%2F%2Fas.ad4m.at%2Fad%2Frct%3Fed%3D1g2yv8kj16cztt0k6qv9cjy3xs7q728nq6fbhc809t18r842wqpzvr55gdhywk46p9rftagmjxbwp1ycpn73cd7dy8vz2xmskn6rp79vpn08mhcx2x7dph4ms4sr7rym3xpaxs5zp6gxmxmzga3yfps1fygvp1etf21e0xxnckqntsxk5zc7p4gma19c6b0xq0r8bxv90kvj0xgf8bzw9r0wp5jan4fjdq9sbq5yh6pqfn0bpgvmjwxvtjrpv309vy3g%26a%3Dhttps%253A%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1jjzb52rqscb4zwhmk39htfm5z4yy77fqdkx5ckkd0z5mq3r9n7y9qq5h49hb6ja5h4hnk00wv75ksrgn27bdb73s3bg53v38b7z9x7a1430gpfkgfb0m2mq75n0xx9vy35hrcpsm596e5tx432vthe5xxe9zm21v061kx65hj8p35dg9p4vpjj3e8bn2t6p5esr4nfc7ct3djhwacse32a9njh3sss5x6wzz26z2bcn76b4ermpgrptg91sr5kp25nq86r252bz0%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DC8cfAV4kPY9jADqqMx_AP2bS1oASQ4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi00OTIyOTU0Mzk0NTg0NjY1oAHCrujdA8gBCakCi8n6AZ_KsD7gAgCoAwGqBJQCT9AiQxi8xUFH8psh-I_uWJSRwHzXA7V1KgJbQ7UbRV_TYfAJySzttm_M--Pdahre2QrXBbdSdaLOUmzeaL2Ca7PznMCXInEURnvBid9EGdace6OpLRIo1CDoruGOF7QAHojTGqIOlretTXYMv1aQIo0Nre1wNTWA1tgYboYKTUBSdPKEOgU2wL4pWrFoYYbcLjZrpxeEj5-4CNSC6L8yN3phxkdDYSmjU4NkfL1BbQGfcMwLX-xu-jueX2bs3oDfPtI4WB459WvUPGW1V6C2R4DAvXItlAfJZyqGDXxROL69YKA5POD346r1v4Q9RF3mon-39c_2CZZIxpRT7DtHg6PnOHKrRZ0HbabSCkoGHHkadWfj4AQBgAbxur7BzIOftfwBoAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%252526num%25253D1%252526sig%25253DAOD64_20siNFLgsAMdtpW4dXNdS0tC44eg%252526client%25253Dca-pub-4922954394584665%252526adurl%25253D&clickref=oneidDjeT3fwfGA3rF3HmH9twCZ3kTxSmTk8rFVoneid__dc_reach_suite02wkz&viewref=oneide7RC3fVfrkRMajHZHet1t4jXTwSQTx8Ja1oneid__dc_reach_suite02wkz
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.84.88.32 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-84-88-32.muc50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
ddf89cdacf98bb3a625393cc6301c0e57d1a40b9aab4e246c21c9a37301580dc

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Wed, 31 Aug 2022 05:03:55 GMT
via
1.1 47225389ee58add3b9e790ead940cda4.cloudfront.net (CloudFront)
last-modified
Tue, 23 Aug 2022 13:40:24 GMT
server
AmazonS3
age
40350
etag
"42f12532a1be9c2d028e26e9b82a99a2"
x-cache
Hit from cloudfront
content-type
text/javascript
x-amz-cf-pop
MUC50-C1
content-length
86537
x-amz-cf-id
rptBLcFguksNmvnoVRbJqWnWatFchDc0rd9DAvZ2VRbKjBYShTIZ_g==
link.html
track.webgains.com/ Frame 16F5 		48 KB
49 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://track.webgains.com/link.html?wgdedup=1&wgcampaignid=1384975&viewref=oneide7RC3fVfrkRMajHZHet1t4jXTwSQTx8Ja1oneid__dc_reach_suite02wkz&wglinkid=2194035
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=14019%2C183975%2C14044&b=Rx6fgfQfZx7TkHwH3tQtdWgf9SzTmqbF7%2Ce7RC3fVfrkRMajHZHet1t4jXTwSQTx8Ja1%2CXxVfzfrfqw7U6H4HetqtxD7UQSkTXKPfJ&f=Qxef4fjfbV7txH5HYt9CZekh6S4T5qBcV%2CDjeT3fwfGA3rF3HmH9twCZ3kTxSmTk8rFV%2Ce7RC3fVfxBVcjHZHet2CeW3swSQTx8Ja1&c=300&d=250&e=&g=8510404f2dc1b2020e3829f2b1854606%2F9244079190627054995&i=21596%2C20597%2C25007&j=16%2C21%2C16&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&r=1661962584354&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1jjzb52rqscb4zwhmk39htfm5z4yy77fqdkx5ckkd0z5mq3r9n7y9qq5h49hb6ja5h4hnk00wv75ksrgn27bdb73s3bg53v38b7z9x7a1430gpfkgfb0m2mq75n0xx9vy35hrcpsm596e5tx432vthe5xxe9zm21v061kx65hj8p35dg9p4vpjj3e8bn2t6p5esr4nfc7ct3djhwacse32a9njh3sss5x6wzz26z2bcn76b4ermpgrptg91sr5kp25nq86r252bz0%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DC8cfAV4kPY9jADqqMx_AP2bS1oASQ4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi00OTIyOTU0Mzk0NTg0NjY1oAHCrujdA8gBCakCi8n6AZ_KsD7gAgCoAwGqBJQCT9AiQxi8xUFH8psh-I_uWJSRwHzXA7V1KgJbQ7UbRV_TYfAJySzttm_M--Pdahre2QrXBbdSdaLOUmzeaL2Ca7PznMCXInEURnvBid9EGdace6OpLRIo1CDoruGOF7QAHojTGqIOlretTXYMv1aQIo0Nre1wNTWA1tgYboYKTUBSdPKEOgU2wL4pWrFoYYbcLjZrpxeEj5-4CNSC6L8yN3phxkdDYSmjU4NkfL1BbQGfcMwLX-xu-jueX2bs3oDfPtI4WB459WvUPGW1V6C2R4DAvXItlAfJZyqGDXxROL69YKA5POD346r1v4Q9RF3mon-39c_2CZZIxpRT7DtHg6PnOHKrRZ0HbabSCkoGHHkadWfj4AQBgAbxur7BzIOftfwBoAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_20siNFLgsAMdtpW4dXNdS0tC44eg%2526client%253Dca-pub-4922954394584665%2526adurl%253D&y=1&s=&z=0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.11.195.34 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-11-195-34.eu-west-2.compute.amazonaws.com
Software
nginx / PHP/7.4.26
Resource Hash
e634cdea6fc8a42921753f7da1799c4719b763400d8891a778bdcc519e43c919

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Wed, 31 Aug 2022 16:16:25 GMT
last-modified
Wed, 31 Aug 2022 16:16:25 GMT
server
nginx
x-powered-by
PHP/7.4.26
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
content-type
image/gif
access-control-allow-origin
*
cache-control
private, max-age=60
access-control-allow-headers
Authorization
expires
Wed, 31 Aug 2022 16:17:25 GMT
json
gum.criteo.com/sid/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fwww.publinews.gt%2F&domain=www.publinews.gt&cw=1&lsw=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
GET
Origin
https://www.publinews.gt
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
GET
access-control-allow-origin
https://www.publinews.gt
cache-control
no-cache, no-store, must-revalidate
content-encoding
gzip
content-type
application/json; charset=utf-8
date
Wed, 31 Aug 2022 16:16:25 GMT
expires
0
pragma
no-cache
server
Kestrel
server-processing-duration-in-ticks
624372
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
sid
mug.criteo.com/
Redirect Chain
  • https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fwww.publinews.gt%2F&domain=www.publinews.gt&cw=1&lsw=1
  • https://mug.criteo.com/sid?cpp=8hBLlnxJelJSRGJoMkxEaWxVazRMdmUvc0tLczNtL2c3aW43UVFkQVZYaWlnaFRDSXMyTUZ1eHpyS1pwRmJ6aklHVlFVbFYrNVhOc21hM29lTWFDSnBnZ2JpNktjV1ppVnBicFVHU3VOdTBzc2N5aHBBbVRIbENLZHZUSE...
344 B
634 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://mug.criteo.com/sid?cpp=8hBLlnxJelJSRGJoMkxEaWxVazRMdmUvc0tLczNtL2c3aW43UVFkQVZYaWlnaFRDSXMyTUZ1eHpyS1pwRmJ6aklHVlFVbFYrNVhOc21hM29lTWFDSnBnZ2JpNktjV1ppVnBicFVHU3VOdTBzc2N5aHBBbVRIbENLZHZUSEZkSVk3OTVwc2hBYTNZczMybytMeHgrL2t4M2REWXJ0N0xtVWt5UG1OektFSDRaTDJKdFZDTnJqMG5oMHl6bDAyOEtBNUV4VGp5c2o5dktJSXE0RC92QnpxY2xTZEhOM01QWTF5clkyVGx2RGl6TW5PNVhLaS9nM3J4UjJHKzZSbHFjN2xzTHhFfA&cppv=2
Requested by
Host: www.publinews.gt
URL: https://www.publinews.gt/gt/
Protocol
H2
Server
178.250.0.157 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
47e0805950a57e253c702ada3d80ab3e0200e818376b187f46419074252eb955
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.publinews.gt/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 31 Aug 2022 16:16:25 GMT
content-encoding
gzip
server
Kestrel
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
access-control-allow-origin
null
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
1517765
strict-transport-security
max-age=31536000; preload;
expires
0

Redirect headers

pragma
no-cache
date
Wed, 31 Aug 2022 16:16:25 GMT
server
Kestrel
location
https://mug.criteo.com/sid?cpp=8hBLlnxJelJSRGJoMkxEaWxVazRMdmUvc0tLczNtL2c3aW43UVFkQVZYaWlnaFRDSXMyTUZ1eHpyS1pwRmJ6aklHVlFVbFYrNVhOc21hM29lTWFDSnBnZ2JpNktjV1ppVnBicFVHU3VOdTBzc2N5aHBBbVRIbENLZHZUSEZkSVk3OTVwc2hBYTNZczMybytMeHgrL2t4M2REWXJ0N0xtVWt5UG1OektFSDRaTDJKdFZDTnJqMG5oMHl6bDAyOEtBNUV4VGp5c2o5dktJSXE0RC92QnpxY2xTZEhOM01QWTF5clkyVGx2RGl6TW5PNVhLaS9nM3J4UjJHKzZSbHFjN2xzTHhFfA&cppv=2
strict-transport-security
max-age=31536000; preload;
access-control-allow-methods
GET
access-control-allow-origin
https://www.publinews.gt
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
500573
content-length
0
expires
0
sid
mug.criteo.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://mug.criteo.com/sid?cpp=8hBLlnxJelJSRGJoMkxEaWxVazRMdmUvc0tLczNtL2c3aW43UVFkQVZYaWlnaFRDSXMyTUZ1eHpyS1pwRmJ6aklHVlFVbFYrNVhOc21hM29lTWFDSnBnZ2JpNktjV1ppVnBicFVHU3VOdTBzc2N5aHBBbVRIbENLZHZUSEZkSVk3OTVwc2hBYTNZczMybytMeHgrL2t4M2REWXJ0N0xtVWt5UG1OektFSDRaTDJKdFZDTnJqMG5oMHl6bDAyOEtBNUV4VGp5c2o5dktJSXE0RC92QnpxY2xTZEhOM01QWTF5clkyVGx2RGl6TW5PNVhLaS9nM3J4UjJHKzZSbHFjN2xzTHhFfA&cppv=2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.0.157 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
GET
Origin
null
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
GET
access-control-allow-origin
null
cache-control
no-cache, no-store, must-revalidate
content-encoding
gzip
content-type
application/json; charset=utf-8
date
Wed, 31 Aug 2022 16:16:25 GMT
expires
0
pragma
no-cache
server
Kestrel
server-processing-duration-in-ticks
493331
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
v1
lb.eu-1-id5-sync.com/lb/ 		33 B
330 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://lb.eu-1-id5-sync.com/lb/v1
Requested by
Host: cdn.id5-sync.com
URL: https://cdn.id5-sync.com/api/1.0/id5-api.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
162.19.138.83 , France, ASN16276 (OVH, FR),
Reverse DNS
ns31532338.ip-162-19-138.eu
Software
/
Resource Hash
84f67b2966de0f841622921ca23f6c07016c100670bfe1e3bc2194f04124b0a5

Request headers

Referer
https://www.publinews.gt/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.publinews.gt
date
Wed, 31 Aug 2022 16:16:25 GMT
transfer-encoding
chunked
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
content-type
application/json;charset=UTF-8
231.json
id5-sync.com/g/v2/ 		216 B
626 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://id5-sync.com/g/v2/231.json
Requested by
Host: cdn.id5-sync.com
URL: https://cdn.id5-sync.com/api/1.0/id5-api.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
141.95.98.67 , France, ASN16276 (OVH, FR),
Reverse DNS
ns3216533.ip-141-95-98.eu
Software
/
Resource Hash
6e841c20ee89530c05392b2ca63f0b66f536848000926580b8f9091dc911b582
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://www.publinews.gt/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.publinews.gt
date
Wed, 31 Aug 2022 16:16:25 GMT
access-control-allow-credentials
true
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
transfer-encoding
chunked
strict-transport-security
max-age=63072000; includeSubDomains; preload
content-type
application/json;charset=UTF-8
sodar
pagead2.googlesyndication.com/getconfig/ 		14 KB
11 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2022082501&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022082501.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
b18fd2da53c57b2a62f61c287426b3e89ff21990474fb0328831517934add37b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.publinews.gt/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 31 Aug 2022 16:16:26 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
10994
x-xss-protection
0
tracking-event
api.webgains.io/ Frame 0871 		16 B
232 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://api.webgains.io/tracking-event
Requested by
Host: analytics.webgains.io
URL: https://analytics.webgains.io/pvClk.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.56.221.73 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-56-221-73.eu-west-2.compute.amazonaws.com
Software
nginx / PHP/7.4.26
Resource Hash
c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
Content-Type
application/json

Response headers

date
Wed, 31 Aug 2022 16:16:26 GMT
x-content-type-options
nosniff
server
nginx
x-powered-by
PHP/7.4.26
x-frame-options
SAMEORIGIN
content-type
application/json
access-control-allow-origin
*
cache-control
no-cache, private
x-xss-protection
1; mode=block
tracking-event
api.webgains.io/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://api.webgains.io/tracking-event
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.56.221.73 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-56-221-73.eu-west-2.compute.amazonaws.com
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://as.ad4m.at
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

access-control-allow-headers
Content-Type
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
access-control-allow-origin
*
date
Wed, 31 Aug 2022 16:16:26 GMT
server
nginx
sodar2.js
tpc.googlesyndication.com/sodar/ 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022082501.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.publinews.gt/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Wed, 31 Aug 2022 16:16:26 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Wed, 31 Aug 2022 16:16:26 GMT
usync.html
eus.rubiconproject.com/ Frame 8352 		281 B
573 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/libs/prebid/avpb6.27.0.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.96.145.246 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-96-145-246.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://www.publinews.gt/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Wed, 31 Aug 2022 16:16:26 GMT
ETag
"402b2-119-5d32342a551c0"
Last-Modified
Tue, 14 Dec 2021 23:07:59 GMT
Server
Apache/2.2.15 (CentOS)
Unused62
8096267
Vary
Accept-Encoding
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 88DC 		15 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=161774
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/libs/prebid/avpb6.27.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.21.184.200 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-21-184-200.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
ec24ec80719b83e32448bd568739a6b7c36f96cc746c3003a9d32a1ef4535152

Request headers

Referer
https://www.publinews.gt/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=38524
content-encoding
gzip
content-length
5549
content-type
text/html; charset=UTF-8
date
Wed, 31 Aug 2022 16:16:26 GMT
etag
"1300708-3de4-5d6ef246ef4cf"
expires
Thu, 01 Sep 2022 02:58:30 GMT
last-modified
Tue, 01 Feb 2022 06:38:00 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
/
onetag-sys.com/usync/ Frame E423 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/usync/?cb=1661962585736
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/libs/prebid/avpb6.27.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.38.120.206 , France, ASN16276 (OVH, FR),
Reverse DNS
ip206.ip-51-38-120.eu
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://www.publinews.gt/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store
strict-transport-security
max-age=15552000
checksync.php
contextual.media.net/ Frame FC14 		22 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUK67P42&prvid=99%2C77%2C56%2C2034%2C2031%2C2030%2C175%2C157%2C2028%2C2027%2C4%2C159%2C10000%2C80%2C9%2C109%2C82%2C97&itype=PREBID&purpose1=1&gdprconsent=0&gdpr=1&coppa=0&usp_status=0&usp_consent=1
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/libs/prebid/avpb6.27.0.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
184.51.8.30 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-51-8-30.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
602e7dc7da2f0a68503b52747ebeec1d664f050b3ede24bb6f9f21629ebebca3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://www.publinews.gt/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
max-age=172800
content-encoding
gzip
content-length
8118
content-type
text/html; charset=UTF-8
date
Wed, 31 Aug 2022 16:16:26 GMT
expires
Fri, 02 Sep 2022 16:16:26 GMT
server
Apache
strict-transport-security
max-age=31536000
vary
Accept-Encoding
x-mnet-hl2
E
generic
match.adsrvr.org/track/cmf/
Redirect Chain
  • https://ads.stickyadstv.com/auto-user-sync
  • https://1f2e7.v.fwmrm.net/ad/u?_dv=2&dsp_user_mapping=true&127719=e5641b54d98a99bf9c6a46754b9ffa4b&rdU=https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D1169%26userId%3d%23%7b...
  • https://ads.stickyadstv.com/user-registering?dataProviderId=1169&userId=pc026_7138074954046140882&gdpr=0&gdpr_consent=
  • https://cm.g.doubleclick.net/pixel?google_nid=stickyxchange_dbm&google_cm=&google_sc&google_hm=ZTU2NDFiNTRkOThhOTliZjljNmE0Njc1NGI5ZmZhNGI=&gdpr=0&gdpr_consent=
  • https://ads.stickyadstv.com/user-registering?dataProviderId=141&userId=CAESECzdv0smHsw9cv0YfZ1dzOI&google_cver=1&gdpr=0&gdpr_consent=
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=stickyads&ttd_tpi=1&gdpr=0&gdpr_consent=
70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/generic?ttd_pid=stickyads&ttd_tpi=1&gdpr=0&gdpr_consent=
Protocol
H2
Server
35.71.131.137 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.publinews.gt/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 31 Aug 2022 16:16:26 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-type
image/gif
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

Redirect headers

Pragma
no-cache
Date
Wed, 31 Aug 2022 16:16:26 GMT
Server
nginx
Access-Control-Allow-Origin
*
Location
https://match.adsrvr.org/track/cmf/generic?ttd_pid=stickyads&ttd_tpi=1&gdpr=0&gdpr_consent=
Cache-Control
max-age=0, no-cache, no-store
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
0
x-sticky-vk
1661962586616059-560
Expires
Wed, 31 Aug 2022 16:16:26 GMT
PugMaster
image6.pubmatic.com/AdServer/ Frame 88DC 		0
39 B 		Script
General
Check archive.org
Download Go to
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=49531938&p=161774&s=0&a=0&ptask=ALL&np=0&fp=0&rp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=161774
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.78 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Wed, 31 Aug 2022 16:16:26 GMT
content-length
0
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 3F86 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.publinews.gt/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
1482
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Wed, 31 Aug 2022 15:51:44 GMT
expires
Thu, 31 Aug 2023 15:51:44 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame B893 		783 B
536 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
77f25c358cc0832a4155199aa7fd3dce009d4e5030965d1aaa2234ef9c00a88c
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-aZzDrL96jTPNZv58Eq5nnw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.publinews.gt/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private, max-age=300
content-encoding
gzip
content-length
514
content-security-policy
script-src 'report-sample' 'nonce-aZzDrL96jTPNZv58Eq5nnw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Wed, 31 Aug 2022 16:16:26 GMT
expires
Wed, 31 Aug 2022 16:16:26 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
usync.js
eus.rubiconproject.com/ Frame 8352 		31 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.96.145.246 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-96-145-246.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
bbe8560826479959291cf70d3080f513bd35cc48126cf13dd43f6ffcec28907d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/usync.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

Date
Wed, 31 Aug 2022 16:16:26 GMT
Content-Encoding
gzip
Last-Modified
Wed, 24 Aug 2022 20:46:19 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=31170
Connection
keep-alive
Content-Type
text/html; charset=UTF-8
Content-Length
9378
Expires
Thu, 01 Sep 2022 00:55:56 GMT
ppzs-o_oDTLysEGEkZroIB51IgxzANAUgUjK_Y8VX9I.js
pagead2.googlesyndication.com/bg/ Frame 3F86 		36 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/ppzs-o_oDTLysEGEkZroIB51IgxzANAUgUjK_Y8VX9I.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a69cecfa8fe80d32f2b04184919ae8201e75220c7300d0148148cafd8f155fd2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Wed, 31 Aug 2022 11:57:15 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
15551
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15877
x-xss-protection
0
last-modified
Mon, 22 Aug 2022 11:08:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 31 Aug 2023 11:57:15 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame B893 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_2022082501&jk=370390444806995&rc=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers
pixel
cm.g.doubleclick.net/ Frame 8352
Redirect Chain
  • https://token.rubiconproject.com/token?pid=2249&pt=n
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=Zjg5OWM5ZTFiOTFjOWU3ODhjODg3NTNhZmU0YzVhMWJlYTc1N2VkYQ
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=Zjg5OWM5ZTFiOTFjOWU3ODhjODg3NTNhZmU0YzVhMWJlYTc1N2VkYQ
Protocol
H3
Server
142.250.186.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 31 Aug 2022 16:16:26 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=Zjg5OWM5ZTFiOTFjOWU3ODhjODg3NTNhZmU0YzVhMWJlYTc1N2VkYQ
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
a66cbf3142c6ef39e3614b84a34262cf
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
tap.php
pixel.rubiconproject.com/ Frame 8352
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc
  • https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEABp5B-1YWqH9U2Q7v7IZfk&google_cver=1
0
239 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEABp5B-1YWqH9U2Q7v7IZfk&google_cver=1
Protocol
HTTP/1.1
Server
69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost
a66cbf3142c6ef39e3614b84a34262cf
Content-Type
image/gif

Redirect headers

pragma
no-cache
date
Wed, 31 Aug 2022 16:16:26 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEABp5B-1YWqH9U2Q7v7IZfk&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
326
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ecm3
aax-eu.amazon-adsystem.com/s/ Frame 8352
Redirect Chain
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=&dcc=t
  • https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=oOiy2LQ-TEGfFvQ64PLZaQ&rk=usync-other
  • https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=oOiy2LQ-TEGfFvQ64PLZaQ
43 B
556 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=oOiy2LQ-TEGfFvQ64PLZaQ
Protocol
HTTP/1.1
Server
52.95.126.138 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 31 Aug 2022 16:16:26 GMT
Vary
Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server
Server
x-amz-rid
GXEBS92P8PQXB5KXESQC
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy
interest-cohort=()
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Location
https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=oOiy2LQ-TEGfFvQ64PLZaQ
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
a66cbf3142c6ef39e3614b84a34262cf
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
ecm3
s.amazon-adsystem.com/ Frame 8352
Redirect Chain
  • https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=
  • https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=&dcc=t
  • https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=MgON9DKeQSqbwbo8Q_5oeg&rk=usync-na
  • https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=MgON9DKeQSqbwbo8Q_5oeg
43 B
556 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=MgON9DKeQSqbwbo8Q_5oeg
Protocol
HTTP/1.1
Server
52.46.130.91 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 31 Aug 2022 16:16:27 GMT
Vary
Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server
Server
x-amz-rid
13GPAGQEZN8ZGRTJT20F
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy
interest-cohort=()
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Location
https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=MgON9DKeQSqbwbo8Q_5oeg
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
a66cbf3142c6ef39e3614b84a34262cf
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
v1
ads.yahoo.com/cms/ Frame 8352
Redirect Chain
  • https://token.rubiconproject.com/token?pid=26594
  • https://ads.yahoo.com/cms/v1?nwid=10000010181&eid=L7HTM22U-1-77HF&sigv=1&esig=2~75cbcc58016582a9c649c195531eb02968776152
0
194 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.yahoo.com/cms/v1?nwid=10000010181&eid=L7HTM22U-1-77HF&sigv=1&esig=2~75cbcc58016582a9c649c195531eb02968776152
Protocol
H2
Server
2a00:1288:80:807::2 , United Kingdom, ASN203220 (YAHOO-DEB, GB),
Reverse DNS
Software
ATS /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Wed, 31 Aug 2022 16:16:26 GMT
cache-control
no-store
x-content-type-options
nosniff
server
ATS
strict-transport-security
max-age=15552000
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-xss-protection
1; mode=block

Redirect headers

Location
https://ads.yahoo.com/cms/v1?nwid=10000010181&eid=L7HTM22U-1-77HF&sigv=1&esig=2~75cbcc58016582a9c649c195531eb02968776152
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
66ef90d06496cfd000aab8206f2b6221
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
rubicon
match.adsrvr.org/track/cmf/ Frame 8352 		70 B
265 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/rubicon
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.71.131.137 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 31 Aug 2022 16:16:26 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-type
image/gif
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
setuid
px.ads.linkedin.com/ Frame 8352
Redirect Chain
  • https://token.rubiconproject.com/token?pid=36584
  • https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=L7HTM22U-1-77HF
0
707 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=L7HTM22U-1-77HF
Protocol
H2
Server
2620:1ec:22::14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Wed, 31 Aug 2022 16:16:26 GMT
x-li-pop
afd-prod-lor1-x
x-msedge-ref
Ref A: F9CED2B28DAC425885939808FB753C8F Ref B: VIEEDGE2515 Ref C: 2022-08-31T16:16:26Z
linkedin-action
1
x-cache
CONFIG_NOCACHE
x-li-fabric
prod-lor1
x-li-proto
http/2
content-length
0
x-li-uuid
AAXni9GdrC2UcpH/v06jlQ==

Redirect headers

Location
https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=L7HTM22U-1-77HF
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
66ef90d06496cfd000aab8206f2b6221
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
pixel
cm.g.doubleclick.net/ Frame 8352
Redirect Chain
  • https://token.rubiconproject.com/token?pid=25470
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDdIVE0yMlUtMS03N0hG
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDdIVE0yMlUtMS03N0hG
Protocol
H3
Server
142.250.186.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 31 Aug 2022 16:16:26 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDdIVE0yMlUtMS03N0hG
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
a66cbf3142c6ef39e3614b84a34262cf
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
generate_204
tpc.googlesyndication.com/ Frame 3F86 		0
10 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?9QRv2w
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Wed, 31 Aug 2022 16:16:26 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
tracking-event
api.webgains.io/ Frame 16F5 		16 B
232 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://api.webgains.io/tracking-event
Requested by
Host: analytics.webgains.io
URL: https://analytics.webgains.io/pvClk.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.56.221.73 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-56-221-73.eu-west-2.compute.amazonaws.com
Software
nginx / PHP/7.4.26
Resource Hash
c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
Content-Type
application/json

Response headers

date
Wed, 31 Aug 2022 16:16:26 GMT
x-content-type-options
nosniff
server
nginx
x-powered-by
PHP/7.4.26
x-frame-options
SAMEORIGIN
content-type
application/json
access-control-allow-origin
*
cache-control
no-cache, private
x-xss-protection
1; mode=block
tracking-event
api.webgains.io/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://api.webgains.io/tracking-event
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.56.221.73 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-56-221-73.eu-west-2.compute.amazonaws.com
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://as.ad4m.at
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

access-control-allow-headers
Content-Type
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
access-control-allow-origin
*
date
Wed, 31 Aug 2022 16:16:26 GMT
server
nginx
idp.min.js
content.zeotap.com/sdk/ 		55 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://content.zeotap.com/sdk/idp.min.js
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/161673/7165/pwt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:1957 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
feb4fc467795a580abc9ca8be5f38bbec4cb85b1a5cd9c40743052acf912cf47

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.publinews.gt/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Wed, 31 Aug 2022 16:16:27 GMT
content-encoding
br
cf-cache-status
HIT
age
2031
x-guploader-uploadid
ADPycdtuBOxAaznoZbk4uFZvHzVmBs7jk4zvHv40Xsw5wwCuAHHuNdvC8P-KEWO9LRXc0Hek_pEG8dArFk-cFEfYZo63tA
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
content-type
application/javascript
last-modified
Wed, 16 Feb 2022 08:59:03 GMT
server
cloudflare
etag
W/"ab1a346bb1160bca58c151a07ab8582b"
vary
Accept-Encoding
x-goog-hash
crc32c=ezzPYw==, md5=qxo0a7EWC8pYwVGgerhYKw==
x-goog-generation
1645001943546675
cache-control
public,max-age=3600
x-goog-stored-content-length
56329
cf-ray
74371219dbc18fef-FRA
sodar
pagead2.googlesyndication.com/pagead/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_2022082501&jk=370390444806995&bg=!trWltfHNAAaXrHhMt6w7ACkAdvg8Wpw6RpicI3ZIT5X6OXBV198Mg36v2DucNfaNOnGwR89tYXfibAIAAADfUgAAAAJoAQeZApxHS2Pnp0NDRg7RX_18L191W91E4J0S1uNWbyAu6rxA78qVuPrFnS2w2HdN0nOfob6wGI65XRbjo4LWkWF4AcH981WM9HT6LLPejmbi3rSBx3Yk6eYmJQzhKPWBOMeWi1CnNuCWVTsbOMAiS5PvAdAuWr97hNoFeZyopq9vcakSm5F8wGGpphpWJ8Mie8hzPnbtaZ32ztnQWEg1oXq9xmssnBkw-mdDuhvR_6AnDdIrPHYBLFK_5DO-WpJtujwD0ig4b35Nik4YY4ao8wAjV75Bmnj4CDAhHKQUIZxS-H3gChY5GYp5kuvR_H_jAcALGJ-NQI9C1NZTL1BjfGJWfa6JkY-YWEA7i448OYJB-RparexSGWUC54ZqXOLVhpS2xph1runrDA4v9iuprVvilV1d9ss_NE9cbIEQ6PIwk3K4cetW8wbR3au-z6TtIsOclLNKaLS-iHg5LqYFg7kPLWyKeG08nDISo43g3ifzKdMcSKYYYXzG0211WXcgtb1oMwhra5A_fluOZXETjB77UoeBOaAH3H7XotDPj66ddsDKtVZaIMjYok3LbsWBuho7Aw0qeSEVjCmJoF38lFka_BHYaTnwQQeifcNwT8oUZsBv4htnO74q0-S5XEjWv9kBQ78ofUxgJitJTGItTCUJDjraXXLuZYBaTSvtBPdymRO6BQmb6OGul3CzBxBMSW2aMb0qNDrpEAS9zlSC8ydQ1awNHs6ZCJkOcL8zQZWy84_fqTKAb9Z3nqTIaBSQliFTKaNCHQDK7gRxHgOfQK6Al2O7Fu97lNnmSG8y5w_85ukdtCINmG-QZQYJlUV9LQNRVTQI7dNR1NrZw4joh8vFy79kiKvZ4cy3q_gpYQFn0Q9LiQPlknH0kVPQOmv_vg
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.publinews.gt/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers
json
gum.criteo.com/sid/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fwww.publinews.gt%2F&domain=www.publinews.gt&cw=1&lsw=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
GET
Origin
https://www.publinews.gt
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
GET
access-control-allow-origin
https://www.publinews.gt
cache-control
no-cache, no-store, must-revalidate
content-encoding
gzip
content-type
application/json; charset=utf-8
date
Wed, 31 Aug 2022 16:16:26 GMT
expires
0
pragma
no-cache
server
Kestrel
server-processing-duration-in-ticks
592398
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
sid
mug.criteo.com/
Redirect Chain
  • https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fwww.publinews.gt%2F&domain=www.publinews.gt&cw=1&lsw=1
  • https://mug.criteo.com/sid?cpp=CFPKEHxrbFhMRUZSNnAwUnVXdHJKTDFrYlA0OUkrcnR4ekxFZTVXSWt6U1k4Y1ZuOE40eU82Q014RnBackY3bm8rUURzSCt0Nnp2YVkzOFRncDZJR3JyRHdDVjM5L2RZQTdYMGs5M3A0T1NIL2paNmN3U1BrTGYvOHdwcE...
334 B
624 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://mug.criteo.com/sid?cpp=CFPKEHxrbFhMRUZSNnAwUnVXdHJKTDFrYlA0OUkrcnR4ekxFZTVXSWt6U1k4Y1ZuOE40eU82Q014RnBackY3bm8rUURzSCt0Nnp2YVkzOFRncDZJR3JyRHdDVjM5L2RZQTdYMGs5M3A0T1NIL2paNmN3U1BrTGYvOHdwcE4rVjJHZkpXNDFOckwvcXMwZk52RERjOG1uR3VJd2lNcmFBTDRLYVZVS0RPNHREVFZHNXRQTUNNS1hPT0w0eTVjeXlVVnRMS3ZFR0k5TUhVN1lXeGhVelNpdkN5cVNWZ1ZXRi9DbTJYV2VjZTlVbmJEaXV1SmJWbTJ2ZjZDMUJsQi8rMkxxeFplfA&cppv=2
Protocol
H2
Server
178.250.0.157 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
a213a974a980b9561ce3e023cc66264875b0e0989f63fd2d53fc1cded7fcd7c6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.publinews.gt/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 31 Aug 2022 16:16:27 GMT
content-encoding
gzip
server
Kestrel
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
access-control-allow-origin
null
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
1459606
strict-transport-security
max-age=31536000; preload;
expires
0

Redirect headers

pragma
no-cache
date
Wed, 31 Aug 2022 16:16:26 GMT
server
Kestrel
location
https://mug.criteo.com/sid?cpp=CFPKEHxrbFhMRUZSNnAwUnVXdHJKTDFrYlA0OUkrcnR4ekxFZTVXSWt6U1k4Y1ZuOE40eU82Q014RnBackY3bm8rUURzSCt0Nnp2YVkzOFRncDZJR3JyRHdDVjM5L2RZQTdYMGs5M3A0T1NIL2paNmN3U1BrTGYvOHdwcE4rVjJHZkpXNDFOckwvcXMwZk52RERjOG1uR3VJd2lNcmFBTDRLYVZVS0RPNHREVFZHNXRQTUNNS1hPT0w0eTVjeXlVVnRMS3ZFR0k5TUhVN1lXeGhVelNpdkN5cVNWZ1ZXRi9DbTJYV2VjZTlVbmJEaXV1SmJWbTJ2ZjZDMUJsQi8rMkxxeFplfA&cppv=2
strict-transport-security
max-age=31536000; preload;
access-control-allow-methods
GET
access-control-allow-origin
https://www.publinews.gt
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
643361
content-length
0
expires
0
1119.json
id5-sync.com/g/v2/ 		216 B
626 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://id5-sync.com/g/v2/1119.json
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/161774/6973/pwt.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
141.95.98.67 , France, ASN16276 (OVH, FR),
Reverse DNS
ns3216533.ip-141-95-98.eu
Software
/
Resource Hash
41cbc19c74da466a6e5db715e2d5147bdb747efc1dfca595fcfd36be87cad97f
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://www.publinews.gt/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.publinews.gt
date
Wed, 31 Aug 2022 16:16:26 GMT
access-control-allow-credentials
true
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
transfer-encoding
chunked
strict-transport-security
max-age=63072000; includeSubDomains; preload
content-type
application/json;charset=UTF-8
envelope
api.rlcdn.com/api/identity/ 		0
0
id
id.crwdcntrl.net/ 		63 B
338 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://id.crwdcntrl.net/id
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/161774/6973/pwt.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.30.61.76 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-30-61-76.eu-west-1.compute.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
88e0490b905688fc3c040dbbc608d365d3060e093d05517cafd5f3292f8dfb6b

Request headers

Referer
https://www.publinews.gt/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 31 Aug 2022 16:16:27 GMT
server
Jetty(9.4.38.v20210224)
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
https://www.publinews.gt
cache-control
no-cache
x-server
10.45.5.60
access-control-allow-credentials
true
content-type
application/json;charset=utf-8
content-length
63
expires
0
rid
match.adsrvr.org/track/ 		63 B
390 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://match.adsrvr.org/track/rid?ttd_pid=pubmatic&fmt=json
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/161774/6973/pwt.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.71.131.137 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
/
Resource Hash
42f099aeddfcc80bd4c6952c25ec7740e705796a868c06bec8536838e6241846

Request headers

Referer
https://www.publinews.gt/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
Content-Type
text/plain

Response headers

date
Wed, 31 Aug 2022 16:16:27 GMT
x-aspnet-version
4.0.30319
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.publinews.gt
cache-control
private
access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Content-Length, Content-Encoding, Vary, Cache-Control, Accept
content-length
63
expires
Fri, 30 Sep 2022 16:16:27 GMT
sid
mug.criteo.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://mug.criteo.com/sid?cpp=CFPKEHxrbFhMRUZSNnAwUnVXdHJKTDFrYlA0OUkrcnR4ekxFZTVXSWt6U1k4Y1ZuOE40eU82Q014RnBackY3bm8rUURzSCt0Nnp2YVkzOFRncDZJR3JyRHdDVjM5L2RZQTdYMGs5M3A0T1NIL2paNmN3U1BrTGYvOHdwcE4rVjJHZkpXNDFOckwvcXMwZk52RERjOG1uR3VJd2lNcmFBTDRLYVZVS0RPNHREVFZHNXRQTUNNS1hPT0w0eTVjeXlVVnRMS3ZFR0k5TUhVN1lXeGhVelNpdkN5cVNWZ1ZXRi9DbTJYV2VjZTlVbmJEaXV1SmJWbTJ2ZjZDMUJsQi8rMkxxeFplfA&cppv=2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.0.157 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
GET
Origin
null
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
GET
access-control-allow-origin
null
cache-control
no-cache, no-store, must-revalidate
content-encoding
gzip
content-type
application/json; charset=utf-8
date
Wed, 31 Aug 2022 16:16:26 GMT
expires
0
pragma
no-cache
server
Kestrel
server-processing-duration-in-ticks
533323
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
collect
region1.analytics.google.com/g/ 		0
17 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.analytics.google.com/g/collect?v=2&tid=G-5QX73SF3RL&gtm=2oe8t0&_p=1812898241&cid=691347407.1661962582&ul=en-us&sr=1600x1200&_eu=AI&_z=ccd.v9B&sid=1661962582&sct=1&seg=0&dl=https%3A%2F%2Fwww.publinews.gt%2Fgt%2F&dt=Noticias%2C%20Deportes%20y%20Espect%C3%A1culos%20de%20Guatemala%20y%20el%20Mundo%20%7C%20Publinews&_s=3
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-5QX73SF3RL
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.publinews.gt/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Wed, 31 Aug 2022 16:16:27 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.publinews.gt
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
track
track1.aniview.com/ 		0
94 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://track1.aniview.com/track?d=Chrome&cou=DE&cos=Windows&r=www.publinews.gt&rs=www.publinews.gt&sid=70379&t=1661962584&cip=185.213.155.166&sn=&tgt=0&osv=10&bv=105.0&brn=Chrome&wi=300&he=169&app=&AV_PUBLISHERID=5d31fb2628a06116ff22aef3&test=&aafaid=&proto=https&uid=1661962584249-915558184916-007205-002-006677&cha=0.7&stagid=62a37b4eabc9f014c02c6f24&stplid=62a21cd2219bc9403f4ec8d5&d35=&d36=6.2.52&cb=48065694989&d39=&d65=&apppkg=&d9=1000&d37=realtime&AV_WIDTH=300&AV_HEIGHT=169
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5d31fb2628a06116ff22aef3
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.226.74.25 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-226-74-25.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.publinews.gt/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Wed, 31 Aug 2022 16:16:29 GMT
cache-control
max-age=0, no-cache, no-store
content-length
0
vast.xml
optimized-by.rubiconproject.com/a/api/
Redirect Chain
  • https://video-ads.rubiconproject.com/video/12948/312596/1590248/201/vast.xml?tg_c.language=es&rp_schain=1.0,1!latinon.com,2087,1,,,
  • https://optimized-by.rubiconproject.com/a/api/vast.xml?account_id=12948&site_id=312596&zone_id=1590248&size_id=201&tg_c.language=es&rp_schain=1.0%2C1%21latinon.com%2C2087%2C1%2C%2C%2C&p_aso.video.a...
11 KB
5 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://optimized-by.rubiconproject.com/a/api/vast.xml?account_id=12948&site_id=312596&zone_id=1590248&size_id=201&tg_c.language=es&rp_schain=1.0%2C1%21latinon.com%2C2087%2C1%2C%2C%2C&p_aso.video.api=2&p_aso.video.mimes=application%2Fjavascript%2Cvideo%2Fmp4&tk_vpaid=1&cb=28529542.232179
Protocol
H2
Server
18.158.81.117 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-158-81-117.eu-central-1.compute.amazonaws.com
Software
nginx/1.21.4 /
Resource Hash
5459a124774642770c5ee27d8a9582aa1cd5388af6fdc44d06d5ee16a83b5e08

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.publinews.gt/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 31 Aug 2022 16:16:31 GMT
content-encoding
gzip
server
nginx/1.21.4
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
p3p
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
access-control-allow-origin
null
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-type
application/xml
content-length
5254
expires
Wed, 17 Sep 1975 21:32:10 GMT

Redirect headers

Date
Wed, 31 Aug 2022 16:16:30 GMT
Server
Apache/2.4.6 (CentOS) PHP/5.4.16
X-Powered-By
PHP/5.4.16
Location
https://optimized-by.rubiconproject.com/a/api/vast.xml?account_id=12948&site_id=312596&zone_id=1590248&size_id=201&tg_c.language=es&rp_schain=1.0%2C1%21latinon.com%2C2087%2C1%2C%2C%2C&p_aso.video.api=2&p_aso.video.mimes=application%2Fjavascript%2Cvideo%2Fmp4&tk_vpaid=1&cb=28529542.232179
Access-Control-Allow-Methods
POST, GET, PUT, OPTIONS, PATCH, DELETE
Content-Type
text/html; charset=UTF-8
Access-Control-Allow-Origin
https://www.publinews.gt
Access-Control-Allow-Credentials
true
Connection
keep-alive
Access-Control-Allow-Headers
X-Accept-Charset,X-Accept,Content-Type
Content-Length
0
track
track1.aniview.com/ 		0
70 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://track1.aniview.com/track?d=Chrome&cou=DE&cos=Windows&r=www.publinews.gt&rs=www.publinews.gt&sid=70379&t=1661962584&cip=185.213.155.166&sn=&tgt=0&osv=10&bv=105.0&brn=Chrome&wi=300&he=169&app=&AV_PUBLISHERID=5d31fb2628a06116ff22aef3&test=&aafaid=&proto=https&uid=1661962584249-915558184916-007205-002-006677&cha=0.7&stagid=62a37b4eabc9f014c02c6f24&stplid=62a21cd2219bc9403f4ec8d5&d35=&d36=6.2.52&cb=48065694989&d39=&d65=&apppkg=&d9=1000&d37=realtime&AV_WIDTH=300&AV_HEIGHT=169&nid=5d31fb2628a06116ff22aef3&ncid=5f4452d76e685a1c474b9879&e=request&cb=1661962590966&asid=5e583b0828a06105212c3308%2C6250f5858cda5d14c60a666b%2C5e4aca1528a06178f4750a16%2C61dcbe8785e4c27ffc7abdc4%2C614b5d12cc8c9824961a92b1%2C621e56649c72bb64646a6007%2C62a105fbd99aaa52977a3ad6%2C61929720db3611235a75f084%2C62d065d4402db17fd24fd864%2C62696a383bb9733bf220f5f4&ofpr=0.3%2C0.1%2C%2C0.1%2C0.1%2C0.1%2C0.1%2C0.1%2C0.1%2C0.1&fpo=%2C%2C%2C%2C%2C%2C%2C%2C%2C
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.226.74.25 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-226-74-25.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.publinews.gt/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Wed, 31 Aug 2022 16:16:31 GMT
cache-control
max-age=0, no-cache, no-store
content-length
0
track
track1.aniview.com/ 		0
70 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://track1.aniview.com/track?d=Chrome&cou=DE&cos=Windows&r=www.publinews.gt&rs=www.publinews.gt&sid=70379&t=1661962584&cip=185.213.155.166&sn=&tgt=0&osv=10&bv=105.0&brn=Chrome&wi=300&he=169&app=&AV_PUBLISHERID=5d31fb2628a06116ff22aef3&test=&aafaid=&proto=https&uid=1661962584249-915558184916-007205-002-006677&cha=0.7&stagid=62a37b4eabc9f014c02c6f24&stplid=62a21cd2219bc9403f4ec8d5&d35=&d36=6.2.52&cb=48065694989&d39=&d65=&apppkg=&d9=1000&d37=realtime&AV_WIDTH=300&AV_HEIGHT=169&&copid=5d31fb2628a06116ff22aef3&nid=59c9148628a0612da3689288&cocid=5f4452d76e685a1c474b9879&ncid=5db803de28a061465a6e2f41&coasid=5db8052928a061555326a05e&e=request&cb=1661962590966&asid=5f4ba7502216727dc61b2e90&ofpr=0.5&fpo=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.226.74.25 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-226-74-25.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.publinews.gt/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Wed, 31 Aug 2022 16:16:31 GMT
cache-control
max-age=0, no-cache, no-store
content-length
0
PBJS
c2shb.pubgw.yahoo.com/admax/bid/partners/ 		0
44 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.pubgw.yahoo.com/admax/bid/partners/PBJS
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/libs/prebid/avpb6.27.0.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
18.156.195.47 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-156-195-47.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.10.25 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.publinews.gt/
x-openrtb-version
2.5
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
Content-Type
application/json

Response headers

access-control-allow-origin
https://www.publinews.gt
date
Wed, 31 Aug 2022 16:16:31 GMT
access-control-allow-credentials
true
server
ATS/9.1.10.25
age
1
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods
POST,GET,HEAD,OPTIONS
prebid-request
onetag-sys.com/ 		15 B
363 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/prebid-request
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/libs/prebid/avpb6.27.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.38.120.206 , France, ASN16276 (OVH, FR),
Reverse DNS
ip206.ip-51-38-120.eu
Software
/
Resource Hash
663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://www.publinews.gt/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
Content-Type
text/plain

Response headers

strict-transport-security
max-age=15552000
content-encoding
gzip
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
access-control-allow-origin
https://www.publinews.gt
cache-control
no-transform, no-cache
access-control-allow-credentials
true
content-type
application/json
access-control-allow-headers
content-type, origin, referer, user-agent
content-length
41
swfIndex.php
ads.stickyadstv.com/www/delivery/ 		67 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.stickyadstv.com/www/delivery/swfIndex.php?reqType=AdsSetup&protocolVersion=2.0&zoneId=13706367&componentId=prebid&componentSubId=mustang&timestamp=1661962590976&pKey=411360264&schain=1.0%2C1!latinon.com%2C2087%2C1%2C%2C%2C&loc=https%3A%2F%2Fwww.publinews.gt%2Fgt%2F&playerSize=300x169
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/libs/prebid/avpb6.27.0.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2.18.79.136 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-18-79-136.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
291437ea71e62b1c35d4ec5d3c5ad02cfa930343b41b1472fba70243089c8bbe

Request headers

Referer
https://www.publinews.gt/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Wed, 31 Aug 2022 16:16:31 GMT
Server
nginx
Content-Type
application/xml;charset=UTF-8
Access-Control-Allow-Origin
https://www.publinews.gt
Cache-Control
max-age=0, no-cache, no-store
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
67
x-sticky-vk
1661962590888094-509
Expires
Wed, 31 Aug 2022 16:16:31 GMT
swfIndex.php
ads.stickyadstv.com/www/delivery/ 		67 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.stickyadstv.com/www/delivery/swfIndex.php?reqType=AdsSetup&protocolVersion=2.0&zoneId=31810354&componentId=prebid&componentSubId=mustang&timestamp=1661962590976&pKey=289366792&schain=1.0%2C1!latinon.com%2C2087%2C1%2C%2C%2C&loc=https%3A%2F%2Fwww.publinews.gt%2Fgt%2F&playerSize=300x169
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/libs/prebid/avpb6.27.0.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2.18.79.136 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-18-79-136.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
291437ea71e62b1c35d4ec5d3c5ad02cfa930343b41b1472fba70243089c8bbe

Request headers

Referer
https://www.publinews.gt/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Wed, 31 Aug 2022 16:16:31 GMT
Server
nginx
Content-Type
application/xml;charset=UTF-8
Access-Control-Allow-Origin
https://www.publinews.gt
Cache-Control
max-age=0, no-cache, no-store
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
67
x-sticky-vk
1661962590888092-538
Expires
Wed, 31 Aug 2022 16:16:31 GMT
auction
prebid-server.rubiconproject.com/openrtb2/ 		184 B
407 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid-server.rubiconproject.com/openrtb2/auction
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/libs/prebid/avpb6.27.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.184.57.192 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-184-57-192.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
499a149f014a53bc1b17c5c62774a4bb76fad9be62144e7f5bb216565efc3d17

Request headers

Referer
https://www.publinews.gt/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 31 Aug 2022 16:16:30 GMT
content-encoding
gzip
x-prebid
pbs-java/1.97.0
content-type
application/json
access-control-allow-origin
https://www.publinews.gt
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
172
expires
0
prebid
prebid.media.net/rtb/ 		892 B
556 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.media.net/rtb/prebid?cid=8CUK67P42
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/libs/prebid/avpb6.27.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.107.148.139 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
139.148.107.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
baa2157a6948a4618a64b7a61ba943748708cc157b3290a69f993d2532050979

Request headers

Referer
https://www.publinews.gt/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 31 Aug 2022 16:16:31 GMT
content-encoding
gzip
server
nginx
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://www.publinews.gt
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
alt-svc
clear
via
1.1 google
prebid-request
onetag-sys.com/ 		15 B
363 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/prebid-request
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/libs/prebid/avpb6.27.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.38.120.206 , France, ASN16276 (OVH, FR),
Reverse DNS
ip206.ip-51-38-120.eu
Software
/
Resource Hash
663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://www.publinews.gt/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
Content-Type
text/plain

Response headers

strict-transport-security
max-age=15552000
content-encoding
gzip
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
access-control-allow-origin
https://www.publinews.gt
cache-control
no-transform, no-cache
access-control-allow-credentials
true
content-type
application/json
access-control-allow-headers
content-type, origin, referer, user-agent
content-length
41
mvo
tag.1rx.io/rmp/237356/0/ 		0
164 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://tag.1rx.io/rmp/237356/0/mvo?z=1r&hbv=6.27,2.1
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/libs/prebid/avpb6.27.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
213.19.147.42 Beverwijk, Netherlands, ASN3356 (LEVEL3, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.publinews.gt/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.publinews.gt
pragma
no-cache
date
Wed, 31 Aug 2022 16:16:31 GMT
cache-control
private, max-age=0, no-cache, no-store
access-control-allow-credentials
true
translator
hbopenbid.pubmatic.com/ 		0
61 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/libs/prebid/avpb6.27.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.publinews.gt/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.publinews.gt
date
Wed, 31 Aug 2022 16:16:29 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
v1
prg.smartadserver.com/prebid/ 		171 B
558 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prg.smartadserver.com/prebid/v1
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/libs/prebid/avpb6.27.0.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.86.138.121 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
966ae054fb01b6518dd949476622ad377803b83ff8f0bc5bfd6fecfb91930068

Request headers

Referer
https://www.publinews.gt/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 31 Aug 2022 16:16:30 GMT
content-encoding
br
vary
Accept-Encoding, Origin
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
access-control-allow-origin
https://www.publinews.gt
cache-control
no-cache,no-store
transfer-encoding
chunked
access-control-allow-credentials
true
content-type
application/json; charset=UTF-8
PBJS
c2shb.pubgw.yahoo.com/admax/bid/partners/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://c2shb.pubgw.yahoo.com/admax/bid/partners/PBJS
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
18.156.195.47 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-156-195-47.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.10.25 /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-openrtb-version
Access-Control-Request-Method
POST
Origin
https://www.publinews.gt
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
X-Requested-With,Content-Type,X-Openrtb-Version
access-control-allow-methods
GET,POST,OPTIONS
access-control-allow-origin
https://www.publinews.gt
access-control-max-age
600
age
0
content-length
0
date
Wed, 31 Aug 2022 16:16:30 GMT
server
ATS/9.1.10.25
vast
bid.g.doubleclick.net/dbm/ 		38 KB
17 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://bid.g.doubleclick.net/dbm/vast?dbm_c=AKAmf-Af1xXBKhXCgshgp0BVQY2EFRQyiZ3EksbWghbLaAe3cGGXOlD9LoMTn-O1Cu72a9V9-Kqt2lUCTkDnvtfas1gA2Fe0Rw&cry=1&dbm_d=AKAmf-BLL5MsXTvFGA9ilrnFajBN9Ysvpq6vvub1UgbSYJcBqcnrlc0yXpGBPfFXK27OGAfm-G13ubZDSoVlH1rhVFa53bwvjWnB-Sho6BektRCbXBQjdWPzn5CU57PpeENSEOB0zvj2TkL7zxG4B9K8yXQ4vI8hOpOaVMwlLC2qfD-jQjw0wofeSB3QjIk9JPL-O--dA8y0Ec36cZ2TqwffSKmali9IeIfSWMJuiftW7AR-FIGYnEvc7YfH0cFQe1S2G80kF7t-eYTtInSpfYl3mMwPsOoT_v2EFzctNpKMcZBm_z80AkkJ_teNu8-8V35Ui2Wp5zltVl_41zZZBDVuJBtnnwNgf0LWvAORpIRV9WOqezoeN4InD071bXvpfQuEJiL4o1l-38-1HCVk3SLyDW0u8aRL0bFSMdRM0ZsOILMDreLleWD5adSbb_T8Y--TWtxptV1NR9xQnY5rzF8w9jO34Oe53-d7BSuD_Rmz_mwfDH_OmSA9Gvj_ZiCYYBYbN9MKzGn2O3xIJAa6U1QHeuqjRO3xBRH_CSxlv57ZUQPb89LXakMW6wLjnvo3TQWl9qh5hQ7rCnCBCTD1DJ8x5-e9mCNqqZr9ObY4h5gwjlFO3rhsqHAFjMb0TplZFQ_q-FSPAIsEpOFLegBEpO58KgLEH5pCyXK4-hvfDir1xlLSspY5Fhx3ROEaLMg-FP9sd6SY6pIfLbUVVKWX46YKHtAEvKr0pNv5NQdXQDXO4VvuTNU4gG4Kbjzoa_ukJxEKo8PdwSljcefPYXXhs2ZOtW3oJJkFv5RojVOU7TifSt7IaKd5vbrKy6V_OWyhwbUqNZw5OrAWsPx8KrCAb61H-S0IVCjnK7_fz9seBYHuoBLrPz3TIa28_1RBIaekQgWEZNsDgUEV9FchgjALbgsmDoyMHKjQFZ9moE_onJVtEK8bjg-t6zvI95wg9WYiYyBpjALKMoQtLJsUdDyK-UW63QaeDlcN0w77RfAnrvXmRDWjvXjt323sT4DXBTe5ByABufcEQYPGTZTdwNYEGllsp_LhxZpxRDN8GdfPKcCrcKh_YSQ9PVQZ2rdjad_B0PuGEyYQRlXmH_MawD-VQm5_nI0hO5Bauo450x13wyLVjMaEdeP3TCTZBBRQ3eaGjOjSkD1nv445uzBdkHT1UW-V3s4Qy5-ztq9Jir-TvjCnv7p0b9OxX921zWupqBej7vhf5Z3grmL5fgTIYqi5lXgyDfblzSIp5_xtE1OBg5P98WcL5r5EAvQTL1kN2eVYEZatl5J3V9Zsns-hmPI-vho1J5H28KTcHAdSVLy-WNTXlg0Cj4Sf8Sy6UM_pqsJuFqQ55YAhgu0oHptPEniuRmn6bKLWVjBtSy_0aRKtaTtQA-fdmrLk3twOD6wL5_sJ6UmTyxhkMK5T1bIjCmg10vXBmWUiHMlmQL0ZCaW2N8hXYruOhuHKXluY74M_eGALyyNvJiQ8ZjGJmSWYlmKqvkl5m9-GxOibMhRg3AqOXkSWipcndGcUuJC81YpQlRT4hslTXP3ctEISJlXzg3UxX1wGvS5LVI_FZgtx1GWPmYGU7tPwpl1Ebvoumgh3cHc0RlOEc-D7rRBSHBt_UxCfyf4Xf6o6sMw-FzMQ6PvR_x0Pwb_VeCKRtviYoGUcUKjZ60szm94nvbf8HAENtq7Yhw07TTW5FiWREg6GA-yMS_jo7U7cZrTDgkF8YyjR0idxgRlPcGXGvr0hL1ctOJOLh83xVapiuB-_hZI1365N7RUK1l1xc-12FPp3EiK6CKPAevrPwGbpcE6K8iv-iO1EBi3esVwA3hOwmeESNXePc9QyUG7RjyPYD0C0ZVht3T086FI56wzLpzukegwrJ5Gy2Q-eAkUXOf_Wbyol3oOKYBxjf42IQ9rIxyY-WiLx3awYumkQ3ZSZLmrjYjfQIAfjlzw6uwZxycYuJqrWUkDG5QmGIJhQz7rr0ZiiKejup6UTcVDYGMhEiK9MfVcj5TnqyEKp0bQirjzd6DgxqFoHSpmsnPaN7UguICCUDyTBh2ifM85Dz8laKE8SxJfIGiUsRJwMEHOsHgwCo9-qY6bNTNZ4ftyY-AhR-dhJWpYESox32D2eNhlRCPj5mxm3c5WT8KubAXCa_Zu8o1Tk0UrOF8-Pxxsik_Fko80TD64KyKXwlzONsczs_eM4kvzIeyGzk-B45nxIutUHnqX5Uamu85YxyNXPnzuC5AyAwa4dLl4AWukdqcYCxm3NUxQJo8Z011dh9bK1KwotVgNRPoYgvrPYI-ACwOqNEzB9RaHYswxDhhTDcYrDdXFfYVTdTWh3t7osbvNn-_dBGzsDyLaUyrgsTa31uBJ045pAIKxwuW_cawFrzVmD_8AzJfSXFmC1dHp_eiIwSuYkxTkM0hMPeBSgTeYsFB4Mq9W1jVV_Dy8u8qRmhXXMbx1HS-vrgtU4VEZngFAle1qqu4EOFHvG8KEJPLugarQwVAiGHlO_ydTKw8v0mO01r0hn0sQGc4ysX2-L8MdZBXrx0q1NDRqzf2TpHr4WkVI5uIChiRrLsftTEPNaliwfM84HYKnXpZ3S1sjZ8BuzWec10eryYJiqig0djsVbqxClbDM0I7dKb2r7S0qUGt0EDHV1uuKntDk8BLfynbsOeelxbl5jNbgyQt1AMik8XvNqnHbPbiexvyhZPif8kwxNlGzkNHL_B_k0FKvKM0IbbuaIDv7XakfTdm2cMhoG5ZEijLbPlrQoqZKTqaXzOwVmYgf_DHyKbkx58F5BpDxOJ82ZvcPkZ-AnaS73Mn5hHqWe65RFerMqJNdhzsrllpYT5pote6jBNBSa6xc3lJY_E2plvIM9GNtXLEcQCU5vV8ZZ--mYkNfxpfWcr5HOXEUQLSbm0UtM4ZpNnjaHU35sg-u7eezu1mFMOKTlIfAkhA8tgOhTP55fCkU-Jwf5Ki8urKZg_gs5RM8mNnYpc3o-TnhXPY5wmW1Cm9IJIL_ghnbcrHjYG7uQDd7RpJRn-nlNpg4WJYF0aAPchakcldcegxqli5virw2h6hdX4R5bdFBDcQH-A02AA6Id_SnvyWtWfOQptDegODeUmRWw25ttJSosiFPZ115r1H_o7NuUqiOp0HaVvw1LVnMUfN3gn84Ib_4YogTpqUoy3wUl6FYtCH6JzkhDD7773UiEJfHPwynxjW-bgCzydOq02bs_55YJffzw295WPxUudNgrnOF5OLqjXV7hE-aTE_3eGjNAwxfZaMzWtlININJJWWrsF1CaeDBss8rxaYTDhmJlz9n66WJK6QT_nL1x87m-KlrHx4bq9xMDlm9uJyXm6CXecBBimJwt8GiDRNBSmNVqJ3vVR9P48uCsJ-5dlts7aT4YTrxCYIfA4-usKM_oYRjSKD2uc4GC&cid=CAASEuRopHnEDyhGrkWwy_xDBtdkdA&pr=8:68266C9E1E4D43C1
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5d31fb2628a06116ff22aef3
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
173.194.76.155 -, , ASN (),
Reverse DNS
Software
cafe /
Resource Hash
a7fa71de896d25e47ebb1f9a28d0985b4a12e424c127e3b17beec02b1dfc9ed3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.publinews.gt/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Wed, 31 Aug 2022 16:16:31 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
16673
x-xss-protection
0
pragma
no-cache
server
cafe
content-type
text/xml; charset=UTF-8
access-control-allow-origin
https://www.publinews.gt
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
track
track1.aniview.com/ 		0
70 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://track1.aniview.com/track?d=Chrome&cou=DE&cos=Windows&r=www.publinews.gt&rs=www.publinews.gt&sid=70379&t=1661962584&cip=185.213.155.166&sn=&tgt=0&osv=10&bv=105.0&brn=Chrome&wi=300&he=169&app=&AV_PUBLISHERID=5d31fb2628a06116ff22aef3&test=&aafaid=&proto=https&uid=1661962584249-915558184916-007205-002-006677&cha=0.7&stagid=62a37b4eabc9f014c02c6f24&stplid=62a21cd2219bc9403f4ec8d5&d35=&d36=6.2.52&cb=48065694989&d39=&d65=&apppkg=&d9=1000&d37=realtime&AV_WIDTH=300&AV_HEIGHT=169&nid=5d31fb2628a06116ff22aef3&ncid=5f4452d76e685a1c474b9879&e=bid&cb=1661962591269&asid=5e4aca1528a06178f4750a16&ofpr=&fpo=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.226.74.25 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-226-74-25.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.publinews.gt/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Wed, 31 Aug 2022 16:16:31 GMT
cache-control
max-age=0, no-cache, no-store
content-length
0
vpaid_adapter.js
imasdk.googleapis.com/js/sdkloader/ Frame D482 		44 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/sdkloader/vpaid_adapter.js
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5d31fb2628a06116ff22aef3
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400e:811::200a -, , ASN (),
Reverse DNS
Software
sffe /
Resource Hash
be8cbe512987770fc4cb5f8caf77683e9a274ae3c60987abecf91ad6f78fc869
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.publinews.gt/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Wed, 31 Aug 2022 16:03:22 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
789
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
16258
x-xss-protection
0
last-modified
Mon, 29 Aug 2022 20:45:25 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type
text/javascript
cache-control
public, max-age=900
accept-ranges
bytes
expires
Wed, 31 Aug 2022 16:18:22 GMT
ima3.js
imasdk.googleapis.com/js/sdkloader/ Frame D482 		376 KB
125 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/sdkloader/ima3.js
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/vpaid_adapter.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400e:811::200a -, , ASN (),
Reverse DNS
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.publinews.gt/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Wed, 31 Aug 2022 16:16:31 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
128229
x-xss-protection
0
expires
Wed, 31 Aug 2022 16:16:31 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
google2waycm.netmng.com
URL
https://google2waycm.netmng.com/cm/?google_gid=CAESEKWc0BNCKRvUPFjUbcYgdls&google_cver=1&google_push=AehlK4Dho_KO9v2NaVXo4rWGyAeBvw28jXTIouwKhpkZhSMrAp_-7MPbQqLgaSEWL_3KbJclvz_PAamXfpKVLKvYvEeMZYuRx8Q
Domain
googlecm.hit.gemius.pl
URL
https://googlecm.hit.gemius.pl/googleredir?rid=tknhntsqez&id=ndBK6L_fzwx7rssCbe8.iLes3yi8eMbF6r2JE6Xu.b7.N7&google_gid=CAESELwT9AJTruq8Zt-BPv1HqHM&google_cver=1&google_push=AehlK4Cqx_J_GrZ4hxDcDe5Uwe4B0uizNi7ObjeD8ujaWSKuo6K8Grr-LLzZFwdk3q_SN34F-pf_PkKGzZgivam70x2fzNL01FDY
Domain
sync.adaptv.advertising.com
URL
https://sync.adaptv.advertising.com/gg_pixel?google_gid=CAESEB9wUQXOuyt2vaqneYn441I&google_cver=1&google_push=AehlK4CMoOxDySJ6IoL75uTHDeUiFZFbh2t4JZhDOKOn_1XrX2w3Yb9RUM0SD3510axnATY4numWYzsGWUeiMk_QpaaSZVuKc8ug
Domain
googleads.g.doubleclick.net
URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-video-pub-3769010358500643&slotname=57e618150c70d90_video_27_190507835&ad_type=video&description_url=https%3A%2F%2Fwww.publinews.gt%2Fgt%2F&max_ad_duration=30000&videoad_start_delay=0&vpmute=1&vpa=auto
Domain
googleads.g.doubleclick.net
URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-video-pub-3769010358500643&slotname=57e618150c70d90_video_27_190507835&ad_type=video&description_url=https%3A%2F%2Fwww.publinews.gt%2Fgt%2F&max_ad_duration=30000&videoad_start_delay=0&vpmute=1&vpa=auto
Domain
api.rlcdn.com
URL
https://api.rlcdn.com/api/identity/envelope?pid=1258

Verdicts & Comments Add Verdict or Comment

179 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 object| 9 object| 10 object| 11 object| 12 object| 13 object| 14 object| 15 object| onbeforeinput object| oncontextlost object| oncontextrestored function| structuredClone object| launchQueue object| onbeforematch function| getScreenDetails function| queryLocalFonts object| navigation string| ajaxurl undefined| $ function| jQuery function| gtag object| dataLayer object| teads_analytics object| apd_options object| googletag object| ggeac object| google_tag_data object| google_js_reporting_queue function| parcelRequire object| google_tag_manager string| GoogleAnalyticsObject function| ga boolean| fifabAlready function| fi_fab function| onYouTubeIframeAPIReady object| gaGlobal boolean| google_measure_js_timing object| googleToken object| googleIMState function| processGoogleToken number| google_unique_id number| google_srt object| google_logging_queue number| tmod object| google_ad_modifications object| google_persistent_state_async object| google_reactive_ads_global_state object| adsbygoogle boolean| _gfp_a_ object| google_sa_queue function| google_process_slots function| google_spfd object| google_sv_map number| google_rum_task_id_counter string| google_user_agent_client_hint undefined| commonInit function| visibilityEventsManagerDOM function| visibilityEventsManager function| scrollEventsManager function| DeviceDetector object| FI object| JSON_PIWIK object| _fipaq object| FIPiwik object| AnalyticsTracker function| fiQuery object| gaplugins object| gaData object| su_image_carousel_630f8953b3d90_script object| $narrowScreen object| fiUtils object| $FIslowSelectors object| $FIInfinityScroll object| $InContentAutoSelector object| reviveAsync number| google_lpabyc function| google_sa_impl boolean| _gfp_p_ object| google_image_requests number| google_global_correlator object| google_prev_clients object| ampInaboxIframes object| ampInaboxPendingMessages object| __twttrll object| twttr object| __twttr object| ajax_tptn_tracker function| EvEmitter function| imagesLoaded object| herald_js_settings function| Cookies function| _ object| _wpUtilSettings object| wp object| wpreview function| wp_review_rate function| jQueryBridget function| getSize function| matchesSelector object| fizzyUIUtils function| Flickity function| Unipointer function| Unidragger object| SUShortcodesL10n object| SUImageCarousel object| firebase undefined| MsgElem undefined| TokenElem undefined| NotisElem object| ErrElem object| config function| isTokenSentToServer function| setTokenSentToServer function| b2a function| a2b function| ai_run_scripts function| ai_wait_for_jquery function| b64e function| b64d object| ai_front number| ai_jquery_waiting_counter function| AiCookies function| ai_check_block function| ai_check_and_insert_block function| ai_get_cookie_text function| ai_insert function| ai_insert_code function| ai_insert_list_code function| ai_insert_viewport_code function| ai_insert_code_by_class function| ai_insert_client_code boolean| ai_process_elements_active boolean| ai_js_code object| teadsscript function| ai_process_lists object| _mgIntExchangeNews object| MarketGidInfC1129387 boolean| mg_loaded_708914_1129387 object| teads object| aniplayerPos object| onClickExcludes function| mgReject1129387 function| mgLoadAds1129387_12bcf function| MarketGidCReject1129387 function| MarketGidLoadGoods1129387_12bcf object| _mgq function| _mgqp number| _mgqt number| _mgqi object| _mgPageViewEndPoint708914 string| _mgCanonicalUri object| _mgPageView708914 string| _mgPvid function| avPlayer object| storageAni boolean| i.js.loaded boolean| i-noref.js.loaded object| freewheelssp_cache object| PWT object| pbjs function| owpbjsChunk object| owpbjs boolean| _mgPubmaticExists object| ID5 object| GoogleGcLKhOms object| zeotap function| idpjs function| arrive function| unbindArrive function| leave function| unbindLeave

103 Cookies

Domain/Path Name / Value
.mgid.com/ Name: __cf_bm
Value: JBEnqHtuAAIaV03KQo8eupCbCSgCfwsztSB7nD_1ZpU-1661962582-0-AbADcS7FcbhCnuDVZHvuBRn+DkPCNbHyG/qRDWtXJXDdX4lsu2/ufEUysOtFkf5XQASOy3LAyZoEco9Plg2VLL8=
.publinews.gt/ Name: _ga_1JWRY3SKE9
Value: GS1.1.1661962582.1.0.1661962582.60.0.0
.publinews.gt/ Name: _ga
Value: GA1.2.691347407.1661962582
.publinews.gt/ Name: _gid
Value: GA1.2.190023625.1661962582
.publinews.gt/ Name: _gat_gtag_UA_53456215_1
Value: 1
.publinews.gt/ Name: _gat_UA-90285-12
Value: 1
.publinews.gt/ Name: _gat_UA-52170176-1
Value: 1
.publinews.gt/ Name: _gat_gtag_UA_52170176_1
Value: 1
.publinews.gt/ Name: _gat_UA-53456215-1
Value: 1
.publinews.gt/ Name: _gat_gtag_UA_90285_12
Value: 1
adserver.latinon.com/ Name: OAGEO
Value: 2%7CDE%7CEU%7C1%7CFrankfurt%20am%20Main%7C60326%7C50.1049%7C8.6295%7C20%7CEurope%2FBerlin%7C%7CHE%7C%7C%7C%7C%7C%7C%7C%7C%7C%7C%7C%7C%7C%7C%7C
cdn.firstimpression.io/ Name: OAID
Value: GDPR
adserver.latinon.com/ Name: OAID
Value: 01000111010001000101000001010010
.publinews.gt/ Name: _ga_5QX73SF3RL
Value: GS1.1.1661962582.1.0.1661962583.59.0.0
.doubleclick.net/ Name: IDE
Value: AHWqTUlyWvHSSUOmrIB2OAa5i_DVfHZXxT84Ff60qTUoLykapqHoLTLuNniU7IB0_xk
.casalemedia.com/ Name: CMID
Value: Yw.JV2VdAdTCKpuRnEKM-AAA
.casalemedia.com/ Name: CMPS
Value: 1201
.casalemedia.com/ Name: CMPRO
Value: 1201
.adnxs.com/ Name: uuid2
Value: 6343795821999057349
.w55c.net/ Name: wfivefivec
Value: BWP29tC81Otqo75
.redintelligence.net/ Name: 8lcfmzhxc8d6_uid
Value: ffbce4508a5cd929
.adform.net/ Name: C
Value: 1
.w55c.net/ Name: matchgoogle
Value: 5
.lijit.com/ Name: ljt_reader
Value: FPRwuGZHrS58B9CrSf-mfroY
.tidaltv.com/ Name: tidal_ttid
Value: 08b9162b-93ec-4d7a-a49d-993d2d305813
.publinews.gt/ Name: __gads
Value: ID=d1c1db6dc49d7b38:T=1661962582:S=ALNI_MbTLN_JvkTZlBUjdrQuKaEXHvXxaA
.adform.net/ Name: uid
Value: 4645018222882579592
.tidaltv.com/ Name: sync-his
Value: "H4sIAAAAAAAAADM0NjIyszI0sgAA17Bj8wkAAAA="
.adnxs.com/ Name: anj
Value: dTM7k!M41.D>6NRF']wIg2GU(q*<HM!]tbPl1M>e)ZlrFUfJ+tGXxoLbT5Z![Rk_eFo$1n8]FbgXOz$1^NFl(vj!)*3If)y3KL9D3I?+KmE57V
.quantserve.com/ Name: d
Value: EEABCQH-JoEA
.quantserve.com/ Name: mc
Value: 630f8957-db3c3-b835a-46fa7
.adtriba.com/ Name: atbgdid
Value: 5bde3545-624e-4b0f-8393-6cd2a766e97e
.casalemedia.com/ Name: CMTS
Value: 5157
pb.media01.eu/ Name: ASP.NET_SessionId
Value: jybielpqt15ai3tldvopj40o
pb.media01.eu/ Name: DTU
Value: 44C77AABBF4B59803D6C65A6C93E7B3F
.bidswitch.net/ Name: tuuid
Value: 544e4387-2b17-4c79-8d61-e18836c8a205
.bidswitch.net/ Name: c
Value: 1661962584
.bidswitch.net/ Name: tuuid_lu
Value: 1661962584
.blismedia.com/ Name: b
Value: 630F8958FBF740C852DCF819BLIS
.1rx.io/ Name: _rxuuid
Value: %7B%22rx_uuid%22%3A%22RX-8df3ac68-2224-4add-a78f-e992acbeb876-003%22%7D
.innovid.com/ Name: uuid
Value: 59805242-ef25-4f24-91e0-1b46c708863a-20220831 12:16:24
www.publinews.gt/ Name: MgidStorage
Value: %7B%220%22%3A%7B%22svspr%22%3A%22%22%2C%22svsds%22%3A1%7D%2C%22C1129387%22%3A%7B%22page%22%3A1%2C%22time%22%3A1661962584153%7D%7D
.targeting.unrulymedia.com/ Name: _rxuuid
Value: %7B%22rx_uuid%22%3A%22RX-8df3ac68-2224-4add-a78f-e992acbeb876-003%22%7D
.e.dlx.addthis.com/ Name: na_tc
Value: Y
ads.avct.cloud/ Name: uuid
Value: 6be379e6-f32c-4af3-8ea1-21ff24ddc501
.aniview.com/ Name: aniC
Value:
.addthis.com/ Name: na_id
Value: 2022083116162400094808641066
.addthis.com/ Name: na_tc
Value: Y
.addthis.com/ Name: uid
Value: 630f8958bce3c6a3
.addthis.com/ Name: ouid
Value: 630f89580001f252de2dffca11377b7f230dc63f0df075bc5292
.dlx.addthis.com/ Name: na_rn
Value: 0
.dlx.addthis.com/ Name: na_sr
Value: 20220831
.dlx.addthis.com/ Name: na_srp
Value: 3614
.dlx.addthis.com/ Name: na_sc_e
Value: 0
.awin1.com/ Name: awpv11938
Value: 412871|1661962584|42619930-2948-11ed-96ab-2230957fd0f4
.congstar.de/ Name: staticentry
Value: %7B%22spfr%22%3A%22412871%22%2C%22awc%22%3A%2211938_412871_1661962584_42619930-2948-11ed-96ab-2230957fd0f4%22%2C%22sp%22%3A%22awin%22%7D
.csync.loopme.me/ Name: viewer_token
Value: 8054a25d-7ff0-4918-b275-d01f1afe9208
.360yield.com/ Name: tuuid
Value: 6585fe84-1325-496b-b805-3da3a97c944c
.360yield.com/ Name: tuuid_lu
Value: 1661962584
.aniview.com/ Name: 2_C_200
Value: OPTOUT
sync.aniview.com/ Name: 2_C_200
Value: OPTOUT
bh.contextweb.com/ Name: INGRESSCOOKIE
Value: ec45735e03aad0a5
www.publinews.gt/ Name: _pbjs_userid_consent_data
Value: 3524755945110770
.publinews.gt/ Name: _pubcid
Value: b9bbb4bb-7a8e-4cd5-9ccf-7f67a7dd4f23
.awin1.com/ Name: awpv11354
Value: 412871|1661962585|42d01270-2948-11ed-b38a-2238c37626e7
.awin1.com/ Name: awpv14098
Value: 412871|1661962585|42d20e40-2948-11ed-89c6-2237875fe73c
.awin1.com/ Name: AWSESS
Value: 429086:2519498
.rubiconproject.com/ Name: khaos
Value: L7HTM22U-1-77HF
.rubiconproject.com/ Name: audit
Value: 1|hLZGFuTafB2pAmuP7rJlRDVX7VFeu/j1Znc83WbiLoP/n9ZOre5jNz4qU5i/OZ85oHEYQm0jtgnMboWaW1ii7R8Ia7lI5uZ/
ads.stickyadstv.com/ Name: UID
Value: e5641b54d98a99bf9c6a46754b9ffa4b
.zenaps.com/ Name: awpv11354
Value: 412871|1661962585|42d01270-2948-11ed-b38a-2238c37626e7
.zenaps.com/ Name: AWSESS
Value: 377129:2470185
www.conrad.de/ Name: HTLP_timestamp
Value: 1661962586
www.conrad.de/ Name: CEAffHA
Value: YD
.www.conrad.de/ Name: __cf_bm
Value: wU1Lekxe8psCLk.lHaKeKPNWmzAn5xbU4i16aeMPzxU-1661962586-0-ASuzECWehsD2U7E6mc6id3J5oFssrjzeQujRXiv47wDT0/NaFNWSHh7JYsz8QvQW0Gu/qdlml1Y2lFHX7qBXFVw=
www.publinews.gt/ Name: cto_bidid
Value: ninRll9Wc2VmWnQyb05JV2Q4Q09IcmthZzZGdTR0a0ZXQXRrSW1KYlE1VWRRU2lJSFB1WW54VkslMkYzcWdaOGpYN3p0REpDdER4aFZ0ZjE4MVlrTXpMckNwYk53JTNEJTNE
www.publinews.gt/ Name: cto_bundle
Value: LoldcV9ZWDZXMmQxZSUyRlFTU2h2S2NDbmU4WjR6UXlLN0hYaGhuUURiVG5vSzlJUGNmMnBxaTEzd1J6ZU1TMEVzQkdZMnNpJTJCYTZscVY1NjVUQmJCM0NjUFZNTFd6c0toNkY1c1JEcWFoSmpiZ2xKNk4lMkZJV1ZjblNHZDZDJTJCY0tPbnp4RUs0
.ads.stickyadstv.com/ Name: updated
Value: 1
.ads.stickyadstv.com/ Name: sessionId
Value: 9a27232e886aeb733ec3c4acb764e133
.ads.stickyadstv.com/ Name: UID
Value: e5641b54d98a99bf9c6a46754b9ffa4b
ads.stickyadstv.com/ Name: sessionId
Value: 9a27232e886aeb733ec3c4acb764e133
.fwmrm.net/ Name: _uid
Value: "pc026_7138074954046140882"
.ads.stickyadstv.com/ Name: uid-bp-36033
Value: pc026_7138074954046140882
.ads.stickyadstv.com/ Name: MRM_UID
Value: pc026_7138074954046140882
ads.stickyadstv.com/ Name: uid-bp-36033
Value: pc026_7138074954046140882
ads.stickyadstv.com/ Name: MRM_UID
Value: pc026_7138074954046140882
ads.stickyadstv.com/ Name: uid-bp-159
Value: CAESECzdv0smHsw9cv0YfZ1dzOI
.ads.stickyadstv.com/ Name: uid-bp-159
Value: CAESECzdv0smHsw9cv0YfZ1dzOI
.amazon-adsystem.com/ Name: ad-privacy
Value: 0
.ads.linkedin.com/ Name: lang
Value: v=2&lang=en-us
.linkedin.com/ Name: bcookie
Value: "v=2&2a7bc597-7e95-4859-8bc6-bf029d2ec7f9"
.linkedin.com/ Name: li_gc
Value: MTswOzE2NjE5NjI1ODY7MjswMjF7vGoycDq+uCm6Qk40k6cP47ktNC+laZgKF4UrwzxAew==
.linkedin.com/ Name: lidc
Value: "b=OGST04:s=O:r=O:a=O:p=O:g=2703:u=1:x=1:i=1661962586:t=1662048986:v=2:sig=AQFlIKX1xvSdiAPUs5H44ia_Im5r0kwK"
.amazon-adsystem.com/ Name: ad-id
Value: A4BykDHVNEmwvPZxlXmI8dI
.publinews.gt/ Name: zpstorage_MA%3D%3Dconsentpublinews.gt
Value: eyJyZXNvbHZlZCI6dHJ1ZSwiY29uc2VudFN0cmluZyI6IiIsImdkcHJBcHBsaWVzIjpmYWxzZSwidHJhY2siOnRydWUsImlkZW50aWZ5Ijp0cnVlLCJjb29raWVTeW5jIjp0cnVlLCJ2ZW5kb3JDb25zZW50Ijp0cnVlfQ%3D%3D
www.publinews.gt/ Name: _lr_retry_request
Value: true
www.publinews.gt/ Name: _lr_env_src_ats
Value: false
www.publinews.gt/ Name: pbjs-unifiedid
Value: %7B%22TDID_LOOKUP%22%3A%22FALSE%22%2C%22TDID_CREATED_AT%22%3A%222022-08-31T16%3A16%3A27%22%7D
.publinews.gt/ Name: cto_bundle
Value: t2nQMl8yVDhvTXp3UGY1aUhSRzdjRjQxcE1RMjFwS2Y2bkZOSzN1NWp0azJ1ZzRSVXJQJTJGZmNVaGtZTXNNZ2Jsd3RUZ0tXWE9YZlNobm82eWk1TDVKYm1taWZRNVkxQVB5aHFnakZIMHRGQlY1d3FpMXlWdTA5Zm9vczVSalBFd3BkNno1
.www.publinews.gt/ Name: cto_bundle
Value: t2nQMl8yVDhvTXp3UGY1aUhSRzdjRjQxcE1RMjFwS2Y2bkZOSzN1NWp0azJ1ZzRSVXJQJTJGZmNVaGtZTXNNZ2Jsd3RUZ0tXWE9YZlNobm82eWk1TDVKYm1taWZRNVkxQVB5aHFnakZIMHRGQlY1d3FpMXlWdTA5Zm9vczVSalBFd3BkNno1
.publinews.gt/ Name: cto_bidid
Value: zxi9XF82RjdSYXdsTVppSW9YNVJkSUxOYlZTQmhtWVlTM1U3R1puSWpjTzloUlNzTnVGV1YxajlZcXdFMmx4UDl2Qm9aTWxEYnlBa3ZXYnZQNWVjMmtBNVgzUSUzRCUzRA
.www.publinews.gt/ Name: cto_bidid
Value: zxi9XF82RjdSYXdsTVppSW9YNVJkSUxOYlZTQmhtWVlTM1U3R1puSWpjTzloUlNzTnVGV1YxajlZcXdFMmx4UDl2Qm9aTWxEYnlBa3ZXYnZQNWVjMmtBNVgzUSUzRCUzRA
.publinews.gt/ Name: panoramaId_expiry
Value: 1662048987443

10 Console Messages

Source Level URL
Text
javascript warning URL: https://www.googletagservices.com/tag/js/gpt.js(Line 9)
Message:
A parser-blocking, cross site (i.e. different eTLD+1) script, https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022082501.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript warning URL: https://www.googletagservices.com/tag/js/gpt.js(Line 9)
Message:
A parser-blocking, cross site (i.e. different eTLD+1) script, https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022082501.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
network error URL: https://googlecm.hit.gemius.pl/googleredir?rid=tknhntsqez&id=ndBK6L_fzwx7rssCbe8.iLes3yi8eMbF6r2JE6Xu.b7.N7&google_gid=CAESELwT9AJTruq8Zt-BPv1HqHM&google_cver=1&google_push=AehlK4Cqx_J_GrZ4hxDcDe5Uwe4B0uizNi7ObjeD8ujaWSKuo6K8Grr-LLzZFwdk3q_SN34F-pf_PkKGzZgivam70x2fzNL01FDY
Message:
Failed to load resource: net::ERR_ADDRESS_UNREACHABLE
network error URL: https://sync.adaptv.advertising.com/gg_pixel?google_gid=CAESEB9wUQXOuyt2vaqneYn441I&google_cver=1&google_push=AehlK4CMoOxDySJ6IoL75uTHDeUiFZFbh2t4JZhDOKOn_1XrX2w3Yb9RUM0SD3510axnATY4numWYzsGWUeiMk_QpaaSZVuKc8ug
Message:
Failed to load resource: net::ERR_NAME_NOT_RESOLVED
javascript error URL: https://www.publinews.gt/gt/
Message:
Access to fetch at 'https://googleads.g.doubleclick.net/pagead/ads?client=ca-video-pub-3769010358500643&slotname=57e618150c70d90_video_27_190507835&ad_type=video&description_url=https%3A%2F%2Fwww.publinews.gt%2Fgt%2F&max_ad_duration=30000&videoad_start_delay=0&vpmute=1&vpa=auto' from origin 'https://www.publinews.gt' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource. If an opaque response serves your needs, set the request's mode to 'no-cors' to fetch the resource with CORS disabled.
network error URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-video-pub-3769010358500643&slotname=57e618150c70d90_video_27_190507835&ad_type=video&description_url=https%3A%2F%2Fwww.publinews.gt%2Fgt%2F&max_ad_duration=30000&videoad_start_delay=0&vpmute=1&vpa=auto
Message:
Failed to load resource: net::ERR_FAILED
javascript error URL: https://www.publinews.gt/gt/
Message:
Access to fetch at 'https://googleads.g.doubleclick.net/pagead/ads?client=ca-video-pub-3769010358500643&slotname=57e618150c70d90_video_27_190507835&ad_type=video&description_url=https%3A%2F%2Fwww.publinews.gt%2Fgt%2F&max_ad_duration=30000&videoad_start_delay=0&vpmute=1&vpa=auto' from origin 'https://www.publinews.gt' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource. If an opaque response serves your needs, set the request's mode to 'no-cors' to fetch the resource with CORS disabled.
network error URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-video-pub-3769010358500643&slotname=57e618150c70d90_video_27_190507835&ad_type=video&description_url=https%3A%2F%2Fwww.publinews.gt%2Fgt%2F&max_ad_duration=30000&videoad_start_delay=0&vpmute=1&vpa=auto
Message:
Failed to load resource: net::ERR_FAILED
javascript error URL: https://www.publinews.gt/gt/
Message:
Access to XMLHttpRequest at 'https://api.rlcdn.com/api/identity/envelope?pid=1258' from origin 'https://www.publinews.gt' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network error URL: https://api.rlcdn.com/api/identity/envelope?pid=1258
Message:
Failed to load resource: net::ERR_FAILED

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

1f2e7.v.fwmrm.net
a.teads.tv
aax-eu.amazon-adsystem.com
abs-0.twimg.com
abs.twimg.com
ad-server.eu
ad.360yield.com
ad.doubleclick.net
ad4m.at
ads.avct.cloud
ads.emisorasunidas.com
ads.pubmatic.com
ads.stickyadstv.com
ads.yahoo.com
adserver.latinon.com
adservice.google.com
adservice.google.de
ag.innovid.com
ajax.googleapis.com
analytics.webgains.io
ap.lijit.com
api.rlcdn.com
api.webgains.io
as.ad4m.at
assets.ad4m.at
at.teads.tv
b646121064d0d0dec321ab1288f34722.safeframe.googlesyndication.com
banner.congstar.de
bh.contextweb.com
bid.g.doubleclick.net
c.amazon-adsystem.com
c.mgid.com
c1.adform.net
c2shb.pubgw.yahoo.com
cdn-images.mailchimp.com
cdn.firstimpression.io
cdn.id5-sync.com
cdn.jsdelivr.net
cdn.mgid.com
cdn.track.production.webgains.team
cm.g.doubleclick.net
cm.mgid.com
cms.quantserve.com
content.zeotap.com
contextual.media.net
csync.loopme.me
d.adtriba.com
dsum-sec.casalemedia.com
e.dlx.addthis.com
ecdn.analysis.fi
ecdn.firstimpression.io
eus.rubiconproject.com
fonts.googleapis.com
fonts.gstatic.com
go1.aniview.com
google2waycm.netmng.com
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
googlecm.hit.gemius.pl
gum.criteo.com
hal9000.redintelligence.net
hal90002.redintelligence.net
hbopenbid.pubmatic.com
ib.adnxs.com
ice.360yield.com
id.crwdcntrl.net
id5-sync.com
image6.pubmatic.com
imasdk.googleapis.com
jsc.mgid.com
lb.eu-1-id5-sync.com
match.adsrvr.org
mug.criteo.com
onetag-sys.com
optimized-by.rubiconproject.com
pagead2.googlesyndication.com
partner.googleadservices.com
pb.media01.eu
pbs.twimg.com
pixel.everesttech.net
pixel.rubiconproject.com
platform.twitter.com
player.aniview.com
pm.w55c.net
prebid-server.rubiconproject.com
prebid.media.net
prg.smartadserver.com
prod-rtb.ad4mat.net
pv.medialead.de
px.ads.linkedin.com
region1.analytics.google.com
rtb.openx.net
s-img.mgid.com
s.ad.smaato.net
s.amazon-adsystem.com
s0.2mdn.net
securepubads.g.doubleclick.net
servicer.mgid.com
ssbsync.smartadserver.com
ssum-sec.casalemedia.com
static-de.ad4mat.net
static.publinews.gt
stats.g.doubleclick.net
sync.1rx.io
sync.adaptv.advertising.com
sync.aniview.com
sync.targeting.unrulymedia.com
sync.teads.tv
sync.tidaltv.com
syndication.twitter.com
t.teads.tv
tag.1rx.io
tag.escalated.io
tg1.aniview.com
token.rubiconproject.com
tpc.googlesyndication.com
tr.blismedia.com
track.webgains.com
track1.aniview.com
u.openx.net
video-ads.rubiconproject.com
widgets.outbrain.com
www.awin1.com
www.conrad.de
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
www.publinews.gt
www.zenaps.com
x.bidswitch.net
api.rlcdn.com
google2waycm.netmng.com
googleads.g.doubleclick.net
googlecm.hit.gemius.pl
sync.adaptv.advertising.com
104.103.108.241
104.18.18.126
104.244.42.136
104.244.43.131
104.96.145.246
13.32.14.70
138.201.220.30
141.95.98.67
142.250.185.194
142.250.186.34
142.250.186.66
144.76.115.197
145.239.193.130
148.251.139.77
154.54.250.48
162.19.138.83
172.217.16.198
173.194.76.155
178.250.0.157
18.156.195.47
18.158.81.117
18.184.57.192
18.194.203.249
18.66.122.112
18.66.127.89
18.66.147.95
18.66.97.24
184.51.8.30
185.64.189.112
185.64.190.78
185.86.137.107
185.86.138.121
185.89.210.20
198.148.27.139
2.18.232.7
2.18.79.136
2.21.184.200
2.21.185.49
2.21.185.80
2001:4860:4802:34::36
213.19.147.42
213.19.147.45
216.52.2.30
2600:1901:0:76b9::
2600:9000:223f:7600:1b:5138:8a40:93a1
2606:2800:233:8173:898f:63b3:95c3:79d2
2606:2800:234:59:254c:406:2366:268c
2606:4700:10::6816:1957
2606:4700:10::6816:3556
2606:4700:1::6813:844e
2606:4700:1::6813:884e
2606:4700:20::681a:61b
2606:4700:20::681a:bd1
2606:4700:20::ac43:4a81
2606:4700::6810:5614
2606:4700::6812:7e05
2606:4700::6813:ac6c
2620:116:800d:21:e365:4988:e8a7:3270
2620:1ec:22::14
2a00:1288:80:807::2
2a00:1450:4001:800::2003
2a00:1450:4001:801::2004
2a00:1450:4001:802::2002
2a00:1450:4001:806::2008
2a00:1450:4001:806::200e
2a00:1450:4001:80e::2003
2a00:1450:4001:80e::200a
2a00:1450:4001:810::2001
2a00:1450:4001:810::2006
2a00:1450:4001:811::2002
2a00:1450:4001:813::2003
2a00:1450:4001:813::200a
2a00:1450:4001:82a::2002
2a00:1450:4001:82f::2002
2a00:1450:4001:830::2002
2a00:1450:4001:831::2001
2a00:1450:400c:c09::9c
2a00:1450:400e:811::200a
2a02:2638:1::13
2a02:26f0:3500:58c::2c79
2a02:26f0:3500:595::2c79
2a04:4e42:41::159
2a05:d018:24:b001:c788:1149:4a:eff7
2a05:d01c:1d8:8102:d09f:4639:d8c6:6199
3.11.195.34
3.127.13.200
3.224.43.174
34.107.148.139
34.211.82.183
34.226.74.25
34.96.105.8
34.98.64.218
35.186.253.211
35.71.131.137
37.157.2.234
46.4.10.47
49.12.125.168
51.38.120.206
52.17.151.21
52.28.54.44
52.30.61.76
52.46.130.91
52.56.221.73
52.84.106.61
52.95.126.138
54.154.103.240
54.208.23.128
54.76.176.197
54.77.56.172
54.78.253.158
64.227.27.145
69.173.144.139
69.192.160.219
88.198.250.30
92.123.17.141
99.84.88.32
01080600e932086b021706812342857f07e502b4d7b4caca064ab658f7ac3dec
01c092c7a79dd6d4fb813d4203947f714b92d34e7bffcae27cd4557155b1e964
02007cb9ea5401983a0a4a34d08c1a57c75484d0852194291e124c94b848d474
029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300
03187f74e9a4ce55f6a7474ff78d6487d56293723726faca10245a3c9f30de06
048dc69d73f3ad0096a139da264b1aef01ec8b90b877d6e6515d08b14054bd53
0656e68659a6f67205f929ca07bfc39ba8636ac997bb47ddccd590547a0e0661
07253e76af1894dfbbca9fddb53ed63c85e95d1b55ff082b7e469baef6a984d4
075257c2ad8d32f772c439e486c9ed2268339bc12097a8b0cef74eea915cb20e
0a1f4b0271bbf198f26519fc4862e6a2da9c6b6a98bcdd0d122caa637fbc7900
0b1e3fa98eb243884f760147e9304bc32541d99e61a4382e3cdc66f2a9121abb
0b646f6a0117000d7a12cb08668222c21cd3ae0194b31cb4a12a60547171e380
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0bcac89d72d5f0b2bef20f815406384ff05489e4294acee57409060c2eccffc5
0bd39d4aa299fec073c89d8410eba716cd0e30eadcc3fb790e97f0b32f52c014
0d28bd4bc4b8a1ecb41ea341dd43aabbc0322889858d76d406b7dc8a887b8eac
0da563d8fc4e14fac20984e96e83406f2554ee1bef09f5de660a7662c1713ecc
0decddc06b93f573dc4d1d51522ac0c4634d599a848946a7a8793a98f3f4ef56
0f5e3f3cdc5c53c1abc30a8519e086fed3793f2f580ecee4a9b34fc2c40d8892
0f8794ef6a720afcd13b0681fd4d770447a5095d7e60330c52762bc8083d7953
0ff7037954a24b7731d5a03a63186a85b4a7198516650a00fb3cd0620d7d06e2
11c06de8ef1ec20c136bdfdd382c33b766a571ab8054d1ac9986c3ad153e9514
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
12eb11b49335fcd72288d5dc1aacfc8e3b75597ecda77971f873a05babe613de
142285bd07a14ae41f00f7a4abfb34d050e788f6d64e3935fda159cef378acab
1531db6d549c592856d78d3f285bd13d876027abc063c73dd60e9252cf69f0de
1679bdbc47305929955b6925d93a552e6cc8752c420b93eafb6401231b6cc9e7
1a6e4d2e32c765f09b7df419485600a75821cf5b703c6d66107cd27021fe6fba
1acc33d91129adec432db09da6e1c2239c89e702c732cd5d8310d9e6f17fe0e0
1adf337204d2f4cee5264b18e3212be7a93cd619c705e30bf89a3d27192b77f6
1b15e526bc6cb6b3e03ab22a6c585f1ca05e34bbee1be501676126492fb3c8a8
1baadc9204bcfe5d648f9a2181c2ea2f1795be70a9d8e863852ea8ce880084ac
1cf6bc39bed40dc5c00a863f08034028aa0289860a8491a5345f35f587e79d0c
1feccc5457246a341b82f181fa84317e9dd084c63ac370c1ac43104c3cbf3329
20105a9ea23b5e61401fa1f3fbf846c4ecdfc5544a8094b98e07fc0e610fe91f
20a22e2a0610fa88287f0f8a033e1f8c5fb3abb7f0a0d527115b6ce3dde328a1
20a7cab4c3d02182a4adf415218a7bf45485746273fba452bf48c4d3cf5df9d7
2165620fa9b4145a3e19a084e259da7f094390109f8742410ebd36d8899c3e26
21b3ea6a2f91609c3767f12b0d1f70f7c8c9939f346e777733edaa8b0891a072
222fa391f26a0b6f4b5d8459ada308e078e6d2e69707766e247692a6f45676c8
22cadce4f1aad2a4af3657f90efa02d4e3d32217fdf307ff69512771d1fb08ab
23899aaaf96687089eabeea305cd1f8a80b49823e7846dd26dab0f1711a66b4b
24302eeb5b736bcc9f610299a37ac5dcf7e5b4c11591489fe9ad89f1533bd09b
254d96fd44d2f413a0d6c491f820343c4fd9bc1135b2e2d4258625e0802be615
25742a542a49a5e301deb22ccbbf81d19f779a63427ba59eff1a01ce68fd29ca
272d25a3bc4e780b90797dc968a382dbccaa40157d7612ace2f59f2768a6bb86
291437ea71e62b1c35d4ec5d3c5ad02cfa930343b41b1472fba70243089c8bbe
2976de7df6625cf8186411b0ba90f8afc10717c1f2f55ebe62b3371941e18697
29790a5c3d2243631b1c9b4a39f968782c7a8f69bd8edd6e39821a3c23070398
2a40e48add0bdfafa972042f5dc16b2a3c01963696b4e28ee004a3f848685654
2adcd0a627dee2ac4ab782a00745d7678e374dc4625ddf673a88121977d77c67
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
2aef819cd6a586c7ec28cec5572a182ef761a4103425ef0e9c9eec0a827ca05e
2bcef052d0d99b56c7a9b9b0ce076ca020219e6ecccad2b46b0267ffc2fc8bc8
2c87952cc1c23627496c7874271042bdb6af21efdf7cbf36ec4d98e6cec34d04
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
2e5e3213e89839fadc122682148b6f08fc41eb2f2ff8d8a3be8314e936df6368
2ed027d427fd7c20ed8dfea10759d408acf05beab53c871ba83b1f7b942f540f
2eeaed1b310e214596abec926291c1a41c6333ddaeac312886fc0b5930d71f0e
2f6eeb511e853211c742d1fa125b45ece32fe5711f407c5eb43613670082b3e5
300fc9cbe06e256f2244ebfdbde4beee7736091b392f6ba791e39a1026a13e0b
305fdde3249b89d0bddbadce2a090ea2877549b9f6ac836375f58f682cc84ce3
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7
32b295ff5b47514003127c298ccbee1c43d9f536146560c47b64bb0713d2ddcf
32e5acf1b97e30e8721e8a3ee93bac752bc702eafd176b57074ea17f07063585
33558069624c6849e3bedf4ef9ead7bf4cef2afdd7ecb64758a660fa4ae5ed8d
364d1741b1499d9100a6b2324534a452e66a45f392481cec3f62e70e76da1419
36c0ec05d79bd9d3164effc3eca0f1962cd6f82bb1f41cb212e080910be24153
37af9af0b46dbfcd7484c63a7436233e85730db5241bcab7aa6f84fdfd11b931
390eedd6493a1a6fcbc79bbdf9dbaa97af9dc20ae608746e18f2d541378b5d91
3b6f3efd187f04f21473a169ee06ef416610cfe21b4675d1c5bf562dd0364311
3be29565ed74ebe94b47d147f84748dc076566e4348c72db227ad8cf72a75f24
3be60f209c08e90c16558d5d32d6953439f287f5c88565c2e43cdcb40d6c3d58
3c3a0321547809818914bf6666db8a6b4f882b487d3e08e334566d25d5d38e55
3c94d07090acdd3c44fa5f23a2c957c961c7413129f068acecf17f1402102c4d
3d94a91612f816c172c583d17bb06e140969a22fae663e7b8cae7d18d55eb2c6
3f2974438a69463a4f473185623d3eccb715ceb3f02b8882daed5bb9758cf741
3f43187776cc2fd671ed841523cc7bfd3d8d4dc3c0a32e0ae3b1b84e32f6d871
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390
3fec50f77d2bb360260dbf8f592354dd5c9fd9a77a80e5bb6df38c59cb135a22
41cbc19c74da466a6e5db715e2d5147bdb747efc1dfca595fcfd36be87cad97f
42f099aeddfcc80bd4c6952c25ec7740e705796a868c06bec8536838e6241846
438ff3af395513310c69d935eb8c6e521312075673d2fdf0e82a7ad2d3037152
47e0805950a57e253c702ada3d80ab3e0200e818376b187f46419074252eb955
47f0d2d106e5abe1a5aa5f092d8d1d09dff436c1dfc4b47f2a944b66b9792311
487c60b5e53c1d237b331698067d65073bf3bce979a6149ec0c12b622efc819f
488866fa28bf7969cb05e48b0842dd23c409c8fcb15351df0c5b3cac4219a617
48f67a152acf6ef2df67acd63779bee22382effa8a37b241811e04b683e312b1
499a149f014a53bc1b17c5c62774a4bb76fad9be62144e7f5bb216565efc3d17
4b0e2c1c8e6d92b9083cd952cea6a065485827df78fae548752352da136c3540
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4bc4b508bb0ccc41052f6a18eb23441543da2d209c152f62577e954367b4d62d
4d139db3062991f7f5be76554bc0a39b88c55229871b7d7c9b5a07358082f33d
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4e249aef61e2d675b41a8d764b5b9c9a8ee9ebc5e512386625516f6d2c8a4977
4f5d84442beb96eed73c1fe4d54cb86b3ad4ba90b041c1c44e4f314d7ad9e1bd
4f790ff3954d68b63058e55090a0342c4da8553f87b82bf1bb1863e0fb889543
4fe5b47e7a09066a05bddeccd186c45d843df3ca22377b8c8d6e49d9fcd53f7f
501e62c6e0c1d488fc66e31ced03aba2702df783387148fe1b8c4239bcc7d074
5028f77ac0afdac1bb66eaeeef41e77cea0f2487a66cb1df354d8680db1bb64e
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
50c64c30ceeb83775f2b933b917c3657f818dfd38cad2180b0f2d262b1157e63
50deacfc0374b281980e3e8a2d68a8b961c687d2b73f22994ed41fb3ccb7d377
5459a124774642770c5ee27d8a9582aa1cd5388af6fdc44d06d5ee16a83b5e08
5481dd7de36de039271fe67000794500e2b58e5c3928941c2d455c90da69f596
54d35e66675f9cc2ab471d0c389573b5ab0902937b397914a177712b27678a46
5533874c2b0145642ca304f110240fcdb05253df388c2f7b97c053ad5eb69b65
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3
568de4a237f78930c495806b9302c91df36f7212ee5af1cc6d9f4abc3ff03b38
568efc96387466861d25131636346187542ea3924ee342be4bf3e40dfcb11a73
57000ea03bfb53734d0858b8fe992e6742226f23f311eb0f9d2177e2a84a5621
57a18b6c18cc1cb382fc80abd6302ee9c092d472b15d257fd911d942e6def986
5968deed67db36c17098f115d0fd4318e4ef3616b6c3541da921599e64689040
59706d892b5158ca9fd1f3ea8b33035ea4894e449cbb06fe42e7ef2e93f4af6f
59fd35519fa1bddd6988726bc9326f0c9c0149342d486a62baa39455de2521df
5be614bce53f767993a5f5f14a6badd6aae6bf3af7cbdbf4d31520de49e27991
5c327b569f692955e64e65cc830aac27433c0c1ecbebf9036d60cc4012137929
5d4738110b480f423e4f0c054dd3444f7eb0388186dd356a8c171f26db1faaef
5d485f783c7cc440cba21bb750ce67e191bce0783bfc6cff5f98e236e401b7ab
5d9451e75d7a60b38e38003cd5b072b870271d8a9921d47991df2cba06863128
5dacc86b8a64742e60d70192353e5643da219a3f84c0b26cf6116b06b67fff32
5e89733d8a8e055100cda68bf7a712ab0e1b24fefee7e39792b47cb5ff7c3cb1
602e7dc7da2f0a68503b52747ebeec1d664f050b3ede24bb6f9f21629ebebca3
60cd5f5fd4564d87050ccdebef5e222235df46c8749240a0564eb34f1644648b
60ddc774c7b5fd0c01d169321a444da403d60c0042f6bee01b0c96f6e1535fda
61723fe95f866398ae8490661ffb77e0fcd3d5eb598eeebb1ed5e593049487e2
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
625723aeb0567e38b4bf8dca523a95d8bb2b3131f808bec3dd529990f30b0156
643cf24f7569d3cda7d4598dd4b96f90d8d60671dc4b6c243f5c6914611f9492
653f3e53e89b4f8548ff86c19e92bb3c6b84b6be7485a320b1e00893ed877479
65b8ebcf8536329a03a279d3a916eac3ae64d7fdb31fe00a15b8bcaa26dabf25
663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707
6796ccb15426d91d3311ea27d429c2d35605243125f7e30fb554271b393a9c27
67c76dc49e784d88116f5822e4cc1f368adbad41575c6d7f9c5970e97917a40a
687d4831a25458efb4fbb56928363fab39fe5f29d48e32dc668c8a8c2fd7dbc9
69043de68767b5c633f1b690e2642dd9a0ef91efbd8ef11dd7111ac5ad292f48
69441dcfb941a2e5b4ad898b22589d40edf42108aca20e07799d4ec0668536eb
698daf2a3566453c7b7229e3ddd0ba9c3ae6b381a8e1e3399e8ae79ea69412f9
6a2ed5ccc657769550051988637259f4d1df3e1df38d522c6811c1db2cb5681d
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6c25b976778ba4a030773a7897d64c44197eb5e393115ff8367c9d78aeffdc3c
6d124788e480924e0a0917ef210d06075bd5166a9f9cc75f2937a98a4a497199
6e1b4bca9098d1b7e3b8573bdb5835a46dec1f8677e6c95b01f989ed483a1b62
6e24d3527c0d9bebc03ee87d68544d0543471a2da12361beaa3729b2ba16beee
6e841c20ee89530c05392b2ca63f0b66f536848000926580b8f9091dc911b582
6eb371fe2cdba0f5fae6d062346e86535f2c667b80e23c4c65cd3fd24be65cef
6f29a94d02f80580cb332f7d119d75fc1431dfc53cbb3fa269bcab254729b5d5
7024493525030ecd098ce0dcb2f0aea839373775120b40580028137b1d125ac9
731d1277c50de0269f87ab5bdc413fc0cfab4c58b386235e6c34900f8df1d3ea
737ecccfd5058eeb7a46e5ea9616822be78a60668342b22f2fcfae3130f7d8c1
741932350156677164b36a1506347cfd558bc502310bd1d50e246d454c4c1131
758c4310cc73238872619adab08f7bc6bf442f0b26dc1897bb16db5a709b954c
76932632c4ba6d864a00b6341a9d5460f9b44ff952e478c47e68ffe664624efb
77f25c358cc0832a4155199aa7fd3dce009d4e5030965d1aaa2234ef9c00a88c
78abd74417e0310e10523e6ec498536ec9afb793de4b72fde0001aeb4c55a0e9
7960ba7125f1ee1a38b063d895143864c12b69b00ab584f279528b28dd440573
7965777dcddb12ba6fcbfdb90bbbe664dfeec6ee3fb6a069c1fad9980bc25a10
7992a4430843ef8b4bbae534358be3193aa1ae9c78f273e8e8a70b6af1244ac5
7a9054758a4808c97c188f5be469879eef19a2f7cbd9bb0e740cee3199a6c747
7d2cdcfb9a06ae6226f06b3cb14c4a53fa0f94ec5048dfb469d6834f6fb4e124
7d9969d56cafe0bcc63350313033ca15ab1acca206040bbfbbdf99e22a1ad2ec
7e7f4f5cdb2a02c8f4b6d8e6f4ca3b1f18d635d55e5d4b9b1106e79f0f583fde
7f9ae5335d4db51a427fcbd9d291958b98ac28713fa8b6dc8de328d9298a8735
8030594b4999eca38901464b09383ca988c454a4f7ab6b963be75e6c42da011d
80534a6e1ec41d37acec8be383f8d1112dbbeea31dd51ead47463095c13bff3a
8167cf5c527ce9551e0fc2e7bd7b315a9ef815d7f91f3338351bd498af468336
8195ec559939a3299a302f8e0c182ba87ddc46b9d26de044d2b8b69fd412a645
838006bceef23a0a411bcfc0dfc67711049b50eb0a0af16d7314dc24e3d020f6
83be67e0dc60cffd1471cf1cdd4f47172a8235e0612050c8a007975434d369d0
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
84f67b2966de0f841622921ca23f6c07016c100670bfe1e3bc2194f04124b0a5
8522b8c31ff6966650be1230560444fdc95b499b335075d54fc47b9e240da671
85d423c5c3713d5ad1fb1529618fb0f6530869a98b53374f292ab1bb5f5bb9ff
860d562b0a45cb007e7a669dc845cc85bec45a5229c67ddc3b11534ff54a9947
880249a25ca053564710985b7a778579dc4839896e16b063816f9b068de5f1de
88e0490b905688fc3c040dbbc608d365d3060e093d05517cafd5f3292f8dfb6b
8a5dc38cec076d349128944270877cc436cf084bb9ea8130ad55a644c40b35f5
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
8ab2e236a9d9c8ab68da49e83a457d58223c9485146143695b11a71e27936035
8bf7a7b8f6a4308ab1f43290220289403832769fd02ee219a4f5e7a74346f40e
8c0531412c543b9bd978e29acb8f5cf330db9891115d1e9924519d9a675b7b74
8c5adf27e128161ea839fbef8772c2d83973870b34c44b8bbfeba7e41a49a669
8c63d262b420ac15948cdd4ec6763573dd783686323b8e965927aebc410b089a
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
8e18210d414061bf5c4e225f94e1bc4cb4ff600e156f91cf70f440ca1667e120
8e49b984d20b3e7cb3f2c4a08805dc3f66bb8a58ec08c365d0cf955dd57c77c7
8efd7ef0887f8d97df1f68248a4d6f603ab11021a0f683e61584227ee7a71909
901fd916d0a59d9f1194de56f8d579b6b6f73b4e7a961f9ed2eaa734e80cd3b4
9110fc122dda3067c424d9b8ff7747e2030b0bd9298f69a3683d399ad3373a6a
9180f589b3c6ace89b0d577f9bbc4d136d2fab3e2c19831caa0bd815f0702d83
91974b47f306b283eaa6ca1ce2fad0aca0f8d0d7e712dbea00baf46d4294c138
9251eeb3c03ab159a47dffd5e5740756c82f088da7b82d17541395ff101f227d
947d33645c199a25fb14bedb5cf80a48a61f8558747bd0f4958fb8217f48547e
954f97dde16392f43d94a1ad9bf2bac9829f0fc74fd2fbd4fab7ed674b6426b7
95d7d3083e81afabb7f98081004127210be1edf60e170cf14b091a014c554205
966ae054fb01b6518dd949476622ad377803b83ff8f0bc5bfd6fecfb91930068
981c0bff12cb03203363a70e8ffe9b7fdf4af3b0b10c7a02a639eb13327574c0
99725e21800ccc55e79d462f475db2fec19f1c82057b6b5bc87bdfe5212927d4
9a744a6df1a8fda9ba645d1cbf04c91d2bd460fe89d3146528106f94b20e3d51
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9ac3b4df4215fce9a40d11a8d3f41ae2618214f7cf732e63b0006a9ee5c68e4d
9af9b37392830c3d27d0370c7e36fe4a21ff49ef2a0465d3ea33ab9c8a537595
9b8a9b490d2e412d04433ba53b222bbc8578a2e40e62daac1fcfb0605a29da5a
9bfc7d34cd8bc7df36a984d6f3da50799752e33c48bbf07a4a1ee959b51476d0
9c298a31ead738600a8744e593f0dcbc2822385db4759e0757ac4e3f0567cb1a
9c56e1ace31e98aeab685b06409cdca2484117d75ad7a3b32b6751ab0fc3b5ae
9d9ca589b914280e196d256a2ddc2ca3af11118b3fc9002f6323a568d3cfc0de
9df8804be7bc833a0f7bda128387f950072b9c844a13747e22ae6cfdcb515b00
9e7b91e0722b209a6e4aafe5e508f1194fe7b7a0ca55d8a2d5683b974581d8d9
9ecdda397f6989f0bdb5044f7dbef53faad9019516e6e5c0d269a939e702da1a
9f9fdc49f32f71acb66c5ecce0ebc7724952ba9147196f3d2b46d2c783e0bade
9ff07ed2c891ed887a0e9eb61461ca9c00277a27fd98d73e40d60b91b2eb86f0
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
a0aad236d91f8a4ccca9299f760e17fff3a18635872a6e38ae4900eead00cd38
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a17bf5a5e1a1e1c69faa10ec7a45118181b51ca287bb2374c32798eff7edbb09
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a213a974a980b9561ce3e023cc66264875b0e0989f63fd2d53fc1cded7fcd7c6
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a61a648444a16a41ef29c2f3ce95053de667e244321323ea9a669c35768e0397
a6841d2c4a12ed948dd6c51720e62a032135ccd7f50cc17b7d8d37b20f43c2cb
a69cecfa8fe80d32f2b04184919ae8201e75220c7300d0148148cafd8f155fd2
a6a29f11745ce1c159fe4ccb3584b6b24eedef4f1e688919a893a5ba501afbf6
a6b60bb64b7adc84348f9e890becec9a80d9cdbd7f5f8f7914253bdaff835dc4
a6f0352702b7604323c13594f1c3b74e58b11c1c0847a537511261d06f80ba25
a71702232a771b558b12f8c0012a15f5652b500fd2e33464d283406cee36754d
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
a74074f055c3667b9955b17856ae4908888121a89d494732067ea924ca1a33d7
a753f298789dae8ad91548a345d839638170cd51ae74260c2f262492e8751072
a7fa71de896d25e47ebb1f9a28d0985b4a12e424c127e3b17beec02b1dfc9ed3
a8fb181a797b4e48bb5d239ab5030f33ed65ebf339e38a5131ce966331226cef
a90fd7584941cb6a17c40a8a26a529e0418fa2bc58ded6347025a7c0b346acb8
a9abb833a0d3df0d1c33e6cee9bd8e40655483413e1e202c47d9cecb24418584
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22
aa3777d578531c63cb5b48a28d1f0135a9769ca2ee44ae916aadb341089140e1
aa55e57957c57eaae4a51740e3e3ae7c3fcb1c951803b3ce0a6c6c7b66733ece
aad48e612efa9d7364a3ad0e06aaa0d46320b7a57cc13697a8997ee9ef7c9101
ab368352a164fa8cee70180124da9b9e8004033985516c7fcf5f4f8085dad271
ac03889c4d85051440e557213320be62d5afe4bb76d16d60baba2bd0f92148de
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
ad0cb034a1ea6a2c67906a36f384b1960f3130f9a8605feb0d030878a508c8a1
adb44f29ca95e43406f4c3434262b8e3016a378ee2e51223fd11ef3c79a6f5b0
aeabe22430b63ef61376be15d765d23d879eab30586fadbe056a0ef30dc974bf
aee7d2f3931049f9fbdccac3d0e7e36eca23ce66c76c464ed28372d7d4559597
b07fe8d2c18f44d35ffaa187fd48bddc1ef81c69476cd0457279790e4c2e0725
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b18fd2da53c57b2a62f61c287426b3e89ff21990474fb0328831517934add37b
b1d37476f42be18cedf76df6ac4cde79a2b0821226a3346e76b6887c9eb873b8
b2831cb9703dae3b9d18ab76276a67a65de573cc498aeddaf085942f0d96c18c
b44a2fe208e998b56df46211e07ab012140f047e0b0621ab6b4f17ba434bfca5
b471033f1864708331e5945f9003e0eed1d563d673d2666aca296198b9cc6ca7
b497af1a14943d02255934de227963426af25a5222e9bd89dce5181c17743a38
b7793332502df8dad6689946d6210b829844d28af503da97a5cf63bde23c530c
b8e78b48acc08ce31457aff168d6fb2c814d51a8739a97693cdba585d60f5b35
ba2509a2b7e125a486a751d0f50e1be8319240ba60a66e6612c6daf4c0525688
ba64d0b9ec6285834517ef3f3d3029ec5e07c50380f911de891f7a92216d7562
baa2157a6948a4618a64b7a61ba943748708cc157b3290a69f993d2532050979
bbe8560826479959291cf70d3080f513bd35cc48126cf13dd43f6ffcec28907d
bd4de6a3fc0fb68d6f76ba7b93514b96a92e585c295b5351c31ad92a4b0777ea
be8cbe512987770fc4cb5f8caf77683e9a274ae3c60987abecf91ad6f78fc869
bebd22e0d2e170ed848979c4a2d7b46b947aab1f85887421bc99bcf8cb18a535
bedab15fd177a9715568682a8b3a04edd59939cafffa07dfd2e6e64b010f757c
bf17b845d3d0a835545d962a4782db1647dbcac4475339cc5430d84c57570e46
bf6ec42c97f86957a324a484a37dd528b568a9ff2570965be53e6ec4b0dfdae2
c01b1b907eb9f740683e1f64643fde07ef63a9c1ebbee1958834dd168ff6befd
c1dfd4798acc0ff18360293f0622138167322700d64c5b1bbc6dbcf21fc28204
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
c64eb30e934bbee8993ae2e2f7df1d6079953bb8a948567e2686624591d26d98
c86748710e797c6d7933b864f62834904876163ae177570a332a2c477ad6aca6
c948099423bf995b623df020afb88be6802682eca6c6626002a13f0d28e5c288
c9499ea51a2956fd2c1600591ae117fe9ad81065d625b1b2c593c7720e5b228f
c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97
c9d8d2e92dd150ea79a80180174ddd106e3c5d2b27fb1511771e9dfba9428fed
c9e42e2c7cd3ec42f6febe248c715522b2e5f6bc92b389b101fbd33a069ee7ed
ca54edd0ecccc0631469de08f41f95ffc860a900aadb27b909da20ed6a89dca8
cd44180ac100ad42b75db164501fcf9a6b8d66efa44c6aa654f9628b0bde0567
cd82d566535d0b66758f1b99b889967cd6828985bc98bfa0a4c7551f41fcd032
cdc46119f82b8cc0c4fa0ad51203da3154d0aee0e887aaf26a46988e5f359070
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
cf85242e9b3ceb7147907911c2f6a14da84b99d06aba24c4daad28cbbf93209b
cfdd15102d492bf9584699c07b8eb89518a895701f104906993fcfad0c039487
d0a77e495359613dd0f75850a9b9a541f059b6f215c76acddb418bedb7a2cf6b
d1395737dc86c70163a025aea31c989ccbc8c99dabb6a1d347b27c03d86e9846
d16d07a0353405fcec95f7efc50a2621bc7425f9a5e8895078396fb0dc460c4f
d1ec9625d1c2d3ff00cb5891990c4541a89f096540ee2226e565713d1a189e18
d23484cf0f36a73cc699ceffc6da8f0e9ffd6b372dcb615ec942cdc287845505
d3592fbffec7c4245f008ef25e57005968575ebb3a6db25cd0b14a261cd0b8ff
d5661858a1ac96084163595f8a5da3f9c0208037dbe609d6a8bbe48ada46c3b5
d5b071fda01315f271998e251812dcf8465dcf34bb9e436bb502235700c40eac
d65246f2a98e02b32e2a0d80916e65eab499aebe923d078037efd692b31cef58
d68edf3c87c6a6d87223649e8162ef1584ea6faad6f20e80fdd5f72c21b16a17
d77df218a292b8f67740205b6d1dc75666f15f1645b95519b7bef5f161a0f8f1
d78ccee2910b62b729634ed37d0000e39dd0092cf3f278247668af30c0108f2c
d8a34aeacc4054bd4e119e538c7eb4956421014f48a9b603d3f9314a7435b5a6
d961b08e4321250926de6f79087594975fe20ad1518de8f91eb711af5d1a6ef8
d997fba7832cb78b0933a9eb2ce191d53234c978e25c6c8fc50c75923ea8405e
d9d5edd148587000bfe55d7aac8dbb8cca56983ea943193fc9a86fa75f9febc8
da1b3e1c7ec456b6db1160ea606a50e228743d1b2c740d32cf772c5387ef7e5b
daa795332e5dbcf893adf2d5f3349f02b8c1cb957ff3b5f4c11b742e33c3376f
dac404ab5c3fcdc83e30b66349bccf92526406c5fdd63b9c1394acf78348ac52
dcc6aaeccd530bcb0e91ef01e2046485f1ad113a865aafb17a740eee4da61e32
ddf89cdacf98bb3a625393cc6301c0e57d1a40b9aab4e246c21c9a37301580dc
de317176fa6b64a8e89bbd45d20b6be2560bbfa96e7e53e63eb754e18bfe6c1f
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
def3fda286cea0ab75ea959813f6965f453356dc35b05fac9e48921cbf3d4668
df53e659f3547ace9edacc6e0dfe20f89fb5e54ea08c7156a20224a168311d2e
dfaaebdec60dc0454116815d8287e7975ba3ce5b6b575cbf4a301d251b4947b5
dfaf8d73be470252fc6dd20cfccda6c98ed6d6503cf0ba944ec4b6482820b2b8
dfde5485c4fc9e9acca625d86fbeb240c9bd3ab78a395721aae49aa97b091c93
e08ca4668af0a3d0190e803f3f230d63c93a200fa35a234e3190a81a5f40767f
e0be1d222e2e367ac5106f4aee4830c3de18af1d266f8cde53915e11e8b01bfd
e2bc317a3f54afb1933d31d4f51a70dfa52a29e19a02bf8dadaebb3f4596b56f
e35db8b1d2fa2c61290c6d2963bbb8c944825be440a59e40c2ca6a8e1bbdba3e
e38e2116e7fcecafc78b089ca5d6e23cb944090acae7e75dd87ccb1c776a1849
e3a13155ff6fa3d1e25fccc2a0bbce4302b01c21c8b08c5922d70c62ec1b4bac
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e41d1ae45acbf836b8dcc29544c7e41cced4211214df601d5284a7e9c7134c73
e44c56414d6d7edd75f68e972b2c7161626f82d4d3df26d8b76c237a223c090a
e634cdea6fc8a42921753f7da1799c4719b763400d8891a778bdcc519e43c919
e72a4d605e3d5af4047f1f34af4008981be221e0809e57805c6011c451f81c14
e85815908064ec7977f13468af609ac980317a21b5b519cfa107948cf76b8ce9
e91580f860a460f66df16f1383f3a285780216e698edf0407e07ff45ff1cd0c3
e963e7196beb9123059ec3534b042ebcd1ef0a470fa568bfbebfeab2f33c4fda
eb8bb874ced68a143fee84a02bd867070bdada50718cddbf7cab321a4434e37b
ec24ec80719b83e32448bd568739a6b7c36f96cc746c3003a9d32a1ef4535152
ec335cbc056796d69797fd1ef82fc0abd9159579add0bf72e3f54fc0acba786b
edb75c328dc364054a6afb3d5fecddde3c6298d89b15c96f9b77858a93d5df4c
ee188e6af35c18a3acb711edca560bb12e0eb56128bccafdfbf0eb16d7bb4950
ee7f5c5ef246e8d86079434afa9a340702b2bbbcd93434a57727930674a4464e
ee9a49aae5d1fc7602361ae5c6d69fc8eb128d007b4dee67d42ce19bbf2c87e0
eec356b27f72f835e55d2b242a94ce15e32fb8c83872a47838936ced10968f09
eed11e03f7adce468116318c30e5848dd0bde2472fb52db33557a348082f43fc
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f0d7d05ef7ae154e283b8c8e462aeb6e9b5bca53225c42743e2028c34828c08a
f1887d08d005e0cb9f16eaffa7914de0f834f4292835a69561adad05b36b2436
f293486948d4cba26c6b835bdd574b4085e62da749b86019f5f6fab3535b0e39
f40b287808addc4f3d91a36b2e0b25ca9aa1f1cce7d8611fcd2d924295bf0c4f
f448ed9142035fd376ba0fe2bd66a804431bad6676b34725297b770d21d64f37
f52e2b1c2bdbf21eb6d0d04556f7c524659f6a97208f4b631dbbab46cd71520c
f57845b064a26d7f08b24b1ab52fc7e0b6fc185cf3d3a6818f882faa7c9c46ef
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
f63e08b18115b72e6d2cbe9db5f7527d2731545d38beae54317e10cfe0f58fc6
f645cf00c4662b62086a57f5e100391fdb538db7487480552929801e5e0bed40
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
f6a08d53625a5fe2a1cc8019a09fb0cb612b0970b24a33dedde2a87bbef16b6a
f70a708909ea0e41d9ff70cc101e8ca4a5391ffb134ce3a98b0f5e42d7cb72b4
f75911313e1c7802c23345ab57e754d87801581706780c993fb23ff4e0fe62ef
f8100ddd5433052f55abbd975cbaf4d300b5acaeef36e0e47e8a285941920bd7
f85d0f6cef01d5f18cfc5a169161c7d723039494ef0fc712878aafc2e690fbd9
f86a1105ed755e9ae9b75708a5b19d5c478212605b9f8d7c98796b451de18c63
f9e8861c8cfde8d6789c997abf02e8142a079f8d7058c0bf68e31c309d537000
fa4470ff4433a827ba93440ea139a17856632417c757641e2c243377f338271b
fa9805d642c30f5324b073d965bb3871ba41911e6ca4272a6008cb80fada01c2
fa9aefda737b61a1b83c8ee9fcbd6ea14c2a61f48ee6d6bdaf1531fd96afa714
fb568542327d4264166e9839781916f91331fc0bae0bb29397ee3ebb4cc66ed8
fb98c93cbc8f3b8213bcf9b5e149a22210238854b41e7cd1b6c05b89765e86b3
fc80d7c8c7af5d54f59d93bbbbb74c35d7834a85f3d363240fc0bca8bc43a1fc
fd31288d9133fab88d67c5aa80f63088543d5a79e11a434f9ef31b97076b709c
fe340b28201c9015cd61699fb7a202e552eea455bcb9d98a674cb967468e61a6
feb4fc467795a580abc9ca8be5f38bbec4cb85b1a5cd9c40743052acf912cf47
ff4bd34aa98a0214833619d3d751838db015722dfbbec15cd14dadc66cd67869