newsoku.blog Open in urlscan Pro
2606:4700:3035::ac43:af3d Public Scan

URL:
https://newsoku.blog/
Submission: On August 03 via manual (August 3rd 2021, 3:09:02 pm UTC) from JP

Summary HTTP 354 Redirects Links 118 Behaviour Indicators

Summary

This website contacted 46 IPs in 10 countries across 51 domains to perform 354 HTTP transactions. The main IP is 2606:4700:3035::ac43:af3d, located in United States and belongs to CLOUDFLARENET, US. The main domain is newsoku.blog.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on July 7th 2021. Valid for: a year.

This is the only time newsoku.blog was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
18	2606:4700:303... 2606:4700:3035::ac43:af3d	13335 (CLOUDFLAR...) (CLOUDFLARENET)
22	142.250.74.194 142.250.74.194	15169 (GOOGLE) (GOOGLE)
38	2a00:1450:400... 2a00:1450:4001:831::2002	15169 (GOOGLE) (GOOGLE)
1 2	104.111.228.89 104.111.228.89	16625 (AKAMAI-AS) (AKAMAI-AS)
7	147.92.191.167 147.92.191.167	38631 (LINE LINE...) (LINE LINE Corporation)
14 14	210.152.186.218 210.152.186.218	4694 (IDCF IDC ...) (IDCF IDC Frontier Inc.)
15	2a04:4e42:3::737 2a04:4e42:3::737	54113 (FASTLY) (FASTLY)
2	34.212.109.130 34.212.109.130	16509 (AMAZON-02) (AMAZON-02)
1	2606:4700::68... 2606:4700::6810:5f41	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:828::2008	15169 (GOOGLE) (GOOGLE)
1	133.242.86.196 133.242.86.196	7684 (SAKURA-A ...) (SAKURA-A SAKURA Internet Inc.)
3	2a00:1450:400... 2a00:1450:4001:813::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:827::2002	15169 (GOOGLE) (GOOGLE)
7	2a00:1450:400... 2a00:1450:4001:803::2002	15169 (GOOGLE) (GOOGLE)
20	2a00:1450:400... 2a00:1450:4001:830::2002	15169 (GOOGLE) (GOOGLE)
1	143.204.98.55 143.204.98.55	16509 (AMAZON-02) (AMAZON-02)
1	2a02:2638::1c 2a02:2638::1c	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
5	103.142.125.193 103.142.125.193	131957 (MICROAD M...) (MICROAD MicroAd)
2	2a00:1450:400... 2a00:1450:4001:80f::200e	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:400c:c06::9d	15169 (GOOGLE) (GOOGLE)
1 13	2a00:1450:400... 2a00:1450:4001:828::2004	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:80f::2003	15169 (GOOGLE) (GOOGLE)
7	2a00:1450:400... 2a00:1450:4001:831::200a	15169 (GOOGLE) (GOOGLE)
81	2a00:1450:400... 2a00:1450:4001:831::2001	15169 (GOOGLE) (GOOGLE)
10	2a00:1450:400... 2a00:1450:4001:812::2003	15169 (GOOGLE) (GOOGLE)
14	2a00:1450:400... 2a00:1450:4001:800::2003	15169 (GOOGLE) (GOOGLE)
2	142.250.186.163 142.250.186.163	15169 (GOOGLE) (GOOGLE)
12	2606:4700:303... 2606:4700:3033::6815:3978	13335 (CLOUDFLAR...) (CLOUDFLARENET)
5	103.142.125.195 103.142.125.195	131957 (MICROAD M...) (MICROAD MicroAd)
1	202.233.84.1 202.233.84.1	131957 (MICROAD M...) (MICROAD MicroAd)
6	178.79.242.41 178.79.242.41	22822 (LLNW) (LLNW)
2	130.211.14.194 130.211.14.194	15169 (GOOGLE) (GOOGLE)
8	2a00:1450:400... 2a00:1450:4001:800::2001	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:401... 2a00:1450:4010:c0a::5e	15169 (GOOGLE) (GOOGLE)
1	210.140.114.22 210.140.114.22	4694 (IDCF IDC ...) (IDCF IDC Frontier Inc.)
4	2a00:1450:400... 2a00:1450:4001:82f::200e	15169 (GOOGLE) (GOOGLE)
1	13.248.242.197 13.248.242.197	16509 (AMAZON-02) (AMAZON-02)
1 1	44.194.225.67 44.194.225.67	14618 (AMAZON-AES) (AMAZON-AES)
4 29	142.250.181.226 142.250.181.226	15169 (GOOGLE) (GOOGLE)
4 4	51.178.20.139 51.178.20.139	16276 (OVH) (OVH)
1 1	81.222.128.215 81.222.128.215	20597 (ELTEL-AS) (ELTEL-AS)
1 1	35.158.223.21 35.158.223.21	16509 (AMAZON-02) (AMAZON-02)
1 2	2001:678:cb4:... 2001:678:cb4:bbbb::11	56396 (TURN) (TURN)
1	2a02:fa8:8806... 2a02:fa8:8806:12::1370	41041 (VCLK-EU-SE) (VCLK-EU-SE)
1 1	2620:119:50e3... 2620:119:50e3:101::6cae:b45	14413 (LINKEDIN) (LINKEDIN)
2 2	35.186.193.173 35.186.193.173	15169 (GOOGLE) (GOOGLE)
1 1	159.65.196.12 159.65.196.12	14061 (DIGITALOC...) (DIGITALOCEAN-ASN)
4 4	35.186.253.211 35.186.253.211	15169 (GOOGLE) (GOOGLE)
2 2	213.19.147.44 213.19.147.44	3356 (LEVEL3) (LEVEL3)
1	34.96.105.8 34.96.105.8	15169 (GOOGLE) (GOOGLE)
1 1	85.114.159.93 85.114.159.93	24961 (MYLOC-AS ...) (MYLOC-AS IP Backbone of myLoc managed IT AG)
1 1	172.104.105.5 172.104.105.5	63949 (LINODE-AP...) (LINODE-AP Linode)
3 3	18.184.94.176 18.184.94.176	16509 (AMAZON-02) (AMAZON-02)
2 2	52.17.35.107 52.17.35.107	16509 (AMAZON-02) (AMAZON-02)
1 1	18.210.5.212 18.210.5.212	14618 (AMAZON-AES) (AMAZON-AES)
1	210.140.201.9 210.140.201.9	4694 (IDCF IDC ...) (IDCF IDC Frontier Inc.)
1 1	185.29.135.226 185.29.135.226	30419 (MEDIAMATH...) (MEDIAMATH-INC)
1 1	52.208.100.147 52.208.100.147	16509 (AMAZON-02) (AMAZON-02)
2 2	35.157.249.55 35.157.249.55	16509 (AMAZON-02) (AMAZON-02)
1 1	185.86.137.107 185.86.137.107	201081 (SMARTADSE...) (SMARTADSERVER)
2 2	217.66.147.162 217.66.147.162	29209 (SPBMTS-AS...) (SPBMTS-AS Malaya Monetnaya Street 2-A)
1 1	213.87.44.187 213.87.44.187	13174 (MTSNET Mo...) (MTSNET Moscow)
1	54.249.21.2 54.249.21.2	16509 (AMAZON-02) (AMAZON-02)
2	2606:4700::68... 2606:4700::6810:5e41	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	142.250.184.242 142.250.184.242	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:80e::2012	15169 (GOOGLE) (GOOGLE)
354	46

18 2606:4700:3035::ac43:af3d (United States)

ASN13335 (CLOUDFLARENET, US)

newsoku.blog	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

22 142.250.74.194 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s02-in-f2.1e100.net

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

38 2a00:1450:4001:831::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.111.228.89 (Frankfurt am Main, Germany) 1 redirects

ASN16625 (AKAMAI-AS, US)

j.microad.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
jgl.microad.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 147.92.191.167 (Japan)

ASN38631 (LINE LINE Corporation, JP)

blogroll.livedoor.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 210.152.186.218 (Kitakyushu, Japan) 14 redirects

ASN4694 (IDCF IDC Frontier Inc., JP)

ad.jp.ap.valuecommerce.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

15 2a04:4e42:3::737 (United States)

ASN54113 (FASTLY, US)

i.imgvc.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
mlb.valuecommerce.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.212.109.130 (Boardman, United States)

ASN16509 (AMAZON-02, US)

counter1.fc2.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:5f41 (United States)

ASN13335 (CLOUDFLARENET, US)

static.cloudflareinsights.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:828::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 133.242.86.196 (Japan)

ASN7684 (SAKURA-A SAKURA Internet Inc., JP)

rranking9.ziyu.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:813::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:827::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:803::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

20 2a00:1450:4001:830::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.ch	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 143.204.98.55 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-98-55.fra50.r.cloudfront.net

cache.send.microadinc.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:2638::1c (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

gum.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 103.142.125.193 (Japan)

ASN131957 (MICROAD MicroAd, Inc., JP)

s-rtb.send.microadinc.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:80f::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c06::9d (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 2a00:1450:4001:828::2004 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80f::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:831::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

81 2a00:1450:4001:831::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cdn.ampproject.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2a00:1450:4001:812::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 2a00:1450:4001:800::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.186.163 (United States)

ASN15169 (GOOGLE, US)

p4-azawbssdnwqhi-mqnd6znxwtgq5ixb-if-v6exp3-v4.metric.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 2606:4700:3033::6815:3978 (United States)

ASN13335 (CLOUDFLARENET, US)

feedrapp.lliy.biz	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 103.142.125.195 (Japan)

ASN131957 (MICROAD MicroAd, Inc., JP)

ssp.send.microadinc.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 202.233.84.1 (Japan)

ASN131957 (MICROAD MicroAd, Inc., JP)

aid.send.microad.jp	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 178.79.242.41 (United States)

ASN22822 (LLNW, US)
PTR: https-178-79-242-41.fra.llnw.net

counter1-cdn-ssl.fc2.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 130.211.14.194 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 194.14.211.130.bc.googleusercontent.com

cdn-fluct.sh.adingo.jp	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a00:1450:4001:800::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

b4c78a955062d9a7c1c9dcde3c5921a0.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
04b69d6d8560a76f08fdb9f6dcb725ab.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
352510982c2b3d189368b9f6ac9ac6e8.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
81d96fc7c4b1ba15300e6092c7f0125f.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4010:c0a::5e (Lappeenranta, Finland)

ASN15169 (GOOGLE, US)

csi.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 210.140.114.22 (Japan)

ASN4694 (IDCF IDC Frontier Inc., JP)

sh.adingo.jp	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:82f::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

mts0.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.248.242.197 (United States)

ASN16509 (AMAZON-02, US)
PTR: a97adde81b00f2ca4.awsglobalaccelerator.com

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 44.194.225.67 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)

fksnk.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

29 142.250.181.226 (United States) 4 redirects

ASN15169 (GOOGLE, US)
PTR: fra16s56-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 51.178.20.139 (France) 4 redirects

ASN16276 (OVH, FR)
PTR: ns31193669.ip-51-178-20.eu

c.eu1.dyntrk.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 81.222.128.215 (Russian Federation) 1 redirects

ASN20597 (ELTEL-AS, RU)

ssp.adriver.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.158.223.21 (Frankfurt am Main, Germany) 1 redirects

ASN16509 (AMAZON-02, US)

match.sharethrough.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2001:678:cb4:bbbb::11 (United Kingdom) 1 redirects

ASN56396 (TURN, GB)

ad.turn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
r.turn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:fa8:8806:12::1370 (United States)

ASN41041 (VCLK-EU-SE, US)

dclk-match.dotomi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:119:50e3:101::6cae:b45 (United States) 1 redirects

ASN14413 (LINKEDIN, US)

px.ads.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.186.193.173 (Kansas City, United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: 173.193.186.35.bc.googleusercontent.com

gcm.ctnsnet.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 159.65.196.12 (Amsterdam, Netherlands) 1 redirects

ASN14061 (DIGITALOCEAN-ASN, US)

match.adsby.bidtheatre.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 35.186.253.211 (Kansas City, United States) 4 redirects

ASN15169 (GOOGLE, US)

rtb.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 213.19.147.44 (United Kingdom) 2 redirects

ASN3356 (LEVEL3, US)

sync.1rx.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
sync.targeting.unrulymedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.96.105.8 (Kansas City, United States)

ASN15169 (GOOGLE, US)

tr.blismedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 85.114.159.93 (Schopfheim, Germany) 1 redirects

ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE)
PTR: dsp.adfarm1.adition.com

dsp.adfarm1.adition.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.104.105.5 (Tokyo, Japan) 1 redirects

ASN63949 (LINODE-AP Linode, LLC, US)

a.c.appier.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 18.184.94.176 (Frankfurt am Main, Germany) 3 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-18-184-94-176.eu-central-1.compute.amazonaws.com

x.bidswitch.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.17.35.107 (Dublin, Ireland) 2 redirects

ASN16509 (AMAZON-02, US)

r.scoota.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.210.5.212 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)

sync.srv.stackadapt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 210.140.201.9 (Adachi, Japan)

ASN4694 (IDCF IDC Frontier Inc., JP)

i.adingo.jp	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.29.135.226 (United Kingdom) 1 redirects

ASN30419 (MEDIAMATH-INC, US)

sync.mathtag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.208.100.147 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)

ads.yieldmo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.157.249.55 (Frankfurt am Main, Germany) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-35-157-249-55.eu-central-1.compute.amazonaws.com

match.360yield.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.86.137.107 (France) 1 redirects

ASN201081 (SMARTADSERVER, FR)

ssbsync.smartadserver.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 217.66.147.162 (St Petersburg, Russian Federation) 2 redirects

ASN29209 (SPBMTS-AS Malaya Monetnaya Street 2-A, RU)

sm.rtb.mts.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 213.87.44.187 (Moscow, Russian Federation) 1 redirects

ASN13174 (MTSNET Moscow, Russia, RU)
PTR: infrastructure-187-44.mts.ru

tech.rtb.mts.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.249.21.2 (Tokyo, Japan)

ASN16509 (AMAZON-02, US)

sh.zucks.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6810:5e41 (United States)

ASN13335 (CLOUDFLARENET, US)

cloudflareinsights.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.184.242 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s12-in-f18.1e100.net

p4-azawbssdnwqhi-mqnd6znxwtgq5ixb-995799-i1-v6exp3.v4.metric.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80e::2012 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

p4-azawbssdnwqhi-mqnd6znxwtgq5ixb-995799-i2-v6exp3.ds.metric.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
102	googlesyndication.com pagead2.googlesyndication.com tpc.googlesyndication.com b4c78a955062d9a7c1c9dcde3c5921a0.safeframe.googlesyndication.com 04b69d6d8560a76f08fdb9f6dcb725ab.safeframe.googlesyndication.com 352510982c2b3d189368b9f6ac9ac6e8.safeframe.googlesyndication.com 81d96fc7c4b1ba15300e6092c7f0125f.safeframe.googlesyndication.com	761 KB
69	doubleclick.net 4 redirects securepubads.g.doubleclick.net googleads.g.doubleclick.net stats.g.doubleclick.net cm.g.doubleclick.net	980 KB
30	gstatic.com www.gstatic.com fonts.gstatic.com p4-azawbssdnwqhi-mqnd6znxwtgq5ixb-if-v6exp3-v4.metric.gstatic.com csi.gstatic.com p4-azawbssdnwqhi-mqnd6znxwtgq5ixb-995799-i1-v6exp3.v4.metric.gstatic.com p4-azawbssdnwqhi-mqnd6znxwtgq5ixb-995799-i2-v6exp3.ds.metric.gstatic.com	375 KB
24	google.com 1 redirects adservice.google.com www.google.com mts0.google.com	129 KB
18	newsoku.blog newsoku.blog	327 KB
15	valuecommerce.com 14 redirects ad.jp.ap.valuecommerce.com mlb.valuecommerce.com	25 KB
14	imgvc.com i.imgvc.com	3 KB
13	ampproject.org cdn.ampproject.org	241 KB
12	lliy.biz feedrapp.lliy.biz	37 KB
12	googletagservices.com www.googletagservices.com	398 KB
11	microadinc.com cache.send.microadinc.com s-rtb.send.microadinc.com ssp.send.microadinc.com	13 KB
8	fc2.com counter1.fc2.com counter1-cdn-ssl.fc2.com	9 KB
7	googleapis.com fonts.googleapis.com	4 KB
7	livedoor.net blogroll.livedoor.net	30 KB
4	openx.net 4 redirects rtb.openx.net	1 KB
4	dyntrk.com 4 redirects c.eu1.dyntrk.com	3 KB
4	adingo.jp cdn-fluct.sh.adingo.jp sh.adingo.jp i.adingo.jp	26 KB
4	google.de adservice.google.de www.google.de	516 B
3	mts.ru 3 redirects sm.rtb.mts.ru tech.rtb.mts.ru	2 KB
3	bidswitch.net 3 redirects x.bidswitch.net	1 KB
3	google.ch adservice.google.ch	1 KB
3	cloudflareinsights.com static.cloudflareinsights.com cloudflareinsights.com	5 KB
2	360yield.com 2 redirects match.360yield.com	788 B
2	scoota.co 2 redirects r.scoota.co	1 KB
2	ctnsnet.com 2 redirects gcm.ctnsnet.com	880 B
2	turn.com 1 redirects ad.turn.com r.turn.com	857 B
2	google-analytics.com www.google-analytics.com	19 KB
2	microad.net 1 redirects j.microad.net jgl.microad.net	20 KB
1	zucks.net sh.zucks.net	1 KB
1	smartadserver.com 1 redirects ssbsync.smartadserver.com	457 B
1	yieldmo.com 1 redirects ads.yieldmo.com	465 B
1	mathtag.com 1 redirects sync.mathtag.com	817 B
1	stackadapt.com 1 redirects sync.srv.stackadapt.com	728 B
1	appier.net 1 redirects a.c.appier.net	555 B
1	adition.com 1 redirects dsp.adfarm1.adition.com	584 B
1	blismedia.com tr.blismedia.com	136 B
1	unrulymedia.com 1 redirects sync.targeting.unrulymedia.com	581 B
1	1rx.io 1 redirects sync.1rx.io	696 B
1	bidtheatre.com 1 redirects match.adsby.bidtheatre.com	565 B
1	linkedin.com 1 redirects px.ads.linkedin.com	873 B
1	dotomi.com dclk-match.dotomi.com	104 B
1	sharethrough.com 1 redirects match.sharethrough.com	356 B
1	adriver.ru 1 redirects ssp.adriver.ru	339 B
1	fksnk.com 1 redirects fksnk.com	616 B
1	adsrvr.org match.adsrvr.org	264 B
1	microad.jp aid.send.microad.jp	625 B
1	criteo.com gum.criteo.com	358 B
1	googleadservices.com partner.googleadservices.com	407 B
1	ziyu.net rranking9.ziyu.net	494 B
1	googletagmanager.com www.googletagmanager.com	40 KB
0	wbtrk.net Failed um.wbtrk.net Failed
354	51

	Domain	Requested by
68	tpc.googlesyndication.com	googleads.g.doubleclick.net cdn.ampproject.org securepubads.g.doubleclick.net b4c78a955062d9a7c1c9dcde3c5921a0.safeframe.googlesyndication.com tpc.googlesyndication.com 04b69d6d8560a76f08fdb9f6dcb725ab.safeframe.googlesyndication.com 352510982c2b3d189368b9f6ac9ac6e8.safeframe.googlesyndication.com 81d96fc7c4b1ba15300e6092c7f0125f.safeframe.googlesyndication.com pagead2.googlesyndication.com
29	cm.g.doubleclick.net	4 redirects newsoku.blog b4c78a955062d9a7c1c9dcde3c5921a0.safeframe.googlesyndication.com 04b69d6d8560a76f08fdb9f6dcb725ab.safeframe.googlesyndication.com 352510982c2b3d189368b9f6ac9ac6e8.safeframe.googlesyndication.com 81d96fc7c4b1ba15300e6092c7f0125f.safeframe.googlesyndication.com
26	pagead2.googlesyndication.com	newsoku.blog pagead2.googlesyndication.com googleads.g.doubleclick.net securepubads.g.doubleclick.net www.googletagservices.com b4c78a955062d9a7c1c9dcde3c5921a0.safeframe.googlesyndication.com 04b69d6d8560a76f08fdb9f6dcb725ab.safeframe.googlesyndication.com 352510982c2b3d189368b9f6ac9ac6e8.safeframe.googlesyndication.com tpc.googlesyndication.com 81d96fc7c4b1ba15300e6092c7f0125f.safeframe.googlesyndication.com
21	securepubads.g.doubleclick.net	newsoku.blog securepubads.g.doubleclick.net j.microad.net b4c78a955062d9a7c1c9dcde3c5921a0.safeframe.googlesyndication.com 04b69d6d8560a76f08fdb9f6dcb725ab.safeframe.googlesyndication.com 352510982c2b3d189368b9f6ac9ac6e8.safeframe.googlesyndication.com 81d96fc7c4b1ba15300e6092c7f0125f.safeframe.googlesyndication.com
18	googleads.g.doubleclick.net	pagead2.googlesyndication.com googleads.g.doubleclick.net b4c78a955062d9a7c1c9dcde3c5921a0.safeframe.googlesyndication.com 04b69d6d8560a76f08fdb9f6dcb725ab.safeframe.googlesyndication.com 352510982c2b3d189368b9f6ac9ac6e8.safeframe.googlesyndication.com 81d96fc7c4b1ba15300e6092c7f0125f.safeframe.googlesyndication.com
18	newsoku.blog	newsoku.blog
14	fonts.gstatic.com	fonts.googleapis.com
14	i.imgvc.com	newsoku.blog
14	ad.jp.ap.valuecommerce.com	14 redirects
13	cdn.ampproject.org	googleads.g.doubleclick.net pagead2.googlesyndication.com
13	www.google.com	1 redirects newsoku.blog googleads.g.doubleclick.net b4c78a955062d9a7c1c9dcde3c5921a0.safeframe.googlesyndication.com tpc.googlesyndication.com 04b69d6d8560a76f08fdb9f6dcb725ab.safeframe.googlesyndication.com 81d96fc7c4b1ba15300e6092c7f0125f.safeframe.googlesyndication.com
12	feedrapp.lliy.biz	newsoku.blog
12	www.googletagservices.com	pagead2.googlesyndication.com googleads.g.doubleclick.net securepubads.g.doubleclick.net b4c78a955062d9a7c1c9dcde3c5921a0.safeframe.googlesyndication.com 04b69d6d8560a76f08fdb9f6dcb725ab.safeframe.googlesyndication.com 352510982c2b3d189368b9f6ac9ac6e8.safeframe.googlesyndication.com 81d96fc7c4b1ba15300e6092c7f0125f.safeframe.googlesyndication.com
10	www.gstatic.com	googleads.g.doubleclick.net b4c78a955062d9a7c1c9dcde3c5921a0.safeframe.googlesyndication.com 04b69d6d8560a76f08fdb9f6dcb725ab.safeframe.googlesyndication.com 352510982c2b3d189368b9f6ac9ac6e8.safeframe.googlesyndication.com 81d96fc7c4b1ba15300e6092c7f0125f.safeframe.googlesyndication.com
7	fonts.googleapis.com	googleads.g.doubleclick.net b4c78a955062d9a7c1c9dcde3c5921a0.safeframe.googlesyndication.com 04b69d6d8560a76f08fdb9f6dcb725ab.safeframe.googlesyndication.com 352510982c2b3d189368b9f6ac9ac6e8.safeframe.googlesyndication.com 81d96fc7c4b1ba15300e6092c7f0125f.safeframe.googlesyndication.com
7	adservice.google.com	pagead2.googlesyndication.com securepubads.g.doubleclick.net
7	blogroll.livedoor.net	newsoku.blog blogroll.livedoor.net
6	counter1-cdn-ssl.fc2.com	newsoku.blog
5	ssp.send.microadinc.com	newsoku.blog
5	s-rtb.send.microadinc.com	j.microad.net
4	rtb.openx.net	4 redirects
4	c.eu1.dyntrk.com	4 redirects
4	mts0.google.com	b4c78a955062d9a7c1c9dcde3c5921a0.safeframe.googlesyndication.com 04b69d6d8560a76f08fdb9f6dcb725ab.safeframe.googlesyndication.com 352510982c2b3d189368b9f6ac9ac6e8.safeframe.googlesyndication.com 81d96fc7c4b1ba15300e6092c7f0125f.safeframe.googlesyndication.com
3	x.bidswitch.net	3 redirects
3	adservice.google.ch	securepubads.g.doubleclick.net
3	adservice.google.de	pagead2.googlesyndication.com
2	cloudflareinsights.com	static.cloudflareinsights.com
2	sm.rtb.mts.ru	2 redirects
2	match.360yield.com	2 redirects
2	r.scoota.co	2 redirects
2	gcm.ctnsnet.com	2 redirects
2	81d96fc7c4b1ba15300e6092c7f0125f.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
2	352510982c2b3d189368b9f6ac9ac6e8.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
2	04b69d6d8560a76f08fdb9f6dcb725ab.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
2	csi.gstatic.com	securepubads.g.doubleclick.net
2	b4c78a955062d9a7c1c9dcde3c5921a0.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
2	cdn-fluct.sh.adingo.jp	j.microad.net sh.adingo.jp
2	p4-azawbssdnwqhi-mqnd6znxwtgq5ixb-if-v6exp3-v4.metric.gstatic.com	googleads.g.doubleclick.net p4-azawbssdnwqhi-mqnd6znxwtgq5ixb-if-v6exp3-v4.metric.gstatic.com
2	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
2	counter1.fc2.com	newsoku.blog counter1.fc2.com
1	p4-azawbssdnwqhi-mqnd6znxwtgq5ixb-995799-i2-v6exp3.ds.metric.gstatic.com
1	p4-azawbssdnwqhi-mqnd6znxwtgq5ixb-995799-i1-v6exp3.v4.metric.gstatic.com
1	sh.zucks.net	cdn-fluct.sh.adingo.jp
1	tech.rtb.mts.ru	1 redirects
1	ssbsync.smartadserver.com	1 redirects
1	ads.yieldmo.com	1 redirects
1	sync.mathtag.com	1 redirects
1	i.adingo.jp	newsoku.blog
1	sync.srv.stackadapt.com	1 redirects
1	a.c.appier.net	1 redirects
1	dsp.adfarm1.adition.com	1 redirects
1	tr.blismedia.com	352510982c2b3d189368b9f6ac9ac6e8.safeframe.googlesyndication.com
1	sync.targeting.unrulymedia.com	1 redirects
1	sync.1rx.io	1 redirects
1	match.adsby.bidtheatre.com	1 redirects
1	px.ads.linkedin.com	1 redirects
1	dclk-match.dotomi.com	04b69d6d8560a76f08fdb9f6dcb725ab.safeframe.googlesyndication.com
1	r.turn.com	newsoku.blog
1	ad.turn.com	1 redirects
1	match.sharethrough.com	1 redirects
1	ssp.adriver.ru	1 redirects
1	fksnk.com	1 redirects
1	match.adsrvr.org	b4c78a955062d9a7c1c9dcde3c5921a0.safeframe.googlesyndication.com
1	sh.adingo.jp	cdn-fluct.sh.adingo.jp
1	aid.send.microad.jp	newsoku.blog
1	www.google.de	newsoku.blog
1	stats.g.doubleclick.net	www.google-analytics.com
1	gum.criteo.com	cache.send.microadinc.com
1	cache.send.microadinc.com	j.microad.net
1	partner.googleadservices.com	pagead2.googlesyndication.com
1	mlb.valuecommerce.com	newsoku.blog
1	rranking9.ziyu.net	newsoku.blog
1	www.googletagmanager.com	newsoku.blog
1	static.cloudflareinsights.com	newsoku.blog
1	jgl.microad.net	newsoku.blog
1	j.microad.net	1 redirects
0	um.wbtrk.net Failed	b4c78a955062d9a7c1c9dcde3c5921a0.safeframe.googlesyndication.com
354	77

This site contains links to these domains. Also see Links.

Domain
newpuru.doorblog.jp
headline.mtfj.net
2channeler.com
tokkaban.com
newser.cc
mtmx.jp
news-choice.net
webnew.net
news-three-stars.net
blogroll.livedoor.net
ii-antenna.net
giko-antenna.com
besttrendnews.net
matometatta-news.net
konowaro.net
antennabank.com
matomechecker.net
afo-news.com
news.owata-net.com
blogroll.livedoor.com
warotanien.net
0matome.com
2chnavi.net
new2.jp
brave.com
twitter.com
ck.jp.ap.valuecommerce.com
blogmura.com
blog.with2.net
counter.fc2.com

Subject Issuer	Validity	Valid
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2021-07-07` - `2022-07-06`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2021-06-28` - `2021-09-20`	3 months	crt.sh
*.microad.net GeoTrust RSA CA 2018	`2021-06-30` - `2022-07-05`	a year	crt.sh
*.livedoor.net GlobalSign RSA OV SSL CA 2018	`2021-02-22` - `2022-03-26`	a year	crt.sh
*.imgvc.com DigiCert SHA2 Secure Server CA	`2020-08-31` - `2021-10-01`	a year	crt.sh
*.fc2.com Amazon	`2021-04-10` - `2022-05-09`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2021-06-28` - `2021-09-20`	3 months	crt.sh
*.ziyu.net R3	`2021-07-20` - `2021-10-18`	3 months	crt.sh
*.valuecommerce.com DigiCert SHA2 Secure Server CA	`2020-09-28` - `2021-10-06`	a year	crt.sh
*.google.de GTS CA 1C3	`2021-07-12` - `2021-10-04`	3 months	crt.sh
*.google.com GTS CA 1C3	`2021-06-28` - `2021-09-20`	3 months	crt.sh
cache.send.microadinc.com Amazon	`2021-02-23` - `2022-03-24`	a year	crt.sh
*.criteo.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2021-06-27` - `2021-09-24`	3 months	crt.sh
*.send.microadinc.com GlobalSign RSA OV SSL CA 2018	`2020-10-06` - `2021-11-07`	a year	crt.sh
www.google.de GTS CA 1C3	`2021-07-12` - `2021-10-04`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2021-07-12` - `2021-10-04`	3 months	crt.sh
www.google.com GTS CA 1C3	`2021-06-28` - `2021-09-20`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2021-06-28` - `2021-09-20`	3 months	crt.sh
misc-sni.google.com GTS CA 1C3	`2021-07-12` - `2021-10-04`	3 months	crt.sh
*.send.microad.jp GlobalSign RSA OV SSL CA 2018	`2020-10-06` - `2021-11-07`	a year	crt.sh
cdn-fluct.sh.adingo.jp DigiCert SHA2 Secure Server CA	`2020-09-18` - `2021-10-15`	a year	crt.sh
*.google.ch GTS CA 1C3	`2021-06-28` - `2021-09-20`	3 months	crt.sh
*.adingo.jp DigiCert TLS RSA SHA256 2020 CA1	`2021-03-26` - `2022-04-14`	a year	crt.sh
*.adsrvr.org GlobalSign GCC R3 DV TLS CA 2020	`2021-03-18` - `2022-04-19`	a year	crt.sh
*.turn.com RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1	`2021-03-31` - `2022-03-31`	a year	crt.sh
*.dotomi.com GlobalSign RSA OV SSL CA 2018	`2019-06-19` - `2021-08-31`	2 years	crt.sh
tr.blismedia.com GTS CA 1D4	`2021-06-29` - `2021-09-27`	3 months	crt.sh
sh.zucks.net Amazon	`2021-06-01` - `2022-06-30`	a year	crt.sh
*.v4.metric.gstatic.com GTS CA 1C3	`2021-07-12` - `2021-10-04`	3 months	crt.sh
*.ds.metric.gstatic.com GTS CA 1C3	`2021-06-28` - `2021-09-20`	3 months	crt.sh

This page contains 43 frames:

Primary Page: https://newsoku.blog/
Frame ID: 5B8D221EF07431128033DADF0F008825
Requests: 98 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20210729/r20190131/zrt_lookup.html
Frame ID: F8985B30E4215E756F43AF1F14EF7093
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4110214929210244&output=html&adk=1812271804&adf=3025194257&lmt=1628003318&plat=8%3A134217728%2C9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fnewsoku.blog%2F&ea=0&flash=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1628003318733&bpp=7&bdt=409&idt=82&shv=r20210729&mjsv=m202107290101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=1858602499989&frm=20&pv=2&ga_vid=1952375638.1628003319&ga_sid=1628003319&ga_hid=1915987041&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C20211866&oid=3&pvsid=1267796506519893&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=102
Frame ID: 6E42BF0894A10BC9066A1FD1FF5AB6B1
Requests: 1 HTTP requests in this frame

Frame: https://cache.send.microadinc.com/js/cookie_loader.html
Frame ID: A602912CD556EB9B66AD8C477166BBCF
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4110214929210244&output=html&h=280&slotname=2970979162&adk=3236041453&adf=2420973902&pi=t.ma~as.2970979162&w=1106&fwrn=4&fwrnh=100&lmt=1628003318&rafmt=1&psa=0&format=1106x280&url=https%3A%2F%2Fnewsoku.blog%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1628003319374&bpp=4&bdt=1050&idt=4&shv=r20210729&mjsv=m202107290101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D70788018dd48af57-22dd5d5890c900e0%3AT%3D1628003319%3ART%3D1628003319%3AS%3DALNI_MbaYN8En-COu8JidTAj9lI-9LYyQA&prev_fmts=0x0&nras=1&correlator=1858602499989&frm=20&pv=1&ga_vid=1952375638.1628003319&ga_sid=1628003319&ga_hid=1915987041&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=247&ady=864&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C20211866&oid=3&pvsid=1267796506519893&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=whexCSxYcg&p=https%3A//newsoku.blog&dtd=12
Frame ID: 919604D8DD62BEEB5EF5F93BE4188599
Requests: 16 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4110214929210244&output=html&h=280&slotname=2137269402&adk=2422814327&adf=2400760514&pi=t.ma~as.2137269402&w=1106&fwrn=4&fwrnh=100&lmt=1628003318&rafmt=1&psa=0&format=1106x280&url=https%3A%2F%2Fnewsoku.blog%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1628003319395&bpp=35&bdt=1071&idt=35&shv=r20210729&mjsv=m202107290101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D70788018dd48af57-22dd5d5890c900e0%3AT%3D1628003319%3ART%3D1628003319%3AS%3DALNI_MbaYN8En-COu8JidTAj9lI-9LYyQA&prev_fmts=0x0%2C1106x280&nras=1&correlator=1858602499989&frm=20&pv=1&ga_vid=1952375638.1628003319&ga_sid=1628003319&ga_hid=1915987041&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=247&ady=1414&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C20211866&oid=3&pvsid=1267796506519893&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=VGrPRLKA5X&p=https%3A//newsoku.blog&dtd=38
Frame ID: C371B93E361FA1638499A6238D3CBFC3
Requests: 18 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4110214929210244&output=html&h=280&slotname=5622522222&adk=281811654&adf=2966697880&pi=t.ma~as.5622522222&w=680&fwrn=4&fwrnh=100&lmt=1628003318&rafmt=1&psa=0&format=680x280&url=https%3A%2F%2Fnewsoku.blog%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1628003319476&bpp=4&bdt=1153&idt=4&shv=r20210729&mjsv=m202107290101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D70788018dd48af57-22dd5d5890c900e0%3AT%3D1628003319%3ART%3D1628003319%3AS%3DALNI_MbaYN8En-COu8JidTAj9lI-9LYyQA&prev_fmts=0x0%2C1106x280%2C1106x280&nras=1&correlator=1858602499989&frm=20&pv=1&ga_vid=1952375638.1628003319&ga_sid=1628003319&ga_hid=1915987041&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=643&ady=2546&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C20211866&oid=3&pvsid=1267796506519893&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=KT5jRbRSGX&p=https%3A//newsoku.blog&dtd=17
Frame ID: 5080C12F811F52AA4B135008C9A44941
Requests: 11 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4110214929210244&output=html&h=600&slotname=4858775902&adk=2423983721&adf=4117875246&pi=t.ma~as.4858775902&w=300&fwrn=4&fwrnh=100&lmt=1628003318&rafmt=1&psa=0&format=300x600&url=https%3A%2F%2Fnewsoku.blog%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1628003319581&bpp=2&bdt=1257&idt=2&shv=r20210729&mjsv=m202107290101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D70788018dd48af57-22dd5d5890c900e0%3AT%3D1628003319%3ART%3D1628003319%3AS%3DALNI_MbaYN8En-COu8JidTAj9lI-9LYyQA&prev_fmts=0x0%2C1106x280%2C1106x280%2C680x280&nras=1&correlator=1858602499989&frm=20&pv=1&ga_vid=1952375638.1628003319&ga_sid=1628003319&ga_hid=1915987041&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=274&ady=2601&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C20211866&oid=3&pvsid=1267796506519893&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=lCDDxK0JOU&p=https%3A//newsoku.blog&dtd=6
Frame ID: 81EE0BB37DAFD2037CDB3B5114F9BEA7
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4110214929210244&output=html&h=280&slotname=3175488137&adk=148966444&adf=3061787000&pi=t.ma~as.3175488137&w=336&fwrn=4&fwrnh=100&lmt=1628003318&rafmt=1&psa=0&format=336x280&url=https%3A%2F%2Fnewsoku.blog%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1628003319599&bpp=1&bdt=1275&idt=1&shv=r20210729&mjsv=m202107290101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D70788018dd48af57-22dd5d5890c900e0%3AT%3D1628003319%3ART%3D1628003319%3AS%3DALNI_MbaYN8En-COu8JidTAj9lI-9LYyQA&prev_fmts=0x0%2C1106x280%2C1106x280%2C680x280%2C300x600&nras=1&correlator=1858602499989&frm=20&pv=1&ga_vid=1952375638.1628003319&ga_sid=1628003319&ga_hid=1915987041&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=256&ady=3901&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C20211866&oid=3&pvsid=1267796506519893&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=6&uci=a!6&btvi=4&fsb=1&xpc=jWuEFoM6Mx&p=https%3A//newsoku.blog&dtd=5
Frame ID: D22695148AF49A8842AEECB2C5F686D3
Requests: 22 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/tBv30B7cEwOfmOtuBIU0RKM2cx09bPxFJYI-bfU5S6g.js
Frame ID: BCD8DB6DAEC467972042F2002D33CBD4
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si
Frame ID: 14C232480755BCD6B59347937838CB7B
Requests: 2 HTTP requests in this frame

Frame: https://p4-azawbssdnwqhi-mqnd6znxwtgq5ixb-if-v6exp3-v4.metric.gstatic.com/v6exp3/iframe.html
Frame ID: 738864099476D91B0218BEF1A6F9BB38
Requests: 4 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/012107240354000/amp4ads-v0.mjs
Frame ID: 90062C709B81EE2597A083D2A49568EB
Requests: 20 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Frame ID: 5697BCADDFBE1D8C3F181E6EA4079762
Requests: 12 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/tBv30B7cEwOfmOtuBIU0RKM2cx09bPxFJYI-bfU5S6g.js
Frame ID: 630FB5B0FBEB57C6176000512CF74F17
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/tBv30B7cEwOfmOtuBIU0RKM2cx09bPxFJYI-bfU5S6g.js
Frame ID: C2CF708E52DEA4114FD72F3CE296A3ED
Requests: 1 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Frame ID: 697CDC010EF82BE0A1D56424417844B3
Requests: 8 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Frame ID: F34D2BD5BFC4E0A1B2B78D807C20BED0
Requests: 9 HTTP requests in this frame

Frame: https://cdn-fluct.sh.adingo.jp/f.js?G=1000090646
Frame ID: 7326807F02A956F8C82C4AE331D26E1E
Requests: 3 HTTP requests in this frame

Frame: https://b4c78a955062d9a7c1c9dcde3c5921a0.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Frame ID: 100A05679A852CB152B6917545C1A833
Requests: 1 HTTP requests in this frame

Frame: https://04b69d6d8560a76f08fdb9f6dcb725ab.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Frame ID: 4F2579F90BC8353E7DBBFE1ED5833E9D
Requests: 1 HTTP requests in this frame

Frame: https://352510982c2b3d189368b9f6ac9ac6e8.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Frame ID: 75439056F0AA901F7F3164E4ECD870E3
Requests: 1 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Frame ID: 514E88D12130A8458BDD1965F2C02089
Requests: 9 HTTP requests in this frame

Frame: https://b4c78a955062d9a7c1c9dcde3c5921a0.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Frame ID: 6B43267719F6C3F4D7EFAFC1F249FA15
Requests: 18 HTTP requests in this frame

Frame: https://04b69d6d8560a76f08fdb9f6dcb725ab.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Frame ID: DA847618C4820EC81A03354533A8DBF4
Requests: 16 HTTP requests in this frame

Frame: https://352510982c2b3d189368b9f6ac9ac6e8.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Frame ID: 175E87BD16B8543231DC6FBC3ED48D5B
Requests: 15 HTTP requests in this frame

Frame: https://81d96fc7c4b1ba15300e6092c7f0125f.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Frame ID: B34D70F68FB0979104F1CDC022455E54
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html
Frame ID: 44918FEF9AADC275F9763E741F45B7F5
Requests: 2 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 00BDF7F586A5F59B40B57381400D8EFD
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html
Frame ID: 7BFC8F007D1B5B7FFCB890FCEC802B0A
Requests: 2 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: CFB8BF36ECFA086A3F16A5361F67E339
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html
Frame ID: 1AEC881A5800068BED612F0ABC37E86C
Requests: 2 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: CADA22ACF73D184C03EADAE3D4CA421E
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 6171C497CFF4B7911171E3BE6DCD2A4E
Requests: 9 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: AB5DEF34ED1F25C706D61E97F9829E65
Requests: 9 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: D84839BDE1C58A0979B8B26E9846A6B1
Requests: 9 HTTP requests in this frame

Frame: https://81d96fc7c4b1ba15300e6092c7f0125f.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Frame ID: F790C2C5E5BEED327BB8E2D34ECECEE3
Requests: 16 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html
Frame ID: DDF4FB292E0F4F431A9E77949E2C11B6
Requests: 2 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: B9A086EE04E74F1591FC1D93904F9244
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 53F10728E0CDCF60F062E6AFE99109C1
Requests: 9 HTTP requests in this frame

Frame: https://cdn-fluct.sh.adingo.jp/nativead/brain.js
Frame ID: FFDA499BE09786823CD9D5E154BF55C9
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html
Frame ID: 0CE3A562D49C2D39C10A0B04969A466C
Requests: 2 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: E8F0475816BB5F23C7FE61B71AA38CF7
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Detected technologies

CloudFlare (CDN) Expand

Overall confidence: 100%
Detected patterns

headers server /^cloudflare$/i

Page Statistics

354
Requests

99 %
HTTPS

41 %
IPv6

51
Domains

77
Subdomains

46
IPs

10
Countries

3439 kB
Transfer

8543 kB
Size

1
Cookies

118 Outgoing links

These are links going to different origins than the main page.

URL: http://newpuru.doorblog.jp/
Title: ★にゅーぷる

Search URL Search Domain Scan URL

URL: https://headline.mtfj.net/
Title: ★とろたまヘッドライン

Search URL Search Domain Scan URL

URL: https://2channeler.com/
Title: ねらーアンテナ

Search URL Search Domain Scan URL

URL: http://tokkaban.com/
Title: 激安特価板

Search URL Search Domain Scan URL

URL: https://newser.cc/
Title: NEWS人

Search URL Search Domain Scan URL

URL: https://mtmx.jp/
Title: まとめくすアンテナ

Search URL Search Domain Scan URL

URL: http://news-choice.net/
Title: NEWS CHOICE

Search URL Search Domain Scan URL

URL: http://webnew.net/
Title: WEBNEW

Search URL Search Domain Scan URL

URL: http://news-three-stars.net/
Title: ニュース星3つ！

Search URL Search Domain Scan URL

URL: https://blogroll.livedoor.net/ad_redirect?ad_id=59417&channel_id=238586
Title: “指が3本”の高校生がバイト先で言われた事

Search URL Search Domain Scan URL

URL: https://2channeler.com/pick.cgi?code=1379&cate=20&date=1627960025
Title: ロシアのミグ設計局が第5世代の艦載戦闘機開発を開始、STOVL型の開発も検討！

Search URL Search Domain Scan URL

URL: https://2channeler.com/pick.cgi?code=1379&cate=20&date=1627981313
Title: 後頭部に「バンド」を貼った金正恩委員長！

Search URL Search Domain Scan URL

URL: https://2channeler.com/pick.cgi?code=1377&cate=20&date=1627959392
Title: 【国際】韓国人の家、日本人の家より27％も狭かった

Search URL Search Domain Scan URL

URL: https://ii-antenna.net/?category=news&id=5008819
Title: ワイ、qbハウスを使ってるだけでチー牛扱いされる

Search URL Search Domain Scan URL

URL: https://2channeler.com/pick.cgi?code=1645&cate=20&date=1627963252
Title: 【緊急】中国に世界各国に天文学的賠償請求か　米下院外交委員会で報告書公表「新型コロナは武漢ウイルス研究所から流出」ほぼ確定路線に

Search URL Search Domain Scan URL

URL: http://giko-antenna.com/archives/1334226.html
Title: 【悲報】運営「馬術の障害物を日本っぽくダルマにしたろｗ大ウケやろなぁ」 →馬が怖がり失敗続出 →撤去されてしまう

Search URL Search Domain Scan URL

URL: https://headline.mtfj.net/feed/210803232010
Title: 【悲報】首都圏4知事「夏休みやお盆での旅行・帰省は中止にして！！」

Search URL Search Domain Scan URL

URL: https://headline.mtfj.net/feed/210803235003
Title: 【悲報】人を傷つけないお笑い「ない」

Search URL Search Domain Scan URL

URL: http://tokkaban.com/?article_id=3583073&code=210803144&category_id=2
Title: 韓国代表の「福島食材忌避」に日本政府が韓国政府に申し入れ……「風評被害を許さない」という強い立場を堅持

Search URL Search Domain Scan URL

URL: http://news-choice.net/news/202108032357.11989014.html
Title: 【悲報】バッハ会長、日本の取材を1分で打ち切り!!! 中国に対してはメディアセンターに出向いて長時間取材

Search URL Search Domain Scan URL

URL: https://mtmx.jp/posts/2926376375436705792
Title: 【悲報】有名ゲームデザイナー神谷氏、加藤純一を痛烈批判

Search URL Search Domain Scan URL

URL: http://besttrendnews.net/news/202108032354.11989787.html
Title: 【悲報】女さん、とんでもない場所で縦列駐車を試みるｗｗｗ

Search URL Search Domain Scan URL

URL: http://newpuru.doorblog.jp/archives/58324870.html?id=28647756&c=2ch&noadult=1
Title: 天下一品でラーメン食ってきたけどやべーなあれｗｗｗｗｗｗｗ

Search URL Search Domain Scan URL

URL: http://newpuru.doorblog.jp/archives/58324870.html?id=28663934&c=news&noadult=1
Title: 放射能フリー弁当を日本政府から正式抗議された韓国が見苦しい歴史改竄で日本側を逆糾弾し始める

Search URL Search Domain Scan URL

URL: http://newpuru.doorblog.jp/archives/58324745.html?id=28663739&c=news&noadult=1
Title: 【教えて国民】蓮舫「総理と官邸を擁護する人を番組に呼ぶことそのもがどうなんでしょう」5ch「何言ってんだコイツ」

Search URL Search Domain Scan URL

URL: http://newpuru.doorblog.jp/archives/58324585.html?id=28663460&c=news&noadult=1
Title: 政府「頼むから、お盆の帰省は止めて下さい」

Search URL Search Domain Scan URL

URL: http://newpuru.doorblog.jp/archives/58324327.html?id=28662718&c=news&noadult=1
Title: トヨタ、ランドクルーザー生誕70周年で「40系」の重要機能部品復刻を公表！

Search URL Search Domain Scan URL

URL: http://newpuru.doorblog.jp/archives/58324186.html?id=28662715&c=news&noadult=1
Title: 【拡散】中国地下鉄沈没の生存者が証言「政府発表は嘘だ」（動画あり）

Search URL Search Domain Scan URL

URL: http://matometatta-news.net/news/202108032348.13879744.html
Title: 【速報】ビットコイン、今月も暴落

Search URL Search Domain Scan URL

URL: http://news-choice.net/news/202108032347.11989441.html
Title: 未だにクーラー付けずに扇風機で頑張ってる奴ｗｗｗ

Search URL Search Domain Scan URL

URL: http://konowaro.net/news/202108032347.9437352.html
Title: 自民党の事務局長を逮捕未成年少女を乗用車に連れ込み乱暴

Search URL Search Domain Scan URL

URL: http://tokkaban.com/?article_id=3582911&code=210803144&category_id=2
Title: A-10サンダーボルトⅡ攻撃機が、米国の高速道路で初めて離着陸をトレーニング！

Search URL Search Domain Scan URL

URL: http://tokkaban.com/?article_id=3583150&code=210803144&category_id=2
Title: 【謎】満員電車「密集します！手すり触ります！汗臭いです！」 ← これでコロナにかからない理由

Search URL Search Domain Scan URL

URL: http://tokkaban.com/?article_id=3583195&code=210803144&category_id=2
Title: 厚労相「酸素吸入が必要なやばい中等症でも、在宅で酸素吸入してね」

Search URL Search Domain Scan URL

URL: http://tokkaban.com/?article_id=3583196&code=210803144&category_id=2
Title: 【東京五輪】サッカー日本代表がスペインに敗北 → 戦犯がこちらｗｗｗｗｗｗｗｗｗｗ

Search URL Search Domain Scan URL

URL: http://news-three-stars.net/news/202108032345.13878957.html
Title: アストロゼネカ製コロナワクチン、緊急事態宣言地域に優先配布へ

Search URL Search Domain Scan URL

URL: http://antennabank.com/news/202108032344.13880007.html
Title: 【動画】岩手で空飛ぶタイヤ。走行中のジムニーからタイヤが外れて飛んでいってしまう車載。

Search URL Search Domain Scan URL

URL: https://matomechecker.net/pickup/814844
Title: 【五輪】ギリシャの幅跳び王者は日本のアニメ好き「DB、NARUTO、ワンピースが好き」

Search URL Search Domain Scan URL

URL: http://newser.cc/news/20210803?order=link&ni=3245076
Title: 日本が終わってんのって政治家が悪いんじゃなくて他

Search URL Search Domain Scan URL

URL: http://afo-news.com/news/202108032331.9436998.html
Title: アストロゼネカ製コロナワクチン、緊急事態宣言地域に優先配布へ

Search URL Search Domain Scan URL

URL: http://news.owata-net.com/feed/20210803115004/?d=pc&c=index
Title: F1ハンガリーGP：アルファタウリの角田「後半戦はコンスタントにポイントを獲得できるようにしたい」

Search URL Search Domain Scan URL

URL: http://webnew.net/news/202108032327.13878984.html
Title: イラン大統領の就任式で韓国高官が原油代金70億ドルの返済猶予を懇願する国辱的事態が進行中

Search URL Search Domain Scan URL

URL: http://news.owata-net.com/feed/20210803131353/?d=pc&c=index
Title: 【速報】中国、終わる

Search URL Search Domain Scan URL

URL: https://headline.mtfj.net/feed/210803224010
Title: 台湾と外交関係持つパラグアイ、中国ワクチン供給契約を突然破棄される…中国当局当局の圧力か！

Search URL Search Domain Scan URL

URL: https://headline.mtfj.net/feed/210803222510
Title: 【悲報】ワイ、過敏性腸症候群になり咽び泣く

Search URL Search Domain Scan URL

URL: http://news.owata-net.com/feed/20210803192810/?d=pc&c=index
Title: 【悲報】アストラゼネカ製ワクチンに驚きの情報・・・マジかよこれ・・・

Search URL Search Domain Scan URL

URL: https://headline.mtfj.net/feed/210803213010
Title: 自民党の事務局長を逮捕　未成年少女を乗用車に連れ込み乱暴

Search URL Search Domain Scan URL

URL: http://news.owata-net.com/feed/20210803201215/?d=pc&c=index
Title: 【悲報】パラリンピック、中止へ・・・・・・・・・・

Search URL Search Domain Scan URL

URL: https://2channeler.com/pick.cgi?code=1818&cate=10&date=1627998492
Title: 【悲報】従業員59人がコロナ感染するデパートが出現するｗｗｗｗ

Search URL Search Domain Scan URL

URL: https://2channeler.com/pick.cgi?code=1818&cate=10&date=1627992796
Title: 逆転裁判さん、ヒロインが可愛すぎる件ｗｗｗｗｗ

Search URL Search Domain Scan URL

URL: https://blogroll.livedoor.com/
Title: Powered by livedoor 相互RSS

Search URL Search Domain Scan URL

URL: https://blogroll.livedoor.net/ad_redirect?ad_id=59474&channel_id=238587
Title: “炭水化物×炭水化物” 存在感がすごいマンガ飯

Search URL Search Domain Scan URL

URL: https://warotanien.net/archives/27815
Title: 【朗報】ワイ、アルバイトで6500円ゲット！！ｗｗｗｗｗ

Search URL Search Domain Scan URL

URL: https://warotanien.net/archives/27808
Title: 【悲報】従業員59人がコロナ感染するデパートが出現するｗｗｗｗ

Search URL Search Domain Scan URL

URL: https://ii-antenna.net/?category=sports&tag=soccer&id=5008747
Title: 【動画】吉田麻也のPK取り消しになったタックル、ヤバすぎｗｗｗｗｗｗｗｗ

Search URL Search Domain Scan URL

URL: http://giko-antenna.com/archives/1334235.html
Title: 【衝撃】昨日メンヘラ彼女と別れた結果→こうなっていますｗｗｗｗｗ

Search URL Search Domain Scan URL

URL: https://2channeler.com/pick.cgi?code=1180&cate=0&date=1627911983
Title: 今週の「逃げ上手の若君」感想、信濃国司・清原信濃守が登場！一筋縄では行かなさそうな麻呂が出てきたな･･･【26話】

Search URL Search Domain Scan URL

URL: https://headline.mtfj.net/feed/210804000001
Title: 韓国政府が竹島モニタリングを強化にネットには不満の声多数「海兵隊を駐屯させるべき」！

Search URL Search Domain Scan URL

URL: http://newpuru.doorblog.jp/archives/58324585.html?id=28663382&c=2ch
Title: ワイリゾートバイト民の寮ｗｗｗｗｗｗｗｗｗｗ

Search URL Search Domain Scan URL

URL: https://headline.mtfj.net/feed/210803235502
Title: 【画像】イチローさん、引退して暇だからとブルペンキャッチャーもやり始めるwwwwwwwww

Search URL Search Domain Scan URL

URL: https://2channeler.com/pick.cgi?code=1344&cate=0&date=1627999200
Title: 海外「日本はよくやってくれた！」アスリートが紹介する選手村の設備に外国人が感動

Search URL Search Domain Scan URL

URL: https://2channeler.com/pick.cgi?code=1681&cate=0&date=1627931212
Title: 【画像】これ以上ないってくらい最恐の心霊写真、見つかってしまう・・・

Search URL Search Domain Scan URL

URL: https://2channeler.com/pick.cgi?code=1180&cate=0&date=1627938103
Title: 鬼滅の刃スピンオフ「キメツ学園！」新連載決定！最強ジャンプ９月号でスタート！

Search URL Search Domain Scan URL

URL: http://tokkaban.com/?article_id=3583196&code=210803144
Title: 【東京五輪】サッカー日本代表がスペインに敗北 → 戦犯がこちらｗｗｗｗｗｗｗｗｗｗ

Search URL Search Domain Scan URL

URL: http://news-choice.net/202108032357.11989143.html
Title: 【速報】卓球女子団体、日本つえええ…!!!

Search URL Search Domain Scan URL

URL: https://2channeler.com/pick.cgi?code=1678&cate=0&date=1627948834
Title: シンフォギア登場前にシンフォギアスペックの台ってあったの？

Search URL Search Domain Scan URL

URL: http://newpuru.doorblog.jp/archives/58324745.html?id=28663547&c=news
Title: アストロゼネカ製コロナワクチン、緊急事態宣言地域に優先配布へ

Search URL Search Domain Scan URL

URL: http://newpuru.doorblog.jp/archives/58324463.html?id=28663049&c=news
Title: 後頭部に「バンド」を貼った金正恩委員長！

Search URL Search Domain Scan URL

URL: http://newpuru.doorblog.jp/archives/58324327.html?id=28662387&c=news
Title: 文在寅がK防疫の勝利を再宣言した直後にデルタプラスの国内初感染が確認されるコントじみた事態が発生

Search URL Search Domain Scan URL

URL: https://headline.mtfj.net/feed/210803232001
Title: 【悲報】首都圏4知事「夏休みやお盆での旅行・帰省は中止にして！！」

Search URL Search Domain Scan URL

URL: http://matometatta-news.net/202108032348.13873876.html
Title: 海外「また日本に泣かされた」東京五輪のブーケに込められた日本人の想いに外国人が涙

Search URL Search Domain Scan URL

URL: http://konowaro.net/202108032347.9437487.html
Title: 【画像】呪術廻戦、パクっているのではなく意図しないオマージュだったことが判明

Search URL Search Domain Scan URL

URL: http://news-choice.net/202108032347.11988945.html
Title: 【東京五輪】体操鉄棒・金メダルの橋本大輝選手、君が代「しっかり歌った。日本代表として誇りをもってやっていきたいと思った」

Search URL Search Domain Scan URL

URL: http://news-three-stars.net/202108032345.13879132.html
Title: MBC、また東京五輪関連の放送でミス「サッカー、野球は負けて、バレーだけ勝ったが？」＝韓国の反応

Search URL Search Domain Scan URL

URL: http://tokkaban.com/?article_id=3583149&code=210803144
Title: 【動画】岩手で空飛ぶタイヤ。走行中のジムニーからタイヤが外れて飛んでいってしまう車載。

Search URL Search Domain Scan URL

URL: http://tokkaban.com/?article_id=3583195&code=210803144
Title: 厚労相「酸素吸入が必要なやばい中等症でも、在宅で酸素吸入してね」

Search URL Search Domain Scan URL

URL: http://tokkaban.com/?article_id=3583199&code=210803144
Title: 【悲報】ワイ、過敏性腸症候群になり咽び泣く

Search URL Search Domain Scan URL

URL: http://tokkaban.com/?article_id=3583200&code=210803144
Title: 【速報】2021年PS5ソフト売り上げランキングがヤバすぎる……

Search URL Search Domain Scan URL

URL: http://antennabank.com/202108032344.13879876.html
Title: 【衝撃】くず鉄製錬溶鉱炉に男性作業員が落ちてしまう衝撃映像。

Search URL Search Domain Scan URL

URL: http://besttrendnews.net/202108032344.11989065.html
Title: 私「女子会行ってくる」彼「俺も行く！俺、盛り上げるよ！」私「女子会だから無理でしょ...」→ しつこく言うので折れてダブルデートを組んだら…

Search URL Search Domain Scan URL

URL: http://afo-news.com/202108032341.9437654.html
Title: 【画像】セーラームーンの拘束シーン、いま見ても興奮するｗｗｗ

Search URL Search Domain Scan URL

URL: http://webnew.net/202108032327.13879030.html
Title: 【狂気】ディズニーランドの職員はコレをやった瞬間クビになるらしい…ヤバすぎ…

Search URL Search Domain Scan URL

URL: https://headline.mtfj.net/feed/210803224001
Title: 台湾と外交関係持つパラグアイ、中国ワクチン供給契約を突然破棄される…中国当局当局の圧力か！

Search URL Search Domain Scan URL

URL: https://matomechecker.net/pickup/814802
Title: 【速報】園児バス死亡、とんでもない状況証拠が明らかになり急展開へ。

Search URL Search Domain Scan URL

URL: https://headline.mtfj.net/feed/210803222501
Title: 【悲報】ワイ、過敏性腸症候群になり咽び泣く

Search URL Search Domain Scan URL

URL: https://headline.mtfj.net/feed/210803213001
Title: 自民党の事務局長を逮捕　未成年少女を乗用車に連れ込み乱暴

Search URL Search Domain Scan URL

URL: https://blogroll.livedoor.net/ad_redirect?ad_id=59344&channel_id=273702
Title: メールで届いたファイル名が「奇跡のような文字化け」だった

Search URL Search Domain Scan URL

URL: https://matomechecker.net/pickup/814833
Title: なんでそんなことを・・・。未来の人間たちが軽蔑すると思われる現代の私たちの行動とは何でしょう？海外の反応

Search URL Search Domain Scan URL

URL: https://mtmx.jp/posts/2926366089019392000
Title: すみれ「皆出番があっていいわね」４人「...」【ラブライブ！スーパースター!!】

Search URL Search Domain Scan URL

URL: http://tokkaban.com/?article_id=3582993&code=210803141&category_id=6
Title: もうすぐ君、25才になるんだよ…。

Search URL Search Domain Scan URL

URL: http://tokkaban.com/?article_id=3583076&code=210803141&category_id=6
Title: 【苦痛】休みになると義実家に呼ぶトメ「一緒におでかけしましょ♪」私「はい..（頻繁に顔を出してるのにまだ足りねーのかな？」→後日、トメからLINEがきて・・・

Search URL Search Domain Scan URL

URL: https://mtmx.jp/posts/2926365831275216896
Title: 脱毛エステ・プライベートサロンで働く女性の口説き方

Search URL Search Domain Scan URL

URL: https://0matome.com/p/p1428182b2f232a2eafd5f382879e70c9.html
Title: これどんな競技？お尻を床につけながら前脚だけで移動する猫

Search URL Search Domain Scan URL

URL: https://mtmx.jp/posts/2926359182686814208
Title: 【悲報】従業員59人がコロナ感染するデパートが出現するｗｗｗｗ

Search URL Search Domain Scan URL

URL: http://2chnavi.net/headline/2021080313
Title: 【絶望】隣の家にDQNが引っ越してきてこうなったｗｗｗｗｗｗ他

Search URL Search Domain Scan URL

URL: http://news.owata-net.com/feed/20210802235920/?d=pc&c=index
Title: 太平洋戦争末期の激戦地、硫黄島で戦死した日本兵の郵便貯金通帳が遺族に返還される！

Search URL Search Domain Scan URL

URL: https://new2.jp/feeds/b1f6f57c
Title: 稲垣香織ちゃんと結婚出来るが婿養子にならなければならないボタン←押す？

Search URL Search Domain Scan URL

URL: https://brave.com/ja/
Title: BraveBrowser

Search URL Search Domain Scan URL

URL: https://twitter.com/newsoku_blog
Title: 【ツイッター】

Search URL Search Domain Scan URL

URL: https://ck.jp.ap.valuecommerce.com/servlet/referral?sid=3586186&pid=887107598
Title:

Search URL Search Domain Scan URL

URL: https://ck.jp.ap.valuecommerce.com/servlet/referral?sid=3586186&pid=887107601
Title: 【AMAZON】

Search URL Search Domain Scan URL

URL: https://ck.jp.ap.valuecommerce.com/servlet/referral?sid=3586186&pid=887084656&vc_url=https%3A%2F%2Fwww.amazon.co.jp%2Fgp%2Fgoldbox%3Ftag%3Dvc-22%26linkCode%3Dure
Title: 【AMAZON タイムセール一覧】

Search URL Search Domain Scan URL

URL: https://ck.jp.ap.valuecommerce.com/servlet/referral?sid=3586186&pid=887084656&vc_url=https%3A%2F%2Fwww.amazon.co.jp%2Fb%2F%3Fie%3DUTF8%26node%3D6026699051%26tag%3Dvc-22%26linkCode%3Dure
Title: 【AMAZON 在庫処分セール一覧】

Search URL Search Domain Scan URL

URL: https://ck.jp.ap.valuecommerce.com/servlet/referral?sid=3586186&pid=887084656&vc_url=https%3A%2F%2Fwww.amazon.co.jp%2FAmazon-Video%2Fb%2F%3Fie%3DUTF8%26node%3D2351649051%26tag%3Dvc-22%26linkCode%3Dure
Title: 【AMAZON プライムビデオ一覧】

Search URL Search Domain Scan URL

URL: https://ck.jp.ap.valuecommerce.com/servlet/referral?sid=3586186&pid=887107608
Title:

Search URL Search Domain Scan URL

URL: https://ck.jp.ap.valuecommerce.com/servlet/referral?sid=3586186&pid=887107610
Title: 【楽天市場】

Search URL Search Domain Scan URL

URL: https://ck.jp.ap.valuecommerce.com/servlet/referral?sid=3586186&pid=887107615
Title: 【楽天 kobo】

Search URL Search Domain Scan URL

URL: https://ck.jp.ap.valuecommerce.com/servlet/referral?sid=3586186&pid=887107611
Title: 【楽天トラベル】

Search URL Search Domain Scan URL

URL: https://ck.jp.ap.valuecommerce.com/servlet/referral?sid=3586186&pid=887107612
Title: 【楽天 GORA】

Search URL Search Domain Scan URL

URL: https://ck.jp.ap.valuecommerce.com/servlet/referral?sid=3586186&pid=887107620
Title:

Search URL Search Domain Scan URL

URL: https://ck.jp.ap.valuecommerce.com/servlet/referral?sid=3586186&pid=887107622
Title: 【Yahoo! ショッピング】

Search URL Search Domain Scan URL

URL: https://ck.jp.ap.valuecommerce.com/servlet/referral?sid=3586186&pid=887107630
Title: 【PayPay モール】

Search URL Search Domain Scan URL

URL: https://ck.jp.ap.valuecommerce.com/servlet/referral?sid=3586186&pid=887107638
Title:

Search URL Search Domain Scan URL

URL: https://ck.jp.ap.valuecommerce.com/servlet/referral?sid=3586186&pid=887107639
Title: 【セブンネットショッピング】

Search URL Search Domain Scan URL

URL: https://ck.jp.ap.valuecommerce.com/servlet/referral?sid=3586186&pid=887107643
Title: 【イトーヨーカドーネット通販】

Search URL Search Domain Scan URL

URL: https://blogmura.com/ranking/in?p_cid=10975451

Search URL Search Domain Scan URL

URL: https://blog.with2.net/link/?id=1992429

Search URL Search Domain Scan URL

URL: https://counter.fc2.com/

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 3

https://j.microad.net/js/compass.js HTTP 302
https://jgl.microad.net/js/compass.js

Request Chain 6

https://ad.jp.ap.valuecommerce.com/servlet/gifbanner?sid=3586186&pid=887107598 HTTP 302
https://i.imgvc.com/vc/images/1x1.gif

Request Chain 7

https://ad.jp.ap.valuecommerce.com/servlet/gifbanner?sid=3586186&pid=887107601 HTTP 302
https://i.imgvc.com/vc/images/1x1.gif

Request Chain 8

https://ad.jp.ap.valuecommerce.com/servlet/gifbanner?sid=3586186&pid=887084656 HTTP 302
https://i.imgvc.com/vc/images/1x1.gif

Request Chain 9

https://ad.jp.ap.valuecommerce.com/servlet/gifbanner?sid=3586186&pid=887107608 HTTP 302
https://i.imgvc.com/vc/images/1x1.gif

Request Chain 10

https://ad.jp.ap.valuecommerce.com/servlet/gifbanner?sid=3586186&pid=887107610 HTTP 302
https://i.imgvc.com/vc/images/1x1.gif

Request Chain 11

https://ad.jp.ap.valuecommerce.com/servlet/gifbanner?sid=3586186&pid=887107615 HTTP 302
https://i.imgvc.com/vc/images/1x1.gif

Request Chain 12

https://ad.jp.ap.valuecommerce.com/servlet/gifbanner?sid=3586186&pid=887107611 HTTP 302
https://i.imgvc.com/vc/images/1x1.gif

Request Chain 13

https://ad.jp.ap.valuecommerce.com/servlet/gifbanner?sid=3586186&pid=887107612 HTTP 302
https://i.imgvc.com/vc/images/1x1.gif

Request Chain 14

https://ad.jp.ap.valuecommerce.com/servlet/gifbanner?sid=3586186&pid=887107620 HTTP 302
https://i.imgvc.com/vc/images/1x1.gif

Request Chain 15

https://ad.jp.ap.valuecommerce.com/servlet/gifbanner?sid=3586186&pid=887107622 HTTP 302
https://i.imgvc.com/vc/images/1x1.gif

Request Chain 16

https://ad.jp.ap.valuecommerce.com/servlet/gifbanner?sid=3586186&pid=887107630 HTTP 302
https://i.imgvc.com/vc/images/1x1.gif

Request Chain 17

https://ad.jp.ap.valuecommerce.com/servlet/gifbanner?sid=3586186&pid=887107638 HTTP 302
https://i.imgvc.com/vc/images/1x1.gif

Request Chain 18

https://ad.jp.ap.valuecommerce.com/servlet/gifbanner?sid=3586186&pid=887107639 HTTP 302
https://i.imgvc.com/vc/images/1x1.gif

Request Chain 19

https://ad.jp.ap.valuecommerce.com/servlet/gifbanner?sid=3586186&pid=887107643 HTTP 302
https://i.imgvc.com/vc/images/1x1.gif

Request Chain 169

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si

Request Chain 291

https://fksnk.com/cs/google?google_gid=CAESEGaC3vReBBkHROP5FNrLibk&google_cver=1&google_push=AYg5qPLwdEYjCtpNk3xVNpXlRbZqhu3xYodgKaLnO_y8RpR1f3E8Eld-YcJNJhN6dvVcfa13BdMIwyQ9FHh-x0G7CdfOGojgqpPc HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=fiksu&google_hm=QzIzQjBGOUIxMjlBQjA5OQ==

Request Chain 293

https://c.eu1.dyntrk.com/adx/ga/us.php?dynk=ga2ex&google_gid=CAESEDVW2KkYh6gNy-iGtBJ2NAU&google_cver=1&google_push=AYg5qPKFAqfcCt9Bpd8eH-sQ08MR7gyURIq6Ka-b2d65U9P_hk8Aa5GuG6ygKEMbl5FrkU6DyTAsT4MJGBr0a5U8q32tql59Zuwk HTTP 302
https://c.eu1.dyntrk.com/adx/ga/us.php?dynk=ga2ex&google_gid=CAESEDVW2KkYh6gNy-iGtBJ2NAU&google_cver=1&google_push=AYg5qPKFAqfcCt9Bpd8eH-sQ08MR7gyURIq6Ka-b2d65U9P_hk8Aa5GuG6ygKEMbl5FrkU6DyTAsT4MJGBr0a5U8q32tql59Zuwk&prevuid=03030003_61095bfa3e620&knw=0 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=dynadmic&google_push=AYg5qPKFAqfcCt9Bpd8eH-sQ08MR7gyURIq6Ka-b2d65U9P_hk8Aa5GuG6ygKEMbl5FrkU6DyTAsT4MJGBr0a5U8q32tql59Zuwk&google_hm=MDMwMzAwMDNfNjEwOTViZmEzZTYyMA%3D%3D

Request Chain 294

https://ssp.adriver.ru/cgi-bin/sync.cgi?ssp_id=10&external_id=&google_gid=CAESEJtt6_8YRsorL9IzrA_2CRs&google_cver=1&google_push=AYg5qPIkzA_eSuopm1hjaLZgbOs_0hTZMhnojNzLmhLm-ZCEzlrZ2FtfglMCfKERZO7Rz5JyDxAYz4mpd86F2IJGY-qziExFZQg HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=ADR&google_push=AYg5qPIkzA_eSuopm1hjaLZgbOs_0hTZMhnojNzLmhLm-ZCEzlrZ2FtfglMCfKERZO7Rz5JyDxAYz4mpd86F2IJGY-qziExFZQg&google_hm=QWVyMTgxTkNEZ1p6UUZyQzlNSU5CRUE=

Request Chain 295

https://cs.chocolateplatform.com/pub?pid=ebda&google_gid=CAESELPmMCkhVd225Y6IZDUUnNc&google_cver=1&google_push=AYg5qPK_rDm8XMYf-GEHQJ90j3nwvcJ-9WI5Ttq0nYIhjx-eoczizlEZNv4Lz3dtVUq5_EbjtmC7f0ikRfQWYDVexxP90IhCIT24 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=chocolateplatform&google_hm=Y3AtNzNkNGU2NDZhOGZiNGZhMTU4MDkwMDhhNzYxYjRhOTU=&google_push=AYg5qPK_rDm8XMYf-GEHQJ90j3nwvcJ-9WI5Ttq0nYIhjx-eoczizlEZNv4Lz3dtVUq5_EbjtmC7f0ikRfQWYDVexxP90IhCIT24 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=chocolateplatform&google_hm=Y3AtNzNkNGU2NDZhOGZiNGZhMTU4MDkwMDhhNzYxYjRhOTU=&google_push=AYg5qPK_rDm8XMYf-GEHQJ90j3nwvcJ-9WI5Ttq0nYIhjx-eoczizlEZNv4Lz3dtVUq5_EbjtmC7f0ikRfQWYDVexxP90IhCIT24 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=chocolateplatform&google_hm=Y3AtNzNkNGU2NDZhOGZiNGZhMTU4MDkwMDhhNzYxYjRhOTU=&google_push=AYg5qPK_rDm8XMYf-GEHQJ90j3nwvcJ-9WI5Ttq0nYIhjx-eoczizlEZNv4Lz3dtVUq5_EbjtmC7f0ikRfQWYDVexxP90IhCIT24 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=chocolateplatform&google_hm=Y3AtNzNkNGU2NDZhOGZiNGZhMTU4MDkwMDhhNzYxYjRhOTU=&google_push=AYg5qPK_rDm8XMYf-GEHQJ90j3nwvcJ-9WI5Ttq0nYIhjx-eoczizlEZNv4Lz3dtVUq5_EbjtmC7f0ikRfQWYDVexxP90IhCIT24 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=chocolateplatform&google_hm=Y3AtNzNkNGU2NDZhOGZiNGZhMTU4MDkwMDhhNzYxYjRhOTU=&google_push=AYg5qPK_rDm8XMYf-GEHQJ90j3nwvcJ-9WI5Ttq0nYIhjx-eoczizlEZNv4Lz3dtVUq5_EbjtmC7f0ikRfQWYDVexxP90IhCIT24 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=chocolateplatform&google_hm=Y3AtNzNkNGU2NDZhOGZiNGZhMTU4MDkwMDhhNzYxYjRhOTU=&google_push=AYg5qPK_rDm8XMYf-GEHQJ90j3nwvcJ-9WI5Ttq0nYIhjx-eoczizlEZNv4Lz3dtVUq5_EbjtmC7f0ikRfQWYDVexxP90IhCIT24 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=chocolateplatform&google_hm=Y3AtNzNkNGU2NDZhOGZiNGZhMTU4MDkwMDhhNzYxYjRhOTU=&google_push=AYg5qPK_rDm8XMYf-GEHQJ90j3nwvcJ-9WI5Ttq0nYIhjx-eoczizlEZNv4Lz3dtVUq5_EbjtmC7f0ikRfQWYDVexxP90IhCIT24&google_tc= HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=chocolateplatform&google_hm=Y3AtNzNkNGU2NDZhOGZiNGZhMTU4MDkwMDhhNzYxYjRhOTU=&google_push=AYg5qPK_rDm8XMYf-GEHQJ90j3nwvcJ-9WI5Ttq0nYIhjx-eoczizlEZNv4Lz3dtVUq5_EbjtmC7f0ikRfQWYDVexxP90IhCIT24&google_tc= HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=chocolateplatform&google_hm=Y3AtNzNkNGU2NDZhOGZiNGZhMTU4MDkwMDhhNzYxYjRhOTU=&google_push=AYg5qPK_rDm8XMYf-GEHQJ90j3nwvcJ-9WI5Ttq0nYIhjx-eoczizlEZNv4Lz3dtVUq5_EbjtmC7f0ikRfQWYDVexxP90IhCIT24&google_tc= HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=chocolateplatform&google_hm=Y3AtNzNkNGU2NDZhOGZiNGZhMTU4MDkwMDhhNzYxYjRhOTU=&google_push=AYg5qPK_rDm8XMYf-GEHQJ90j3nwvcJ-9WI5Ttq0nYIhjx-eoczizlEZNv4Lz3dtVUq5_EbjtmC7f0ikRfQWYDVexxP90IhCIT24&google_tc= HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=chocolateplatform&google_hm=Y3AtNzNkNGU2NDZhOGZiNGZhMTU4MDkwMDhhNzYxYjRhOTU=&google_push=AYg5qPK_rDm8XMYf-GEHQJ90j3nwvcJ-9WI5Ttq0nYIhjx-eoczizlEZNv4Lz3dtVUq5_EbjtmC7f0ikRfQWYDVexxP90IhCIT24&google_tc= HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=chocolateplatform&google_hm=Y3AtNzNkNGU2NDZhOGZiNGZhMTU4MDkwMDhhNzYxYjRhOTU=&google_push=AYg5qPK_rDm8XMYf-GEHQJ90j3nwvcJ-9WI5Ttq0nYIhjx-eoczizlEZNv4Lz3dtVUq5_EbjtmC7f0ikRfQWYDVexxP90IhCIT24&google_tc= HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=chocolateplatform&google_hm=Y3AtNzNkNGU2NDZhOGZiNGZhMTU4MDkwMDhhNzYxYjRhOTU=&google_push=AYg5qPK_rDm8XMYf-GEHQJ90j3nwvcJ-9WI5Ttq0nYIhjx-eoczizlEZNv4Lz3dtVUq5_EbjtmC7f0ikRfQWYDVexxP90IhCIT24&google_tc= HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=chocolateplatform&google_hm=Y3AtNzNkNGU2NDZhOGZiNGZhMTU4MDkwMDhhNzYxYjRhOTU=&google_push=AYg5qPK_rDm8XMYf-GEHQJ90j3nwvcJ-9WI5Ttq0nYIhjx-eoczizlEZNv4Lz3dtVUq5_EbjtmC7f0ikRfQWYDVexxP90IhCIT24&google_tc= HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=chocolateplatform&google_hm=Y3AtNzNkNGU2NDZhOGZiNGZhMTU4MDkwMDhhNzYxYjRhOTU=&google_push=AYg5qPK_rDm8XMYf-GEHQJ90j3nwvcJ-9WI5Ttq0nYIhjx-eoczizlEZNv4Lz3dtVUq5_EbjtmC7f0ikRfQWYDVexxP90IhCIT24&google_tc= HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=chocolateplatform&google_hm=Y3AtNzNkNGU2NDZhOGZiNGZhMTU4MDkwMDhhNzYxYjRhOTU=&google_push=AYg5qPK_rDm8XMYf-GEHQJ90j3nwvcJ-9WI5Ttq0nYIhjx-eoczizlEZNv4Lz3dtVUq5_EbjtmC7f0ikRfQWYDVexxP90IhCIT24&google_tc= HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=chocolateplatform&google_hm=Y3AtNzNkNGU2NDZhOGZiNGZhMTU4MDkwMDhhNzYxYjRhOTU=&google_push=AYg5qPK_rDm8XMYf-GEHQJ90j3nwvcJ-9WI5Ttq0nYIhjx-eoczizlEZNv4Lz3dtVUq5_EbjtmC7f0ikRfQWYDVexxP90IhCIT24&google_tc= HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=chocolateplatform&google_hm=Y3AtNzNkNGU2NDZhOGZiNGZhMTU4MDkwMDhhNzYxYjRhOTU=&google_push=AYg5qPK_rDm8XMYf-GEHQJ90j3nwvcJ-9WI5Ttq0nYIhjx-eoczizlEZNv4Lz3dtVUq5_EbjtmC7f0ikRfQWYDVexxP90IhCIT24&google_tc= HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=chocolateplatform&google_hm=Y3AtNzNkNGU2NDZhOGZiNGZhMTU4MDkwMDhhNzYxYjRhOTU=&google_push=AYg5qPK_rDm8XMYf-GEHQJ90j3nwvcJ-9WI5Ttq0nYIhjx-eoczizlEZNv4Lz3dtVUq5_EbjtmC7f0ikRfQWYDVexxP90IhCIT24&google_tc= HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=chocolateplatform&google_hm=Y3AtNzNkNGU2NDZhOGZiNGZhMTU4MDkwMDhhNzYxYjRhOTU=&google_push=AYg5qPK_rDm8XMYf-GEHQJ90j3nwvcJ-9WI5Ttq0nYIhjx-eoczizlEZNv4Lz3dtVUq5_EbjtmC7f0ikRfQWYDVexxP90IhCIT24&google_tc=

Request Chain 296

https://match.sharethrough.com/E4rooAtA/v1?google_gid=CAESEPQHws8MWvy82Q_8v5m-2NI&google_cver=1&google_push=AYg5qPLYjInesLvvS-gP3lPmTcN03ULKPOppoPx5eRRy0maQOvHy92prVIiuzPl_R4Oypqs-_JBK_8HkkS6kqXTG62E5Bk-DbmyWIg HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=sharethrough_ob&google_hm=NzcxYmU3M2MtOTMwOS00MDA2LWE5OGYtY2MxY2Y1ZGVmZjc3&google_push=AYg5qPLYjInesLvvS-gP3lPmTcN03ULKPOppoPx5eRRy0maQOvHy92prVIiuzPl_R4Oypqs-_JBK_8HkkS6kqXTG62E5Bk-DbmyWIg

Request Chain 298

https://ad.turn.com/r/cs?pid=3&google_gid=CAESEDkWjr0QVsaVlgOZD9WV3LU&google_cver=1&google_push=AYg5qPJH2FOrkHWOJCNOYJ3JwujtPO56Vh4TexHbHxKTS27yGX0lhUBDWN7mHzrc49ZGaRMMB1atDHYRr4JgwMZtowRzQ01qJOM HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=turn1&google_cm&google_sc&google_hm=MjM4MDU0MzUxNDY2NDkyNjAyNA== HTTP 302
https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?google_gid=CAESEDkWjr0QVsaVlgOZD9WV3LU&google_cver=1

Request Chain 300

https://px.ads.linkedin.com/setuid?partner=googleadxdb&google_gid=CAESEO1phy1CP7J0SbwFDF6-N1w&google_cver=1&google_push=AYg5qPLXfuqvd--h5u9naBTkZmLdJAUzkXuU0tsssMD7ah0F7eIMErgwNXLe-hSR2mk-sanZ4Js9e0brJm8_b8FXT61yyEdExQ HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=linkedin&google_push=AYg5qPLXfuqvd--h5u9naBTkZmLdJAUzkXuU0tsssMD7ah0F7eIMErgwNXLe-hSR2mk-sanZ4Js9e0brJm8_b8FXT61yyEdExQ

Request Chain 301

https://gcm.ctnsnet.com/int/cm?exc=1&acc=crimtan&google_gid=CAESEDETQeM7fr2KMezEERmTkWE&google_cver=1&google_push=AYg5qPIg8eJ4BO-TTolYD1y0cUDKO6rHZVx4I4dtQRqIW3Sluvemz3krRiURxJl0LNYhpDcFfY4RL-TKYOu4gT5f3hgm6NIGnQ HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=AYg5qPIg8eJ4BO-TTolYD1y0cUDKO6rHZVx4I4dtQRqIW3Sluvemz3krRiURxJl0LNYhpDcFfY4RL-TKYOu4gT5f3hgm6NIGnQ&google_hm=TKJi2xcvR_yi0pxgvhXbsOQ

Request Chain 302

https://match.adsby.bidtheatre.com/adxcookie?id=&google_gid=CAESEIPo3yXizME8xudPHaj92-I&google_cver=1&google_push=AYg5qPLDrrWYv1TmYLi745sARr2ZCSIKiTLKQfiXEfAM6no353m2Jy69sMdg0ssHdLnyiawFtr3dya_oCPIH3tQWxPlqoNWe21o HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=bt&google_push=AYg5qPLDrrWYv1TmYLi745sARr2ZCSIKiTLKQfiXEfAM6no353m2Jy69sMdg0ssHdLnyiawFtr3dya_oCPIH3tQWxPlqoNWe21o HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=bt&google_push=AYg5qPLDrrWYv1TmYLi745sARr2ZCSIKiTLKQfiXEfAM6no353m2Jy69sMdg0ssHdLnyiawFtr3dya_oCPIH3tQWxPlqoNWe21o&google_tc=

Request Chain 303

https://rtb.openx.net/sync/dds?google_gid=CAESEI3s3WqNkphD9Vc8wDiipWw&google_cver=1&google_push=AYg5qPKh1DKDnUZTYuFDPw-ywKKbj5fQV5rjktZP0nz1NmQRC9HefqYo-e7RQmnNIT8n6-xSqvQs3fGzoFnqztej7Ix0cqmpnxI HTTP 302
https://rtb.openx.net/sync/dds?google_gid=CAESEI3s3WqNkphD9Vc8wDiipWw&google_cver=1&google_push=AYg5qPKh1DKDnUZTYuFDPw-ywKKbj5fQV5rjktZP0nz1NmQRC9HefqYo-e7RQmnNIT8n6-xSqvQs3fGzoFnqztej7Ix0cqmpnxI&ox_sc=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AYg5qPKh1DKDnUZTYuFDPw-ywKKbj5fQV5rjktZP0nz1NmQRC9HefqYo-e7RQmnNIT8n6-xSqvQs3fGzoFnqztej7Ix0cqmpnxI&google_hm=6v3pZf-KwXQLsGvfLcCimw==

Request Chain 304

https://sync.1rx.io/usersync2/rmpssp?sub=google&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3D%5BRX_SPD%5D%26google_hm%3D%5BRX_UUID_B64_BIN%5D&google_gid=CAESECTJ2LJAQu4febL1tAw5QBg&google_cver=1&google_push=AYg5qPK6fbu1CsOOdO1XX2fOjzoMXU6SVVLcNLIYrGqwojsVhmbdhsH_q773Ws3wPDE4CMy1s9h43u9x_WbcGQgiyTH06wDciDE HTTP 302
https://sync.targeting.unrulymedia.com/csync/RX-e4744920-7288-4916-ab99-53044d047961-003?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3DAYg5qPK6fbu1CsOOdO1XX2fOjzoMXU6SVVLcNLIYrGqwojsVhmbdhsH_q773Ws3wPDE4CMy1s9h43u9x_WbcGQgiyTH06wDciDE%26google_hm%3DA-R0SSByiEkWq5lTBE0EeWE HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=AYg5qPK6fbu1CsOOdO1XX2fOjzoMXU6SVVLcNLIYrGqwojsVhmbdhsH_q773Ws3wPDE4CMy1s9h43u9x_WbcGQgiyTH06wDciDE&google_hm=A-R0SSByiEkWq5lTBE0EeWE

Request Chain 320

https://dsp.adfarm1.adition.com/cookie/?ssp=2&google_gid=CAESEJk9u2j1bCcSRKWDOEeLOQE&google_cver=1&google_push=AYg5qPJr4LqcBYF8NpPWE9dRnO_MmCrHDrqvkwa_ZFbb3G3ybmnKr8hrOl8HZK2B3g9i8kZUNmr1QQXUhToO7z42a3oOQfi60j7- HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=Njk5MjIyMTAyNTc3NjY5NTQ0MA%3D%3D&google_push=AYg5qPJr4LqcBYF8NpPWE9dRnO_MmCrHDrqvkwa_ZFbb3G3ybmnKr8hrOl8HZK2B3g9i8kZUNmr1QQXUhToO7z42a3oOQfi60j7-

Request Chain 321

https://a.c.appier.net/gcm?google_gid=CAESEEQP1Pl1Guz9IpNVAe10Jd4&google_cver=1&google_push=AYg5qPK0KcAH_kLi-_31Qx2djXEm9opDGsVK-gGo9IBiRUrScqwmvyQthhqSWkywrNozvRS87whK_aP6Lqw24xqdVaGq8EZGDVA HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=appier&google_hm=N0ZRNFBmWWRETmVxVGM0RC1sc0pZUQ%3D%3D&google_push=AYg5qPK0KcAH_kLi-_31Qx2djXEm9opDGsVK-gGo9IBiRUrScqwmvyQthhqSWkywrNozvRS87whK_aP6Lqw24xqdVaGq8EZGDVA HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=appier&google_hm=N0ZRNFBmWWRETmVxVGM0RC1sc0pZUQ%3D%3D&google_push=AYg5qPK0KcAH_kLi-_31Qx2djXEm9opDGsVK-gGo9IBiRUrScqwmvyQthhqSWkywrNozvRS87whK_aP6Lqw24xqdVaGq8EZGDVA&google_tc=

Request Chain 322

https://x.bidswitch.net/sync?ssp=google&google_gid=CAESEK1Ueh4WFOqVa-Dm7cjy1fM&google_cver=1&google_push=AYg5qPKucJsfWiRu-aZoX_N3N6BsNAyC3yvZsgD8ozVF7d_GV-90JIHjZNcQV3glwxqsLQYsQH4Rv4ed1NQXh8CD2Efs78D6OlLI HTTP 302
https://x.bidswitch.net/ul_cb/sync?ssp=google&google_gid=CAESEK1Ueh4WFOqVa-Dm7cjy1fM&google_cver=1&google_push=AYg5qPKucJsfWiRu-aZoX_N3N6BsNAyC3yvZsgD8ozVF7d_GV-90JIHjZNcQV3glwxqsLQYsQH4Rv4ed1NQXh8CD2Efs78D6OlLI HTTP 302
https://r.scoota.co/sync?ssp=bidswitch&bidswitch_ssp_id=google HTTP 302
https://r.scoota.co/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=google HTTP 302
https://x.bidswitch.net/sync?dsp_id=29&expires=30&user_id=fb070cd9-49bc-4f74-ab51-b8ec3f7ac5d6&ssp=google HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=AYg5qPKucJsfWiRu-aZoX_N3N6BsNAyC3yvZsgD8ozVF7d_GV-90JIHjZNcQV3glwxqsLQYsQH4Rv4ed1NQXh8CD2Efs78D6OlLI&google_hm=ZnbOZkCqTEix_Lb_X6xBow==

Request Chain 323

https://rtb.openx.net/sync/dds?google_gid=CAESEI3s3WqNkphD9Vc8wDiipWw&google_cver=1&google_push=AYg5qPKSjr9J1sqvbI29so1nODbgH3kWdmIya23AS4M9H6fhUO3xlDw61NbPiWx4buZwxAE-D4TCF7ehBGBDNV28E_0Yoctn7zQT HTTP 302
https://rtb.openx.net/sync/dds?google_gid=CAESEI3s3WqNkphD9Vc8wDiipWw&google_cver=1&google_push=AYg5qPKSjr9J1sqvbI29so1nODbgH3kWdmIya23AS4M9H6fhUO3xlDw61NbPiWx4buZwxAE-D4TCF7ehBGBDNV28E_0Yoctn7zQT&ox_sc=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AYg5qPKSjr9J1sqvbI29so1nODbgH3kWdmIya23AS4M9H6fhUO3xlDw61NbPiWx4buZwxAE-D4TCF7ehBGBDNV28E_0Yoctn7zQT&google_hm=6v3pZf-KwXQLsGvfLcCimw==

Request Chain 324

https://sync.srv.stackadapt.com/sync?nid=154&google_gid=CAESEGp_F0jj8F58h-UVLnRBXG8&google_cver=1&google_push=AYg5qPJN9VCWOlff8KjvxrVFS0kv6oq4q3td-Y1DFLN4qbsc1m0hs8K7wG3Nlxpznm0KGYoRfrF28OAL5jnpRBrXohoiykNXLvTY HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=stackadapt_usd&google_hm=FET8ZBpBSAt4Aj82xniedLnsyeQ&google_push=AYg5qPJN9VCWOlff8KjvxrVFS0kv6oq4q3td-Y1DFLN4qbsc1m0hs8K7wG3Nlxpznm0KGYoRfrF28OAL5jnpRBrXohoiykNXLvTY

Request Chain 325

https://ads.avads.net/sync/ggl?google_gid=CAESEI-iE6scQx2bWknEn2I_6kw&google_cver=1&google_push=AYg5qPLp01fHxmM0uMawz_HJkIrouDbApWDDh_AvgQUNaWisACk2ZLY3LwEhDHuAzwu5RbHQcuvmwq7I6S7h7YvDzFHXCEwqn5zdgA HTTP 302
https://ads.avads.net/sync/ggl?google_gid=CAESEI-iE6scQx2bWknEn2I_6kw&google_cver=1&google_push=AYg5qPLp01fHxmM0uMawz_HJkIrouDbApWDDh_AvgQUNaWisACk2ZLY3LwEhDHuAzwu5RbHQcuvmwq7I6S7h7YvDzFHXCEwqn5zdgA&av_tc=True HTTP 302
https://ads.avads.net/sync/ggl?google_gid=CAESEI-iE6scQx2bWknEn2I_6kw&google_cver=1&google_push=AYg5qPLp01fHxmM0uMawz_HJkIrouDbApWDDh_AvgQUNaWisACk2ZLY3LwEhDHuAzwu5RbHQcuvmwq7I6S7h7YvDzFHXCEwqn5zdgA HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=antvoice&google_hm=NzNiMDI1M2YtMzc1Mi00NDI0LThkNWEtZGExYjQwOGIwOGNh&google_push=AYg5qPLp01fHxmM0uMawz_HJkIrouDbApWDDh_AvgQUNaWisACk2ZLY3LwEhDHuAzwu5RbHQcuvmwq7I6S7h7YvDzFHXCEwqn5zdgA HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=antvoice&google_hm=NzNiMDI1M2YtMzc1Mi00NDI0LThkNWEtZGExYjQwOGIwOGNh&google_push=AYg5qPLp01fHxmM0uMawz_HJkIrouDbApWDDh_AvgQUNaWisACk2ZLY3LwEhDHuAzwu5RbHQcuvmwq7I6S7h7YvDzFHXCEwqn5zdgA HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=antvoice&google_hm=NzNiMDI1M2YtMzc1Mi00NDI0LThkNWEtZGExYjQwOGIwOGNh&google_push=AYg5qPLp01fHxmM0uMawz_HJkIrouDbApWDDh_AvgQUNaWisACk2ZLY3LwEhDHuAzwu5RbHQcuvmwq7I6S7h7YvDzFHXCEwqn5zdgA HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=antvoice&google_hm=NzNiMDI1M2YtMzc1Mi00NDI0LThkNWEtZGExYjQwOGIwOGNh&google_push=AYg5qPLp01fHxmM0uMawz_HJkIrouDbApWDDh_AvgQUNaWisACk2ZLY3LwEhDHuAzwu5RbHQcuvmwq7I6S7h7YvDzFHXCEwqn5zdgA HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=antvoice&google_hm=NzNiMDI1M2YtMzc1Mi00NDI0LThkNWEtZGExYjQwOGIwOGNh&google_push=AYg5qPLp01fHxmM0uMawz_HJkIrouDbApWDDh_AvgQUNaWisACk2ZLY3LwEhDHuAzwu5RbHQcuvmwq7I6S7h7YvDzFHXCEwqn5zdgA HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=antvoice&google_hm=NzNiMDI1M2YtMzc1Mi00NDI0LThkNWEtZGExYjQwOGIwOGNh&google_push=AYg5qPLp01fHxmM0uMawz_HJkIrouDbApWDDh_AvgQUNaWisACk2ZLY3LwEhDHuAzwu5RbHQcuvmwq7I6S7h7YvDzFHXCEwqn5zdgA HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=antvoice&google_hm=NzNiMDI1M2YtMzc1Mi00NDI0LThkNWEtZGExYjQwOGIwOGNh&google_push=AYg5qPLp01fHxmM0uMawz_HJkIrouDbApWDDh_AvgQUNaWisACk2ZLY3LwEhDHuAzwu5RbHQcuvmwq7I6S7h7YvDzFHXCEwqn5zdgA HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=antvoice&google_hm=NzNiMDI1M2YtMzc1Mi00NDI0LThkNWEtZGExYjQwOGIwOGNh&google_push=AYg5qPLp01fHxmM0uMawz_HJkIrouDbApWDDh_AvgQUNaWisACk2ZLY3LwEhDHuAzwu5RbHQcuvmwq7I6S7h7YvDzFHXCEwqn5zdgA HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=antvoice&google_hm=NzNiMDI1M2YtMzc1Mi00NDI0LThkNWEtZGExYjQwOGIwOGNh&google_push=AYg5qPLp01fHxmM0uMawz_HJkIrouDbApWDDh_AvgQUNaWisACk2ZLY3LwEhDHuAzwu5RbHQcuvmwq7I6S7h7YvDzFHXCEwqn5zdgA HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=antvoice&google_hm=NzNiMDI1M2YtMzc1Mi00NDI0LThkNWEtZGExYjQwOGIwOGNh&google_push=AYg5qPLp01fHxmM0uMawz_HJkIrouDbApWDDh_AvgQUNaWisACk2ZLY3LwEhDHuAzwu5RbHQcuvmwq7I6S7h7YvDzFHXCEwqn5zdgA HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=antvoice&google_hm=NzNiMDI1M2YtMzc1Mi00NDI0LThkNWEtZGExYjQwOGIwOGNh&google_push=AYg5qPLp01fHxmM0uMawz_HJkIrouDbApWDDh_AvgQUNaWisACk2ZLY3LwEhDHuAzwu5RbHQcuvmwq7I6S7h7YvDzFHXCEwqn5zdgA&google_tc= HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=antvoice&google_hm=NzNiMDI1M2YtMzc1Mi00NDI0LThkNWEtZGExYjQwOGIwOGNh&google_push=AYg5qPLp01fHxmM0uMawz_HJkIrouDbApWDDh_AvgQUNaWisACk2ZLY3LwEhDHuAzwu5RbHQcuvmwq7I6S7h7YvDzFHXCEwqn5zdgA&google_tc= HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=antvoice&google_hm=NzNiMDI1M2YtMzc1Mi00NDI0LThkNWEtZGExYjQwOGIwOGNh&google_push=AYg5qPLp01fHxmM0uMawz_HJkIrouDbApWDDh_AvgQUNaWisACk2ZLY3LwEhDHuAzwu5RbHQcuvmwq7I6S7h7YvDzFHXCEwqn5zdgA&google_tc= HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=antvoice&google_hm=NzNiMDI1M2YtMzc1Mi00NDI0LThkNWEtZGExYjQwOGIwOGNh&google_push=AYg5qPLp01fHxmM0uMawz_HJkIrouDbApWDDh_AvgQUNaWisACk2ZLY3LwEhDHuAzwu5RbHQcuvmwq7I6S7h7YvDzFHXCEwqn5zdgA&google_tc= HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=antvoice&google_hm=NzNiMDI1M2YtMzc1Mi00NDI0LThkNWEtZGExYjQwOGIwOGNh&google_push=AYg5qPLp01fHxmM0uMawz_HJkIrouDbApWDDh_AvgQUNaWisACk2ZLY3LwEhDHuAzwu5RbHQcuvmwq7I6S7h7YvDzFHXCEwqn5zdgA&google_tc= HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=antvoice&google_hm=NzNiMDI1M2YtMzc1Mi00NDI0LThkNWEtZGExYjQwOGIwOGNh&google_push=AYg5qPLp01fHxmM0uMawz_HJkIrouDbApWDDh_AvgQUNaWisACk2ZLY3LwEhDHuAzwu5RbHQcuvmwq7I6S7h7YvDzFHXCEwqn5zdgA&google_tc= HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=antvoice&google_hm=NzNiMDI1M2YtMzc1Mi00NDI0LThkNWEtZGExYjQwOGIwOGNh&google_push=AYg5qPLp01fHxmM0uMawz_HJkIrouDbApWDDh_AvgQUNaWisACk2ZLY3LwEhDHuAzwu5RbHQcuvmwq7I6S7h7YvDzFHXCEwqn5zdgA&google_tc= HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=antvoice&google_hm=NzNiMDI1M2YtMzc1Mi00NDI0LThkNWEtZGExYjQwOGIwOGNh&google_push=AYg5qPLp01fHxmM0uMawz_HJkIrouDbApWDDh_AvgQUNaWisACk2ZLY3LwEhDHuAzwu5RbHQcuvmwq7I6S7h7YvDzFHXCEwqn5zdgA&google_tc=

Request Chain 339

https://sync.mathtag.com/sync/img?mt_exid=4&google_gid=CAESEGpiJdtKzjTghLMDDWm7Yl0&google_cver=1&google_push=AYg5qPKZq1So85YvxwoNXvoihFFeZyZ-OGY7gQFKMxj91yG2GBIBmCqMqPO1W1-oStbq2YnjO2vA4_nvzb_GSQ82udbtlT_QKrdh HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=AYg5qPKZq1So85YvxwoNXvoihFFeZyZ-OGY7gQFKMxj91yG2GBIBmCqMqPO1W1-oStbq2YnjO2vA4_nvzb_GSQ82udbtlT_QKrdh

Request Chain 340

https://gcm.ctnsnet.com/int/cm?exc=1&acc=crimtan&google_gid=CAESEDETQeM7fr2KMezEERmTkWE&google_cver=1&google_push=AYg5qPK7LfFK0Codshoaiwdag65u1NIywPTAajUYgO2zr034SpfUhTlCvrq2EBEF8IffAnPW41hjYT0gZ-QZg-yg7nw-Eq2dN4SVzQ HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=AYg5qPK7LfFK0Codshoaiwdag65u1NIywPTAajUYgO2zr034SpfUhTlCvrq2EBEF8IffAnPW41hjYT0gZ-QZg-yg7nw-Eq2dN4SVzQ&google_hm=TKJi2xcvR_yi0pxgvhXbsOQ

Request Chain 341

https://c.eu1.dyntrk.com/adx/ga/us.php?dynk=ga2ex&google_gid=CAESEDVW2KkYh6gNy-iGtBJ2NAU&google_cver=1&google_push=AYg5qPLQDAK_b-RjLHDmUVkBoGDl61poRKFlsDtkcwc2RgOCV7RZg7v4LbqA9eLKkIO2KEz2LHekebwlAEw-VX2ZeIuf8Nsg6---HQ HTTP 302
https://c.eu1.dyntrk.com/adx/ga/us.php?dynk=ga2ex&google_gid=CAESEDVW2KkYh6gNy-iGtBJ2NAU&google_cver=1&google_push=AYg5qPLQDAK_b-RjLHDmUVkBoGDl61poRKFlsDtkcwc2RgOCV7RZg7v4LbqA9eLKkIO2KEz2LHekebwlAEw-VX2ZeIuf8Nsg6---HQ&prevuid=03030003_61095bfa3e620&knw=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=dynadmic&google_push=AYg5qPLQDAK_b-RjLHDmUVkBoGDl61poRKFlsDtkcwc2RgOCV7RZg7v4LbqA9eLKkIO2KEz2LHekebwlAEw-VX2ZeIuf8Nsg6---HQ&google_hm=MDMwMzAwMDNfNjEwOTViZmEzZTYyMA%3D%3D

Request Chain 342

https://ads.yieldmo.com/exptsync?google_gid=CAESEO6oeUkEkU5QYVWAdk0vUKE&google_cver=1&google_push=AYg5qPKeD783LI9yQqNUjeypi546h-ohZJLRlX0BNN4QgcGFIbt1eLKa5ZBwZOXPWYqx83JLnWQvPZslUUTSblJMr2XRV7dfWsFlXw HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=yieldmo&google_push=AYg5qPKeD783LI9yQqNUjeypi546h-ohZJLRlX0BNN4QgcGFIbt1eLKa5ZBwZOXPWYqx83JLnWQvPZslUUTSblJMr2XRV7dfWsFlXw&google_hm=Z2IwMDJkYTA0YTFkNzNkMDljNjY= HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=yieldmo&google_push=AYg5qPKeD783LI9yQqNUjeypi546h-ohZJLRlX0BNN4QgcGFIbt1eLKa5ZBwZOXPWYqx83JLnWQvPZslUUTSblJMr2XRV7dfWsFlXw&google_hm=Z2IwMDJkYTA0YTFkNzNkMDljNjY=&google_tc=

Request Chain 343

https://match.360yield.com/match/ebda?google_gid=CAESENAmIAzA5NQrHf3iHYKkxHA&google_cver=1&google_push=AYg5qPIw1mDuWCAFwYx3IhuKigoW8bn4GayAFEw5VEQcY9p2jxxU8OmMQeuuuz8IFHEM8UVMSUjQr0BzN4WfPpxst2Oa2pl-WTW2 HTTP 302
https://match.360yield.com/ul_cb/match/ebda?google_gid=CAESENAmIAzA5NQrHf3iHYKkxHA&google_cver=1&google_push=AYg5qPIw1mDuWCAFwYx3IhuKigoW8bn4GayAFEw5VEQcY9p2jxxU8OmMQeuuuz8IFHEM8UVMSUjQr0BzN4WfPpxst2Oa2pl-WTW2 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=LhTk0EaGTmCbJCO5yS7bXg&google_push=AYg5qPIw1mDuWCAFwYx3IhuKigoW8bn4GayAFEw5VEQcY9p2jxxU8OmMQeuuuz8IFHEM8UVMSUjQr0BzN4WfPpxst2Oa2pl-WTW2

Request Chain 344

https://ssbsync.smartadserver.com/api/sync?callerId=3&google_gid=CAESEDptXZxin7-t85WCeqEcTNw&google_cver=1&google_push=AYg5qPK6mWFSSdOzvylNsIjznTJu0I74y0bo6H56QwgCgm-eikkTY8qTxAfccva_IXLvl8yQpmbjSi5c9Xy7RkAuxfF-mct62JrI HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=smart_adserver_eb&google_push=AYg5qPK6mWFSSdOzvylNsIjznTJu0I74y0bo6H56QwgCgm-eikkTY8qTxAfccva_IXLvl8yQpmbjSi5c9Xy7RkAuxfF-mct62JrI&google_hm=NzYxNDkyMjE2MDY5OTczOTI4NQ%3D%3D

Request Chain 345

https://sm.rtb.mts.ru/p?ssp=googlevid&pm=1&google_gid=CAESECxk4t0McdC97EA8Oi6ZTNs&google_cver=1&google_push=AYg5qPJ8jEn7cWnMHCjhqtJeTKQ2nACRarYo8p-ZTXX2DAL1_cmWH57M0PAlm6gUkvUEMh2aJCC4TF8_ym_PeS68xwMzjUw2ZsCzvW8 HTTP 301
https://sm.rtb.mts.ru/match/second?r=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dstream_llc_2%26id%3Db58f3a2f-7158-4c53-b20e-359931165edd%26google_push%3DAYg5qPJ8jEn7cWnMHCjhqtJeTKQ2nACRarYo8p-ZTXX2DAL1_cmWH57M0PAlm6gUkvUEMh2aJCC4TF8_ym_PeS68xwMzjUw2ZsCzvW8&ssp=googlevid&exu=CAESECxk4t0McdC97EA8Oi6ZTNs HTTP 301
https://tech.rtb.mts.ru/?dsp_uid=b58f3a2f-7158-4c53-b20e-359931165edd&return_url=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dstream_llc_2%26id%3Db58f3a2f-7158-4c53-b20e-359931165edd%26google_push%3DAYg5qPJ8jEn7cWnMHCjhqtJeTKQ2nACRarYo8p-ZTXX2DAL1_cmWH57M0PAlm6gUkvUEMh2aJCC4TF8_ym_PeS68xwMzjUw2ZsCzvW8 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=stream_llc_2&id=b58f3a2f-7158-4c53-b20e-359931165edd&google_push=AYg5qPJ8jEn7cWnMHCjhqtJeTKQ2nACRarYo8p-ZTXX2DAL1_cmWH57M0PAlm6gUkvUEMh2aJCC4TF8_ym_PeS68xwMzjUw2ZsCzvW8

354 HTTP transactions
11 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
newsoku.blog/ 281 KB
53 KB 1115ms
1083ms Document
text/html 2606:4700:3035::ac43:af3d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://newsoku.blog/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3035::ac43:af3d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

693bb2b202a2371b7c81e4968f24e5c70beeef526953941e5b9f3aa964f42d19

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: newsoku.blog
:scheme: https
:path: /
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
sec-fetch-dest: document
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 03 Aug 2021 15:08:38 GMT
content-type: text/html; charset=UTF-8
x-f-cache: BYPASS
x-signature: KUSANAGI
referrer-policy: unsafe-url
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
last-modified: Tue, 03 Aug 2021 15:08:38 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=U4Pw6ikDt1LSufjOa4jcXOBYCan46XomXa6aluQm80y6UIgAzxQ8LzK2wpC8e1cdIw9V8bscstlq6uTX9MuXgiIIcOjCq93wffKID0UdO%2BUvubJhoHlD6OCV35aAIsMeY2EBmVJzc9Dbdqo%3D"}],"group":"cf-nel","max_age":604800}
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 6790765cbf87176a-FRA
content-encoding: br
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400

GET
H3-29 200 hdd2r.js Show response
newsoku.blog/wp-content/cache/wpfc-minified/1ne9zizo/ 87 KB
32 KB 33ms
19ms Script
application/javascript 2606:4700:3035::ac43:af3d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://newsoku.blog/wp-content/cache/wpfc-minified/1ne9zizo/hdd2r.js

Requested by

Host: newsoku.blog
URL: https://newsoku.blog/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700:3035::ac43:af3d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

dac43ee603984a0cc147709cfa5c93cd3d42ea34dd2af211469fabfeacaf230c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:path: /wp-content/cache/wpfc-minified/1ne9zizo/hdd2r.js
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: newsoku.blog
referer: https://newsoku.blog/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://newsoku.blog/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 03 Aug 2021 15:08:38 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 75948
cf-polished: origSize=89433
cf-bgj: minify
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
x-xss-protection: 1; mode=block
last-modified: Mon, 02 Aug 2021 18:01:17 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"610832ed-15d59"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jWtSEN5LF936d%2Bx%2BMIK2t6Kqm78mLhOeGKwUWqkm26UveBS8AuGsxEiCrxsoyL6FLp%2BRyYPPaKw45VrU1bOsu%2FOOJQHjmPjZcg1KyvFO%2B3%2Bdhr2x607I5tbI5aQelV7wwBkP0yfr7baZC5E%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000
cf-ray: 679076653d3f05dc-FRA
expires: Wed, 03 Aug 2022 15:08:38 GMT

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 70 KB
24 KB 28ms
28ms Script
text/javascript 142.250.74.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: newsoku.blog
URL: https://newsoku.blog/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.74.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s02-in-f2.1e100.net

Software

sffe /

Resource Hash

2152e009f6f6a4b2cd233039b8cf3652dd9c7702462b0a92fe37654505a5d981

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://newsoku.blog/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 03 Aug 2021 15:08:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "947 / 284 of 1000 / last-modified: 1627988989"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 24728
x-xss-protection: 0
expires: Tue, 03 Aug 2021 15:08:38 GMT

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 136 KB
49 KB 47ms
42ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: newsoku.blog
URL: https://newsoku.blog/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

951a39578447c900897fb1c1a5228bcfaa75ae369f88a491d9365a72fe373eb1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://newsoku.blog/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 03 Aug 2021 15:08:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 49342
x-xss-protection: 0
server: cafe
etag: 13910504330065982742
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Tue, 03 Aug 2021 15:08:38 GMT

GET
H/1.1

200
OK

compass.js Show response
jgl.microad.net/js/
Redirect Chain

https://j.microad.net/js/compass.js
https://jgl.microad.net/js/compass.js

82 KB
19 KB

119ms
46ms

Script
application/javascript

104.111.228.89
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://jgl.microad.net/js/compass.js
Requested by: Host: newsoku.blog
URL: https://newsoku.blog/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.111.228.89 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
Software: Apache /
Resource Hash: 13b4cb1e8f744dbc4085d2d55103bf1be6f2eefbdca1b7b78fd9447bfe279c95

Request headers

Referer: https://newsoku.blog/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 03 Aug 2021 15:08:38 GMT
Content-Encoding: gzip
Last-Modified: Thu, 30 Jan 2020 07:57:22 GMT
Server: Apache
ETag: "14875"
Vary: Accept-Encoding
P3P: policyref="/w3c/p3p.xml",CP="NOI DSP COR NID DEVo PSAo OUR STP STA PRE
Connection: keep-alive
Accept-Ranges: bytes
Content-Type: application/javascript
Content-Length: 19519
Expires: Tue, 03 Aug 2021 15:08:38 GMT

Redirect headers

Location: https://jgl.microad.net/js/compass.js
Date: Tue, 03 Aug 2021 15:08:38 GMT
Server: AkamaiGHost
Connection: keep-alive
Content-Length: 0

GET
H3-29 200 newsoku_logo.jpg
newsoku.blog/wp-content/uploads/2020/07/ 24 KB
24 KB 29ms
25ms Image
image/jpeg 2606:4700:3035::ac43:af3d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://newsoku.blog/wp-content/uploads/2020/07/newsoku_logo.jpg

Requested by

Host: newsoku.blog
URL: https://newsoku.blog/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700:3035::ac43:af3d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f47c010865dd2f8ca816ba441d757b2bd4b3bf4f615b8b682cca0e6f2670361d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:path: /wp-content/uploads/2020/07/newsoku_logo.jpg
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: newsoku.blog
referer: https://newsoku.blog/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://newsoku.blog/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 03 Aug 2021 15:08:38 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 94167
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 24478
x-xss-protection: 1; mode=block
last-modified: Fri, 17 Jul 2020 12:50:06 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: "5f119e7e-5f9e"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VQuE2KG89abLA9o8np2qO5wQplUZxXFOsc9A0b8hwpUw%2BXnRgHoXvvMLXmDVZNV4z0u%2FFROD2K0fW1vNjNE8ZbzSPk5nHf8F4rWms92clVCYtmegY6K8QZNIeDfZ%2B7tkmycjbS6cHffeB%2BI%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 679076658dfd05dc-FRA
expires: Wed, 03 Aug 2022 15:08:38 GMT

GET
H/1.1 200
OK blogroll.js Show response
blogroll.livedoor.net/js/ 15 KB
4 KB 736ms
243ms Script
application/javascript 147.92.191.167
LINE LINE Corpora...

General

Check archive.org

Show headers Download Go to

Full URL: https://blogroll.livedoor.net/js/blogroll.js
Requested by: Host: newsoku.blog
URL: https://newsoku.blog/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 147.92.191.167 , Japan, ASN38631 (LINE LINE Corporation, JP),
Reverse DNS
Software: nginx /
Resource Hash: 0d80f3242f87172d31de75947d120ff8da9caf53b5827e5ca96c2bce0daaad19

Request headers

Referer: https://newsoku.blog/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 03 Aug 2021 15:08:39 GMT
Content-Encoding: gzip
Last-Modified: Wed, 20 Jan 2021 08:53:43 GMT
Server: nginx
ETag: W/"6007ef97-3ca8"
Vary: Accept-Encoding
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=3

GET
H2

200

1x1.gif
i.imgvc.com/vc/images/
Redirect Chain

https://ad.jp.ap.valuecommerce.com/servlet/gifbanner?sid=3586186&pid=887107598
https://i.imgvc.com/vc/images/1x1.gif

43 B
116 B

321ms
8ms

Image
image/gif

2a04:4e42:3::737
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.imgvc.com/vc/images/1x1.gif
Requested by: Host: newsoku.blog
URL: https://newsoku.blog/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a04:4e42:3::737 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: UploadServer /
Resource Hash: db5d64a9ea32ed3abb874f295003ef2465cecc2f669efe951930e182c34a5013

Request headers

Referer: https://newsoku.blog/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 03 Aug 2021 15:08:40 GMT
via: 1.1 varnish
age: 218
x-guploader-uploadid: ADPycdsL6vZo_Ol61QA9abdae1CqJ-hIAboIyxuvqTZmxB2JUO3XX3Nh58CoTZZcl7YyiF4tOG2G5jH9Ysqshe0r-0Gel3cwig
x-cache: HIT
x-goog-storage-class: REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
content-length: 43
x-served-by: cache-fra19146-FRA
expires: Mon, 02 Aug 2021 14:21:35 GMT
last-modified: Fri, 28 Aug 2020 01:48:04 GMT
server: UploadServer
x-timer: S1628003321.651055,VS0,VE1
etag: "4bd992dae2dbbe35b4ec51458103f729"
x-goog-hash: crc32c=HEvWxw==, md5=S9mS2uLbvjW07FFFgQP3KQ==
x-goog-generation: 1598579284071645
access-control-allow-origin: *
access-control-expose-headers: Content-Type,Content-Range,x-goog-resumable
cache-control: max-age=300
x-goog-stored-content-length: 43
accept-ranges: bytes
content-type: image/gif
x-cache-hits: 5

Redirect headers

Date: Tue, 03 Aug 2021 15:08:40 GMT
X-Content-Type-Options: nosniff
Server: nginx
Access-Control-Allow-Origin: *
Front-End-Https: on
P3P: CP="ALL DSP COR CURa OUR BUS"
Location: //i.imgvc.com/vc/images/1x1.gif
Cache-Control: private, max-age=0, no-cache
Content-Type: text/html; charset=iso-8859-1
Content-Length: 215

GET
H2

200

1x1.gif
i.imgvc.com/vc/images/
Redirect Chain

https://ad.jp.ap.valuecommerce.com/servlet/gifbanner?sid=3586186&pid=887107601
https://i.imgvc.com/vc/images/1x1.gif

43 B
620 B

319ms
6ms

Image
image/gif

2a04:4e42:3::737
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.imgvc.com/vc/images/1x1.gif
Requested by: Host: newsoku.blog
URL: https://newsoku.blog/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a04:4e42:3::737 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: UploadServer /
Resource Hash: db5d64a9ea32ed3abb874f295003ef2465cecc2f669efe951930e182c34a5013

Request headers

Referer: https://newsoku.blog/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 03 Aug 2021 15:08:40 GMT
via: 1.1 varnish
age: 218
x-guploader-uploadid: ADPycdsL6vZo_Ol61QA9abdae1CqJ-hIAboIyxuvqTZmxB2JUO3XX3Nh58CoTZZcl7YyiF4tOG2G5jH9Ysqshe0r-0Gel3cwig
x-cache: HIT
x-goog-storage-class: REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
content-length: 43
x-served-by: cache-fra19146-FRA
expires: Mon, 02 Aug 2021 14:21:35 GMT
last-modified: Fri, 28 Aug 2020 01:48:04 GMT
server: UploadServer
x-timer: S1628003321.651310,VS0,VE1
etag: "4bd992dae2dbbe35b4ec51458103f729"
x-goog-hash: crc32c=HEvWxw==, md5=S9mS2uLbvjW07FFFgQP3KQ==
x-goog-generation: 1598579284071645
access-control-allow-origin: *
access-control-expose-headers: Content-Type,Content-Range,x-goog-resumable
cache-control: max-age=300
x-goog-stored-content-length: 43
accept-ranges: bytes
content-type: image/gif
x-cache-hits: 6

Redirect headers

Date: Tue, 03 Aug 2021 15:08:40 GMT
X-Content-Type-Options: nosniff
Server: nginx
Access-Control-Allow-Origin: *
Front-End-Https: on
P3P: CP="ALL DSP COR CURa OUR BUS"
Location: //i.imgvc.com/vc/images/1x1.gif
Cache-Control: private, max-age=0, no-cache
Content-Type: text/html; charset=iso-8859-1
Content-Length: 215

GET
H2

200

1x1.gif
i.imgvc.com/vc/images/
Redirect Chain

https://ad.jp.ap.valuecommerce.com/servlet/gifbanner?sid=3586186&pid=887084656
https://i.imgvc.com/vc/images/1x1.gif

43 B
112 B

320ms
7ms

Image
image/gif

2a04:4e42:3::737
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.imgvc.com/vc/images/1x1.gif
Requested by: Host: newsoku.blog
URL: https://newsoku.blog/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a04:4e42:3::737 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: UploadServer /
Resource Hash: db5d64a9ea32ed3abb874f295003ef2465cecc2f669efe951930e182c34a5013

Request headers

Referer: https://newsoku.blog/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 03 Aug 2021 15:08:40 GMT
via: 1.1 varnish
age: 218
x-guploader-uploadid: ADPycdsL6vZo_Ol61QA9abdae1CqJ-hIAboIyxuvqTZmxB2JUO3XX3Nh58CoTZZcl7YyiF4tOG2G5jH9Ysqshe0r-0Gel3cwig
x-cache: HIT
x-goog-storage-class: REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
content-length: 43
x-served-by: cache-fra19146-FRA
expires: Mon, 02 Aug 2021 14:21:35 GMT
last-modified: Fri, 28 Aug 2020 01:48:04 GMT
server: UploadServer
x-timer: S1628003321.651288,VS0,VE1
etag: "4bd992dae2dbbe35b4ec51458103f729"
x-goog-hash: crc32c=HEvWxw==, md5=S9mS2uLbvjW07FFFgQP3KQ==
x-goog-generation: 1598579284071645
access-control-allow-origin: *
access-control-expose-headers: Content-Type,Content-Range,x-goog-resumable
cache-control: max-age=300
x-goog-stored-content-length: 43
accept-ranges: bytes
content-type: image/gif
x-cache-hits: 6

Redirect headers

Date: Tue, 03 Aug 2021 15:08:40 GMT
X-Content-Type-Options: nosniff
Server: nginx
Access-Control-Allow-Origin: *
Front-End-Https: on
P3P: CP="ALL DSP COR CURa OUR BUS"
Location: //i.imgvc.com/vc/images/1x1.gif
Cache-Control: private, max-age=0, no-cache
Content-Type: text/html; charset=iso-8859-1
Content-Length: 215

GET
H2

200

1x1.gif
i.imgvc.com/vc/images/
Redirect Chain

https://ad.jp.ap.valuecommerce.com/servlet/gifbanner?sid=3586186&pid=887107608
https://i.imgvc.com/vc/images/1x1.gif

43 B
112 B

320ms
8ms

Image
image/gif

2a04:4e42:3::737
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.imgvc.com/vc/images/1x1.gif
Requested by: Host: newsoku.blog
URL: https://newsoku.blog/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a04:4e42:3::737 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: UploadServer /
Resource Hash: db5d64a9ea32ed3abb874f295003ef2465cecc2f669efe951930e182c34a5013

Request headers

Referer: https://newsoku.blog/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 03 Aug 2021 15:08:40 GMT
via: 1.1 varnish
age: 218
x-guploader-uploadid: ADPycdsL6vZo_Ol61QA9abdae1CqJ-hIAboIyxuvqTZmxB2JUO3XX3Nh58CoTZZcl7YyiF4tOG2G5jH9Ysqshe0r-0Gel3cwig
x-cache: HIT
x-goog-storage-class: REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
content-length: 43
x-served-by: cache-fra19146-FRA
expires: Mon, 02 Aug 2021 14:21:35 GMT
last-modified: Fri, 28 Aug 2020 01:48:04 GMT
server: UploadServer
x-timer: S1628003321.651263,VS0,VE1
etag: "4bd992dae2dbbe35b4ec51458103f729"
x-goog-hash: crc32c=HEvWxw==, md5=S9mS2uLbvjW07FFFgQP3KQ==
x-goog-generation: 1598579284071645
access-control-allow-origin: *
access-control-expose-headers: Content-Type,Content-Range,x-goog-resumable
cache-control: max-age=300
x-goog-stored-content-length: 43
accept-ranges: bytes
content-type: image/gif
x-cache-hits: 6

Redirect headers

Date: Tue, 03 Aug 2021 15:08:40 GMT
X-Content-Type-Options: nosniff
Server: nginx
Access-Control-Allow-Origin: *
Front-End-Https: on
P3P: CP="ALL DSP COR CURa OUR BUS"
Location: //i.imgvc.com/vc/images/1x1.gif
Cache-Control: private, max-age=0, no-cache
Content-Type: text/html; charset=iso-8859-1
Content-Length: 215

GET
H2

200

1x1.gif
i.imgvc.com/vc/images/
Redirect Chain

https://ad.jp.ap.valuecommerce.com/servlet/gifbanner?sid=3586186&pid=887107610
https://i.imgvc.com/vc/images/1x1.gif

43 B
112 B

319ms
7ms

Image
image/gif

2a04:4e42:3::737
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.imgvc.com/vc/images/1x1.gif
Requested by: Host: newsoku.blog
URL: https://newsoku.blog/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a04:4e42:3::737 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: UploadServer /
Resource Hash: db5d64a9ea32ed3abb874f295003ef2465cecc2f669efe951930e182c34a5013

Request headers

Referer: https://newsoku.blog/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 03 Aug 2021 15:08:40 GMT
via: 1.1 varnish
age: 218
x-guploader-uploadid: ADPycdsL6vZo_Ol61QA9abdae1CqJ-hIAboIyxuvqTZmxB2JUO3XX3Nh58CoTZZcl7YyiF4tOG2G5jH9Ysqshe0r-0Gel3cwig
x-cache: HIT
x-goog-storage-class: REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
content-length: 43
x-served-by: cache-fra19146-FRA
expires: Mon, 02 Aug 2021 14:21:35 GMT
last-modified: Fri, 28 Aug 2020 01:48:04 GMT
server: UploadServer
x-timer: S1628003321.651243,VS0,VE1
etag: "4bd992dae2dbbe35b4ec51458103f729"
x-goog-hash: crc32c=HEvWxw==, md5=S9mS2uLbvjW07FFFgQP3KQ==
x-goog-generation: 1598579284071645
access-control-allow-origin: *
access-control-expose-headers: Content-Type,Content-Range,x-goog-resumable
cache-control: max-age=300
x-goog-stored-content-length: 43
accept-ranges: bytes
content-type: image/gif
x-cache-hits: 6

Redirect headers

Date: Tue, 03 Aug 2021 15:08:40 GMT
X-Content-Type-Options: nosniff
Server: nginx
Access-Control-Allow-Origin: *
Front-End-Https: on
P3P: CP="ALL DSP COR CURa OUR BUS"
Location: //i.imgvc.com/vc/images/1x1.gif
Cache-Control: private, max-age=0, no-cache
Content-Type: text/html; charset=iso-8859-1
Content-Length: 215

GET
H2

200

1x1.gif
i.imgvc.com/vc/images/
Redirect Chain

https://ad.jp.ap.valuecommerce.com/servlet/gifbanner?sid=3586186&pid=887107615
https://i.imgvc.com/vc/images/1x1.gif

43 B
112 B

319ms
7ms

Image
image/gif

2a04:4e42:3::737
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.imgvc.com/vc/images/1x1.gif
Requested by: Host: newsoku.blog
URL: https://newsoku.blog/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a04:4e42:3::737 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: UploadServer /
Resource Hash: db5d64a9ea32ed3abb874f295003ef2465cecc2f669efe951930e182c34a5013

Request headers

Referer: https://newsoku.blog/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 03 Aug 2021 15:08:40 GMT
via: 1.1 varnish
age: 218
x-guploader-uploadid: ADPycdsL6vZo_Ol61QA9abdae1CqJ-hIAboIyxuvqTZmxB2JUO3XX3Nh58CoTZZcl7YyiF4tOG2G5jH9Ysqshe0r-0Gel3cwig
x-cache: HIT
x-goog-storage-class: REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
content-length: 43
x-served-by: cache-fra19146-FRA
expires: Mon, 02 Aug 2021 14:21:35 GMT
last-modified: Fri, 28 Aug 2020 01:48:04 GMT
server: UploadServer
x-timer: S1628003321.651215,VS0,VE1
etag: "4bd992dae2dbbe35b4ec51458103f729"
x-goog-hash: crc32c=HEvWxw==, md5=S9mS2uLbvjW07FFFgQP3KQ==
x-goog-generation: 1598579284071645
access-control-allow-origin: *
access-control-expose-headers: Content-Type,Content-Range,x-goog-resumable
cache-control: max-age=300
x-goog-stored-content-length: 43
accept-ranges: bytes
content-type: image/gif
x-cache-hits: 6

Redirect headers

Date: Tue, 03 Aug 2021 15:08:40 GMT
X-Content-Type-Options: nosniff
Server: nginx
Access-Control-Allow-Origin: *
Front-End-Https: on
P3P: CP="ALL DSP COR CURa OUR BUS"
Location: //i.imgvc.com/vc/images/1x1.gif
Cache-Control: private, max-age=0, no-cache
Content-Type: text/html; charset=iso-8859-1
Content-Length: 215

GET
H2

200

1x1.gif
i.imgvc.com/vc/images/
Redirect Chain

https://ad.jp.ap.valuecommerce.com/servlet/gifbanner?sid=3586186&pid=887107611
https://i.imgvc.com/vc/images/1x1.gif

43 B
607 B

7ms
6ms

Image
image/gif

2a04:4e42:3::737
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.imgvc.com/vc/images/1x1.gif
Requested by: Host: newsoku.blog
URL: https://newsoku.blog/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a04:4e42:3::737 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: UploadServer /
Resource Hash: db5d64a9ea32ed3abb874f295003ef2465cecc2f669efe951930e182c34a5013

Request headers

Referer: https://newsoku.blog/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 03 Aug 2021 15:08:40 GMT
via: 1.1 varnish
age: 218
x-guploader-uploadid: ADPycdsL6vZo_Ol61QA9abdae1CqJ-hIAboIyxuvqTZmxB2JUO3XX3Nh58CoTZZcl7YyiF4tOG2G5jH9Ysqshe0r-0Gel3cwig
x-cache: HIT
x-goog-storage-class: REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
content-length: 43
x-served-by: cache-fra19146-FRA
expires: Mon, 02 Aug 2021 14:21:35 GMT
last-modified: Fri, 28 Aug 2020 01:48:04 GMT
server: UploadServer
x-timer: S1628003321.969955,VS0,VE0
etag: "4bd992dae2dbbe35b4ec51458103f729"
x-goog-hash: crc32c=HEvWxw==, md5=S9mS2uLbvjW07FFFgQP3KQ==
x-goog-generation: 1598579284071645
access-control-allow-origin: *
access-control-expose-headers: Content-Type,Content-Range,x-goog-resumable
cache-control: max-age=300
x-goog-stored-content-length: 43
accept-ranges: bytes
content-type: image/gif
x-cache-hits: 10

Redirect headers

Date: Tue, 03 Aug 2021 15:08:40 GMT
X-Content-Type-Options: nosniff
Server: nginx
Access-Control-Allow-Origin: *
Front-End-Https: on
P3P: CP="ALL DSP COR CURa OUR BUS"
Location: //i.imgvc.com/vc/images/1x1.gif
Cache-Control: private, max-age=0, no-cache
Content-Type: text/html; charset=iso-8859-1
Content-Length: 215

GET
H2

200

1x1.gif
i.imgvc.com/vc/images/
Redirect Chain

https://ad.jp.ap.valuecommerce.com/servlet/gifbanner?sid=3586186&pid=887107612
https://i.imgvc.com/vc/images/1x1.gif

43 B
116 B

7ms
6ms

Image
image/gif

2a04:4e42:3::737
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.imgvc.com/vc/images/1x1.gif
Requested by: Host: newsoku.blog
URL: https://newsoku.blog/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a04:4e42:3::737 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: UploadServer /
Resource Hash: db5d64a9ea32ed3abb874f295003ef2465cecc2f669efe951930e182c34a5013

Request headers

Referer: https://newsoku.blog/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 03 Aug 2021 15:08:40 GMT
via: 1.1 varnish
age: 218
x-guploader-uploadid: ADPycdsL6vZo_Ol61QA9abdae1CqJ-hIAboIyxuvqTZmxB2JUO3XX3Nh58CoTZZcl7YyiF4tOG2G5jH9Ysqshe0r-0Gel3cwig
x-cache: HIT
x-goog-storage-class: REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
content-length: 43
x-served-by: cache-fra19146-FRA
expires: Mon, 02 Aug 2021 14:21:35 GMT
last-modified: Fri, 28 Aug 2020 01:48:04 GMT
server: UploadServer
x-timer: S1628003321.969740,VS0,VE0
etag: "4bd992dae2dbbe35b4ec51458103f729"
x-goog-hash: crc32c=HEvWxw==, md5=S9mS2uLbvjW07FFFgQP3KQ==
x-goog-generation: 1598579284071645
access-control-allow-origin: *
access-control-expose-headers: Content-Type,Content-Range,x-goog-resumable
cache-control: max-age=300
x-goog-stored-content-length: 43
accept-ranges: bytes
content-type: image/gif
x-cache-hits: 8

Redirect headers

Date: Tue, 03 Aug 2021 15:08:40 GMT
X-Content-Type-Options: nosniff
Server: nginx
Access-Control-Allow-Origin: *
Front-End-Https: on
P3P: CP="ALL DSP COR CURa OUR BUS"
Location: //i.imgvc.com/vc/images/1x1.gif
Cache-Control: private, max-age=0, no-cache
Content-Type: text/html; charset=iso-8859-1
Content-Length: 215

GET
H2

200

1x1.gif
i.imgvc.com/vc/images/
Redirect Chain

https://ad.jp.ap.valuecommerce.com/servlet/gifbanner?sid=3586186&pid=887107620
https://i.imgvc.com/vc/images/1x1.gif

43 B
117 B

8ms
7ms

Image
image/gif

2a04:4e42:3::737
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.imgvc.com/vc/images/1x1.gif
Requested by: Host: newsoku.blog
URL: https://newsoku.blog/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a04:4e42:3::737 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: UploadServer /
Resource Hash: db5d64a9ea32ed3abb874f295003ef2465cecc2f669efe951930e182c34a5013

Request headers

Referer: https://newsoku.blog/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 03 Aug 2021 15:08:40 GMT
via: 1.1 varnish
age: 218
x-guploader-uploadid: ADPycdsL6vZo_Ol61QA9abdae1CqJ-hIAboIyxuvqTZmxB2JUO3XX3Nh58CoTZZcl7YyiF4tOG2G5jH9Ysqshe0r-0Gel3cwig
x-cache: HIT
x-goog-storage-class: REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
content-length: 43
x-served-by: cache-fra19146-FRA
expires: Mon, 02 Aug 2021 14:21:35 GMT
last-modified: Fri, 28 Aug 2020 01:48:04 GMT
server: UploadServer
x-timer: S1628003321.970182,VS0,VE0
etag: "4bd992dae2dbbe35b4ec51458103f729"
x-goog-hash: crc32c=HEvWxw==, md5=S9mS2uLbvjW07FFFgQP3KQ==
x-goog-generation: 1598579284071645
access-control-allow-origin: *
access-control-expose-headers: Content-Type,Content-Range,x-goog-resumable
cache-control: max-age=300
x-goog-stored-content-length: 43
accept-ranges: bytes
content-type: image/gif
x-cache-hits: 12

Redirect headers

Date: Tue, 03 Aug 2021 15:08:40 GMT
X-Content-Type-Options: nosniff
Server: nginx
Access-Control-Allow-Origin: *
Front-End-Https: on
P3P: CP="ALL DSP COR CURa OUR BUS"
Location: //i.imgvc.com/vc/images/1x1.gif
Cache-Control: private, max-age=0, no-cache
Content-Type: text/html; charset=iso-8859-1
Content-Length: 215

GET
H2

200

1x1.gif
i.imgvc.com/vc/images/
Redirect Chain

https://ad.jp.ap.valuecommerce.com/servlet/gifbanner?sid=3586186&pid=887107622
https://i.imgvc.com/vc/images/1x1.gif

43 B
117 B

8ms
7ms

Image
image/gif

2a04:4e42:3::737
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.imgvc.com/vc/images/1x1.gif
Requested by: Host: newsoku.blog
URL: https://newsoku.blog/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a04:4e42:3::737 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: UploadServer /
Resource Hash: db5d64a9ea32ed3abb874f295003ef2465cecc2f669efe951930e182c34a5013

Request headers

Referer: https://newsoku.blog/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 03 Aug 2021 15:08:40 GMT
via: 1.1 varnish
age: 218
x-guploader-uploadid: ADPycdsL6vZo_Ol61QA9abdae1CqJ-hIAboIyxuvqTZmxB2JUO3XX3Nh58CoTZZcl7YyiF4tOG2G5jH9Ysqshe0r-0Gel3cwig
x-cache: HIT
x-goog-storage-class: REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
content-length: 43
x-served-by: cache-fra19146-FRA
expires: Mon, 02 Aug 2021 14:21:35 GMT
last-modified: Fri, 28 Aug 2020 01:48:04 GMT
server: UploadServer
x-timer: S1628003321.970167,VS0,VE0
etag: "4bd992dae2dbbe35b4ec51458103f729"
x-goog-hash: crc32c=HEvWxw==, md5=S9mS2uLbvjW07FFFgQP3KQ==
x-goog-generation: 1598579284071645
access-control-allow-origin: *
access-control-expose-headers: Content-Type,Content-Range,x-goog-resumable
cache-control: max-age=300
x-goog-stored-content-length: 43
accept-ranges: bytes
content-type: image/gif
x-cache-hits: 11

Redirect headers

Date: Tue, 03 Aug 2021 15:08:40 GMT
X-Content-Type-Options: nosniff
Server: nginx
Access-Control-Allow-Origin: *
Front-End-Https: on
P3P: CP="ALL DSP COR CURa OUR BUS"
Location: //i.imgvc.com/vc/images/1x1.gif
Cache-Control: private, max-age=0, no-cache
Content-Type: text/html; charset=iso-8859-1
Content-Length: 215

GET
H2

200

1x1.gif
i.imgvc.com/vc/images/
Redirect Chain

https://ad.jp.ap.valuecommerce.com/servlet/gifbanner?sid=3586186&pid=887107630
https://i.imgvc.com/vc/images/1x1.gif

43 B
112 B

7ms
7ms

Image
image/gif

2a04:4e42:3::737
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.imgvc.com/vc/images/1x1.gif
Requested by: Host: newsoku.blog
URL: https://newsoku.blog/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a04:4e42:3::737 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: UploadServer /
Resource Hash: db5d64a9ea32ed3abb874f295003ef2465cecc2f669efe951930e182c34a5013

Request headers

Referer: https://newsoku.blog/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 03 Aug 2021 15:08:40 GMT
via: 1.1 varnish
age: 218
x-guploader-uploadid: ADPycdsL6vZo_Ol61QA9abdae1CqJ-hIAboIyxuvqTZmxB2JUO3XX3Nh58CoTZZcl7YyiF4tOG2G5jH9Ysqshe0r-0Gel3cwig
x-cache: HIT
x-goog-storage-class: REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
content-length: 43
x-served-by: cache-fra19146-FRA
expires: Mon, 02 Aug 2021 14:21:35 GMT
last-modified: Fri, 28 Aug 2020 01:48:04 GMT
server: UploadServer
x-timer: S1628003321.969929,VS0,VE0
etag: "4bd992dae2dbbe35b4ec51458103f729"
x-goog-hash: crc32c=HEvWxw==, md5=S9mS2uLbvjW07FFFgQP3KQ==
x-goog-generation: 1598579284071645
access-control-allow-origin: *
access-control-expose-headers: Content-Type,Content-Range,x-goog-resumable
cache-control: max-age=300
x-goog-stored-content-length: 43
accept-ranges: bytes
content-type: image/gif
x-cache-hits: 10

Redirect headers

Date: Tue, 03 Aug 2021 15:08:40 GMT
X-Content-Type-Options: nosniff
Server: nginx
Access-Control-Allow-Origin: *
Front-End-Https: on
P3P: CP="ALL DSP COR CURa OUR BUS"
Location: //i.imgvc.com/vc/images/1x1.gif
Cache-Control: private, max-age=0, no-cache
Content-Type: text/html; charset=iso-8859-1
Content-Length: 215

GET
H2

200

1x1.gif
i.imgvc.com/vc/images/
Redirect Chain

https://ad.jp.ap.valuecommerce.com/servlet/gifbanner?sid=3586186&pid=887107638
https://i.imgvc.com/vc/images/1x1.gif

43 B
116 B

6ms
6ms

Image
image/gif

2a04:4e42:3::737
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.imgvc.com/vc/images/1x1.gif
Requested by: Host: newsoku.blog
URL: https://newsoku.blog/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a04:4e42:3::737 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: UploadServer /
Resource Hash: db5d64a9ea32ed3abb874f295003ef2465cecc2f669efe951930e182c34a5013

Request headers

Referer: https://newsoku.blog/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 03 Aug 2021 15:08:40 GMT
via: 1.1 varnish
age: 218
x-guploader-uploadid: ADPycdsL6vZo_Ol61QA9abdae1CqJ-hIAboIyxuvqTZmxB2JUO3XX3Nh58CoTZZcl7YyiF4tOG2G5jH9Ysqshe0r-0Gel3cwig
x-cache: HIT
x-goog-storage-class: REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
content-length: 43
x-served-by: cache-fra19146-FRA
expires: Mon, 02 Aug 2021 14:21:35 GMT
last-modified: Fri, 28 Aug 2020 01:48:04 GMT
server: UploadServer
x-timer: S1628003321.969660,VS0,VE0
etag: "4bd992dae2dbbe35b4ec51458103f729"
x-goog-hash: crc32c=HEvWxw==, md5=S9mS2uLbvjW07FFFgQP3KQ==
x-goog-generation: 1598579284071645
access-control-allow-origin: *
access-control-expose-headers: Content-Type,Content-Range,x-goog-resumable
cache-control: max-age=300
x-goog-stored-content-length: 43
accept-ranges: bytes
content-type: image/gif
x-cache-hits: 7

Redirect headers

Date: Tue, 03 Aug 2021 15:08:40 GMT
X-Content-Type-Options: nosniff
Server: nginx
Access-Control-Allow-Origin: *
Front-End-Https: on
P3P: CP="ALL DSP COR CURa OUR BUS"
Location: //i.imgvc.com/vc/images/1x1.gif
Cache-Control: private, max-age=0, no-cache
Content-Type: text/html; charset=iso-8859-1
Content-Length: 215

GET
H2

200

1x1.gif
i.imgvc.com/vc/images/
Redirect Chain

https://ad.jp.ap.valuecommerce.com/servlet/gifbanner?sid=3586186&pid=887107639
https://i.imgvc.com/vc/images/1x1.gif

43 B
530 B

6ms
6ms

Image
image/gif

2a04:4e42:3::737
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.imgvc.com/vc/images/1x1.gif
Requested by: Host: newsoku.blog
URL: https://newsoku.blog/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a04:4e42:3::737 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: UploadServer /
Resource Hash: db5d64a9ea32ed3abb874f295003ef2465cecc2f669efe951930e182c34a5013

Request headers

Referer: https://newsoku.blog/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 03 Aug 2021 15:08:41 GMT
via: 1.1 varnish
age: 219
x-guploader-uploadid: ADPycdsL6vZo_Ol61QA9abdae1CqJ-hIAboIyxuvqTZmxB2JUO3XX3Nh58CoTZZcl7YyiF4tOG2G5jH9Ysqshe0r-0Gel3cwig
x-cache: HIT
x-goog-storage-class: REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
content-length: 43
x-served-by: cache-fra19146-FRA
expires: Mon, 02 Aug 2021 14:21:35 GMT
last-modified: Fri, 28 Aug 2020 01:48:04 GMT
server: UploadServer
x-timer: S1628003321.264986,VS0,VE0
etag: "4bd992dae2dbbe35b4ec51458103f729"
x-goog-hash: crc32c=HEvWxw==, md5=S9mS2uLbvjW07FFFgQP3KQ==
x-goog-generation: 1598579284071645
access-control-allow-origin: *
access-control-expose-headers: Content-Type,Content-Range,x-goog-resumable
cache-control: max-age=300
x-goog-stored-content-length: 43
accept-ranges: bytes
content-type: image/gif
x-cache-hits: 14

Redirect headers

Date: Tue, 03 Aug 2021 15:08:41 GMT
X-Content-Type-Options: nosniff
Server: nginx
Access-Control-Allow-Origin: *
Front-End-Https: on
P3P: CP="ALL DSP COR CURa OUR BUS"
Location: //i.imgvc.com/vc/images/1x1.gif
Cache-Control: private, max-age=0, no-cache
Content-Type: text/html; charset=iso-8859-1
Content-Length: 215

GET
H2

200

1x1.gif
i.imgvc.com/vc/images/
Redirect Chain

https://ad.jp.ap.valuecommerce.com/servlet/gifbanner?sid=3586186&pid=887107643
https://i.imgvc.com/vc/images/1x1.gif

43 B
143 B

6ms
6ms

Image
image/gif

2a04:4e42:3::737
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.imgvc.com/vc/images/1x1.gif
Requested by: Host: newsoku.blog
URL: https://newsoku.blog/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a04:4e42:3::737 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: UploadServer /
Resource Hash: db5d64a9ea32ed3abb874f295003ef2465cecc2f669efe951930e182c34a5013

Request headers

Referer: https://newsoku.blog/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 03 Aug 2021 15:08:41 GMT
via: 1.1 varnish
age: 219
x-guploader-uploadid: ADPycdsL6vZo_Ol61QA9abdae1CqJ-hIAboIyxuvqTZmxB2JUO3XX3Nh58CoTZZcl7YyiF4tOG2G5jH9Ysqshe0r-0Gel3cwig
x-cache: HIT
x-goog-storage-class: REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
content-length: 43
x-served-by: cache-fra19146-FRA
expires: Mon, 02 Aug 2021 14:21:35 GMT
last-modified: Fri, 28 Aug 2020 01:48:04 GMT
server: UploadServer
x-timer: S1628003321.264820,VS0,VE0
etag: "4bd992dae2dbbe35b4ec51458103f729"
x-goog-hash: crc32c=HEvWxw==, md5=S9mS2uLbvjW07FFFgQP3KQ==
x-goog-generation: 1598579284071645
access-control-allow-origin: *
access-control-expose-headers: Content-Type,Content-Range,x-goog-resumable
cache-control: max-age=300
x-goog-stored-content-length: 43
accept-ranges: bytes
content-type: image/gif
x-cache-hits: 13

Redirect headers

Date: Tue, 03 Aug 2021 15:08:41 GMT
X-Content-Type-Options: nosniff
Server: nginx
Access-Control-Allow-Origin: *
Front-End-Https: on
P3P: CP="ALL DSP COR CURa OUR BUS"
Location: //i.imgvc.com/vc/images/1x1.gif
Cache-Control: private, max-age=0, no-cache
Content-Type: text/html; charset=iso-8859-1
Content-Length: 215

GET
H/1.1 200
Ok counter.php Show response
counter1.fc2.com/ 2 KB
1 KB 747ms
184ms Script
application/x-javascript 34.212.109.130
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://counter1.fc2.com/counter.php?id=7070372
Requested by: Host: newsoku.blog
URL: https://newsoku.blog/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.212.109.130 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx/1.5.7 /
Resource Hash: ddcbb7b6f3e6ca8ed9ba275cdecf2a46f6e52342ee3b1d5f1e7be868f168b450

Request headers

Referer: https://newsoku.blog/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 03 Aug 2021 15:08:39 GMT
Content-Encoding: gzip
Server: nginx/1.5.7
Content-Type: application/x-javascript
Cache-Control: no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
Connection: keep-alive
Content-Length: 797
Expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2 200 beacon.min.js Show response
static.cloudflareinsights.com/ 13 KB
5 KB 35ms
34ms Script
text/javascript 2606:4700::6810:5f41
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://static.cloudflareinsights.com/beacon.min.js
Requested by: Host: newsoku.blog
URL: https://newsoku.blog/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:5f41 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0e567066985125e7974f68b42914dcb134e3c38373a4a3d668bdb38a3e55f299

Request headers

Referer: https://newsoku.blog/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 03 Aug 2021 15:08:38 GMT
content-encoding: gzip
last-modified: Fri, 28 May 2021 17:24:20 GMT
server: cloudflare
etag: W/"5753bdd2-d310-49fa-bd2b-065a8e512116"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
cf-ray: 679076661e064e5b-FRA

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 100 KB
40 KB 32ms
32ms Script
application/javascript 2a00:1450:4001:828::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-35173878-27

Requested by

Host: newsoku.blog
URL: https://newsoku.blog/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

e08223ed22ff67b5f44d145e598133b54fea34ab5830af0954c4557c323c246c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://newsoku.blog/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 03 Aug 2021 15:08:38 GMT
content-encoding: br
server: Google Tag Manager
access-control-allow-headers: Cache-Control
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 40746
x-xss-protection: 0
expires: Tue, 03 Aug 2021 15:08:38 GMT

GET
H/1.1 200
OK rank.php Show response
rranking9.ziyu.net/ 394 B
494 B 1719ms
289ms Script
application/x-javascript 133.242.86.196
SAKURA-A SAKURA I...

General

Check archive.org

Show headers Download Go to

Full URL: https://rranking9.ziyu.net/rank.php?newsoku_blog
Requested by: Host: newsoku.blog
URL: https://newsoku.blog/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 133.242.86.196 , Japan, ASN7684 (SAKURA-A SAKURA Internet Inc., JP),
Reverse DNS
Software: nginx /
Resource Hash: d5a7079611270b8f242e09cfb89559e4a7ba77243bf9a5aba175a7aeb9323b67

Request headers

Referer: https://newsoku.blog/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 03 Aug 2021 15:08:40 GMT
Content-Encoding: gzip
Transfer-Encoding: chunked
Server: nginx
Connection: keep-alive
Vary: Accept-Encoding
Content-Type: application/x-javascript

GET
H2 200 mylinkbox.js Show response
mlb.valuecommerce.com/ 16 KB
17 KB 487ms
466ms Script
application/javascript 2a04:4e42:3::737
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://mlb.valuecommerce.com/mylinkbox.js
Requested by: Host: newsoku.blog
URL: https://newsoku.blog/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a04:4e42:3::737 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: UploadServer /
Resource Hash: e353d4321b4e069a05fd434c4b17e7b5207f8a8bdf7326f3917f513b514c9781

Request headers

Referer: https://newsoku.blog/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 03 Aug 2021 15:08:39 GMT
via: 1.1 varnish
age: 0
x-guploader-uploadid: ADPycdsvBvD2tE3DOwj2Map0WO6iAnT65Keheu3i5DDIKTmRcWPEgQx7sKvEiRKFXB_NIOhLFNcjSpq-76yTKZFjCXU6eUdECw
x-cache: HIT
x-goog-storage-class: REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
content-length: 16687
x-served-by: cache-fra19132-FRA
expires: Tue, 03 Aug 2021 10:58:54 GMT
last-modified: Fri, 22 Jan 2021 02:56:31 GMT
server: UploadServer
x-timer: S1628003319.828669,VS0,VE460
etag: "4e000cf88569edfec29f944667153b14"
x-goog-hash: crc32c=0gzVtw==, md5=TgAM+IVp7f7Cn5RGZxU7FA==
x-goog-generation: 1611284191270563
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Content-Range, x-goog-resumable
cache-control: max-age=300
x-goog-stored-content-length: 16687
accept-ranges: bytes
content-type: application/javascript
x-cache-hits: 1

GET
H3-29 200 hdd34.js Show response
newsoku.blog/wp-content/cache/wpfc-minified/1s4y1w1p/ 37 KB
13 KB 36ms
31ms Script
application/javascript 2606:4700:3035::ac43:af3d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://newsoku.blog/wp-content/cache/wpfc-minified/1s4y1w1p/hdd34.js

Requested by

Host: newsoku.blog
URL: https://newsoku.blog/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700:3035::ac43:af3d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

78a94c206bfcbb8c13f0991b653c71ff50b4feddc6818ae9edb88f048846ec15

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:path: /wp-content/cache/wpfc-minified/1s4y1w1p/hdd34.js
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: newsoku.blog
referer: https://newsoku.blog/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://newsoku.blog/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 03 Aug 2021 15:08:38 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 75948
cf-polished: origSize=38380
cf-bgj: minify
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
x-xss-protection: 1; mode=block
last-modified: Mon, 02 Aug 2021 18:01:20 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"610832f0-95ec"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CCHqUmvUhv6nIqz%2BreJ2NghWBn%2FXfm86aboN9T%2FLCvoLMOP8z2PvQjELpmGfAL9rW%2BGW4iUHla30zAXwKj1dEvTFsYK4D0aM5gWHkPlS%2BAWwFTHzkxderV%2BOmxN4eprX3geWwDSZA8XUQlg%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000
cf-ray: 679076658dfc05dc-FRA
expires: Wed, 03 Aug 2022 15:08:38 GMT

GET
H3-29 200 pubads_impl_2021072901.js Show response
securepubads.g.doubleclick.net/gpt/ 325 KB
113 KB 36ms
35ms Script
text/javascript 142.250.74.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021072901.js?31062102

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.74.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s02-in-f2.1e100.net

Software

sffe /

Resource Hash

93a5aff7973bd2b1639e0499d27018a88782692ddb340169b27fac0d37dc6a66

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://newsoku.blog/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 03 Aug 2021 15:08:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 29 Jul 2021 08:44:06 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, immutable, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 116135
x-xss-protection: 0
expires: Tue, 03 Aug 2021 15:08:38 GMT

GET
H3-29 200 ppub_config Show response
securepubads.g.doubleclick.net/pagead/ 68 B
96 B 37ms
36ms XHR
application/json 142.250.74.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=newsoku.blog

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.74.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s02-in-f2.1e100.net

Software

cafe /

Resource Hash

6c64daf911643b5212275ae769d35ea84a159704fcee2594c92bd655b51fc7e5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://newsoku.blog/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 03 Aug 2021 15:08:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 71
x-xss-protection: 0
expires: Tue, 03 Aug 2021 15:08:38 GMT

GET
H3-29 200 show_ads_impl_with_ama_fy2019.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202107290101/ 250 KB
93 KB 52ms
39ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202107290101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-4110214929210244&plah=newsoku.blog&amaexp=1

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

21161526e04840490e533e0233cabdd93eb1fe6632c84622e192c023c3bcc21b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://newsoku.blog/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 03 Aug 2021 15:08:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 95278
x-xss-protection: 0
server: cafe
etag: 7939706070626844053
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Tue, 03 Aug 2021 15:08:38 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20210729/r20190131/ Frame F898 10 KB
5 KB 6ms
5ms Document
text/html 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20210729/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5d1310353e02e0a006b79b7d607131cb6d9411543a8957b772f565816fdf3ce4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/html/r20210729/r20190131/zrt_lookup.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://newsoku.blog/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://newsoku.blog/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
date: Tue, 03 Aug 2021 01:15:27 GMT
expires: Tue, 17 Aug 2021 01:15:27 GMT
content-type: text/html; charset=UTF-8
etag: 4389807852502320046
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 4579
x-xss-protection: 0
age: 49991
cache-control: public, max-age=1209600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 202 B
407 B 40ms
39ms Script
text/javascript 142.250.74.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=newsoku.blog&callback=_gfp_s_&client=ca-pub-4110214929210244

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202107290101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-4110214929210244&plah=newsoku.blog&amaexp=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.74.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s02-in-f2.1e100.net

Software

cafe /

Resource Hash

0f291be20656907c8df9b192ff260ea1d2e02d433cc9c243568db93b2fe7c026

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://newsoku.blog/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 03 Aug 2021 15:08:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 192
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
165 B 15ms
15ms Script
application/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=newsoku.blog

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://newsoku.blog/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 03 Aug 2021 15:08:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
165 B 16ms
16ms Script
application/javascript 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=newsoku.blog

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://newsoku.blog/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 03 Aug 2021 15:08:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-29 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 6E42 0
19 B 129ms
128ms Document
text/html 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4110214929210244&output=html&adk=1812271804&adf=3025194257&lmt=1628003318&plat=8%3A134217728%2C9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fnewsoku.blog%2F&ea=0&flash=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1628003318733&bpp=7&bdt=409&idt=82&shv=r20210729&mjsv=m202107290101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=1858602499989&frm=20&pv=2&ga_vid=1952375638.1628003319&ga_sid=1628003319&ga_hid=1915987041&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C20211866&oid=3&pvsid=1267796506519893&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=102

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-4110214929210244&output=html&adk=1812271804&adf=3025194257&lmt=1628003318&plat=8%3A134217728%2C9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fnewsoku.blog%2F&ea=0&flash=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1628003318733&bpp=7&bdt=409&idt=82&shv=r20210729&mjsv=m202107290101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=1858602499989&frm=20&pv=2&ga_vid=1952375638.1628003319&ga_sid=1628003319&ga_hid=1915987041&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C20211866&oid=3&pvsid=1267796506519893&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=102
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://newsoku.blog/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://newsoku.blog/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Tue, 03 Aug 2021 15:08:38 GMT
server: cafe
content-length: 0
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Tue, 03-Aug-2021 15:23:38 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Tue, 03 Aug 2021 15:08:38 GMT
cache-control: private

GET
H2 200 osd.js Show response
www.googletagservices.com/activeview/js/current/ 73 KB
28 KB 18ms
18ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4e3da77a5939fbc06cb620cc93ee888978121a1dcd5cdb746deeb936a4cd92f0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://newsoku.blog/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 03 Aug 2021 15:08:39 GMT
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
server: sffe
etag: "1627903448373927"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
x-content-type-options: nosniff
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 27995
x-xss-protection: 0
expires: Tue, 03 Aug 2021 15:08:39 GMT

GET
H2 200 cookie_loader.html Show response
cache.send.microadinc.com/js/ Frame A602 2 KB
1 KB 124ms
19ms Document
text/html 143.204.98.55
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cache.send.microadinc.com/js/cookie_loader.html
Requested by: Host: j.microad.net
URL: https://j.microad.net/js/compass.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.98.55 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-98-55.fra50.r.cloudfront.net
Software: Apache /
Resource Hash: e654ab4838bc0825c49012ef7f1204c5e4015cbe5f1de4b3a41a0747129e2ca4

Request headers

:method: GET
:authority: cache.send.microadinc.com
:scheme: https
:path: /js/cookie_loader.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://newsoku.blog/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://newsoku.blog/

Response headers

content-type: text/html
content-length: 982
date: Fri, 16 Jul 2021 17:57:08 GMT
server: Apache
last-modified: Mon, 09 Dec 2019 08:46:57 GMT
etag: "775-599417025c240"
accept-ranges: bytes
content-encoding: gzip
p3p: policyref="http://send.microad.jp/w3c/p3p.xml",CP="NOI DSP COR NID CURa OUR IND STA"
cache-control: public, max-age=2592000
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 32e4d419823b7f8df8417a8b18c9602d.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA50-C1
x-amz-cf-id: KzeWVrl2sZQGdlvkPEsS-mNOQqVnXHdERv6zV40jHQq93DtEdgfE3g==
age: 1545091

GET
H2 200 sync Show response
gum.criteo.com/ Frame A602 45 B
358 B 81ms
32ms Script
text/javascript 2a02:2638::1c
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/sync?c=46&r=2&j=handleData

Requested by

Host: cache.send.microadinc.com
URL: https://cache.send.microadinc.com/js/cookie_loader.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::1c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Resource Hash

f82eeb7d741fcdd22be2f05939c7196ba620b539243541c6a56ab6cd62462613

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://cache.send.microadinc.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
date: Tue, 03 Aug 2021 15:08:38 GMT
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
cache-control: private, max-age=3600
server-processing-duration-in-ticks: 3388
content-length: 161
expires: 60

GET
H/1.1 200
OK roll_data Show response
blogroll.livedoor.net/238586/ 28 KB
8 KB 246ms
245ms Script
text/javascript 147.92.191.167
LINE LINE Corpora...

General

Check archive.org

Show headers Download Go to

Full URL: https://blogroll.livedoor.net/238586/roll_data
Requested by: Host: blogroll.livedoor.net
URL: https://blogroll.livedoor.net/js/blogroll.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 147.92.191.167 , Japan, ASN38631 (LINE LINE Corporation, JP),
Reverse DNS
Software: /
Resource Hash: 8ecd8a2a755277092117f555282f52424d3d041ec869e59112df2bbd408d6f95

Request headers

Referer: https://newsoku.blog/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 03 Aug 2021 15:08:39 GMT
Content-Encoding: gzip
X-Cache-Lookup: HIT from blogroll.livedoor.com:3128
Age: 148
Vary: Accept-Encoding
X-Cache: HIT from blogroll.livedoor.com
Content-Type: text/javascript; charset=UTF-8
Cache-Control: public, max-age=600
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=3
Expires: Tue, 03 Aug 2021 15:16:11 GMT

GET
H/1.1 200
OK roll_data Show response
blogroll.livedoor.net/238587/ 28 KB
8 KB 494ms
247ms Script
text/javascript 147.92.191.167
LINE LINE Corpora...

General

Check archive.org

Show headers Download Go to

Full URL: https://blogroll.livedoor.net/238587/roll_data
Requested by: Host: blogroll.livedoor.net
URL: https://blogroll.livedoor.net/js/blogroll.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 147.92.191.167 , Japan, ASN38631 (LINE LINE Corporation, JP),
Reverse DNS
Software: /
Resource Hash: 3b3c3a714f1f02c5a2170135d230c23391ed4876eec1b5a6b80a456ae7602350

Request headers

Referer: https://newsoku.blog/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 03 Aug 2021 15:08:39 GMT
Content-Encoding: gzip
X-Cache-Lookup: HIT from blogroll.livedoor.com:3128
Age: 147
Vary: Accept-Encoding
X-Cache: HIT from blogroll.livedoor.com
Content-Type: text/javascript; charset=UTF-8
Cache-Control: public, max-age=600
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=3
Expires: Tue, 03 Aug 2021 15:16:12 GMT

GET
H3-29 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
122 B 31ms
16ms Script
application/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=newsoku.blog

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://newsoku.blog/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 03 Aug 2021 15:08:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-29 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
122 B 30ms
16ms Script
application/javascript 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=newsoku.blog

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://newsoku.blog/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 03 Aug 2021 15:08:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-29 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 9196 71 KB
24 KB 956ms
955ms Document
text/html 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4110214929210244&output=html&h=280&slotname=2970979162&adk=3236041453&adf=2420973902&pi=t.ma~as.2970979162&w=1106&fwrn=4&fwrnh=100&lmt=1628003318&rafmt=1&psa=0&format=1106x280&url=https%3A%2F%2Fnewsoku.blog%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1628003319374&bpp=4&bdt=1050&idt=4&shv=r20210729&mjsv=m202107290101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D70788018dd48af57-22dd5d5890c900e0%3AT%3D1628003319%3ART%3D1628003319%3AS%3DALNI_MbaYN8En-COu8JidTAj9lI-9LYyQA&prev_fmts=0x0&nras=1&correlator=1858602499989&frm=20&pv=1&ga_vid=1952375638.1628003319&ga_sid=1628003319&ga_hid=1915987041&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=247&ady=864&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C20211866&oid=3&pvsid=1267796506519893&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=whexCSxYcg&p=https%3A//newsoku.blog&dtd=12

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

aaf6d87f6baf6032a7c5f0963a2b1c0777b3818cf056b20cb421a11fb3019a9b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-4110214929210244&output=html&h=280&slotname=2970979162&adk=3236041453&adf=2420973902&pi=t.ma~as.2970979162&w=1106&fwrn=4&fwrnh=100&lmt=1628003318&rafmt=1&psa=0&format=1106x280&url=https%3A%2F%2Fnewsoku.blog%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1628003319374&bpp=4&bdt=1050&idt=4&shv=r20210729&mjsv=m202107290101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D70788018dd48af57-22dd5d5890c900e0%3AT%3D1628003319%3ART%3D1628003319%3AS%3DALNI_MbaYN8En-COu8JidTAj9lI-9LYyQA&prev_fmts=0x0&nras=1&correlator=1858602499989&frm=20&pv=1&ga_vid=1952375638.1628003319&ga_sid=1628003319&ga_hid=1915987041&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=247&ady=864&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C20211866&oid=3&pvsid=1267796506519893&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=whexCSxYcg&p=https%3A//newsoku.blog&dtd=12
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://newsoku.blog/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: test_cookie=CheckForPermission
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://newsoku.blog/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Tue, 03 Aug 2021 15:08:40 GMT
server: cafe
content-length: 24836
x-xss-protection: 0
set-cookie: IDE=AHWqTUnpraTetqlVkU_G3jnDAUJh4FGdJw4G62iUY20vXQtihzbW2vfEAY-I2DFvSb8; expires=Sun, 28-Aug-2022 15:08:39 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none test_cookie=; expires=Fri, 01-Aug-2008 22:45:55 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Tue, 03 Aug 2021 15:08:40 GMT
cache-control: private

GET
H/1.1 200
OK roll_data Show response
blogroll.livedoor.net/273702/ 13 KB
5 KB 718ms
244ms Script
text/javascript 147.92.191.167
LINE LINE Corpora...

General

Check archive.org

Show headers Download Go to

Full URL: https://blogroll.livedoor.net/273702/roll_data
Requested by: Host: blogroll.livedoor.net
URL: https://blogroll.livedoor.net/js/blogroll.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 147.92.191.167 , Japan, ASN38631 (LINE LINE Corporation, JP),
Reverse DNS
Software: /
Resource Hash: 236caf7e2e9841d778636516c702aea4d731e8b975087adef8663c38be73aa7a

Request headers

Referer: https://newsoku.blog/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 03 Aug 2021 15:08:39 GMT
Content-Encoding: gzip
X-Cache-Lookup: HIT from blogroll.livedoor.com:3128
Age: 366
Vary: Accept-Encoding
X-Cache: HIT from blogroll.livedoor.com
Content-Type: text/javascript; charset=UTF-8
Cache-Control: public, max-age=600
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=3
Expires: Tue, 03 Aug 2021 15:12:33 GMT

GET
H3-29 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame C371 78 KB
25 KB 423ms
422ms Document
text/html 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4110214929210244&output=html&h=280&slotname=2137269402&adk=2422814327&adf=2400760514&pi=t.ma~as.2137269402&w=1106&fwrn=4&fwrnh=100&lmt=1628003318&rafmt=1&psa=0&format=1106x280&url=https%3A%2F%2Fnewsoku.blog%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1628003319395&bpp=35&bdt=1071&idt=35&shv=r20210729&mjsv=m202107290101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D70788018dd48af57-22dd5d5890c900e0%3AT%3D1628003319%3ART%3D1628003319%3AS%3DALNI_MbaYN8En-COu8JidTAj9lI-9LYyQA&prev_fmts=0x0%2C1106x280&nras=1&correlator=1858602499989&frm=20&pv=1&ga_vid=1952375638.1628003319&ga_sid=1628003319&ga_hid=1915987041&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=247&ady=1414&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C20211866&oid=3&pvsid=1267796506519893&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=VGrPRLKA5X&p=https%3A//newsoku.blog&dtd=38

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

2456fb8d798b3cd903d1d5aa87ab4a0d04041905c11193466c2c13ba0de854c0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-4110214929210244&output=html&h=280&slotname=2137269402&adk=2422814327&adf=2400760514&pi=t.ma~as.2137269402&w=1106&fwrn=4&fwrnh=100&lmt=1628003318&rafmt=1&psa=0&format=1106x280&url=https%3A%2F%2Fnewsoku.blog%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1628003319395&bpp=35&bdt=1071&idt=35&shv=r20210729&mjsv=m202107290101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D70788018dd48af57-22dd5d5890c900e0%3AT%3D1628003319%3ART%3D1628003319%3AS%3DALNI_MbaYN8En-COu8JidTAj9lI-9LYyQA&prev_fmts=0x0%2C1106x280&nras=1&correlator=1858602499989&frm=20&pv=1&ga_vid=1952375638.1628003319&ga_sid=1628003319&ga_hid=1915987041&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=247&ady=1414&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C20211866&oid=3&pvsid=1267796506519893&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=VGrPRLKA5X&p=https%3A//newsoku.blog&dtd=38
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://newsoku.blog/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: test_cookie=CheckForPermission
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://newsoku.blog/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Tue, 03 Aug 2021 15:08:39 GMT
server: cafe
content-length: 25879
x-xss-protection: 0
set-cookie: IDE=AHWqTUnQBoqojFljPaZnI83YeipInAwMZXxNqKW3wsSgQSVPe47azIA27stByFttdcg; expires=Sun, 28-Aug-2022 15:08:39 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none test_cookie=; expires=Fri, 01-Aug-2008 22:45:55 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Tue, 03 Aug 2021 15:08:39 GMT
cache-control: private

GET
H3-29 200 fontawesome-webfont.woff2
newsoku.blog/wp-content/themes/simplicity2/webfonts/fonts/ 75 KB
76 KB 17ms
17ms Font
font/woff2 2606:4700:3035::ac43:af3d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://newsoku.blog/wp-content/themes/simplicity2/webfonts/fonts/fontawesome-webfont.woff2?v=4.7.0

Requested by

Host: newsoku.blog
URL: https://newsoku.blog/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700:3035::ac43:af3d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-fetch-mode: cors
origin: https://newsoku.blog
accept-encoding: gzip, deflate, br
accept-language: en-US
sec-fetch-dest: font
cookie: __gads=ID=70788018dd48af57-22dd5d5890c900e0:T=1628003319:RT=1628003319:S=ALNI_MbaYN8En-COu8JidTAj9lI-9LYyQA
:path: /wp-content/themes/simplicity2/webfonts/fonts/fontawesome-webfont.woff2?v=4.7.0
pragma: no-cache
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: */*
cache-control: no-cache
:authority: newsoku.blog
referer: https://newsoku.blog/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Origin: https://newsoku.blog
Referer: https://newsoku.blog/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 03 Aug 2021 15:08:39 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 100114
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 77160
x-xss-protection: 1; mode=block
last-modified: Fri, 07 Feb 2020 15:01:35 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: "5e3d7bcf-12d68"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sMEWYmyCQ4Zn%2FqiELL2V1%2BOxHehPMD50Uqj4wLuax1GZQZ5fF3P%2FIXPdV6cnQXuh8HzXt7EyYkuElXmkW5JVwVhzaQtmwBte0MqEc8tGD%2FB9iSrm1ldQThZJ4tWNbG19fnYvi6ZoObGUnbs%3D"}],"group":"cf-nel","max_age":604800}
content-type: font/woff2
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 6790766a79ea05dc-FRA
expires: Wed, 03 Aug 2022 15:08:39 GMT

GET
H3-29 200 b_logo.png
newsoku.blog/wp-content/uploads/2021/04/ 7 KB
8 KB 21ms
20ms Image
image/png 2606:4700:3035::ac43:af3d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://newsoku.blog/wp-content/uploads/2021/04/b_logo.png

Requested by

Host: newsoku.blog
URL: https://newsoku.blog/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700:3035::ac43:af3d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8eb2ef3f120cb7cdf7307489008aabe8f9ed2bd7a3731c1c3aed0a9e29c6d415

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:path: /wp-content/uploads/2021/04/b_logo.png
pragma: no-cache
cookie: __gads=ID=70788018dd48af57-22dd5d5890c900e0:T=1628003319:RT=1628003319:S=ALNI_MbaYN8En-COu8JidTAj9lI-9LYyQA
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: newsoku.blog
referer: https://newsoku.blog/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://newsoku.blog/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 03 Aug 2021 15:08:39 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 94167
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 7169
x-xss-protection: 1; mode=block
last-modified: Wed, 07 Apr 2021 06:16:40 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: "606d4e48-1c01"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dar9MBZ3t0SavHtdmXMws3LkffHDpi4%2BqF8Z4kwi1sMnOxLkpPYbvHgdwMuKq6kDhVNwU3ztJ7uLaW0EfdZMU4EPMwASNfyu2glqIWi0YnbQlgNmkDuuLv3ShuJzXDtXs%2FA75VvEUJSes14%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 6790766aba7a05dc-FRA
expires: Wed, 03 Aug 2022 15:08:39 GMT

GET
H3-29 200 Windows365_OS-150x150.jpg
newsoku.blog/wp-content/uploads/2021/08/ 2 KB
3 KB 801ms
801ms Image
image/jpeg 2606:4700:3035::ac43:af3d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://newsoku.blog/wp-content/uploads/2021/08/Windows365_OS-150x150.jpg

Requested by

Host: newsoku.blog
URL: https://newsoku.blog/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700:3035::ac43:af3d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

24180076912619bfdda14fe2cd15327c01d178bda15002cf9c2e4e8bb20abb8f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:path: /wp-content/uploads/2021/08/Windows365_OS-150x150.jpg
pragma: no-cache
cookie: __gads=ID=70788018dd48af57-22dd5d5890c900e0:T=1628003319:RT=1628003319:S=ALNI_MbaYN8En-COu8JidTAj9lI-9LYyQA
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: newsoku.blog
referer: https://newsoku.blog/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://newsoku.blog/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 03 Aug 2021 15:08:40 GMT
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"report_to":"cf-nel","max_age":604800}
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 2031
x-xss-protection: 1; mode=block
last-modified: Tue, 03 Aug 2021 14:44:16 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: "61095640-7ef"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=iQr0AqUPsQsPTdg06U%2Ff2Xh%2BZ%2Bmpdy8TWejW00uArxU4gw1xjMczQx%2B8zHPlLOxKTTLXjMNIFyJCzk%2BLGdobIsNRtNI6BiUB%2FZ8gWo%2FqxU5PNcYptrql1J0txUC9vhwgIIzJ31ZdA%2BlY%2FME%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 6790766aba7e05dc-FRA
expires: Wed, 03 Aug 2022 15:08:40 GMT

GET
H3-29 200 newsoku_blog_newssokuho_sokuho_breakingnews_news2-150x150.jpg
newsoku.blog/wp-content/uploads/2021/03/ 3 KB
3 KB 27ms
23ms Image
image/jpeg 2606:4700:3035::ac43:af3d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://newsoku.blog/wp-content/uploads/2021/03/newsoku_blog_newssokuho_sokuho_breakingnews_news2-150x150.jpg

Requested by

Host: newsoku.blog
URL: https://newsoku.blog/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700:3035::ac43:af3d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c54bad592dee9c726bf1781ed73e7ab8d5906d0f558a454011e3825c5ae185c1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:path: /wp-content/uploads/2021/03/newsoku_blog_newssokuho_sokuho_breakingnews_news2-150x150.jpg
pragma: no-cache
cookie: __gads=ID=70788018dd48af57-22dd5d5890c900e0:T=1628003319:RT=1628003319:S=ALNI_MbaYN8En-COu8JidTAj9lI-9LYyQA
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: newsoku.blog
referer: https://newsoku.blog/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://newsoku.blog/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 03 Aug 2021 15:08:39 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 94054
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 2765
x-xss-protection: 1; mode=block
last-modified: Sat, 13 Mar 2021 02:56:41 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: "604c29e9-acd"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FJgPcHGr3iI5zw1T5rsig%2FVj%2BvJGh41MO%2BkDUA4Pwav8QJQV%2BAyKcPnCIf%2BPcrkcNltHcwaitlkT8q3qQXlI6BGU28yO0ODnV%2B%2FLiYRGmL%2FarQV41cl%2FP9wEsVbqVh%2B%2BnOFwoxM8DjBDCR4%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 6790766aba8705dc-FRA
expires: Wed, 03 Aug 2022 15:08:39 GMT

GET
H3-29 200 AirFan-150x150.jpg
newsoku.blog/wp-content/uploads/2017/03/ 6 KB
7 KB 16ms
15ms Image
image/jpeg 2606:4700:3035::ac43:af3d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://newsoku.blog/wp-content/uploads/2017/03/AirFan-150x150.jpg

Requested by

Host: newsoku.blog
URL: https://newsoku.blog/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700:3035::ac43:af3d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4527c806df258be9d6ac87c7056b67493ed62b0ab9d77a65a77773cbc4c2cb66

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:path: /wp-content/uploads/2017/03/AirFan-150x150.jpg
pragma: no-cache
cookie: __gads=ID=70788018dd48af57-22dd5d5890c900e0:T=1628003319:RT=1628003319:S=ALNI_MbaYN8En-COu8JidTAj9lI-9LYyQA
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: newsoku.blog
referer: https://newsoku.blog/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://newsoku.blog/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 03 Aug 2021 15:08:39 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 3505
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 6307
x-xss-protection: 1; mode=block
last-modified: Sat, 22 Feb 2020 01:19:13 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: "5e508191-18a3"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=V%2F%2BTEvI%2B8AtnZh%2BWNlLDO9bNznRwNnGLFuXBZO8XDwyK8KJ8SyMbgAjaLF7nfxKo6XXOdj%2FEmqdAMknRV50%2BwlNEHD1bXyyvpeW%2Fjblqss2qW0txIvWJv91tAmpXi70o5tg0vHP79rcU0wI%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 6790766aba8805dc-FRA
expires: Wed, 03 Aug 2022 15:08:39 GMT

GET
H3-29 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 5080 88 KB
28 KB 414ms
412ms Document
text/html 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4110214929210244&output=html&h=280&slotname=5622522222&adk=281811654&adf=2966697880&pi=t.ma~as.5622522222&w=680&fwrn=4&fwrnh=100&lmt=1628003318&rafmt=1&psa=0&format=680x280&url=https%3A%2F%2Fnewsoku.blog%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1628003319476&bpp=4&bdt=1153&idt=4&shv=r20210729&mjsv=m202107290101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D70788018dd48af57-22dd5d5890c900e0%3AT%3D1628003319%3ART%3D1628003319%3AS%3DALNI_MbaYN8En-COu8JidTAj9lI-9LYyQA&prev_fmts=0x0%2C1106x280%2C1106x280&nras=1&correlator=1858602499989&frm=20&pv=1&ga_vid=1952375638.1628003319&ga_sid=1628003319&ga_hid=1915987041&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=643&ady=2546&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C20211866&oid=3&pvsid=1267796506519893&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=KT5jRbRSGX&p=https%3A//newsoku.blog&dtd=17

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9e43d52b52e0432c5d9c39c6fd337162ab0656c3291300f69907b76acdd3819f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-4110214929210244&output=html&h=280&slotname=5622522222&adk=281811654&adf=2966697880&pi=t.ma~as.5622522222&w=680&fwrn=4&fwrnh=100&lmt=1628003318&rafmt=1&psa=0&format=680x280&url=https%3A%2F%2Fnewsoku.blog%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1628003319476&bpp=4&bdt=1153&idt=4&shv=r20210729&mjsv=m202107290101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D70788018dd48af57-22dd5d5890c900e0%3AT%3D1628003319%3ART%3D1628003319%3AS%3DALNI_MbaYN8En-COu8JidTAj9lI-9LYyQA&prev_fmts=0x0%2C1106x280%2C1106x280&nras=1&correlator=1858602499989&frm=20&pv=1&ga_vid=1952375638.1628003319&ga_sid=1628003319&ga_hid=1915987041&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=643&ady=2546&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C20211866&oid=3&pvsid=1267796506519893&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=KT5jRbRSGX&p=https%3A//newsoku.blog&dtd=17
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://newsoku.blog/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: test_cookie=CheckForPermission
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://newsoku.blog/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Tue, 03 Aug 2021 15:08:39 GMT
server: cafe
content-length: 28501
x-xss-protection: 0
set-cookie: IDE=AHWqTUnucBuOdUbZ25JJOlpHsjKMYjvkCZwC86W9qmkmlLVzbuSipmcvkuUaiH22cqY; expires=Sun, 28-Aug-2022 15:08:39 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none test_cookie=; expires=Fri, 01-Aug-2008 22:45:55 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Tue, 03 Aug 2021 15:08:39 GMT
cache-control: private

GET
H3-29 200 covid19_vaccine_wakuchin_wakutin_-150x150.jpeg
newsoku.blog/wp-content/uploads/2021/08/ 2 KB
3 KB 817ms
813ms Image
image/jpeg 2606:4700:3035::ac43:af3d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://newsoku.blog/wp-content/uploads/2021/08/covid19_vaccine_wakuchin_wakutin_-150x150.jpeg

Requested by

Host: newsoku.blog
URL: https://newsoku.blog/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700:3035::ac43:af3d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1e50f76135cc95fff5370f1cc12cf75aaec06a62d6506be45de107fa968a245d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:path: /wp-content/uploads/2021/08/covid19_vaccine_wakuchin_wakutin_-150x150.jpeg
pragma: no-cache
cookie: __gads=ID=70788018dd48af57-22dd5d5890c900e0:T=1628003319:RT=1628003319:S=ALNI_MbaYN8En-COu8JidTAj9lI-9LYyQA
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: newsoku.blog
referer: https://newsoku.blog/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://newsoku.blog/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 03 Aug 2021 15:08:40 GMT
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"report_to":"cf-nel","max_age":604800}
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 2428
x-xss-protection: 1; mode=block
last-modified: Tue, 03 Aug 2021 01:05:39 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: "61089663-97c"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=neQxPyhPwlKcUdtn6Svx0%2BgBEsOl%2BzZvHQeTZsJ8WK0wNBBG%2BBjI%2BXip9BsSnLUOLOtvJdzTHLQrHmcZQXQ%2BFHdgC%2Bzrv6e0NjvOPRb%2BnpDWLK7ucE2GWKfguYHEZf%2Fh6%2F%2BcvgbAqUcMrNw%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 6790766b2b7505dc-FRA
expires: Wed, 03 Aug 2022 15:08:40 GMT

GET
H3-29 200 67b5491aba9691d136317489f292a90e-150x150.png
newsoku.blog/wp-content/uploads/2021/08/ 4 KB
5 KB 810ms
806ms Image
image/png 2606:4700:3035::ac43:af3d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://newsoku.blog/wp-content/uploads/2021/08/67b5491aba9691d136317489f292a90e-150x150.png

Requested by

Host: newsoku.blog
URL: https://newsoku.blog/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700:3035::ac43:af3d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

18823a038c5c0161d2ee22fdce041611e8afdda41b9a32e1e8238225c7bafbff

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:path: /wp-content/uploads/2021/08/67b5491aba9691d136317489f292a90e-150x150.png
pragma: no-cache
cookie: __gads=ID=70788018dd48af57-22dd5d5890c900e0:T=1628003319:RT=1628003319:S=ALNI_MbaYN8En-COu8JidTAj9lI-9LYyQA
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: newsoku.blog
referer: https://newsoku.blog/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://newsoku.blog/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 03 Aug 2021 15:08:40 GMT
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"report_to":"cf-nel","max_age":604800}
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 4422
x-xss-protection: 1; mode=block
last-modified: Tue, 03 Aug 2021 09:02:39 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: "6109062f-1146"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fAHctVGedOg8t5sNQkTx7Cuqofd%2FIiXPeEPU8okPleJdBw1uFJ%2FE0OL4VRdkNY7Qq6%2B8pTLOnwcwA1WYi4h5oqdO7%2FAXUI6NagS%2FMRy3od%2F883HH18%2FOjKIYwWy7rQBQd%2FASCCCMNAlTOME%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 6790766b2b7905dc-FRA
expires: Wed, 03 Aug 2022 15:08:40 GMT

GET
H3-29 200 tokyo3709-150x150.jpg
newsoku.blog/wp-content/uploads/2021/08/ 3 KB
3 KB 23ms
22ms Image
image/jpeg 2606:4700:3035::ac43:af3d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://newsoku.blog/wp-content/uploads/2021/08/tokyo3709-150x150.jpg

Requested by

Host: newsoku.blog
URL: https://newsoku.blog/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700:3035::ac43:af3d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0b80f6bab833ac724ca1abba7179e4cc76eded869df0929184e4f5a1145f960a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:path: /wp-content/uploads/2021/08/tokyo3709-150x150.jpg
pragma: no-cache
cookie: __gads=ID=70788018dd48af57-22dd5d5890c900e0:T=1628003319:RT=1628003319:S=ALNI_MbaYN8En-COu8JidTAj9lI-9LYyQA
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: newsoku.blog
referer: https://newsoku.blog/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://newsoku.blog/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 03 Aug 2021 15:08:39 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 25809
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 2830
x-xss-protection: 1; mode=block
last-modified: Tue, 03 Aug 2021 07:50:52 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: "6108f55c-b0e"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gCtaq3guvys9nAj9yQU%2FZKRnQo4OCqYMiM8qO3mjfMeRcQzIC%2FQZnWagL3q2ctVQ%2FrLrCemhHJG6yg16xLWT3WbrM4ZxopaC2IeJTV45U4RyBlMl6URZ0ulYjKNsIyck8COORO5753S9gh8%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 6790766b2b7b05dc-FRA
expires: Wed, 03 Aug 2022 15:08:39 GMT

GET
H3-29 200 gpu_btc_bitcoin_mining-150x150.jpg
newsoku.blog/wp-content/uploads/2021/08/ 3 KB
4 KB 831ms
830ms Image
image/jpeg 2606:4700:3035::ac43:af3d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://newsoku.blog/wp-content/uploads/2021/08/gpu_btc_bitcoin_mining-150x150.jpg

Requested by

Host: newsoku.blog
URL: https://newsoku.blog/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700:3035::ac43:af3d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

952105810639a287608d81a207f6457caa592cc224f48945e27bda7105a1a5a8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:path: /wp-content/uploads/2021/08/gpu_btc_bitcoin_mining-150x150.jpg
pragma: no-cache
cookie: __gads=ID=70788018dd48af57-22dd5d5890c900e0:T=1628003319:RT=1628003319:S=ALNI_MbaYN8En-COu8JidTAj9lI-9LYyQA
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: newsoku.blog
referer: https://newsoku.blog/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://newsoku.blog/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 03 Aug 2021 15:08:40 GMT
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"report_to":"cf-nel","max_age":604800}
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 3159
x-xss-protection: 1; mode=block
last-modified: Tue, 03 Aug 2021 01:42:42 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: "61089f12-c57"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tNR5IznxLtoD5gPSiqhmPVrm4xGWg50yYal0E59ifCUM1h9lC5Rb8Gb87%2F5EEymP%2BUazYx9rInPqxjuLZyU1%2FmIpUB3kMzwa0Zo42yeAvTeKgoyIEffIgFNbMSp%2BlrWJpe9GWQL%2FS%2BZS7OI%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 6790766b2b7c05dc-FRA
expires: Wed, 03 Aug 2022 15:08:40 GMT

GET
H/1.1 200
200 ad Show response
s-rtb.send.microadinc.com/ 2 KB
2 KB 1001ms
256ms Script
text/javascript 103.142.125.193
MICROAD MicroAd

General

Check archive.org

Show headers Download Go to

Full URL

https://s-rtb.send.microadinc.com/ad?spot=fc96d48ec49d33f5591f65f7004463ae&cb=microadCompass.AdRequestor.callback&url=https%3A%2F%2Fnewsoku.blog%2F&referrer=&cbt=99e8db02e0c950017b0c8f3ef7

Requested by

Host: j.microad.net
URL: https://j.microad.net/js/compass.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

103.142.125.193 , Japan, ASN131957 (MICROAD MicroAd, Inc., JP),

Reverse DNS

Software

Apache /

Resource Hash

c8efcb1e9a27f93ac0fa629bc5af03f4e590bcece7d9c9479d098f8e66d1da43

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://newsoku.blog/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 03 Aug 2021 15:08:40 GMT
X-Content-Type-Options: nosniff
Server: Apache
P3P: policyref="http://www.microad.jp/w3c/p3p.xml",CP="NOI DSP COR NID DEVo PSAo OUR STP STA PRE"
Connection: close
Content-Type: text/javascript;charset=UTF-8
Content-Length: 1541
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
200 ad Show response
s-rtb.send.microadinc.com/ 2 KB
2 KB 993ms
253ms Script
text/javascript 103.142.125.193
MICROAD MicroAd

General

Check archive.org

Show headers Download Go to

Full URL

https://s-rtb.send.microadinc.com/ad?spot=b605192b7befd9dcc697a7db9959975c&cb=microadCompass.AdRequestor.callback&url=https%3A%2F%2Fnewsoku.blog%2F&referrer=&cbt=5179d92f126a98017b0c8f3f10

Requested by

Host: j.microad.net
URL: https://j.microad.net/js/compass.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

103.142.125.193 , Japan, ASN131957 (MICROAD MicroAd, Inc., JP),

Reverse DNS

Software

Apache /

Resource Hash

e789af88035c963e2e592312981c4ce1ab86a1e0d62600f3a09bb81219cc52a5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://newsoku.blog/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 03 Aug 2021 15:08:40 GMT
X-Content-Type-Options: nosniff
Server: Apache
P3P: policyref="http://www.microad.jp/w3c/p3p.xml",CP="NOI DSP COR NID DEVo PSAo OUR STP STA PRE"
Connection: close
Content-Type: text/javascript;charset=UTF-8
Content-Length: 1555
X-XSS-Protection: 1; mode=block

GET
H3-29 200 d9dc85b22a7b2e61b3c2cafeeec23397.png
newsoku.blog/wp-content/uploads/2021/08/ 56 KB
57 KB 24ms
24ms Image
image/png 2606:4700:3035::ac43:af3d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://newsoku.blog/wp-content/uploads/2021/08/d9dc85b22a7b2e61b3c2cafeeec23397.png

Requested by

Host: newsoku.blog
URL: https://newsoku.blog/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700:3035::ac43:af3d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0f67a744ec50567f11b95186ba88b16abdccb649be04777f4108430c2429929f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:path: /wp-content/uploads/2021/08/d9dc85b22a7b2e61b3c2cafeeec23397.png
pragma: no-cache
cookie: __gads=ID=70788018dd48af57-22dd5d5890c900e0:T=1628003319:RT=1628003319:S=ALNI_MbaYN8En-COu8JidTAj9lI-9LYyQA
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: newsoku.blog
referer: https://newsoku.blog/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://newsoku.blog/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 03 Aug 2021 15:08:39 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 75503
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 57525
x-xss-protection: 1; mode=block
last-modified: Mon, 02 Aug 2021 17:33:12 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: "61082c58-e0b5"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NOML%2Bsd8zFGVUp7xkD7COjr8PhrM21GrbhzaPFTbljAfLcibGV8Os4dJEv40Eyx8tCZoCRXOZvILQmuudmfUNxEVidXWwHEs6uRBIYR1P%2BQESsfpFfwF8Bj5W3YZ%2B%2B0CNXc98b4Flsj3fPQ%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 6790766b6bf105dc-FRA
expires: Wed, 03 Aug 2022 15:08:39 GMT

GET
H3-29 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
122 B 16ms
15ms Script
application/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=newsoku.blog

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://newsoku.blog/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 03 Aug 2021 15:08:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-29 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
122 B 17ms
16ms Script
application/javascript 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=newsoku.blog

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://newsoku.blog/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 03 Aug 2021 15:08:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-29 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 81EE 136 KB
22 KB 405ms
405ms Document
text/html 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4110214929210244&output=html&h=600&slotname=4858775902&adk=2423983721&adf=4117875246&pi=t.ma~as.4858775902&w=300&fwrn=4&fwrnh=100&lmt=1628003318&rafmt=1&psa=0&format=300x600&url=https%3A%2F%2Fnewsoku.blog%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1628003319581&bpp=2&bdt=1257&idt=2&shv=r20210729&mjsv=m202107290101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D70788018dd48af57-22dd5d5890c900e0%3AT%3D1628003319%3ART%3D1628003319%3AS%3DALNI_MbaYN8En-COu8JidTAj9lI-9LYyQA&prev_fmts=0x0%2C1106x280%2C1106x280%2C680x280&nras=1&correlator=1858602499989&frm=20&pv=1&ga_vid=1952375638.1628003319&ga_sid=1628003319&ga_hid=1915987041&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=274&ady=2601&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C20211866&oid=3&pvsid=1267796506519893&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=lCDDxK0JOU&p=https%3A//newsoku.blog&dtd=6

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1780f5cfab0200a003ac252b6ada34ff27fda228f075546ec3a6a344d0df426d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-4110214929210244&output=html&h=600&slotname=4858775902&adk=2423983721&adf=4117875246&pi=t.ma~as.4858775902&w=300&fwrn=4&fwrnh=100&lmt=1628003318&rafmt=1&psa=0&format=300x600&url=https%3A%2F%2Fnewsoku.blog%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1628003319581&bpp=2&bdt=1257&idt=2&shv=r20210729&mjsv=m202107290101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D70788018dd48af57-22dd5d5890c900e0%3AT%3D1628003319%3ART%3D1628003319%3AS%3DALNI_MbaYN8En-COu8JidTAj9lI-9LYyQA&prev_fmts=0x0%2C1106x280%2C1106x280%2C680x280&nras=1&correlator=1858602499989&frm=20&pv=1&ga_vid=1952375638.1628003319&ga_sid=1628003319&ga_hid=1915987041&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=274&ady=2601&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C20211866&oid=3&pvsid=1267796506519893&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=lCDDxK0JOU&p=https%3A//newsoku.blog&dtd=6
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://newsoku.blog/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: test_cookie=CheckForPermission
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://newsoku.blog/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
access-control-expose-headers: x-google-amp-ad-validated-version
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Tue, 03 Aug 2021 15:08:39 GMT
server: cafe
content-length: 22370
x-xss-protection: 0
set-cookie: IDE=AHWqTUkEG8uFdYCOh1Oh4tsEwS_FgNXbM50-_3eY-vgHIJlNHTomaeJ_Cj4FHjtTcWg; expires=Sun, 28-Aug-2022 15:08:39 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none test_cookie=; expires=Fri, 01-Aug-2008 22:45:55 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Tue, 03 Aug 2021 15:08:39 GMT
cache-control: private

GET
H3-29 200 ama_logo.jpg
newsoku.blog/wp-content/uploads/2021/04/ 7 KB
8 KB 65ms
64ms Image
image/jpeg 2606:4700:3035::ac43:af3d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://newsoku.blog/wp-content/uploads/2021/04/ama_logo.jpg

Requested by

Host: newsoku.blog
URL: https://newsoku.blog/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700:3035::ac43:af3d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d8810da4c489a6a73ecaa3a4355666adfc1ade70a064d0a6a308a22bac71386c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:path: /wp-content/uploads/2021/04/ama_logo.jpg
pragma: no-cache
cookie: __gads=ID=70788018dd48af57-22dd5d5890c900e0:T=1628003319:RT=1628003319:S=ALNI_MbaYN8En-COu8JidTAj9lI-9LYyQA
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: newsoku.blog
referer: https://newsoku.blog/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://newsoku.blog/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 03 Aug 2021 15:08:39 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 94161
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 7482
x-xss-protection: 1; mode=block
last-modified: Tue, 27 Apr 2021 13:56:11 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: "608817fb-1d3a"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gUqEapCzCgGj3jhgJnPHyJ3tYCkrz3MA%2Fe1shCdjn9yDqX4zh2Gfh3SRYamqgXbcGrI1TKlBOp%2FrBV1fVvIARKn42n%2BdqijBlmMbcMgzjXWeahr0P9Hlb1avpXhnMYT3j7zyc2bpDE44s3Q%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 6790766b7c1f05dc-FRA
expires: Wed, 03 Aug 2022 15:08:39 GMT

GET
H3-29 200 raku_logo.jpg
newsoku.blog/wp-content/uploads/2021/04/ 9 KB
9 KB 46ms
46ms Image
image/jpeg 2606:4700:3035::ac43:af3d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://newsoku.blog/wp-content/uploads/2021/04/raku_logo.jpg

Requested by

Host: newsoku.blog
URL: https://newsoku.blog/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700:3035::ac43:af3d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

477985b51222038f2370de006db4a40db9d45d9b50d935936949c8b330e703e5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:path: /wp-content/uploads/2021/04/raku_logo.jpg
pragma: no-cache
cookie: __gads=ID=70788018dd48af57-22dd5d5890c900e0:T=1628003319:RT=1628003319:S=ALNI_MbaYN8En-COu8JidTAj9lI-9LYyQA
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: newsoku.blog
referer: https://newsoku.blog/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://newsoku.blog/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 03 Aug 2021 15:08:39 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 94161
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 9081
x-xss-protection: 1; mode=block
last-modified: Tue, 27 Apr 2021 13:56:10 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: "608817fa-2379"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=R0oP62l6gf39NIF2tD7OZ4ZZSSGxysC4gKzrXGFc8u4bJf9su%2Bb8618Vnz23RTyX248AnQNGoZEWN1Xx%2B5GYIfDBC1Nxi6gGWhBZxAfAHVeMMXalAkADavJza47v9p6KeAr8zXvQAJxHn78%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 6790766b7c2205dc-FRA
expires: Wed, 03 Aug 2022 15:08:39 GMT

GET
H3-29 200 yahooshop_logo.jpg
newsoku.blog/wp-content/uploads/2021/04/ 12 KB
12 KB 63ms
62ms Image
image/jpeg 2606:4700:3035::ac43:af3d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://newsoku.blog/wp-content/uploads/2021/04/yahooshop_logo.jpg

Requested by

Host: newsoku.blog
URL: https://newsoku.blog/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700:3035::ac43:af3d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a489692e0aa52e287bc5482b045f756e530a9b551ba55203d0bbff6147041b98

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:path: /wp-content/uploads/2021/04/yahooshop_logo.jpg
pragma: no-cache
cookie: __gads=ID=70788018dd48af57-22dd5d5890c900e0:T=1628003319:RT=1628003319:S=ALNI_MbaYN8En-COu8JidTAj9lI-9LYyQA
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: newsoku.blog
referer: https://newsoku.blog/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://newsoku.blog/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 03 Aug 2021 15:08:39 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 94161
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 12001
x-xss-protection: 1; mode=block
last-modified: Tue, 27 Apr 2021 13:56:10 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: "608817fa-2ee1"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cTYy3jtLX%2BIew2neQWvhjzMMxe1AondokMpQNbJCa7%2Fo0065ZWTilXOnRJAtG9ADQ1RXwcZz2xjJLJyegxzAi4XAJ4sSKUKArroTPetOkW9k15x2Tucj4hOLeAezpivsCdY%2FHS45ACozgoE%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 6790766b7c2405dc-FRA
expires: Wed, 03 Aug 2022 15:08:39 GMT

GET
H3-29 200 7net_logo.jpg
newsoku.blog/wp-content/uploads/2021/04/ 6 KB
7 KB 59ms
59ms Image
image/jpeg 2606:4700:3035::ac43:af3d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://newsoku.blog/wp-content/uploads/2021/04/7net_logo.jpg

Requested by

Host: newsoku.blog
URL: https://newsoku.blog/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700:3035::ac43:af3d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

33ee4a8c8a79b4ad2409c2fa5a560647c1ae021e0e497a1583fecae77e9da829

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:path: /wp-content/uploads/2021/04/7net_logo.jpg
pragma: no-cache
cookie: __gads=ID=70788018dd48af57-22dd5d5890c900e0:T=1628003319:RT=1628003319:S=ALNI_MbaYN8En-COu8JidTAj9lI-9LYyQA
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: newsoku.blog
referer: https://newsoku.blog/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://newsoku.blog/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 03 Aug 2021 15:08:39 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 94161
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 6318
x-xss-protection: 1; mode=block
last-modified: Tue, 27 Apr 2021 13:56:09 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: "608817f9-18ae"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nTEmkydl70JiHxdwa7GvpcBYl6HdGEh2BfQIbgdegoPEP%2BBXBDv1%2BD%2FzPTK%2BgMPIBpH4fXNohmawPb9knpOpB6f8lrobzZGVjZGppAEAlbSlc8HHWAoaMo%2BXz4iM3OkPqJEdansUsBPipNo%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 6790766b7c2505dc-FRA
expires: Wed, 03 Aug 2022 15:08:39 GMT

GET
H3-29 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame D226 303 KB
52 KB 681ms
681ms Document
text/html 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4110214929210244&output=html&h=280&slotname=3175488137&adk=148966444&adf=3061787000&pi=t.ma~as.3175488137&w=336&fwrn=4&fwrnh=100&lmt=1628003318&rafmt=1&psa=0&format=336x280&url=https%3A%2F%2Fnewsoku.blog%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1628003319599&bpp=1&bdt=1275&idt=1&shv=r20210729&mjsv=m202107290101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D70788018dd48af57-22dd5d5890c900e0%3AT%3D1628003319%3ART%3D1628003319%3AS%3DALNI_MbaYN8En-COu8JidTAj9lI-9LYyQA&prev_fmts=0x0%2C1106x280%2C1106x280%2C680x280%2C300x600&nras=1&correlator=1858602499989&frm=20&pv=1&ga_vid=1952375638.1628003319&ga_sid=1628003319&ga_hid=1915987041&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=256&ady=3901&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C20211866&oid=3&pvsid=1267796506519893&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=6&uci=a!6&btvi=4&fsb=1&xpc=jWuEFoM6Mx&p=https%3A//newsoku.blog&dtd=5

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

6b0e27a75265d66818b7d21b2f049f36ec16ba0084246f161d2d2cfc3e9c4040

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-4110214929210244&output=html&h=280&slotname=3175488137&adk=148966444&adf=3061787000&pi=t.ma~as.3175488137&w=336&fwrn=4&fwrnh=100&lmt=1628003318&rafmt=1&psa=0&format=336x280&url=https%3A%2F%2Fnewsoku.blog%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1628003319599&bpp=1&bdt=1275&idt=1&shv=r20210729&mjsv=m202107290101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D70788018dd48af57-22dd5d5890c900e0%3AT%3D1628003319%3ART%3D1628003319%3AS%3DALNI_MbaYN8En-COu8JidTAj9lI-9LYyQA&prev_fmts=0x0%2C1106x280%2C1106x280%2C680x280%2C300x600&nras=1&correlator=1858602499989&frm=20&pv=1&ga_vid=1952375638.1628003319&ga_sid=1628003319&ga_hid=1915987041&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=256&ady=3901&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C20211866&oid=3&pvsid=1267796506519893&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=6&uci=a!6&btvi=4&fsb=1&xpc=jWuEFoM6Mx&p=https%3A//newsoku.blog&dtd=5
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://newsoku.blog/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: test_cookie=CheckForPermission
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://newsoku.blog/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
access-control-expose-headers: x-google-amp-ad-validated-version
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Tue, 03 Aug 2021 15:08:40 GMT
server: cafe
content-length: 53449
x-xss-protection: 0
set-cookie: IDE=AHWqTUlJZLlM1wg-UpY_koZLC9J9mSsQLZQLubV70sPLTVg9HeiJH1iZ65ebUE6hHbU; expires=Sun, 28-Aug-2022 15:08:39 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none test_cookie=; expires=Fri, 01-Aug-2008 22:45:55 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Tue, 03 Aug 2021 15:08:40 GMT
cache-control: private

GET
H/1.1 200
200 ad Show response
s-rtb.send.microadinc.com/ 2 KB
2 KB 993ms
255ms Script
text/javascript 103.142.125.193
MICROAD MicroAd

General

Check archive.org

Show headers Download Go to

Full URL

https://s-rtb.send.microadinc.com/ad?spot=78034d81e21cefbfa086966e96025a71&cb=microadCompass.AdRequestor.callback&url=https%3A%2F%2Fnewsoku.blog%2F&referrer=&cbt=62ae15b3ebd1c0017b0c8f3f56

Requested by

Host: j.microad.net
URL: https://j.microad.net/js/compass.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

103.142.125.193 , Japan, ASN131957 (MICROAD MicroAd, Inc., JP),

Reverse DNS

Software

Apache /

Resource Hash

4365d8a4c65e281fd14d7802f528c5d164524fb4637821acd4bcb2ba8083900e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://newsoku.blog/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 03 Aug 2021 15:08:40 GMT
X-Content-Type-Options: nosniff
Server: Apache
P3P: policyref="http://www.microad.jp/w3c/p3p.xml",CP="NOI DSP COR NID DEVo PSAo OUR STP STA PRE"
Connection: close
Content-Type: text/javascript;charset=UTF-8
Content-Length: 1646
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
200 ad Show response
s-rtb.send.microadinc.com/ 1 KB
2 KB 990ms
251ms Script
text/javascript 103.142.125.193
MICROAD MicroAd

General

Check archive.org

Show headers Download Go to

Full URL

https://s-rtb.send.microadinc.com/ad?spot=39ee3c1e8fd7ded18c20c5f04043b5e9&cb=microadCompass.AdRequestor.callback&url=https%3A%2F%2Fnewsoku.blog%2F&referrer=&cbt=a9118693a91c58017b0c8f3f58

Requested by

Host: j.microad.net
URL: https://j.microad.net/js/compass.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

103.142.125.193 , Japan, ASN131957 (MICROAD MicroAd, Inc., JP),

Reverse DNS

Software

Apache /

Resource Hash

00a0d0da4524782a36ccb400080add32816b7a813c9bbef382913dac381abd5a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://newsoku.blog/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 03 Aug 2021 15:08:40 GMT
X-Content-Type-Options: nosniff
Server: Apache
P3P: policyref="http://www.microad.jp/w3c/p3p.xml",CP="NOI DSP COR NID DEVo PSAo OUR STP STA PRE"
Connection: close
Content-Type: text/javascript;charset=UTF-8
Content-Length: 1334
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK blank.gif
blogroll.livedoor.net/img/ 807 B
1 KB 246ms
243ms Image
image/gif 147.92.191.167
LINE LINE Corpora...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://blogroll.livedoor.net/img/blank.gif?channel_id=238586
Requested by: Host: newsoku.blog
URL: https://newsoku.blog/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 147.92.191.167 , Japan, ASN38631 (LINE LINE Corporation, JP),
Reverse DNS
Software: nginx /
Resource Hash: a4071dbca008823e72a0fbcf9f4806230d5a8cf68884f4450981ed686f9e24b5

Request headers

Referer: https://newsoku.blog/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 03 Aug 2021 15:08:40 GMT
Last-Modified: Wed, 20 Jan 2021 08:53:43 GMT
Server: nginx
ETag: "6007ef97-327"
Content-Type: image/gif
Cache-Control: no-cache
Connection: keep-alive
Accept-Ranges: bytes
Keep-Alive: timeout=3
Content-Length: 807
Expires: Tue, 03 Aug 2021 15:08:39 GMT

GET
H/1.1 200
200 ad Show response
s-rtb.send.microadinc.com/ 2 KB
2 KB 746ms
254ms Script
text/javascript 103.142.125.193
MICROAD MicroAd

General

Check archive.org

Show headers Download Go to

Full URL

https://s-rtb.send.microadinc.com/ad?spot=fafee809b6e5baec3c1e80e7ea573490&cb=microadCompass.AdRequestor.callback&url=https%3A%2F%2Fnewsoku.blog%2F&referrer=&cbt=27556314e0b21c17b0c8f3f5b

Requested by

Host: j.microad.net
URL: https://j.microad.net/js/compass.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

103.142.125.193 , Japan, ASN131957 (MICROAD MicroAd, Inc., JP),

Reverse DNS

Software

Apache /

Resource Hash

0745d5244ce414b3c41c4e9d3c71c61bae9ed3bf397cd4b4c4bcfa91e9dd5ba3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://newsoku.blog/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 03 Aug 2021 15:08:41 GMT
X-Content-Type-Options: nosniff
Server: Apache
P3P: policyref="http://www.microad.jp/w3c/p3p.xml",CP="NOI DSP COR NID DEVo PSAo OUR STP STA PRE"
Connection: close
Content-Type: text/javascript;charset=UTF-8
Content-Length: 1632
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
Ok counter_js.php Show response
counter1.fc2.com/ 6 KB
919 B 183ms
183ms Script
application/x-javascript 34.212.109.130
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://counter1.fc2.com/counter_js.php?id=7070372&main=0&lang=0&visitor=2
Requested by: Host: counter1.fc2.com
URL: https://counter1.fc2.com/counter.php?id=7070372
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.212.109.130 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx/1.5.7 /
Resource Hash: 9e9acccf65e489a80e935906fc427eb227177f5b53224605903a8c57ae882bf0

Request headers

Referer: https://newsoku.blog/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 03 Aug 2021 15:08:40 GMT
Content-Encoding: gzip
Server: nginx/1.5.7
Content-Type: application/x-javascript
Cache-Control: no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
Connection: keep-alive
Content-Length: 570
Expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 48 KB
19 KB 6ms
5ms Script
text/javascript 2a00:1450:4001:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-35173878-27

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

e61660c659c426e45bce2937dddb01af6b550502a2904546575c1ec2ba1121dd

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://newsoku.blog/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 13 Jul 2021 18:24:06 GMT
server: Golfe2
age: 5525
date: Tue, 03 Aug 2021 13:36:34 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19672
expires: Tue, 03 Aug 2021 15:36:34 GMT

POST
H3-29 200 collect Show response
www.google-analytics.com/j/ 2 B
22 B 13ms
13ms XHR
text/plain 2a00:1450:4001:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j92&a=1915987041&t=pageview&_s=1&dl=https%3A%2F%2Fnewsoku.blog%2F&ul=en-us&de=UTF-8&dt=NEWSOKU%20BLOG&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YAhAAUABAAAAAC~&jid=997876118&gjid=449335275&cid=1952375638.1628003319&tid=UA-35173878-27&_gid=1579413523.1628003320&_r=1&gtm=2ou820&z=122866840

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://newsoku.blog/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 03 Aug 2021 15:08:39 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://newsoku.blog
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
86 B 14ms
14ms XHR
text/plain 2a00:1450:400c:c06::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j92&tid=UA-35173878-27&cid=1952375638.1628003319&jid=997876118&gjid=449335275&_gid=1579413523.1628003320&_u=YAhAAUAAAAAAAC~&z=552696066

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c06::9d Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://newsoku.blog/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Tue, 03 Aug 2021 15:08:39 GMT
content-type: text/plain
access-control-allow-origin: https://newsoku.blog
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 ga-audiences
www.google.com/ads/ 42 B
63 B 19ms
18ms Image
image/gif 2a00:1450:4001:828::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j92&tid=UA-35173878-27&cid=1952375638.1628003319&jid=997876118&_u=YAhAAUAAAAAAAC~&z=1306995951

Requested by

Host: newsoku.blog
URL: https://newsoku.blog/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://newsoku.blog/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 03 Aug 2021 15:08:40 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
107 B 16ms
16ms Image
image/gif 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j92&tid=UA-35173878-27&cid=1952375638.1628003319&jid=997876118&_u=YAhAAUAAAAAAAC~&z=1306995951

Requested by

Host: newsoku.blog
URL: https://newsoku.blog/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://newsoku.blog/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 03 Aug 2021 15:08:40 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame C371 989 B
577 B 15ms
15ms Stylesheet
text/css 2a00:1450:4001:831::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Noto%20Sans%20JP%3A300%2C400%2C700&text=%E3%81%A0%E3%81%84%E5%8A%A0%E3%81%95%E8%AA%8D%E5%AE%B9%E9%A8%93%E3%82%92%E3%81%AE%E6%96%B0%E3%81%94%E5%81%A5%E5%8F%82%E7%A2%BA%E5%90%91%E3%81%91%E6%B2%BB%E3%81%8F%E5%86%85%E5%B8%B8%E8%80%85%E3%81%97

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4110214929210244&output=html&h=280&slotname=2137269402&adk=2422814327&adf=2400760514&pi=t.ma~as.2137269402&w=1106&fwrn=4&fwrnh=100&lmt=1628003318&rafmt=1&psa=0&format=1106x280&url=https%3A%2F%2Fnewsoku.blog%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1628003319395&bpp=35&bdt=1071&idt=35&shv=r20210729&mjsv=m202107290101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D70788018dd48af57-22dd5d5890c900e0%3AT%3D1628003319%3ART%3D1628003319%3AS%3DALNI_MbaYN8En-COu8JidTAj9lI-9LYyQA&prev_fmts=0x0%2C1106x280&nras=1&correlator=1858602499989&frm=20&pv=1&ga_vid=1952375638.1628003319&ga_sid=1628003319&ga_hid=1915987041&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=247&ady=1414&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C20211866&oid=3&pvsid=1267796506519893&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=VGrPRLKA5X&p=https%3A//newsoku.blog&dtd=38

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

4dbbf8d44a9a55ac9a1fe47d32e14e06db3bd8402711690172e2f1e64a0c4165

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Tue, 03 Aug 2021 15:08:39 GMT
server: ESF
date: Tue, 03 Aug 2021 15:08:39 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 03 Aug 2021 15:08:39 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame C371 4 KB
691 B 22ms
22ms Stylesheet
text/css 2a00:1450:4001:831::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto%3A300%2C400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e7f8fb3de1908cf50ce35acee4c5932760e17fba860ec7c2a591ea5dcffa306d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Tue, 03 Aug 2021 15:02:52 GMT
server: ESF
date: Tue, 03 Aug 2021 15:08:39 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 03 Aug 2021 15:08:39 GMT

GET
H2 200 load_preloaded_resource_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210729/r20110914/client/ Frame C371 1 KB
936 B 6ms
5ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210729/r20110914/client/load_preloaded_resource_fy2019.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5d1f3a4ee5a02abdbc66a11aad769dd81cbe4d07f0b3799ff0940ad7b7d6cc1a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 03 Aug 2021 15:01:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 402
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 830
x-xss-protection: 0
server: cafe
etag: 3558876194914413708
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 17 Aug 2021 15:01:57 GMT

GET
H2 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210729/r20110914/ Frame C371 18 KB
8 KB 6ms
5ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210729/r20110914/abg_lite_fy2019.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

cae4d3f5648800847dab3ac2c4d664356e91679561028920f4d5193570b747a9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 03 Aug 2021 15:06:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 120
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7610
x-xss-protection: 0
server: cafe
etag: 7847795998687576317
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 17 Aug 2021 15:06:39 GMT

GET
H2 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210729/r20110914/client/ Frame C371 2 KB
1 KB 7ms
5ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210729/r20110914/client/window_focus_fy2019.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b6f6d0902ff385f68ec17c4c059d4fe89a0a08f1c022ab70580ea8552dfc0a11

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 03 Aug 2021 14:58:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 582
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1339
x-xss-protection: 0
server: cafe
etag: 2275704724217174249
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 17 Aug 2021 14:58:57 GMT

GET
H3-29 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame C371 124 KB
37 KB 21ms
20ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c430c267231b0171372bc7daa045e7293403f2744255796e9121c320760f191a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 03 Aug 2021 15:08:39 GMT
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
server: sffe
etag: "1627903459924584"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
x-content-type-options: nosniff
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 38134
x-xss-protection: 0
expires: Tue, 03 Aug 2021 15:08:39 GMT

GET
H2 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210729/r20110914/client/ Frame C371 14 KB
6 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210729/r20110914/client/qs_click_protection_fy2019.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3c30f9db6ce74a9fadf8de7de2ae7e23428d3c043f576184c391908f8154d2f7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 03 Aug 2021 15:02:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 346
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6204
x-xss-protection: 0
server: cafe
etag: 11055049251678278959
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 17 Aug 2021 15:02:53 GMT

GET
H2 204 l
www.google.com/ads/measurement/ Frame C371 0
0 14ms
13ms Image
text/html 2a00:1450:4001:828::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaRlry5ZchhB64x6Ztiij9GY5nSRTvMJyYNuVxGh7SgY5vtGenHaOkwmnT3W3acBhXaX30FD
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4110214929210244&output=html&h=280&slotname=2137269402&adk=2422814327&adf=2400760514&pi=t.ma~as.2137269402&w=1106&fwrn=4&fwrnh=100&lmt=1628003318&rafmt=1&psa=0&format=1106x280&url=https%3A%2F%2Fnewsoku.blog%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1628003319395&bpp=35&bdt=1071&idt=35&shv=r20210729&mjsv=m202107290101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D70788018dd48af57-22dd5d5890c900e0%3AT%3D1628003319%3ART%3D1628003319%3AS%3DALNI_MbaYN8En-COu8JidTAj9lI-9LYyQA&prev_fmts=0x0%2C1106x280&nras=1&correlator=1858602499989&frm=20&pv=1&ga_vid=1952375638.1628003319&ga_sid=1628003319&ga_hid=1915987041&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=247&ady=1414&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C20211866&oid=3&pvsid=1267796506519893&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=VGrPRLKA5X&p=https%3A//newsoku.blog&dtd=38
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H2 200 42d1b86cb875341df5a163347562cfa0.js Show response
www.gstatic.com/mysidia/ Frame C371 26 KB
11 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/42d1b86cb875341df5a163347562cfa0.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5e657b28cb084ea0db5d890b2e2c087134cca2e68cecdf498ae903d01c9427c1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 28 Jul 2021 22:14:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 492874
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10795
x-xss-protection: 0
last-modified: Wed, 28 Jul 2021 21:26:31 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Tue, 26 Oct 2021 22:14:05 GMT

GET
H2 200 downsize_200k_v1
tpc.googlesyndication.com/simgad/14512841046941936791/ Frame C371 8 KB
8 KB 6ms
6ms Image
image/jpeg 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/14512841046941936791/downsize_200k_v1?w=600&h=314

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9908d1f53b4dcf722f59376276c005cb3a187cd142d9be15db695da4ea1c9dd9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 03 Aug 2021 08:50:51 GMT
x-content-type-options: nosniff
age: 22668
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8369
x-xss-protection: 0
last-modified: Wed, 16 Sep 2020 07:45:29 GMT
server: sffe
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 03 Aug 2022 08:50:51 GMT

GET
DATA 200
OK truncated
/ Frame C371 221 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 613603afe8c5203c59d7f9df1cbac87109df7ffdf245fd20becfa6bd95b92155

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H3-29 200 adview
googleads.g.doubleclick.net/pagead/ Frame C371 0
0 43ms
43ms Fetch
text/html 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=C1SBL91sJYc_XG8b0zQajlb-wB4D2heBj5-_uhZoM9YmNjP8PEAEg3J6hMWCVAqAB5uOr6wPIAQmpApb4Vkes8rM-qAMByAPLBKoExQFP0MT8JnDDuj_2aMgqkqbYjdLUaGaNo3HD0JAoCE4Dl0HxexlOw6FjsCqv5jJikNKpVy20qpPB-iDlXglKEsZB4jphOxBfHoPs_B_J3vErDxe1aQ1q51q9AUyd8fDPh3szJUZJJu3dn4TJDCRZwH7lhxnm_ydKbo4FCMZTWd-ZUqor3UH10jnX02eKFG30rlGvC_f4MAg6B8WaQwY-J6EnlmWR9hjzAjcQxEuQwDhJLHWApiKqrppWpBlS5eRLLd-A7_DYe8AEntnD9fwBkgUECAQYAZIFBAgFGASgBi6AB67_-SyoB9XJG6gH8NkbqAfy2RuoB47OG6gHk9gbqAe6BqgH7paxAqgHpr4bqAfs1RvYBwDyBwQQtokC0ggJCIDhgHAQARgfgAoByAsB2BMNiBQD0BUBgBcBshcaChgIABIUcHViLTQxMTAyMTQ5MjkyMTAyNDQ&sigh=yPw8UcyT_VQ&template_id=484

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4110214929210244&output=html&h=280&slotname=2137269402&adk=2422814327&adf=2400760514&pi=t.ma~as.2137269402&w=1106&fwrn=4&fwrnh=100&lmt=1628003318&rafmt=1&psa=0&format=1106x280&url=https%3A%2F%2Fnewsoku.blog%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1628003319395&bpp=35&bdt=1071&idt=35&shv=r20210729&mjsv=m202107290101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D70788018dd48af57-22dd5d5890c900e0%3AT%3D1628003319%3ART%3D1628003319%3AS%3DALNI_MbaYN8En-COu8JidTAj9lI-9LYyQA&prev_fmts=0x0%2C1106x280&nras=1&correlator=1858602499989&frm=20&pv=1&ga_vid=1952375638.1628003319&ga_sid=1628003319&ga_hid=1915987041&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=247&ady=1414&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C20211866&oid=3&pvsid=1267796506519893&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=VGrPRLKA5X&p=https%3A//newsoku.blog&dtd=38
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Tue, 03 Aug 2021 15:08:39 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H/1.1 200
OK blank.gif
blogroll.livedoor.net/img/ 807 B
1 KB 245ms
245ms Image
image/gif 147.92.191.167
LINE LINE Corpora...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://blogroll.livedoor.net/img/blank.gif?channel_id=238587
Requested by: Host: newsoku.blog
URL: https://newsoku.blog/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 147.92.191.167 , Japan, ASN38631 (LINE LINE Corporation, JP),
Reverse DNS
Software: nginx /
Resource Hash: a4071dbca008823e72a0fbcf9f4806230d5a8cf68884f4450981ed686f9e24b5

Request headers

Referer: https://newsoku.blog/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 03 Aug 2021 15:08:41 GMT
Last-Modified: Wed, 20 Jan 2021 08:53:43 GMT
Server: nginx
ETag: "6007ef97-327"
Content-Type: image/gif
Cache-Control: no-cache
Connection: keep-alive
Accept-Ranges: bytes
Keep-Alive: timeout=3
Content-Length: 807
Expires: Tue, 03 Aug 2021 15:08:40 GMT

GET
DATA 200
OK truncated
/ Frame C371 215 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 5e9c977bb143d804e5e7503df054ba529da052aa6a94891f03cc0a4b99ceac77

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 font
fonts.gstatic.com/l/ Frame C371 10 KB
10 KB 8ms
8ms Font
font/woff2 2a00:1450:4001:800::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/l/font?kit=-F6pfjtqLzI2JPCgQBnw7HFQei0q12UyZGuR91jvLBpiNTWuW0EFgj_1pibZw92Fv-3YHvq3JED07D75XdzL6VjGthFRrckxS3wXXjdC_6oymcqhCuMy2PVCpGH3twxXpKVGok_06Z0P9MYKkdV5&skey=b1468649b9c42538&v=v28

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Noto%20Sans%20JP%3A300%2C400%2C700&text=%E3%81%A0%E3%81%84%E5%8A%A0%E3%81%95%E8%AA%8D%E5%AE%B9%E9%A8%93%E3%82%92%E3%81%AE%E6%96%B0%E3%81%94%E5%81%A5%E5%8F%82%E7%A2%BA%E5%90%91%E3%81%91%E6%B2%BB%E3%81%8F%E5%86%85%E5%B8%B8%E8%80%85%E3%81%97

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

2be571bb157e91a4b0d4dccac8883ffe3f5af5dc0b527464ad2916901344555d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Origin: https://googleads.g.doubleclick.net
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 02 Aug 2021 20:06:06 GMT
x-content-type-options: nosniff
age: 68554
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="font.woff2"; filename*=UTF-8''font.woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10436
x-xss-protection: 0
last-modified: Thu, 12 Nov 2020 17:37:04 GMT
server: ESF
x-frame-options: SAMEORIGIN
content-type: font/woff2
access-control-allow-origin: *
cache-control: private, max-age=86400
timing-allow-origin: *
expires: Mon, 02 Aug 2021 20:06:06 GMT

GET
H3-29 200 font
fonts.gstatic.com/l/ Frame C371 10 KB
10 KB 21ms
20ms Font
font/woff2 2a00:1450:4001:800::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/l/font?kit=-F6pfjtqLzI2JPCgQBnw7HFQaioq12UyZGuR91jvLBpiNTWuW0EFgj_1pibZw92Fv-3YHvq3JED07D75XdzL6VjGthFRrckxS3wXXjdC_6oymcqhCuMy2PVCpGH3twxXpKVGok_06Z0P9MYKkdV5&skey=f8a75aa314b1396f&v=v28

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

82810b9b842b7e32470c4f154051e3293db4e59a25af387425567577c6ddb84d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Origin: https://googleads.g.doubleclick.net
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 02 Aug 2021 20:06:06 GMT
x-content-type-options: nosniff
age: 68554
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="font.woff2"; filename*=UTF-8''font.woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10112
x-xss-protection: 0
last-modified: Thu, 12 Nov 2020 17:37:04 GMT
server: ESF
x-frame-options: SAMEORIGIN
content-type: font/woff2
access-control-allow-origin: *
cache-control: private, max-age=86400
timing-allow-origin: *
expires: Mon, 02 Aug 2021 20:06:06 GMT

GET
H3-29 200 KFOlCnqEu92Fr1MmSU5fBBc4.woff2
fonts.gstatic.com/s/roboto/v27/ Frame C371 15 KB
15 KB 14ms
14ms Font
font/woff2 2a00:1450:4001:800::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v27/KFOlCnqEu92Fr1MmSU5fBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

33530b007071281a97e79baab13ddf7cc4b9de942ebd3e212224857335f7cb97

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://googleads.g.doubleclick.net
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 03 Aug 2021 01:45:21 GMT
x-content-type-options: nosniff
age: 48199
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15732
x-xss-protection: 0
last-modified: Mon, 05 Apr 2021 21:10:39 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 03 Aug 2022 01:45:21 GMT

GET
H3-29 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v27/ Frame C371 15 KB
15 KB 15ms
15ms Font
font/woff2 2a00:1450:4001:800::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v27/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://googleads.g.doubleclick.net
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 02 Aug 2021 18:26:24 GMT
x-content-type-options: nosniff
age: 74536
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15688
x-xss-protection: 0
last-modified: Mon, 05 Apr 2021 21:10:35 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 02 Aug 2022 18:26:24 GMT

GET
H2 200 11418954327604116965
tpc.googlesyndication.com/daca_images/simgad/ Frame 5080 27 KB
27 KB 8ms
7ms Image
image/png 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/daca_images/simgad/11418954327604116965

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4110214929210244&output=html&h=280&slotname=5622522222&adk=281811654&adf=2966697880&pi=t.ma~as.5622522222&w=680&fwrn=4&fwrnh=100&lmt=1628003318&rafmt=1&psa=0&format=680x280&url=https%3A%2F%2Fnewsoku.blog%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1628003319476&bpp=4&bdt=1153&idt=4&shv=r20210729&mjsv=m202107290101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D70788018dd48af57-22dd5d5890c900e0%3AT%3D1628003319%3ART%3D1628003319%3AS%3DALNI_MbaYN8En-COu8JidTAj9lI-9LYyQA&prev_fmts=0x0%2C1106x280%2C1106x280&nras=1&correlator=1858602499989&frm=20&pv=1&ga_vid=1952375638.1628003319&ga_sid=1628003319&ga_hid=1915987041&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=643&ady=2546&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C20211866&oid=3&pvsid=1267796506519893&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=KT5jRbRSGX&p=https%3A//newsoku.blog&dtd=17

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2eddec2ca7c220a9be44b28bd5f6fa18401480c4449fecdb559eb9ab8513463c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 03 Aug 2021 04:40:34 GMT
x-content-type-options: nosniff
age: 37686
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 27529
x-xss-protection: 0
last-modified: Wed, 02 Jun 2021 09:43:52 GMT
server: sffe
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 03 Aug 2022 04:40:34 GMT

GET
H2 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210729/r20110914/ Frame 5080 18 KB
7 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210729/r20110914/abg_lite_fy2019.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

cae4d3f5648800847dab3ac2c4d664356e91679561028920f4d5193570b747a9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 03 Aug 2021 15:06:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 121
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7610
x-xss-protection: 0
server: cafe
etag: 7847795998687576317
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 17 Aug 2021 15:06:39 GMT

GET
H2 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210729/r20110914/client/ Frame 5080 2 KB
1 KB 9ms
5ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210729/r20110914/client/window_focus_fy2019.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b6f6d0902ff385f68ec17c4c059d4fe89a0a08f1c022ab70580ea8552dfc0a11

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 03 Aug 2021 14:58:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 583
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1339
x-xss-protection: 0
server: cafe
etag: 2275704724217174249
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 17 Aug 2021 14:58:57 GMT

GET
H3-29 200 transparent.png
tpc.googlesyndication.com/pagead/images/ Frame 5080 67 B
91 B 16ms
13ms Image
image/png 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/transparent.png

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

bdf72009ad226c17f1954ba602292902a780b80af07dbcbab1322bdf5c32be66

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 03 Aug 2021 05:38:05 GMT
x-content-type-options: nosniff
server: cafe
age: 34235
etag: 2462972746714251406
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
content-type: image/png
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 67
x-xss-protection: 0
expires: Wed, 04 Aug 2021 05:38:05 GMT

GET
H2 200 adview
googleads.g.doubleclick.net/pagead/ Frame 5080 0
0 48ms
42ms Fetch
text/html 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CLgc391sJYZG0H6_mzAa_u7nwCeSKt5Rkis6H_YIOu4yDrMcBEAEg3J6hMWCVAqAB_7CkowPIAQKpAlqpvjoZX7c-qAMByAPJBKoEygFP0IN-kOc5bJfbhMOkjJrbpYxVjsBjCeZwySLF6mk37ZXzeoRFBGT8SJ9CtpmMxlatMd2DioyhA0DE7ntlvv0pPKHPTHDQcwbdT-E74lLdjPrUCcwuzlwqLQyPyRg-FjjNQb68P3PT-sIlzq4sEFjHsENl8KwfqkWdzwgA-3UOEbC31UWHE84KMtvqgXdOlQNuFtrnIhBcjQw-Q2LAWk2AJ7u6PQrab-sVfiYJdVn8-ht6ccAWn-d0sPpMO5AhbGydikYURvFT2-e-wASdzOiA1gGSBQQIBBgBkgUECAUYBKAGAoAHvdeELKgH1ckbqAfw2RuoB_LZG6gHjs4bqAeT2BuoB7oGqAfulrECqAemvhuoB-zVG9gHAfIHBBCHhAPSCAkIgOGAcBABGB-ACgHICwHYEwzQFQGAFwGyFxoKGAgAEhRwdWItNDExMDIxNDkyOTIxMDI0NA&sigh=tPnvB94dB6Q

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4110214929210244&output=html&h=280&slotname=5622522222&adk=281811654&adf=2966697880&pi=t.ma~as.5622522222&w=680&fwrn=4&fwrnh=100&lmt=1628003318&rafmt=1&psa=0&format=680x280&url=https%3A%2F%2Fnewsoku.blog%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1628003319476&bpp=4&bdt=1153&idt=4&shv=r20210729&mjsv=m202107290101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D70788018dd48af57-22dd5d5890c900e0%3AT%3D1628003319%3ART%3D1628003319%3AS%3DALNI_MbaYN8En-COu8JidTAj9lI-9LYyQA&prev_fmts=0x0%2C1106x280%2C1106x280&nras=1&correlator=1858602499989&frm=20&pv=1&ga_vid=1952375638.1628003319&ga_sid=1628003319&ga_hid=1915987041&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=643&ady=2546&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C20211866&oid=3&pvsid=1267796506519893&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=KT5jRbRSGX&p=https%3A//newsoku.blog&dtd=17
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Tue, 03 Aug 2021 15:08:40 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Tue, 03 Aug 2021 15:08:40 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 5080 124 KB
37 KB 25ms
21ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c430c267231b0171372bc7daa045e7293403f2744255796e9121c320760f191a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 03 Aug 2021 15:08:40 GMT
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
server: sffe
etag: "1627903459924584"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
x-content-type-options: nosniff
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 38134
x-xss-protection: 0
expires: Tue, 03 Aug 2021 15:08:40 GMT

GET
H3-29 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210729/r20110914/client/ Frame 5080 14 KB
6 KB 13ms
9ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210729/r20110914/client/qs_click_protection_fy2019.js

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3c30f9db6ce74a9fadf8de7de2ae7e23428d3c043f576184c391908f8154d2f7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 03 Aug 2021 15:05:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 201
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6204
x-xss-protection: 0
server: cafe
etag: 11055049251678278959
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 17 Aug 2021 15:05:19 GMT

GET
H2 204 l
www.google.com/ads/measurement/ Frame 5080 0
0 17ms
13ms Image
text/html 2a00:1450:4001:828::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaSa9Fe7757KuxaEHk_IeiTPP1eH8By_3evtYouYxy-kw1wXlFxOStkOOq2YWi8ce44fnlEa
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4110214929210244&output=html&h=280&slotname=5622522222&adk=281811654&adf=2966697880&pi=t.ma~as.5622522222&w=680&fwrn=4&fwrnh=100&lmt=1628003318&rafmt=1&psa=0&format=680x280&url=https%3A%2F%2Fnewsoku.blog%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1628003319476&bpp=4&bdt=1153&idt=4&shv=r20210729&mjsv=m202107290101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D70788018dd48af57-22dd5d5890c900e0%3AT%3D1628003319%3ART%3D1628003319%3AS%3DALNI_MbaYN8En-COu8JidTAj9lI-9LYyQA&prev_fmts=0x0%2C1106x280%2C1106x280&nras=1&correlator=1858602499989&frm=20&pv=1&ga_vid=1952375638.1628003319&ga_sid=1628003319&ga_hid=1915987041&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=643&ady=2546&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C20211866&oid=3&pvsid=1267796506519893&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=KT5jRbRSGX&p=https%3A//newsoku.blog&dtd=17
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H3-29 200 one_click_handler_one_afma_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210729/r20110914/client/ Frame 5080 26 KB
11 KB 13ms
9ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210729/r20110914/client/one_click_handler_one_afma_fy2019.js

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

adbd9cb2bedd56368be5b47be178c83fc8e51983ea6415fb81f5f3d1d948317b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 03 Aug 2021 12:54:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 8074
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10759
x-xss-protection: 0
server: cafe
etag: 1366331748882763775
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 17 Aug 2021 12:54:06 GMT

GET
H2 200 tBv30B7cEwOfmOtuBIU0RKM2cx09bPxFJYI-bfU5S6g.js Show response
pagead2.googlesyndication.com/bg/ Frame BCD8 35 KB
13 KB 7ms
5ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/tBv30B7cEwOfmOtuBIU0RKM2cx09bPxFJYI-bfU5S6g.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b41bf7d01edc13039f98eb6e04853444a336731d3d6cfc4525823e6df5394ba8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 01 Aug 2021 09:00:12 GMT
content-encoding: br
x-content-type-options: nosniff
age: 194908
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13260
x-xss-protection: 0
last-modified: Mon, 26 Jul 2021 08:58:00 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Mon, 01 Aug 2022 09:00:12 GMT

GET
H3-29 200 transparent.png
tpc.googlesyndication.com/pagead/images/ Frame 81EE 67 B
91 B 6ms
6ms Image
image/png 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/transparent.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4110214929210244&output=html&h=600&slotname=4858775902&adk=2423983721&adf=4117875246&pi=t.ma~as.4858775902&w=300&fwrn=4&fwrnh=100&lmt=1628003318&rafmt=1&psa=0&format=300x600&url=https%3A%2F%2Fnewsoku.blog%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1628003319581&bpp=2&bdt=1257&idt=2&shv=r20210729&mjsv=m202107290101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D70788018dd48af57-22dd5d5890c900e0%3AT%3D1628003319%3ART%3D1628003319%3AS%3DALNI_MbaYN8En-COu8JidTAj9lI-9LYyQA&prev_fmts=0x0%2C1106x280%2C1106x280%2C680x280&nras=1&correlator=1858602499989&frm=20&pv=1&ga_vid=1952375638.1628003319&ga_sid=1628003319&ga_hid=1915987041&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=274&ady=2601&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C20211866&oid=3&pvsid=1267796506519893&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=lCDDxK0JOU&p=https%3A//newsoku.blog&dtd=6

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

bdf72009ad226c17f1954ba602292902a780b80af07dbcbab1322bdf5c32be66

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 03 Aug 2021 05:38:05 GMT
x-content-type-options: nosniff
server: cafe
age: 34235
etag: 2462972746714251406
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
content-type: image/png
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 67
x-xss-protection: 0
expires: Wed, 04 Aug 2021 05:38:05 GMT

GET
H2 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 14C2 143 B
226 B 6ms
5ms Document
text/html 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

safe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/drt/s?v=r20120211
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-origin
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4110214929210244&output=html&h=280&slotname=5622522222&adk=281811654&adf=2966697880&pi=t.ma~as.5622522222&w=680&fwrn=4&fwrnh=100&lmt=1628003318&rafmt=1&psa=0&format=680x280&url=https%3A%2F%2Fnewsoku.blog%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1628003319476&bpp=4&bdt=1153&idt=4&shv=r20210729&mjsv=m202107290101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D70788018dd48af57-22dd5d5890c900e0%3AT%3D1628003319%3ART%3D1628003319%3AS%3DALNI_MbaYN8En-COu8JidTAj9lI-9LYyQA&prev_fmts=0x0%2C1106x280%2C1106x280&nras=1&correlator=1858602499989&frm=20&pv=1&ga_vid=1952375638.1628003319&ga_sid=1628003319&ga_hid=1915987041&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=643&ady=2546&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C20211866&oid=3&pvsid=1267796506519893&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=KT5jRbRSGX&p=https%3A//newsoku.blog&dtd=17
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4110214929210244&output=html&h=280&slotname=5622522222&adk=281811654&adf=2966697880&pi=t.ma~as.5622522222&w=680&fwrn=4&fwrnh=100&lmt=1628003318&rafmt=1&psa=0&format=680x280&url=https%3A%2F%2Fnewsoku.blog%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1628003319476&bpp=4&bdt=1153&idt=4&shv=r20210729&mjsv=m202107290101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D70788018dd48af57-22dd5d5890c900e0%3AT%3D1628003319%3ART%3D1628003319%3AS%3DALNI_MbaYN8En-COu8JidTAj9lI-9LYyQA&prev_fmts=0x0%2C1106x280%2C1106x280&nras=1&correlator=1858602499989&frm=20&pv=1&ga_vid=1952375638.1628003319&ga_sid=1628003319&ga_hid=1915987041&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=643&ady=2546&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C20211866&oid=3&pvsid=1267796506519893&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=KT5jRbRSGX&p=https%3A//newsoku.blog&dtd=17

Response headers

content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: gzip
date: Tue, 03 Aug 2021 14:16:24 GMT
server: safe
content-length: 145
x-xss-protection: 0
cache-control: public, max-age=3600
age: 3136
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 redir.html Show response
p4-azawbssdnwqhi-mqnd6znxwtgq5ixb-if-v6exp3-v4.metric.gstatic.com/v6exp3/ Frame 7388 247 B
805 B 99ms
27ms Document
text/html 142.250.186.163
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://p4-azawbssdnwqhi-mqnd6znxwtgq5ixb-if-v6exp3-v4.metric.gstatic.com/v6exp3/redir.html

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.163 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b368359e282a537881629e0e2aa8b6639bc61f41c9689a575d0057edbbd7a9f4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: p4-azawbssdnwqhi-mqnd6znxwtgq5ixb-if-v6exp3-v4.metric.gstatic.com
:scheme: https
:path: /v6exp3/redir.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://googleads.g.doubleclick.net/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://googleads.g.doubleclick.net/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-type: text/html
content-security-policy-report-only: script-src 'nonce-V8p7vyWOLGFmiDGeNMLA7g' 'report-sample' 'strict-dynamic' 'unsafe-eval' 'unsafe-inline' http: https:; object-src 'none'; report-uri https://csp.withgoogle.com/csp/static-on-bigtable; base-uri 'none'
cross-origin-resource-policy: cross-origin
content-length: 203
date: Tue, 03 Aug 2021 15:08:40 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
last-modified: Mon, 02 Dec 2019 20:15:00 GMT
x-content-type-options: nosniff
content-encoding: gzip
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 amp4ads-v0.mjs Show response
cdn.ampproject.org/rtv/012107240354000/ Frame 9006 188 KB
55 KB 39ms
6ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012107240354000/amp4ads-v0.mjs

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b826f485873b923a0a9046262b9d026e8f4d2094da1e98e527f279eb9b148d6c

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 79316
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 55201
x-xss-protection: 0
server: sffe
date: Mon, 02 Aug 2021 17:06:44 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "56e2a7f7d448fcb3"
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 02 Aug 2022 17:06:44 GMT

GET
H2 200 amp-ad-exit-0.1.mjs Show response
cdn.ampproject.org/rtv/012107240354000/v0/ Frame 9006 13 KB
5 KB 49ms
17ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012107240354000/v0/amp-ad-exit-0.1.mjs

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1609bdcf4696c8146359638f33c35febdaba621dea00137283c61efc17504909

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 79316
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4865
x-xss-protection: 0
server: sffe
date: Mon, 02 Aug 2021 17:06:44 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "ff227f97ed674b5b"
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 02 Aug 2022 17:06:44 GMT

GET
H2 200 amp-analytics-0.1.mjs Show response
cdn.ampproject.org/rtv/012107240354000/v0/ Frame 9006 87 KB
27 KB 49ms
17ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012107240354000/v0/amp-analytics-0.1.mjs

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4075d8c0c312c24df5548f967cab5fbf808fe78fdcef9d4032bad92f6cacbb70

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 79316
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 27852
x-xss-protection: 0
server: sffe
date: Mon, 02 Aug 2021 17:06:44 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "3719646983ab1de2"
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 02 Aug 2022 17:06:44 GMT

GET
H2 200 amp-animation-0.1.mjs Show response
cdn.ampproject.org/rtv/012107240354000/v0/ Frame 9006 71 KB
16 KB 52ms
21ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012107240354000/v0/amp-animation-0.1.mjs

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b31a2dfb910d5e0292d6639f0c1a9b6ecc2471ba71ba18e3dc27cd5a033cf463

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 79315
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16686
x-xss-protection: 0
server: sffe
date: Mon, 02 Aug 2021 17:06:45 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "6eea2bcb2a8fbd9d"
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 02 Aug 2022 17:06:45 GMT

GET
H2 200 amp-fit-text-0.1.mjs Show response
cdn.ampproject.org/rtv/012107240354000/v0/ Frame 9006 4 KB
2 KB 51ms
19ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012107240354000/v0/amp-fit-text-0.1.mjs

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5fbb36bdcd7fcb6a1962d355dccfab3262736d4d198a389ffb85a3fa3d2440d4

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 79316
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1653
x-xss-protection: 0
server: sffe
date: Mon, 02 Aug 2021 17:06:44 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "687e73129cfc4c8d"
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 02 Aug 2022 17:06:44 GMT

GET
H2 200 amp-form-0.1.mjs Show response
cdn.ampproject.org/rtv/012107240354000/v0/ Frame 9006 40 KB
13 KB 50ms
20ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012107240354000/v0/amp-form-0.1.mjs

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

78e0bdeabeebc2dc279c8a9321a3c05dfee71e89123ee3d480fb83fe9d308aed

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 79316
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12828
x-xss-protection: 0
server: sffe
date: Mon, 02 Aug 2021 17:06:44 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "4abe217821914203"
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 02 Aug 2022 17:06:44 GMT

GET
DATA 200
OK truncated
/ Frame 9006 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 05c43a7a09a10889ed3e26315298115bf370c6b7318502fc26db583d30d6bd40

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H3-29 200 background_img.png
tpc.googlesyndication.com/sadbundle/8821943494438463417/ Frame 9006 33 KB
33 KB 8ms
7ms Image
image/png 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/8821943494438463417/background_img.png

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9d13f808bb67864acf7117755a87e4c9c033416736075a7959176de663025d71

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 27 Jul 2021 21:48:57 GMT
x-content-type-options: nosniff
age: 580783
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 33499
x-xss-protection: 0
last-modified: Tue, 27 Jul 2021 09:34:05 GMT
server: sffe
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 27 Jul 2022 21:48:57 GMT

GET
H3-29 200 entdecke_ueber.png
tpc.googlesyndication.com/sadbundle/8821943494438463417/ Frame 9006 2 KB
2 KB 10ms
9ms Image
image/png 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/8821943494438463417/entdecke_ueber.png

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d9eaa07a41373347d4a952ceeec9c707f8a41d45c253a95a782cf0a5727e4669

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 27 Jul 2021 21:48:57 GMT
x-content-type-options: nosniff
age: 580783
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2180
x-xss-protection: 0
last-modified: Tue, 27 Jul 2021 09:34:05 GMT
server: sffe
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 27 Jul 2022 21:48:57 GMT

GET
H3-29 200 40000.png
tpc.googlesyndication.com/sadbundle/8821943494438463417/ Frame 9006 941 B
966 B 10ms
9ms Image
image/png 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/8821943494438463417/40000.png

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

26f90071422a01b2d41f6e76aa7ef14053db9b988d9daa055d57e204d4083fbf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 27 Jul 2021 21:48:57 GMT
x-content-type-options: nosniff
age: 580783
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 941
x-xss-protection: 0
last-modified: Tue, 27 Jul 2021 09:34:05 GMT
server: sffe
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 27 Jul 2022 21:48:57 GMT

GET
H3-29 200 Campingartikel.png
tpc.googlesyndication.com/sadbundle/8821943494438463417/ Frame 9006 3 KB
3 KB 10ms
9ms Image
image/png 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/8821943494438463417/Campingartikel.png

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7c689d09d8b6ecb19e622aa51f0db38e33dfcd35a3d26419bf4b8fcf235fe221

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 27 Jul 2021 21:48:57 GMT
x-content-type-options: nosniff
age: 580783
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2582
x-xss-protection: 0
last-modified: Tue, 27 Jul 2021 09:34:05 GMT
server: sffe
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 27 Jul 2022 21:48:57 GMT

GET
H3-29 200 dein.png
tpc.googlesyndication.com/sadbundle/8821943494438463417/ Frame 9006 741 B
766 B 11ms
10ms Image
image/png 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/8821943494438463417/dein.png

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

251d2b5423a0840a5487933246d2662ec3df5244480dd53c6231f12f60d58349

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 27 Jul 2021 21:48:57 GMT
x-content-type-options: nosniff
age: 580783
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 741
x-xss-protection: 0
last-modified: Tue, 27 Jul 2021 09:34:05 GMT
server: sffe
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 27 Jul 2022 21:48:57 GMT

GET
H3-29 200 onlineshop.png
tpc.googlesyndication.com/sadbundle/8821943494438463417/ Frame 9006 2 KB
2 KB 12ms
11ms Image
image/png 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/8821943494438463417/onlineshop.png

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

46ffaecafd3168c8a1886374da78cf22b9410fc6687b5cc6e9d02d9029b46256

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 27 Jul 2021 21:48:57 GMT
x-content-type-options: nosniff
age: 580783
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1652
x-xss-protection: 0
last-modified: Tue, 27 Jul 2021 09:34:05 GMT
server: sffe
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 27 Jul 2022 21:48:57 GMT

GET
H3-29 200 fuer_camping.png
tpc.googlesyndication.com/sadbundle/8821943494438463417/ Frame 9006 2 KB
2 KB 12ms
10ms Image
image/png 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/8821943494438463417/fuer_camping.png

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

59af45ac1734c6a3c42f9341dbeebe8856eaea3f0cde6e89762540e54714f1eb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 27 Jul 2021 21:48:57 GMT
x-content-type-options: nosniff
age: 580783
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2135
x-xss-protection: 0
last-modified: Tue, 27 Jul 2021 09:34:05 GMT
server: sffe
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 27 Jul 2022 21:48:57 GMT

GET
H3-29 200 logo_2zeilig_farbe.png
tpc.googlesyndication.com/sadbundle/8821943494438463417/ Frame 9006 6 KB
6 KB 11ms
10ms Image
image/png 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/8821943494438463417/logo_2zeilig_farbe.png

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9a283c5f794ceb65117b3616612560b09199d82daa99f50187afaad1a2c5c732

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 27 Jul 2021 21:48:57 GMT
x-content-type-options: nosniff
age: 580783
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5935
x-xss-protection: 0
last-modified: Tue, 27 Jul 2021 09:34:05 GMT
server: sffe
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 27 Jul 2022 21:48:57 GMT

GET
H3-29 200 en.png
tpc.googlesyndication.com/pagead/images/abg/ Frame 9006 3 KB
3 KB 11ms
10ms Image
image/png 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/abg/en.png

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

85a64faec356c3a72f249a98a037317adc730ec6d38e47653cd53be5485d80a1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 02 Aug 2021 18:02:54 GMT
x-content-type-options: nosniff
server: cafe
age: 75946
etag: 15880770647744369592
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
content-type: image/png
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2982
x-xss-protection: 0
expires: Tue, 03 Aug 2021 18:02:54 GMT

GET
H3-29 200 icon.png
tpc.googlesyndication.com/pagead/images/abg/ Frame 9006 344 B
368 B 10ms
9ms Image
image/png 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/abg/icon.png

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

53b99e4bde7498900885e58f9d6c383258f8a59b04389d6b54d3d4b89537b6f2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 02 Aug 2021 22:40:25 GMT
x-content-type-options: nosniff
server: cafe
age: 59295
etag: 6766994032117382215
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
content-type: image/png
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 344
x-xss-protection: 0
expires: Tue, 03 Aug 2021 22:40:25 GMT

GET
H3-29 200 adview
googleads.g.doubleclick.net/pagead/ Frame 9006 0
21 B 44ms
43ms Image
text/html 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CVPWK91sJYZrxJLPQzAalxrWYD9fUy_FjqrzVrLgO38aivcABEAEg3J6hMWCVAqABvMbF1gPIAQmpApb4Vkes8rM-qAMByAMIqgTHAU_QEkdlmqNYY5t80uJz5-iW9Z_n_-IgXQbKFF4_U5KC96hnNnkmR5jJWQlWnOxkCD3EfOcIQIYj4NRCxJKXIAuZypLzRbfqU36XBymoF3zxWNGuxOsdnhKIjnmviKMDkv9453opfxhFkoQTf01Nw6uYIjAfUv5AE4edIqePgV5wFnn5iyokK7nEM8Eb-TJHxGnHxeQMazy4g1An-lXci6qhO58Aeic8U3AlGzYq0TeMq-0M6BKGKQT_1UcumHy_pI9SbQ7KVijABJH3-qjXA5IFBAgEGAGSBQQIBRgEoAYugAesubopqAfVyRuoB_DZG6gH8tkbqAeOzhuoB5PYG6gHugaoB-6WsQKoB6a-G6gH7NUb2AcA8gcEEPvTAdIICQiA4YBwEAEYH4AKAcgLAdgTDdAVAZgWAYAXAbIXGgoYCAASFHB1Yi00MTEwMjE0OTI5MjEwMjQ0&sigh=ZbrFVhjQSEA&template_id=419

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4110214929210244&output=html&h=600&slotname=4858775902&adk=2423983721&adf=4117875246&pi=t.ma~as.4858775902&w=300&fwrn=4&fwrnh=100&lmt=1628003318&rafmt=1&psa=0&format=300x600&url=https%3A%2F%2Fnewsoku.blog%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1628003319581&bpp=2&bdt=1257&idt=2&shv=r20210729&mjsv=m202107290101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D70788018dd48af57-22dd5d5890c900e0%3AT%3D1628003319%3ART%3D1628003319%3AS%3DALNI_MbaYN8En-COu8JidTAj9lI-9LYyQA&prev_fmts=0x0%2C1106x280%2C1106x280%2C680x280&nras=1&correlator=1858602499989&frm=20&pv=1&ga_vid=1952375638.1628003319&ga_sid=1628003319&ga_hid=1915987041&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=274&ady=2601&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C20211866&oid=3&pvsid=1267796506519893&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=lCDDxK0JOU&p=https%3A//newsoku.blog&dtd=6
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Tue, 03 Aug 2021 15:08:40 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Tue, 03 Aug 2021 15:08:40 GMT

GET
H/1.1 200
OK blank.gif
blogroll.livedoor.net/img/ 807 B
1 KB 256ms
254ms Image
image/gif 147.92.191.167
LINE LINE Corpora...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://blogroll.livedoor.net/img/blank.gif?channel_id=273702
Requested by: Host: newsoku.blog
URL: https://newsoku.blog/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 147.92.191.167 , Japan, ASN38631 (LINE LINE Corporation, JP),
Reverse DNS
Software: nginx /
Resource Hash: a4071dbca008823e72a0fbcf9f4806230d5a8cf68884f4450981ed686f9e24b5

Request headers

Referer: https://newsoku.blog/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 03 Aug 2021 15:08:41 GMT
Last-Modified: Wed, 20 Jan 2021 08:53:43 GMT
Server: nginx
ETag: "6007ef97-327"
Content-Type: image/gif
Cache-Control: no-cache
Connection: keep-alive
Accept-Ranges: bytes
Keep-Alive: timeout=3
Content-Length: 807
Expires: Tue, 03 Aug 2021 15:08:40 GMT

GET
DATA 200
OK truncated
/ Frame 5080 211 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 38514c8f34e2825e860a6f3b1c9b1981cd75ee81238999a52aaa7a0ad0873bbf

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H3-29 200 amp4ads-v0.mjs Show response
cdn.ampproject.org/rtv/012107240354000/ Frame D226 188 KB
54 KB 21ms
6ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012107240354000/amp4ads-v0.mjs

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4110214929210244&output=html&h=280&slotname=3175488137&adk=148966444&adf=3061787000&pi=t.ma~as.3175488137&w=336&fwrn=4&fwrnh=100&lmt=1628003318&rafmt=1&psa=0&format=336x280&url=https%3A%2F%2Fnewsoku.blog%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1628003319599&bpp=1&bdt=1275&idt=1&shv=r20210729&mjsv=m202107290101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D70788018dd48af57-22dd5d5890c900e0%3AT%3D1628003319%3ART%3D1628003319%3AS%3DALNI_MbaYN8En-COu8JidTAj9lI-9LYyQA&prev_fmts=0x0%2C1106x280%2C1106x280%2C680x280%2C300x600&nras=1&correlator=1858602499989&frm=20&pv=1&ga_vid=1952375638.1628003319&ga_sid=1628003319&ga_hid=1915987041&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=256&ady=3901&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C20211866&oid=3&pvsid=1267796506519893&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=6&uci=a!6&btvi=4&fsb=1&xpc=jWuEFoM6Mx&p=https%3A//newsoku.blog&dtd=5

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b826f485873b923a0a9046262b9d026e8f4d2094da1e98e527f279eb9b148d6c

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 79316
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 55201
x-xss-protection: 0
server: sffe
date: Mon, 02 Aug 2021 17:06:44 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "56e2a7f7d448fcb3"
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 02 Aug 2022 17:06:44 GMT

GET
H3-29 200 amp4ads-host-v0.js Show response
cdn.ampproject.org/rtv/012107240354000/ 20 KB
7 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012107240354000/amp4ads-host-v0.js

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8c641f871d303f00c2431556fca2d50690ff200abd043196c8758e4bc590b848

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://newsoku.blog/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 79316
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7334
x-xss-protection: 0
server: sffe
date: Mon, 02 Aug 2021 17:06:44 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "26bfa3b7da51af82"
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 02 Aug 2022 17:06:44 GMT

GET
H3-29 200 iframe.html Show response
p4-azawbssdnwqhi-mqnd6znxwtgq5ixb-if-v6exp3-v4.metric.gstatic.com/v6exp3/ Frame 7388 4 KB
2 KB 59ms
29ms Document
text/html 142.250.186.163
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://p4-azawbssdnwqhi-mqnd6znxwtgq5ixb-if-v6exp3-v4.metric.gstatic.com/v6exp3/iframe.html

Requested by

Host: p4-azawbssdnwqhi-mqnd6znxwtgq5ixb-if-v6exp3-v4.metric.gstatic.com
URL: https://p4-azawbssdnwqhi-mqnd6znxwtgq5ixb-if-v6exp3-v4.metric.gstatic.com/v6exp3/redir.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.186.163 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

44ccdd6493fd66e1bd0a1a3400877c951c72431a7af3ad8051ac4795ba813816

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: p4-azawbssdnwqhi-mqnd6znxwtgq5ixb-if-v6exp3-v4.metric.gstatic.com
:scheme: https
:path: /v6exp3/iframe.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-origin
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://p4-azawbssdnwqhi-mqnd6znxwtgq5ixb-if-v6exp3-v4.metric.gstatic.com/v6exp3/redir.html
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://p4-azawbssdnwqhi-mqnd6znxwtgq5ixb-if-v6exp3-v4.metric.gstatic.com/v6exp3/redir.html

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-type: text/html
content-security-policy-report-only: script-src 'nonce-8AG_0_DE3WnsMyIsF8qCCg' 'report-sample' 'strict-dynamic' 'unsafe-eval' 'unsafe-inline' http: https:; object-src 'none'; report-uri https://csp.withgoogle.com/csp/static-on-bigtable; base-uri 'none'
cross-origin-resource-policy: cross-origin
content-length: 1863
date: Tue, 03 Aug 2021 15:08:40 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
last-modified: Thu, 29 Apr 2021 21:38:00 GMT
x-content-type-options: nosniff
content-encoding: gzip
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 css
fonts.googleapis.com/ Frame 9196 6 KB
765 B 17ms
11ms Stylesheet
text/css 2a00:1450:4001:831::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4110214929210244&output=html&h=280&slotname=2970979162&adk=3236041453&adf=2420973902&pi=t.ma~as.2970979162&w=1106&fwrn=4&fwrnh=100&lmt=1628003318&rafmt=1&psa=0&format=1106x280&url=https%3A%2F%2Fnewsoku.blog%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1628003319374&bpp=4&bdt=1050&idt=4&shv=r20210729&mjsv=m202107290101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D70788018dd48af57-22dd5d5890c900e0%3AT%3D1628003319%3ART%3D1628003319%3AS%3DALNI_MbaYN8En-COu8JidTAj9lI-9LYyQA&prev_fmts=0x0&nras=1&correlator=1858602499989&frm=20&pv=1&ga_vid=1952375638.1628003319&ga_sid=1628003319&ga_hid=1915987041&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=247&ady=864&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C20211866&oid=3&pvsid=1267796506519893&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=whexCSxYcg&p=https%3A//newsoku.blog&dtd=12

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

fbe1583d8642d89d0c349b00c0125e485dd55976282165a6b5f2d29ea9d44549

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Tue, 03 Aug 2021 15:07:31 GMT
server: ESF
date: Tue, 03 Aug 2021 15:08:40 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 03 Aug 2021 15:08:40 GMT

GET
H3-29 200 amp-ad-exit-0.1.mjs Show response
cdn.ampproject.org/rtv/012107240354000/v0/ Frame D226 13 KB
5 KB 9ms
6ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012107240354000/v0/amp-ad-exit-0.1.mjs

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1609bdcf4696c8146359638f33c35febdaba621dea00137283c61efc17504909

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 79316
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4865
x-xss-protection: 0
server: sffe
date: Mon, 02 Aug 2021 17:06:44 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "ff227f97ed674b5b"
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 02 Aug 2022 17:06:44 GMT

GET
H3-29 200 amp-analytics-0.1.mjs Show response
cdn.ampproject.org/rtv/012107240354000/v0/ Frame D226 87 KB
27 KB 12ms
6ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012107240354000/v0/amp-analytics-0.1.mjs

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4075d8c0c312c24df5548f967cab5fbf808fe78fdcef9d4032bad92f6cacbb70

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 79316
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 27852
x-xss-protection: 0
server: sffe
date: Mon, 02 Aug 2021 17:06:44 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "3719646983ab1de2"
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 02 Aug 2022 17:06:44 GMT

GET
H3-29 200 amp-animation-0.1.mjs Show response
cdn.ampproject.org/rtv/012107240354000/v0/ Frame D226 71 KB
16 KB 16ms
10ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012107240354000/v0/amp-animation-0.1.mjs

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b31a2dfb910d5e0292d6639f0c1a9b6ecc2471ba71ba18e3dc27cd5a033cf463

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 79315
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16686
x-xss-protection: 0
server: sffe
date: Mon, 02 Aug 2021 17:06:45 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "6eea2bcb2a8fbd9d"
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 02 Aug 2022 17:06:45 GMT

GET
H3-29 200 amp-fit-text-0.1.mjs Show response
cdn.ampproject.org/rtv/012107240354000/v0/ Frame D226 4 KB
2 KB 14ms
9ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012107240354000/v0/amp-fit-text-0.1.mjs

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5fbb36bdcd7fcb6a1962d355dccfab3262736d4d198a389ffb85a3fa3d2440d4

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 79316
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1653
x-xss-protection: 0
server: sffe
date: Mon, 02 Aug 2021 17:06:44 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "687e73129cfc4c8d"
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 02 Aug 2022 17:06:44 GMT

GET
H3-29 200 amp-form-0.1.mjs Show response
cdn.ampproject.org/rtv/012107240354000/v0/ Frame D226 40 KB
13 KB 15ms
9ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012107240354000/v0/amp-form-0.1.mjs

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

78e0bdeabeebc2dc279c8a9321a3c05dfee71e89123ee3d480fb83fe9d308aed

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 79316
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12828
x-xss-protection: 0
server: sffe
date: Mon, 02 Aug 2021 17:06:44 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "4abe217821914203"
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 02 Aug 2022 17:06:44 GMT

GET
H3-29 200 en.png
tpc.googlesyndication.com/pagead/images/abg/ Frame D226 3 KB
3 KB 13ms
8ms Image
image/png 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/abg/en.png

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

85a64faec356c3a72f249a98a037317adc730ec6d38e47653cd53be5485d80a1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 02 Aug 2021 18:02:54 GMT
x-content-type-options: nosniff
server: cafe
age: 75946
etag: 15880770647744369592
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
content-type: image/png
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2982
x-xss-protection: 0
expires: Tue, 03 Aug 2021 18:02:54 GMT

GET
H3-29 200 icon.png
tpc.googlesyndication.com/pagead/images/abg/ Frame D226 344 B
368 B 13ms
8ms Image
image/png 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/abg/icon.png

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

53b99e4bde7498900885e58f9d6c383258f8a59b04389d6b54d3d4b89537b6f2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 02 Aug 2021 22:40:25 GMT
x-content-type-options: nosniff
server: cafe
age: 59295
etag: 6766994032117382215
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
content-type: image/png
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 344
x-xss-protection: 0
expires: Tue, 03 Aug 2021 22:40:25 GMT

GET
H3-29 200 adview
googleads.g.doubleclick.net/pagead/ Frame D226 0
17 B 49ms
45ms Image
text/html 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CcZzn91sJYeWDJoag-wbGjbvwD9Cw9JBktJblgM8OpIWTwLABEAEg3J6hMWCVAqABn9K1twHIAQmpApb4Vkes8rM-qAMByAMIqgTJAU_QD4-28Q2eFWJnbg83ZvRzE5F1PGWU1LFFp1evX0DZPyCbFoXVYd84w3S1cg5U1zODXNn8g33sLjHMJBAUGQcjWPRL3KlgUvLJXZs4yKZx4DydfjiEWoWEW-prgidiBYxkhJmBHnXIhJaM85GEgRbr3jLwTKLWF6Xx6CiGKrym-8_eLvChuatxJzLeWuFL4yLpqmwyWUOe59FQeR1TLXCfAjki2Azzr1Hqevg5hnx-IeR8TzIV_3HoIZTGkk99nRT2BMVjC5dmv8AE9JKWytEDkgUECAQYAZIFBAgFGASgBi6AB8mtysgCqAfVyRuoB_DZG6gH8tkbqAeOzhuoB5PYG6gHugaoB-6WsQKoB6a-G6gH7NUb2AcA8gcEEK3dAdIICQiA4YBwEAEYH4AKAcgLAdgTDdAVAYAXAbIXGgoYCAASFHB1Yi00MTEwMjE0OTI5MjEwMjQ0&sigh=NRZhqsOAPVY&template_id=419

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4110214929210244&output=html&h=280&slotname=3175488137&adk=148966444&adf=3061787000&pi=t.ma~as.3175488137&w=336&fwrn=4&fwrnh=100&lmt=1628003318&rafmt=1&psa=0&format=336x280&url=https%3A%2F%2Fnewsoku.blog%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1628003319599&bpp=1&bdt=1275&idt=1&shv=r20210729&mjsv=m202107290101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D70788018dd48af57-22dd5d5890c900e0%3AT%3D1628003319%3ART%3D1628003319%3AS%3DALNI_MbaYN8En-COu8JidTAj9lI-9LYyQA&prev_fmts=0x0%2C1106x280%2C1106x280%2C680x280%2C300x600&nras=1&correlator=1858602499989&frm=20&pv=1&ga_vid=1952375638.1628003319&ga_sid=1628003319&ga_hid=1915987041&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=256&ady=3901&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C20211866&oid=3&pvsid=1267796506519893&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=6&uci=a!6&btvi=4&fsb=1&xpc=jWuEFoM6Mx&p=https%3A//newsoku.blog&dtd=5
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Tue, 03 Aug 2021 15:08:40 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H2 200 / Show response
feedrapp.lliy.biz/ 2 KB
1 KB 586ms
552ms Script
text/html 2606:4700:3033::6815:3978
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://feedrapp.lliy.biz/?callback=jQuery36007625346405701499_1628003318640&q=https%3A%2F%2Fnewpuru.com%2Frss%2F2ch-noadult.xml%2Chttp%3A%2F%2Fnewpuru.com%2Frss%2Fnews-noadult.xml&num=2&_=1628003318641
Requested by: Host: newsoku.blog
URL: https://newsoku.blog/wp-content/cache/wpfc-minified/1ne9zizo/hdd2r.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3033::6815:3978 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: 54a37f6b7e605a186be68e0014a2272f7c90902efcd4b95c30f5591c644b1c07

Request headers

Referer: https://newsoku.blog/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 03 Aug 2021 15:08:41 GMT
content-encoding: br
cf-cache-status: MISS
nel: {"report_to":"cf-nel","max_age":604800}
x-powered-by: Express
access-control-allow-methods: POST, GET, OPTIONS
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
referrer-policy: unsafe-url
last-modified: Tue, 03 Aug 2021 15:08:41 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ORGDiWp1ibCQlbJTZJ2pxAR2KA50YF89MXQkJ8ITE3tpai6d43kURuzFca0eeZ36ktZdJQLWezveBiwp5Bgf5iu0t0Fdq1K7e3vVoO0D5XPEz%2Fv3Q4mGLbZlWJUCI9Ze30wH2JAN%2BNLQDAAUAZPaHg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=utf-8
access-control-allow-origin: *, null
cache-control: public, max-age=31536000
access-control-allow-credentials: true
cf-ray: 679076745aa14e0e-FRA
access-control-allow-headers: Origin, Authorization, Accept
expires: Wed, 03 Aug 2022 15:08:41 GMT

GET
H2 200 / Show response
feedrapp.lliy.biz/ 2 KB
996 B 576ms
542ms Script
text/html 2606:4700:3033::6815:3978
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://feedrapp.lliy.biz/?callback=jQuery36007625346405701499_1628003318642&q=https%3A%2F%2Fheadline.mtfj.net%2Frss%2Fsafe.xml%2Chttps%3A%2F%2Fheadline.mtfj.net%2Frss%2Fnews_safe.xml&num=2&_=1628003318643
Requested by: Host: newsoku.blog
URL: https://newsoku.blog/wp-content/cache/wpfc-minified/1ne9zizo/hdd2r.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3033::6815:3978 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: 4659031891bafc2ea1d492464f6304a4ab4014b02cf94716dc17ca96793d4448

Request headers

Referer: https://newsoku.blog/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 03 Aug 2021 15:08:41 GMT
content-encoding: br
cf-cache-status: MISS
nel: {"report_to":"cf-nel","max_age":604800}
x-powered-by: Express
access-control-allow-methods: POST, GET, OPTIONS
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
referrer-policy: unsafe-url
last-modified: Tue, 03 Aug 2021 15:08:41 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ux3vCGkWyQsfd%2FcGbXkATP5bmE3qbudjU9SUG7XLWiSoYfL%2FrMCbz4ANSMrxa5cjVaNNIHArJOWnWiMgDjR1V%2BbrL9ZdmWj%2F08vntqSFBGthsr2fkSn5d%2BlPe4LRNsfJ0Wat5RZxqZVifB0jBDQ6Yw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=utf-8
access-control-allow-origin: *, null
cache-control: public, max-age=31536000
access-control-allow-credentials: true
cf-ray: 679076745aa34e0e-FRA
access-control-allow-headers: Origin, Authorization, Accept
expires: Wed, 03 Aug 2022 15:08:41 GMT

GET
H2 200 / Show response
feedrapp.lliy.biz/ 2 KB
1 KB 569ms
535ms Script
text/html 2606:4700:3033::6815:3978
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://feedrapp.lliy.biz/?callback=jQuery36007625346405701499_1628003318644&q=https%3A%2F%2Ffeed.lliy.biz%2Fcategory%2Fnews-owata-net-com%2Ffeed%2F&num=4&_=1628003318645
Requested by: Host: newsoku.blog
URL: https://newsoku.blog/wp-content/cache/wpfc-minified/1ne9zizo/hdd2r.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3033::6815:3978 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: 01ac0b8e84e2e1291f832e521a0382c7bd8a93dcfbdc0514b3ed5a02e607f1c7

Request headers

Referer: https://newsoku.blog/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 03 Aug 2021 15:08:41 GMT
content-encoding: br
cf-cache-status: MISS
nel: {"report_to":"cf-nel","max_age":604800}
x-powered-by: Express
access-control-allow-methods: POST, GET, OPTIONS
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
referrer-policy: unsafe-url
last-modified: Tue, 03 Aug 2021 15:08:41 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7TkY%2Bez%2BF4P2nHKG7zS24BRHFx9j51a0hERbldpx1kTz%2B6zAnmZ1Sbrrg0fKz%2BaG9BxGM%2FbnZRzHuJWTutA%2BRC0u3eH%2FncrI0QEphqrG9QvPzY7neMsB86PnVx1hyW5f%2BXZGj%2BKFiJGBR4hEfslT3w%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=utf-8
access-control-allow-origin: *, null
cache-control: public, max-age=31536000
access-control-allow-credentials: true
cf-ray: 679076745aa54e0e-FRA
access-control-allow-headers: Origin, Authorization, Accept
expires: Wed, 03 Aug 2022 15:08:41 GMT

GET
H2 200 / Show response
feedrapp.lliy.biz/ 2 KB
1 KB 556ms
555ms Script
text/html 2606:4700:3033::6815:3978
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://feedrapp.lliy.biz/?callback=jQuery36007625346405701499_1628003318646&q=http%3A%2F%2Ftokkaban.com%2F%3Ffeed%3Dnews%2Chttp%3A%2F%2Ftokkaban.com%2Ffeed&num=1&_=1628003318647
Requested by: Host: newsoku.blog
URL: https://newsoku.blog/wp-content/cache/wpfc-minified/1ne9zizo/hdd2r.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3033::6815:3978 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: 4fdf598bdfa945144137fd55cc9fd8fc86e29219e3e78e315734bcf72f1bcd0c

Request headers

Referer: https://newsoku.blog/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 03 Aug 2021 15:08:41 GMT
content-encoding: br
cf-cache-status: MISS
nel: {"report_to":"cf-nel","max_age":604800}
x-powered-by: Express
access-control-allow-methods: POST, GET, OPTIONS
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
referrer-policy: unsafe-url
last-modified: Tue, 03 Aug 2021 15:08:41 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OTmziyCvWrWJC3tDkKdWPDgEvel8EV4iY2iBIP7oMTc7%2Fe185VldAtfT5%2FebhDZ6skjnH97lkT49IXHT16xPv0Hcq9P0d8xYyEEFU0rcVnfIeijXnkkgL9u7PEocuPHV0xYT%2Bciit47HazOMjMmbSg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=utf-8
access-control-allow-origin: *, null
cache-control: public, max-age=31536000
access-control-allow-credentials: true
cf-ray: 679076748b574e0e-FRA
access-control-allow-headers: Origin, Authorization, Accept
expires: Wed, 03 Aug 2022 15:08:41 GMT

GET
H2 200 / Show response
feedrapp.lliy.biz/ 2 KB
977 B 535ms
533ms Script
text/html 2606:4700:3033::6815:3978
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://feedrapp.lliy.biz/?callback=jQuery36007625346405701499_1628003318648&q=https%3A%2F%2F2channeler.com%2Frss%2Ffeed_20.xml%2Chttps%3A%2F%2F2channeler.com%2Frss%2Ffeed_10.xml&num=2&_=1628003318649
Requested by: Host: newsoku.blog
URL: https://newsoku.blog/wp-content/cache/wpfc-minified/1ne9zizo/hdd2r.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3033::6815:3978 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: 60e627b061c0458373f2c4f81b1aa777ee898fbfc1de98a7c1766ba736ff6d90

Request headers

Referer: https://newsoku.blog/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 03 Aug 2021 15:08:41 GMT
content-encoding: br
cf-cache-status: MISS
nel: {"report_to":"cf-nel","max_age":604800}
x-powered-by: Express
access-control-allow-methods: POST, GET, OPTIONS
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
referrer-policy: unsafe-url
last-modified: Tue, 03 Aug 2021 15:08:41 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TUQ3q5JltoA%2BAnXiuOGXvae7FLYwjAKeDv3TMDavVieXtA6xTmiysFqVlo1mwLhYZBSKFhb5z0O4HPvQHkbM3xhg8z4lcaZ6idqd0HldxrVz93NByvbfJyC7bIzshWZgeGY5EFA2EiPBnxObPTDLeg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=utf-8
access-control-allow-origin: *, null
cache-control: public, max-age=31536000
access-control-allow-credentials: true
cf-ray: 679076748b594e0e-FRA
access-control-allow-headers: Origin, Authorization, Accept
expires: Wed, 03 Aug 2022 15:08:41 GMT

GET
H2 200 / Show response
feedrapp.lliy.biz/ 3 KB
1 KB 562ms
560ms Script
text/html 2606:4700:3033::6815:3978
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://feedrapp.lliy.biz/?callback=jQuery36007625346405701499_1628003318650&q=https%3A%2F%2Fwarotanien.net%2Ffeed&num=2&_=1628003318651
Requested by: Host: newsoku.blog
URL: https://newsoku.blog/wp-content/cache/wpfc-minified/1ne9zizo/hdd2r.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3033::6815:3978 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: aa86d8de79bb079f356f46778a7ae56a9c5131fe0064cbdf7e946b59ae2672b3

Request headers

Referer: https://newsoku.blog/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 03 Aug 2021 15:08:41 GMT
content-encoding: br
cf-cache-status: MISS
nel: {"report_to":"cf-nel","max_age":604800}
x-powered-by: Express
access-control-allow-methods: POST, GET, OPTIONS
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
referrer-policy: unsafe-url
last-modified: Tue, 03 Aug 2021 15:08:41 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0FyReYNeTGy9X6OSehdJh2I%2BkpUU1etaCGFgs3GIt2IvyYsnxM4t5ebKFtD0jZ5mngTUmBtg%2FQkCCVwZ3b1i%2Ben848D29GtNSOzrZtF8V2mKDKc6QEG3uj7Wvxu8x33vY4RzGW0s7bYt%2BagxCaE2CQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=utf-8
access-control-allow-origin: *, null
cache-control: public, max-age=31536000
access-control-allow-credentials: true
cf-ray: 679076748b5a4e0e-FRA
access-control-allow-headers: Origin, Authorization, Accept
expires: Wed, 03 Aug 2022 15:08:41 GMT

GET
H2 200 / Show response
feedrapp.lliy.biz/ 22 KB
6 KB 557ms
556ms Script
text/html 2606:4700:3033::6815:3978
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://feedrapp.lliy.biz/?callback=jQuery36007625346405701499_1628003318652&q=https%3A%2F%2Fnewpuru.com%2Frss%2Fnews-noadult.xml%2Chttps%3A%2F%2Fheadline.mtfj.net%2Frss%2Fnews_safe.xml%2Chttps%3A%2F%2F2channeler.com%2Frss%2Ffeed_20.xml%2Chttps%3A%2F%2Ffeed.lliy.biz%2Fcategory%2Fnews-owata-net-com%2Ffeed%2F%2Chttp%3A%2F%2Ftokkaban.com%2F%3Ffeed%3Dnews%2Chttps%3A%2F%2Fwarotanien.net%2Ffeed&num=6&_=1628003318653
Requested by: Host: newsoku.blog
URL: https://newsoku.blog/wp-content/cache/wpfc-minified/1ne9zizo/hdd2r.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3033::6815:3978 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: fbff6753a3068fe064dee668f39e1cff9f2d522b9f1bd90d9fa4e331aa1c7bd4

Request headers

Referer: https://newsoku.blog/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 03 Aug 2021 15:08:41 GMT
content-encoding: br
cf-cache-status: MISS
nel: {"report_to":"cf-nel","max_age":604800}
x-powered-by: Express
access-control-allow-methods: POST, GET, OPTIONS
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
referrer-policy: unsafe-url
last-modified: Tue, 03 Aug 2021 15:08:41 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gj4uRblBFqA50uYWo22k8OToGN%2Bp1ryIaSTQ1fky2mdRwIqZegI%2FOMSlT0FDoI1zkIuxHzmVNMPh%2FsucUVkpfCv79zaz%2FljWEcODbMd4M2xG2sZqEVv5BtHfr1MmZ55E6UTT72w2PHbdhVmFswMBUQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=utf-8
access-control-allow-origin: *, null
cache-control: public, max-age=31536000
access-control-allow-credentials: true
cf-ray: 679076748b5d4e0e-FRA
access-control-allow-headers: Origin, Authorization, Accept
expires: Wed, 03 Aug 2022 15:08:41 GMT

GET
H2 200 / Show response
feedrapp.lliy.biz/ 20 KB
5 KB 558ms
557ms Script
text/html 2606:4700:3033::6815:3978
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://feedrapp.lliy.biz/?callback=jQuery36007625346405701499_1628003318654&q=https%3A%2F%2Fnewpuru.com%2Frss%2F2ch-noadult.xml%2Chttps%3A%2F%2Fheadline.mtfj.net%2Frss%2Fvip_safe.xml%2Chttps%3A%2F%2F2channeler.com%2Frss%2Ffeed_10.xml%2Chttps%3A%2F%2Ffeed.lliy.biz%2Fcategory%2Fnews-owata-net-com%2Ffeed%2F%2Chttp%3A%2F%2Ftokkaban.com%2F%3Ffeed%3D2ch%2Chttps%3A%2F%2Fwarotanien.net%2Ffeed&num=6&_=1628003318655
Requested by: Host: newsoku.blog
URL: https://newsoku.blog/wp-content/cache/wpfc-minified/1ne9zizo/hdd2r.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3033::6815:3978 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: 9a2a73e53d1ef7e569c68c3885fbf26c3fa895e5b724c2f79c40cf26f4919273

Request headers

Referer: https://newsoku.blog/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 03 Aug 2021 15:08:41 GMT
content-encoding: br
cf-cache-status: MISS
nel: {"report_to":"cf-nel","max_age":604800}
x-powered-by: Express
access-control-allow-methods: POST, GET, OPTIONS
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
referrer-policy: unsafe-url
last-modified: Tue, 03 Aug 2021 15:08:41 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lLoL7sOzxqPFG8vvpsQp4LdIhCalwsJg%2BAlMETQOE309eYxFMXRxklGHvbSTUE4Wx2Iqmx7Ga1ciooSVJJ1xaeXFyr1qbsOf0aYb0Aa0Qx2y%2FStoqFxE2wuNlCyT7Vs36awYubDzVBpjUqcADu8BGQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=utf-8
access-control-allow-origin: *, null
cache-control: public, max-age=31536000
access-control-allow-credentials: true
cf-ray: 679076748b5f4e0e-FRA
access-control-allow-headers: Origin, Authorization, Accept
expires: Wed, 03 Aug 2022 15:08:41 GMT

GET
H2 200 / Show response
feedrapp.lliy.biz/ 11 KB
4 KB 560ms
558ms Script
text/html 2606:4700:3033::6815:3978
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://feedrapp.lliy.biz/?callback=jQuery36007625346405701499_1628003318656&q=https%3A%2F%2Fvtuberantenna.com%2Ffeed%2Chttps%3A%2F%2Fwarotanien.net%2Farchives%2Fcategory%2Fgame%2Ffeed%2Chttps%3A%2F%2Fwarotanien.net%2Farchives%2Fcategory%2Fanime%2Ffeed%2Chttp%3A%2F%2Fnews-choice.net%2Fanige%2Findex.rdf%2Chttp%3A%2F%2Fnews-choice.net%2Fgame%2Findex.rdf%2Chttp%3A%2F%2Fmatometatta-news.net%2Fanige%2Findex.rdf%2Chttp%3A%2F%2Fmatometatta-news.net%2Fsousaku%2Findex.rdf%2Chttp%3A%2F%2Fbesttrendnews.net%2Fanime%2Findex.rdf%2Chttp%3A%2F%2Fbesttrendnews.net%2Fgame%2Findex.rdf%2Chttp%3A%2F%2Fnews-three-stars.net%2Fotaku%2Findex.rdf%2Chttp%3A%2F%2Fnews-three-stars.net%2Fsousaku%2Findex.rdf%2Chttp%3A%2F%2Fantennabank.com%2Fanime%2Findex.rdf%2Chttp%3A%2F%2Fantennabank.com%2Fhobby%2Findex.rdf%2Chttp%3A%2F%2Fafo-news.com%2Fanige%2Findex.rdf%2Chttp%3A%2F%2Fafo-news.com%2Fsousaku%2Findex.rdf%2Chttp%3A%2F%2Fkonowaro.net%2Fanime%2Findex.rdf%2Chttp%3A%2F%2Fkonowaro.net%2Fgame%2Findex.rdf%2Chttp%3A%2F%2Fwebnew.net%2Fanime%2Findex.rdf%2Chttp%3A%2F%2Fwebnew.net%2Fgame%2Findex.rdf%2Chttps%3A%2F%2Fnewpuru.com%2Frss%2Fotaku-noadult.xml%2Chttp%3A%2F%2F0matome.com%2Ffeed%2Fmanga.xml%2Chttp%3A%2F%2Fpuu-antenna.com%2Farchives%2Fcategory%2Fotaku%2Ffeed%2Chttps%3A%2F%2Fnew2.jp%2Ffeeds%2Fanime-game.xml&num=1&_=1628003318657
Requested by: Host: newsoku.blog
URL: https://newsoku.blog/wp-content/cache/wpfc-minified/1ne9zizo/hdd2r.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3033::6815:3978 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: 3a0e75996c3d46bc700f5afe72b5ca7518c8922bfb7bf2533da0e9c81764549b

Request headers

Referer: https://newsoku.blog/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 03 Aug 2021 15:08:41 GMT
content-encoding: br
cf-cache-status: MISS
nel: {"report_to":"cf-nel","max_age":604800}
x-powered-by: Express
access-control-allow-methods: POST, GET, OPTIONS
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
referrer-policy: unsafe-url
last-modified: Tue, 03 Aug 2021 15:08:41 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8OpQPebRXiO9NC4arRLW1ppgKQG6JAQ42B6MFwnqjn85QheQxr8jmXrz3qxNCr8jXh3I9pVdbgk7oXukPTZhoZa8vxgdBZu19F9NTasawu6K41zGxLPnl2GwNIC9wfucVLKnHXrK7O%2Fr7uvnn7o%2BQw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=utf-8
access-control-allow-origin: *, null
cache-control: public, max-age=31536000
access-control-allow-credentials: true
cf-ray: 679076748b604e0e-FRA
access-control-allow-headers: Origin, Authorization, Accept
expires: Wed, 03 Aug 2022 15:08:41 GMT

GET
H2 200 / Show response
feedrapp.lliy.biz/ 48 KB
9 KB 575ms
574ms Script
text/html 2606:4700:3033::6815:3978
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://feedrapp.lliy.biz/?callback=jQuery36007625346405701499_1628003318658&q=https%3A%2F%2Fvtuberantenna.com%2Ffeed%2Chttps%3A%2F%2Fwarotanien.net%2Farchives%2Fcategory%2Ftalent%2Ffeed%2Chttps%3A%2F%2Fwarotanien.net%2Farchives%2Fcategory%2Fvoice-talent%2Ffeed%2Chttp%3A%2F%2Fnews-choice.net%2Fgeino%2Findex.rdf%2Chttp%3A%2F%2Fnews-choice.net%2Fsports%2Findex.rdf%2Chttp%3A%2F%2Fmatometatta-news.net%2Fyakyu%2Findex.rdf%2Chttp%3A%2F%2Fmatometatta-news.net%2Ffoot%2Findex.rdf%2Chttp%3A%2F%2Fbesttrendnews.net%2Fgeinou%2Findex.rdf%2Chttp%3A%2F%2Fbesttrendnews.net%2Fbase%2Findex.rdf%2Chttp%3A%2F%2Fnews-three-stars.net%2Fbase%2Findex.rdf%2Chttp%3A%2F%2Fnews-three-stars.net%2Fgeisupo%2Findex.rdf%2Chttp%3A%2F%2Fantennabank.com%2Fsports%2Findex.rdf%2Chttp%3A%2F%2Fantennabank.com%2Fgeinou%2Findex.rdf%2Chttp%3A%2F%2Fafo-news.com%2Fgeinou%2Findex.rdf%2Chttp%3A%2F%2Fafo-news.com%2Fbase%2Findex.rdf%2Chttp%3A%2F%2Fkonowaro.net%2Fyakyu%2Findex.rdf%2Chttp%3A%2F%2Fkonowaro.net%2Fgeinou%2Findex.rdf%2Chttp%3A%2F%2Fwebnew.net%2Fbase%2Findex.rdf%2Chttp%3A%2F%2Fwebnew.net%2Fgeinou%2Findex.rdf%2Chttps%3A%2F%2Fnewpuru.com%2Frss%2Fentame-noadult.xml%2Chttp%3A%2F%2F0matome.com%2Ffeed%2Fshowbiz.xml%2Chttp%3A%2F%2Fpuu-antenna.com%2Farchives%2Fcategory%2Fgeinou%2Ffeed%2Chttps%3A%2F%2Fnew2.jp%2Ffeeds%2Fgeino-sports.xml&num=1&_=1628003318659
Requested by: Host: newsoku.blog
URL: https://newsoku.blog/wp-content/cache/wpfc-minified/1ne9zizo/hdd2r.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3033::6815:3978 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: 31f6e6c579a8ff2b68df6a0835b6cc55e6e127da579b3015db8529c3ad25cc6e

Request headers

Referer: https://newsoku.blog/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 03 Aug 2021 15:08:41 GMT
content-encoding: br
cf-cache-status: MISS
nel: {"report_to":"cf-nel","max_age":604800}
x-powered-by: Express
access-control-allow-methods: POST, GET, OPTIONS
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
referrer-policy: unsafe-url
last-modified: Tue, 03 Aug 2021 15:08:41 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5fa8eLIU%2FYykRXHf9%2FHyfU2u2K9anOpysx9pWAXFH8WO9swHh%2B73Ur7XQyKE30Tvs8PZwTnHf%2BpvXp%2Fzei5HG135pedFhd2JbVx1fuo8Odd6aO%2FiWTSLrgKAmSmuFhSLPByOLx%2Fra46vkfxzzw5tcA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=utf-8
access-control-allow-origin: *, null
cache-control: public, max-age=31536000
access-control-allow-credentials: true
cf-ray: 679076748b624e0e-FRA
access-control-allow-headers: Origin, Authorization, Accept
expires: Wed, 03 Aug 2022 15:08:41 GMT

GET
H2 200 / Show response
feedrapp.lliy.biz/ 2 KB
1021 B 571ms
570ms Script
text/html 2606:4700:3033::6815:3978
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://feedrapp.lliy.biz/?callback=jQuery36007625346405701499_1628003318660&q=https%3A%2F%2F2channeler.com%2Ffeed.cgi%3Fcode%3D1880%2Chttps%3A%2F%2F2channeler.com%2Ffeed.cgi%3Fcode%3D1818%2Chttps%3A%2F%2Ffeeds.mtmx.jp%2Fsites%2F2405%2Ffeed.xml%2Chttps%3A%2F%2Ffeeds.mtmx.jp%2Fsites%2F2544%2Ffeed.xml&num=1&_=1628003318661
Requested by: Host: newsoku.blog
URL: https://newsoku.blog/wp-content/cache/wpfc-minified/1ne9zizo/hdd2r.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3033::6815:3978 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: 25897b37917ec3d56c2532ea78e2420c36b08af75b8af7bd94d1bd0d1a0ea4fb

Request headers

Referer: https://newsoku.blog/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 03 Aug 2021 15:08:41 GMT
content-encoding: br
cf-cache-status: MISS
nel: {"report_to":"cf-nel","max_age":604800}
x-powered-by: Express
access-control-allow-methods: POST, GET, OPTIONS
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
referrer-policy: unsafe-url
last-modified: Tue, 03 Aug 2021 15:08:41 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hphzDWtjoFS%2Bb4wtJxutEulGaAFkaL16xRz6rzXo3B3uA2oQ5e9Ml6XEoLH581eDmsXcQOTJNw1rHp%2ByBoYYVSU1qvP6SRVoKzilM32KdyjNoCeIEIebLpt1Np51vEVY7xXjS71GTuzdcuJm3Z3v9A%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=utf-8
access-control-allow-origin: *, null
cache-control: public, max-age=31536000
access-control-allow-credentials: true
cf-ray: 679076748b644e0e-FRA
access-control-allow-headers: Origin, Authorization, Accept
expires: Wed, 03 Aug 2022 15:08:41 GMT

GET
H2 200 / Show response
feedrapp.lliy.biz/ 27 KB
5 KB 556ms
555ms Script
text/html 2606:4700:3033::6815:3978
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://feedrapp.lliy.biz/?callback=jQuery36007625346405701499_1628003318662&q=https%3A%2F%2Fnewsoku.blog%2Farchives%2Fcategory%2Fsarscov2-covid19%2Ffeed&num=15&_=1628003318663
Requested by: Host: newsoku.blog
URL: https://newsoku.blog/wp-content/cache/wpfc-minified/1ne9zizo/hdd2r.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3033::6815:3978 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: 11c4b6aac8a71e3c7ea7ee134e871895f33ee8ce8481431b5f0b6145370b6a5a

Request headers

Referer: https://newsoku.blog/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 03 Aug 2021 15:08:41 GMT
content-encoding: br
cf-cache-status: MISS
nel: {"report_to":"cf-nel","max_age":604800}
x-powered-by: Express
access-control-allow-methods: POST, GET, OPTIONS
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
referrer-policy: unsafe-url
last-modified: Tue, 03 Aug 2021 15:08:41 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7Lxv4zvB2kPNX3JTNlLaFckDPj1OBO4DlnR1T%2B2ANu0NcdOcqpm0TZOn09H6yg%2BCjgF%2BQCiyKSQCo6yE3SnwNsHQZKr3XxiOfIrkYPqMgcIrCSIbndJZwU%2BZH4QApEk8aIIo5ILnhw%2FFnd6AeO8UbA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=utf-8
access-control-allow-origin: *, null
cache-control: public, max-age=31536000
access-control-allow-credentials: true
cf-ray: 679076748b664e0e-FRA
access-control-allow-headers: Origin, Authorization, Accept
expires: Wed, 03 Aug 2022 15:08:41 GMT

GET
H3-29 200 en.png
tpc.googlesyndication.com/pagead/images/abg/ Frame 9006 3 KB
3 KB 13ms
9ms Image
image/png 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/abg/en.png

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012107240354000/amp4ads-v0.mjs

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

85a64faec356c3a72f249a98a037317adc730ec6d38e47653cd53be5485d80a1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 02 Aug 2021 18:02:54 GMT
x-content-type-options: nosniff
server: cafe
age: 75946
etag: 15880770647744369592
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
content-type: image/png
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2982
x-xss-protection: 0
expires: Tue, 03 Aug 2021 18:02:54 GMT

GET
H3-29 200 icon.png
tpc.googlesyndication.com/pagead/images/abg/ Frame 9006 344 B
368 B 12ms
9ms Image
image/png 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/abg/icon.png

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012107240354000/amp4ads-v0.mjs

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

53b99e4bde7498900885e58f9d6c383258f8a59b04389d6b54d3d4b89537b6f2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 02 Aug 2021 22:40:25 GMT
x-content-type-options: nosniff
server: cafe
age: 59295
etag: 6766994032117382215
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
content-type: image/png
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 344
x-xss-protection: 0
expires: Tue, 03 Aug 2021 22:40:25 GMT

GET
DATA 200
OK truncated
/ Frame D226 208 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 552c61b3b4d0d0e7b457353852c366ed67f863a524e2e1c5d1a2cbabedc42909

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H3-29 200 bg01.jpg
tpc.googlesyndication.com/sadbundle/3176179925942100807/Honda_Jazz_Conversion_CC_Flexiblity_300x250_DCM/ Frame D226 13 KB
13 KB 14ms
11ms Image
image/jpeg 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/3176179925942100807/Honda_Jazz_Conversion_CC_Flexiblity_300x250_DCM/bg01.jpg

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

fb39bc66f48ae2764e26903a9e4ba387d4fb00254e72dcf76c8d663fb92504d2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 27 Jul 2021 22:04:22 GMT
x-content-type-options: nosniff
age: 579858
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13376
x-xss-protection: 0
last-modified: Tue, 20 Jul 2021 14:33:55 GMT
server: sffe
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 27 Jul 2022 22:04:22 GMT

GET
H3-29 200 txtSprite.png
tpc.googlesyndication.com/sadbundle/3176179925942100807/Honda_Jazz_Conversion_CC_Flexiblity_300x250_DCM/ Frame D226 76 KB
76 KB 12ms
9ms Image
image/png 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/3176179925942100807/Honda_Jazz_Conversion_CC_Flexiblity_300x250_DCM/txtSprite.png

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

46bdf98ce93980c477de96ced5a49b0c17a2b5207097506b76f1bfd413c8c22b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 27 Jul 2021 22:04:22 GMT
x-content-type-options: nosniff
age: 579858
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 77954
x-xss-protection: 0
last-modified: Tue, 20 Jul 2021 14:33:55 GMT
server: sffe
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 27 Jul 2022 22:04:22 GMT

GET
H3-29 200 bg02.jpg
tpc.googlesyndication.com/sadbundle/3176179925942100807/Honda_Jazz_Conversion_CC_Flexiblity_300x250_DCM/ Frame D226 16 KB
16 KB 13ms
10ms Image
image/jpeg 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/3176179925942100807/Honda_Jazz_Conversion_CC_Flexiblity_300x250_DCM/bg02.jpg

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b6f458f491e7ecde0a4e60957a29acdb0aa2af0c9834a0a64bf349f7a949aca6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 27 Jul 2021 22:04:22 GMT
x-content-type-options: nosniff
age: 579858
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16135
x-xss-protection: 0
last-modified: Tue, 20 Jul 2021 14:33:55 GMT
server: sffe
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 27 Jul 2022 22:04:22 GMT

GET
H3-29 200 bg03.jpg
tpc.googlesyndication.com/sadbundle/3176179925942100807/Honda_Jazz_Conversion_CC_Flexiblity_300x250_DCM/ Frame D226 17 KB
17 KB 16ms
14ms Image
image/jpeg 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/3176179925942100807/Honda_Jazz_Conversion_CC_Flexiblity_300x250_DCM/bg03.jpg

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3a8e4c86e7b057ed0163644164fa0538234308e226deb7934278a2b95a21da5e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 27 Jul 2021 22:04:22 GMT
x-content-type-options: nosniff
age: 579858
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 17448
x-xss-protection: 0
last-modified: Tue, 20 Jul 2021 14:33:55 GMT
server: sffe
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 27 Jul 2022 22:04:22 GMT

GET
H3-29 200 bg04.jpg
tpc.googlesyndication.com/sadbundle/3176179925942100807/Honda_Jazz_Conversion_CC_Flexiblity_300x250_DCM/ Frame D226 11 KB
11 KB 17ms
15ms Image
image/jpeg 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/3176179925942100807/Honda_Jazz_Conversion_CC_Flexiblity_300x250_DCM/bg04.jpg

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

582a2d1e56d7d3d5b1016936f17c6546f8e0c83692062b426664b42594ce6ce7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 27 Jul 2021 22:04:22 GMT
x-content-type-options: nosniff
age: 579858
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11369
x-xss-protection: 0
last-modified: Tue, 20 Jul 2021 14:33:55 GMT
server: sffe
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 27 Jul 2022 22:04:22 GMT

GET
H3-29 200 legal.png
tpc.googlesyndication.com/sadbundle/3176179925942100807/Honda_Jazz_Conversion_CC_Flexiblity_300x250_DCM/ Frame D226 2 KB
2 KB 15ms
13ms Image
image/png 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/3176179925942100807/Honda_Jazz_Conversion_CC_Flexiblity_300x250_DCM/legal.png

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5f40816c8f9caab013dce5ea0926b5c38b2bee51036d6dfe642f79e8c2f6510b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 27 Jul 2021 22:04:22 GMT
x-content-type-options: nosniff
age: 579858
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2208
x-xss-protection: 0
last-modified: Tue, 20 Jul 2021 14:33:55 GMT
server: sffe
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 27 Jul 2022 22:04:22 GMT

GET
H3-29 200 cta.png
tpc.googlesyndication.com/sadbundle/3176179925942100807/Honda_Jazz_Conversion_CC_Flexiblity_300x250_DCM/ Frame D226 3 KB
3 KB 18ms
16ms Image
image/png 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/3176179925942100807/Honda_Jazz_Conversion_CC_Flexiblity_300x250_DCM/cta.png

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8365b5198a29f1254f938c7863af48baae82a54572e497b86480936860336aa5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 27 Jul 2021 22:04:22 GMT
x-content-type-options: nosniff
age: 579858
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3511
x-xss-protection: 0
last-modified: Tue, 20 Jul 2021 14:33:55 GMT
server: sffe
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 27 Jul 2022 22:04:22 GMT

GET
H3-29 200 logo.png
tpc.googlesyndication.com/sadbundle/3176179925942100807/Honda_Jazz_Conversion_CC_Flexiblity_300x250_DCM/ Frame D226 2 KB
2 KB 16ms
14ms Image
image/png 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/3176179925942100807/Honda_Jazz_Conversion_CC_Flexiblity_300x250_DCM/logo.png

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3797f447bfc7d0b40b680141d493479c6017d494fd2c711b7d50fdb86d9a2809

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 27 Jul 2021 22:04:22 GMT
x-content-type-options: nosniff
age: 579858
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2372
x-xss-protection: 0
last-modified: Tue, 20 Jul 2021 14:33:55 GMT
server: sffe
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 27 Jul 2022 22:04:22 GMT

GET
H3-29 200 w.png
tpc.googlesyndication.com/sadbundle/3176179925942100807/Honda_Jazz_Conversion_CC_Flexiblity_300x250_DCM/ Frame D226 460 B
485 B 15ms
13ms Image
image/png 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/3176179925942100807/Honda_Jazz_Conversion_CC_Flexiblity_300x250_DCM/w.png

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

396a64dbad0329e4c3687da65342ca6b1633e0adfebb5ccbdf52a79e8bb28d37

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 27 Jul 2021 22:04:22 GMT
x-content-type-options: nosniff
age: 579858
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 460
x-xss-protection: 0
last-modified: Tue, 20 Jul 2021 14:33:55 GMT
server: sffe
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 27 Jul 2022 22:04:22 GMT

GET
H3-29 200 load_preloaded_resource_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210729/r20110914/client/ Frame 9196 1 KB
860 B 6ms
6ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210729/r20110914/client/load_preloaded_resource_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4110214929210244&output=html&h=280&slotname=2970979162&adk=3236041453&adf=2420973902&pi=t.ma~as.2970979162&w=1106&fwrn=4&fwrnh=100&lmt=1628003318&rafmt=1&psa=0&format=1106x280&url=https%3A%2F%2Fnewsoku.blog%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1628003319374&bpp=4&bdt=1050&idt=4&shv=r20210729&mjsv=m202107290101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D70788018dd48af57-22dd5d5890c900e0%3AT%3D1628003319%3ART%3D1628003319%3AS%3DALNI_MbaYN8En-COu8JidTAj9lI-9LYyQA&prev_fmts=0x0&nras=1&correlator=1858602499989&frm=20&pv=1&ga_vid=1952375638.1628003319&ga_sid=1628003319&ga_hid=1915987041&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=247&ady=864&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C20211866&oid=3&pvsid=1267796506519893&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=whexCSxYcg&p=https%3A//newsoku.blog&dtd=12

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5d1f3a4ee5a02abdbc66a11aad769dd81cbe4d07f0b3799ff0940ad7b7d6cc1a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 03 Aug 2021 15:01:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 403
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 830
x-xss-protection: 0
server: cafe
etag: 3558876194914413708
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 17 Aug 2021 15:01:57 GMT

GET
H3-29 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210729/r20110914/ Frame 9196 18 KB
7 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210729/r20110914/abg_lite_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4110214929210244&output=html&h=280&slotname=2970979162&adk=3236041453&adf=2420973902&pi=t.ma~as.2970979162&w=1106&fwrn=4&fwrnh=100&lmt=1628003318&rafmt=1&psa=0&format=1106x280&url=https%3A%2F%2Fnewsoku.blog%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1628003319374&bpp=4&bdt=1050&idt=4&shv=r20210729&mjsv=m202107290101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D70788018dd48af57-22dd5d5890c900e0%3AT%3D1628003319%3ART%3D1628003319%3AS%3DALNI_MbaYN8En-COu8JidTAj9lI-9LYyQA&prev_fmts=0x0&nras=1&correlator=1858602499989&frm=20&pv=1&ga_vid=1952375638.1628003319&ga_sid=1628003319&ga_hid=1915987041&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=247&ady=864&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C20211866&oid=3&pvsid=1267796506519893&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=whexCSxYcg&p=https%3A//newsoku.blog&dtd=12

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

cae4d3f5648800847dab3ac2c4d664356e91679561028920f4d5193570b747a9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 03 Aug 2021 15:00:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 520
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7610
x-xss-protection: 0
server: cafe
etag: 7847795998687576317
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 17 Aug 2021 15:00:00 GMT

GET
H3-29 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210729/r20110914/client/ Frame 9196 2 KB
1 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210729/r20110914/client/window_focus_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4110214929210244&output=html&h=280&slotname=2970979162&adk=3236041453&adf=2420973902&pi=t.ma~as.2970979162&w=1106&fwrn=4&fwrnh=100&lmt=1628003318&rafmt=1&psa=0&format=1106x280&url=https%3A%2F%2Fnewsoku.blog%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1628003319374&bpp=4&bdt=1050&idt=4&shv=r20210729&mjsv=m202107290101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D70788018dd48af57-22dd5d5890c900e0%3AT%3D1628003319%3ART%3D1628003319%3AS%3DALNI_MbaYN8En-COu8JidTAj9lI-9LYyQA&prev_fmts=0x0&nras=1&correlator=1858602499989&frm=20&pv=1&ga_vid=1952375638.1628003319&ga_sid=1628003319&ga_hid=1915987041&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=247&ady=864&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C20211866&oid=3&pvsid=1267796506519893&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=whexCSxYcg&p=https%3A//newsoku.blog&dtd=12

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b6f6d0902ff385f68ec17c4c059d4fe89a0a08f1c022ab70580ea8552dfc0a11

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 03 Aug 2021 15:04:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 224
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1339
x-xss-protection: 0
server: cafe
etag: 2275704724217174249
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 17 Aug 2021 15:04:56 GMT

GET
H3-29 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 9196 124 KB
37 KB 25ms
25ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4110214929210244&output=html&h=280&slotname=2970979162&adk=3236041453&adf=2420973902&pi=t.ma~as.2970979162&w=1106&fwrn=4&fwrnh=100&lmt=1628003318&rafmt=1&psa=0&format=1106x280&url=https%3A%2F%2Fnewsoku.blog%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1628003319374&bpp=4&bdt=1050&idt=4&shv=r20210729&mjsv=m202107290101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D70788018dd48af57-22dd5d5890c900e0%3AT%3D1628003319%3ART%3D1628003319%3AS%3DALNI_MbaYN8En-COu8JidTAj9lI-9LYyQA&prev_fmts=0x0&nras=1&correlator=1858602499989&frm=20&pv=1&ga_vid=1952375638.1628003319&ga_sid=1628003319&ga_hid=1915987041&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=247&ady=864&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C20211866&oid=3&pvsid=1267796506519893&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=whexCSxYcg&p=https%3A//newsoku.blog&dtd=12

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c430c267231b0171372bc7daa045e7293403f2744255796e9121c320760f191a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 03 Aug 2021 15:08:40 GMT
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
server: sffe
etag: "1627903459924584"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
x-content-type-options: nosniff
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 38134
x-xss-protection: 0
expires: Tue, 03 Aug 2021 15:08:40 GMT

GET
H3-29 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210729/r20110914/client/ Frame 9196 14 KB
6 KB 8ms
6ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210729/r20110914/client/qs_click_protection_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4110214929210244&output=html&h=280&slotname=2970979162&adk=3236041453&adf=2420973902&pi=t.ma~as.2970979162&w=1106&fwrn=4&fwrnh=100&lmt=1628003318&rafmt=1&psa=0&format=1106x280&url=https%3A%2F%2Fnewsoku.blog%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1628003319374&bpp=4&bdt=1050&idt=4&shv=r20210729&mjsv=m202107290101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D70788018dd48af57-22dd5d5890c900e0%3AT%3D1628003319%3ART%3D1628003319%3AS%3DALNI_MbaYN8En-COu8JidTAj9lI-9LYyQA&prev_fmts=0x0&nras=1&correlator=1858602499989&frm=20&pv=1&ga_vid=1952375638.1628003319&ga_sid=1628003319&ga_hid=1915987041&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=247&ady=864&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C20211866&oid=3&pvsid=1267796506519893&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=whexCSxYcg&p=https%3A//newsoku.blog&dtd=12

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3c30f9db6ce74a9fadf8de7de2ae7e23428d3c043f576184c391908f8154d2f7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 03 Aug 2021 15:05:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 201
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6204
x-xss-protection: 0
server: cafe
etag: 11055049251678278959
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 17 Aug 2021 15:05:19 GMT

GET
H3-29 204 l
www.google.com/ads/measurement/ Frame 9196 0
0 26ms
22ms Image
text/html 2a00:1450:4001:828::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaRiKa9Z74Atf0ktqnHn6lqGhrdWYKDqoC8AVtPmjh8EaX7TjB8hu3KdewQHZxx_vHGaRyWr
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4110214929210244&output=html&h=280&slotname=2970979162&adk=3236041453&adf=2420973902&pi=t.ma~as.2970979162&w=1106&fwrn=4&fwrnh=100&lmt=1628003318&rafmt=1&psa=0&format=1106x280&url=https%3A%2F%2Fnewsoku.blog%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1628003319374&bpp=4&bdt=1050&idt=4&shv=r20210729&mjsv=m202107290101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D70788018dd48af57-22dd5d5890c900e0%3AT%3D1628003319%3ART%3D1628003319%3AS%3DALNI_MbaYN8En-COu8JidTAj9lI-9LYyQA&prev_fmts=0x0&nras=1&correlator=1858602499989&frm=20&pv=1&ga_vid=1952375638.1628003319&ga_sid=1628003319&ga_hid=1915987041&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=247&ady=864&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C20211866&oid=3&pvsid=1267796506519893&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=whexCSxYcg&p=https%3A//newsoku.blog&dtd=12
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H2 200 42d1b86cb875341df5a163347562cfa0.js Show response
www.gstatic.com/mysidia/ Frame 9196 26 KB
11 KB 10ms
6ms Script
text/javascript 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/42d1b86cb875341df5a163347562cfa0.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4110214929210244&output=html&h=280&slotname=2970979162&adk=3236041453&adf=2420973902&pi=t.ma~as.2970979162&w=1106&fwrn=4&fwrnh=100&lmt=1628003318&rafmt=1&psa=0&format=1106x280&url=https%3A%2F%2Fnewsoku.blog%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1628003319374&bpp=4&bdt=1050&idt=4&shv=r20210729&mjsv=m202107290101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D70788018dd48af57-22dd5d5890c900e0%3AT%3D1628003319%3ART%3D1628003319%3AS%3DALNI_MbaYN8En-COu8JidTAj9lI-9LYyQA&prev_fmts=0x0&nras=1&correlator=1858602499989&frm=20&pv=1&ga_vid=1952375638.1628003319&ga_sid=1628003319&ga_hid=1915987041&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=247&ady=864&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C20211866&oid=3&pvsid=1267796506519893&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=whexCSxYcg&p=https%3A//newsoku.blog&dtd=12

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5e657b28cb084ea0db5d890b2e2c087134cca2e68cecdf498ae903d01c9427c1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 28 Jul 2021 22:14:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 492875
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10795
x-xss-protection: 0
last-modified: Wed, 28 Jul 2021 21:26:31 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Tue, 26 Oct 2021 22:14:05 GMT

GET
H3-29

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 14C2
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si

0
16 B

40ms
40ms

Document
text/html

2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

safe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/drt/si
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://googleads.g.doubleclick.net/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: IDE=AHWqTUnpraTetqlVkU_G3jnDAUJh4FGdJw4G62iUY20vXQtihzbW2vfEAY-I2DFvSb8
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Tue, 03 Aug 2021 15:08:40 GMT
server: safe
content-length: 0
x-xss-protection: 0
set-cookie: DSID=NO_DATA; expires=Tue, 03-Aug-2021 16:08:40 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Tue, 03 Aug 2021 15:08:40 GMT
cache-control: private

Redirect headers

location: https://googleads.g.doubleclick.net/pagead/drt/si
cache-control: private
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Tue, 03 Aug 2021 15:08:40 GMT
server: safe
content-length: 246
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 downsize_200k_v1
tpc.googlesyndication.com/simgad/8017557906341533597/ Frame 9196 29 KB
29 KB 7ms
7ms Image
image/jpeg 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/8017557906341533597/downsize_200k_v1?w=600&h=314

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4110214929210244&output=html&h=280&slotname=2970979162&adk=3236041453&adf=2420973902&pi=t.ma~as.2970979162&w=1106&fwrn=4&fwrnh=100&lmt=1628003318&rafmt=1&psa=0&format=1106x280&url=https%3A%2F%2Fnewsoku.blog%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1628003319374&bpp=4&bdt=1050&idt=4&shv=r20210729&mjsv=m202107290101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D70788018dd48af57-22dd5d5890c900e0%3AT%3D1628003319%3ART%3D1628003319%3AS%3DALNI_MbaYN8En-COu8JidTAj9lI-9LYyQA&prev_fmts=0x0&nras=1&correlator=1858602499989&frm=20&pv=1&ga_vid=1952375638.1628003319&ga_sid=1628003319&ga_hid=1915987041&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=247&ady=864&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C20211866&oid=3&pvsid=1267796506519893&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=whexCSxYcg&p=https%3A//newsoku.blog&dtd=12

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

70b315f4b1ab5a1d1114714f2e4a21b5652e4ec55a09ea3d2fb3e55254429b1a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 31 Jul 2021 05:17:38 GMT
x-content-type-options: nosniff
age: 294662
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 29937
x-xss-protection: 0
last-modified: Tue, 13 Aug 2019 09:10:38 GMT
server: sffe
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 31 Jul 2022 05:17:38 GMT

GET
DATA 200
OK truncated
/ Frame 9196 206 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 76ebd2a7078570fa9f6a50855b4ade57c6b558cca7c95801b2b247406b274975

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H3-29 200 adview
googleads.g.doubleclick.net/pagead/ Frame 9196 0
0 42ms
42ms Fetch
text/html 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CsFWy91sJYcyIGcea-wbe6rfgBNHrk6Za-u_Q248K6Kq2lYsDEAEg3J6hMWCVAqABhP67_APIAQmpApb4Vkes8rM-qAMByAPLBKoEzwFP0GGR48Ovp6ibJ3nTfH2_3SRbkRdBi6IxT8P3qx8HYJNVRocgNect4xOu_XBZj5onciFA-7zgRgz9ByyTN-ikq04xQzzZ5WEAVAYGro-0_TSyu8yLVcwdZuWFeseYdVrS0c8LDIiWkqAml1eDfzhAY4PtV5uCj80cDZhthr97RA9ezn7BJ1AfbKgYdOufpt6dvpdacwabzNgtO_3DZ2sTNlenBtVqbtXCvtZTFHXwKPVf9EKzvvE99bUeLIV7_QEBZgAJ92XqLAsxBn6IHybABOnNgrikApIFBAgEGAGSBQQIBRgEoAYugAfkgcQDqAfVyRuoB_DZG6gH8tkbqAeOzhuoB5PYG6gHugaoB-6WsQKoB6a-G6gH7NUb2AcA8gcEEPbrAtIICQiA4YBwEAEYH4AKAcgLAdgTDYgUAtAVAYAXAbIXGgoYCAASFHB1Yi00MTEwMjE0OTI5MjEwMjQ0&sigh=E8VHK1k1cW4&template_id=484

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4110214929210244&output=html&h=280&slotname=2970979162&adk=3236041453&adf=2420973902&pi=t.ma~as.2970979162&w=1106&fwrn=4&fwrnh=100&lmt=1628003318&rafmt=1&psa=0&format=1106x280&url=https%3A%2F%2Fnewsoku.blog%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1628003319374&bpp=4&bdt=1050&idt=4&shv=r20210729&mjsv=m202107290101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D70788018dd48af57-22dd5d5890c900e0%3AT%3D1628003319%3ART%3D1628003319%3AS%3DALNI_MbaYN8En-COu8JidTAj9lI-9LYyQA&prev_fmts=0x0&nras=1&correlator=1858602499989&frm=20&pv=1&ga_vid=1952375638.1628003319&ga_sid=1628003319&ga_hid=1915987041&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=247&ady=864&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C20211866&oid=3&pvsid=1267796506519893&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=whexCSxYcg&p=https%3A//newsoku.blog&dtd=12

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4110214929210244&output=html&h=280&slotname=2970979162&adk=3236041453&adf=2420973902&pi=t.ma~as.2970979162&w=1106&fwrn=4&fwrnh=100&lmt=1628003318&rafmt=1&psa=0&format=1106x280&url=https%3A%2F%2Fnewsoku.blog%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1628003319374&bpp=4&bdt=1050&idt=4&shv=r20210729&mjsv=m202107290101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D70788018dd48af57-22dd5d5890c900e0%3AT%3D1628003319%3ART%3D1628003319%3AS%3DALNI_MbaYN8En-COu8JidTAj9lI-9LYyQA&prev_fmts=0x0&nras=1&correlator=1858602499989&frm=20&pv=1&ga_vid=1952375638.1628003319&ga_sid=1628003319&ga_hid=1915987041&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=247&ady=864&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C20211866&oid=3&pvsid=1267796506519893&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=whexCSxYcg&p=https%3A//newsoku.blog&dtd=12
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Tue, 03 Aug 2021 15:08:40 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame 9196 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: a8ec2dc0c4be3e5fc619defcf1ad621da4b82e1ede50060cfa2d1b8ded6df921

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H3-29 200 KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v27/ Frame 9196 15 KB
15 KB 7ms
6ms Font
font/woff2 2a00:1450:4001:800::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v27/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0eaeadb58e6995ba85eccb6198aaef77eeb1d4b66699e4e1f3fc10eb6adfcdb9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://googleads.g.doubleclick.net
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 03 Aug 2021 12:00:01 GMT
x-content-type-options: nosniff
age: 11319
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15828
x-xss-protection: 0
last-modified: Mon, 05 Apr 2021 21:10:46 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 03 Aug 2022 12:00:01 GMT

GET
H3-29 200 KFOlCnqEu92Fr1MmSU5fBBc4.woff2
fonts.gstatic.com/s/roboto/v27/ Frame 9196 15 KB
15 KB 7ms
7ms Font
font/woff2 2a00:1450:4001:800::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v27/KFOlCnqEu92Fr1MmSU5fBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

33530b007071281a97e79baab13ddf7cc4b9de942ebd3e212224857335f7cb97

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://googleads.g.doubleclick.net
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 03 Aug 2021 01:45:21 GMT
x-content-type-options: nosniff
age: 48199
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15732
x-xss-protection: 0
last-modified: Mon, 05 Apr 2021 21:10:39 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 03 Aug 2022 01:45:21 GMT

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ Frame 5697 70 KB
24 KB 28ms
26ms Script
text/javascript 142.250.74.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: j.microad.net
URL: https://j.microad.net/js/compass.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.74.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s02-in-f2.1e100.net

Software

sffe /

Resource Hash

eaef7318763f1b2b04f86fd3ab0ee028f8ce31f53f3e2eaf8f098bdb0fce0897

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://newsoku.blog/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 03 Aug 2021 15:08:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "947 / 419 of 1000 / last-modified: 1627988914"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 24727
x-xss-protection: 0
expires: Tue, 03 Aug 2021 15:08:41 GMT

GET
H/1.1 200
200 ic
ssp.send.microadinc.com/ 43 B
443 B 1050ms
251ms Image
image/gif 103.142.125.195
MICROAD MicroAd

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ssp.send.microadinc.com/ic?ep=4YQlb-BzJ_sCpQ3tdB3Fl7TPTG_hoaWpKHQRkdaeFx4g8tlUU4juzYkIZjWN-Y6WSBx_Kg18_QszVCIIjFBDbYShk_5NQHc6FO1hxrOM_gnpCH45SHili8DMamdkJY0OZ4yizQ3AjjnwoO63JBBCY2DtRQYDTA4N7QBCOa4pOVFg
Requested by: Host: newsoku.blog
URL: https://newsoku.blog/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 103.142.125.195 , Japan, ASN131957 (MICROAD MicroAd, Inc., JP),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://newsoku.blog/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 03 Aug 2021 15:08:41 GMT
Server: Apache
Connection: close
Content-Type: image/gif
Content-Length: 43
P3P: policyref="http://www.microad.jp/w3c/p3p.xml",CP="NOI DSP COR NID DEVo PSAo OUR STP STA PRE"

GET
H3-29 200 en.png
tpc.googlesyndication.com/pagead/images/abg/ Frame D226 3 KB
3 KB 6ms
6ms Image
image/png 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/abg/en.png

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012107240354000/amp4ads-v0.mjs

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

85a64faec356c3a72f249a98a037317adc730ec6d38e47653cd53be5485d80a1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 02 Aug 2021 18:02:54 GMT
x-content-type-options: nosniff
server: cafe
age: 75946
etag: 15880770647744369592
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
content-type: image/png
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2982
x-xss-protection: 0
expires: Tue, 03 Aug 2021 18:02:54 GMT

GET
H3-29 200 icon.png
tpc.googlesyndication.com/pagead/images/abg/ Frame D226 344 B
368 B 7ms
6ms Image
image/png 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/abg/icon.png

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012107240354000/amp4ads-v0.mjs

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

53b99e4bde7498900885e58f9d6c383258f8a59b04389d6b54d3d4b89537b6f2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 02 Aug 2021 22:40:25 GMT
x-content-type-options: nosniff
server: cafe
age: 59295
etag: 6766994032117382215
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
content-type: image/png
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 344
x-xss-protection: 0
expires: Tue, 03 Aug 2021 22:40:25 GMT

GET
H3-29 200 tBv30B7cEwOfmOtuBIU0RKM2cx09bPxFJYI-bfU5S6g.js Show response
pagead2.googlesyndication.com/bg/ Frame 630F 35 KB
13 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/tBv30B7cEwOfmOtuBIU0RKM2cx09bPxFJYI-bfU5S6g.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4110214929210244&output=html&h=280&slotname=2970979162&adk=3236041453&adf=2420973902&pi=t.ma~as.2970979162&w=1106&fwrn=4&fwrnh=100&lmt=1628003318&rafmt=1&psa=0&format=1106x280&url=https%3A%2F%2Fnewsoku.blog%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1628003319374&bpp=4&bdt=1050&idt=4&shv=r20210729&mjsv=m202107290101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D70788018dd48af57-22dd5d5890c900e0%3AT%3D1628003319%3ART%3D1628003319%3AS%3DALNI_MbaYN8En-COu8JidTAj9lI-9LYyQA&prev_fmts=0x0&nras=1&correlator=1858602499989&frm=20&pv=1&ga_vid=1952375638.1628003319&ga_sid=1628003319&ga_hid=1915987041&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=247&ady=864&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C20211866&oid=3&pvsid=1267796506519893&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=whexCSxYcg&p=https%3A//newsoku.blog&dtd=12

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b41bf7d01edc13039f98eb6e04853444a336731d3d6cfc4525823e6df5394ba8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 01 Aug 2021 09:00:12 GMT
content-encoding: br
x-content-type-options: nosniff
age: 194908
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13260
x-xss-protection: 0
last-modified: Mon, 26 Jul 2021 08:58:00 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Mon, 01 Aug 2022 09:00:12 GMT

GET
H3-29 200 tBv30B7cEwOfmOtuBIU0RKM2cx09bPxFJYI-bfU5S6g.js Show response
pagead2.googlesyndication.com/bg/ Frame C2CF 35 KB
13 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/tBv30B7cEwOfmOtuBIU0RKM2cx09bPxFJYI-bfU5S6g.js

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b41bf7d01edc13039f98eb6e04853444a336731d3d6cfc4525823e6df5394ba8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 01 Aug 2021 09:00:12 GMT
content-encoding: br
x-content-type-options: nosniff
age: 194908
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13260
x-xss-protection: 0
last-modified: Mon, 26 Jul 2021 08:58:00 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Mon, 01 Aug 2022 09:00:12 GMT

GET
H3-29 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ Frame 697C 70 KB
24 KB 29ms
28ms Script
text/javascript 142.250.74.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: j.microad.net
URL: https://j.microad.net/js/compass.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.74.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s02-in-f2.1e100.net

Software

sffe /

Resource Hash

eaef7318763f1b2b04f86fd3ab0ee028f8ce31f53f3e2eaf8f098bdb0fce0897

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://newsoku.blog/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 03 Aug 2021 15:08:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "947 / 634 of 1000 / last-modified: 1627988914"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 24727
x-xss-protection: 0
expires: Tue, 03 Aug 2021 15:08:41 GMT

GET
H/1.1 200
200 ic
ssp.send.microadinc.com/ 43 B
443 B 1006ms
251ms Image
image/gif 103.142.125.195
MICROAD MicroAd

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ssp.send.microadinc.com/ic?ep=4YQlb-CSJo0BfBcmYDG_vrSoSyEjEmQKgrSDBMlhgbYHu66D2CniDyR4ESr_tAAWLaNEJjdgZq9UzQbLRHgMcv-QAAoo8h1rZ73-dtAt8stEbBhmJ0h7LugnWWoDdRK-HC2uD6Ck6GaflBwWIOddciu92rZg6S7TbHgIeuyIhdIg
Requested by: Host: newsoku.blog
URL: https://newsoku.blog/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 103.142.125.195 , Japan, ASN131957 (MICROAD MicroAd, Inc., JP),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://newsoku.blog/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 03 Aug 2021 15:08:41 GMT
Server: Apache
Connection: close
Content-Type: image/gif
Content-Length: 43
P3P: policyref="http://www.microad.jp/w3c/p3p.xml",CP="NOI DSP COR NID DEVo PSAo OUR STP STA PRE"

GET
H3-29 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ Frame F34D 70 KB
24 KB 35ms
33ms Script
text/javascript 142.250.74.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: j.microad.net
URL: https://j.microad.net/js/compass.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.74.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s02-in-f2.1e100.net

Software

sffe /

Resource Hash

eaef7318763f1b2b04f86fd3ab0ee028f8ce31f53f3e2eaf8f098bdb0fce0897

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://newsoku.blog/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 03 Aug 2021 15:08:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "947 / 347 of 1000 / last-modified: 1627988914"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 24727
x-xss-protection: 0
expires: Tue, 03 Aug 2021 15:08:41 GMT

GET
H/1.1 200
200 ic
ssp.send.microadinc.com/ 43 B
443 B 988ms
251ms Image
image/gif 103.142.125.195
MICROAD MicroAd

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ssp.send.microadinc.com/ic?ep=4YQlb-CsYGsDGvK6GxT6RctLst_RWjz9mvI0BtALnGYlLl79aCcREgaCIkh9abajabmFi4ib79LFtoyDC89qWT15p8dk9NGOyFZ2QhAjAdZmiiZd5bidq6AxmN74npqK0CNdEoJC1l1dZPqfaPGcxtBWUoKg593OTp42QS0b4-8I
Requested by: Host: newsoku.blog
URL: https://newsoku.blog/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 103.142.125.195 , Japan, ASN131957 (MICROAD MicroAd, Inc., JP),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://newsoku.blog/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 03 Aug 2021 15:08:41 GMT
Server: Apache
Connection: close
Content-Type: image/gif
Content-Length: 43
P3P: policyref="http://www.microad.jp/w3c/p3p.xml",CP="NOI DSP COR NID DEVo PSAo OUR STP STA PRE"

GET
H/1.1 200
200 asr
aid.send.microad.jp/g/pc/ 43 B
625 B 741ms
243ms Image
image/gif 202.233.84.1
MICROAD MicroAd

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://aid.send.microad.jp/g/pc/asr

Requested by

Host: newsoku.blog
URL: https://newsoku.blog/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

202.233.84.1 , Japan, ASN131957 (MICROAD MicroAd, Inc., JP),

Reverse DNS

Software

Apache /

Resource Hash

b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Security Headers

Name	Value
Strict-Transport-Security	max-age=3600

Request headers

Referer: https://newsoku.blog/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 03 Aug 2021 15:08:41 GMT
Server: Apache
Strict-Transport-Security: max-age=3600
P3P: policyref="http://www.microad.jp/w3c/p3p.xml",CP="NOI DSP COR NID DEVo PSAo OUR STP STA PRE"
Access-Control-Allow-Origin: *
Connection: close
Content-Type: image/gif
Access-Control-Allow-Headers: origin, x-requested-with, If-Modified-Since, content-type, Pragma, Cache-Control
Content-Length: 43

GET
H2 200 0.gif
counter1-cdn-ssl.fc2.com/cimg/99/00000699/ 848 B
1 KB 87ms
22ms Image
image/gif 178.79.242.41
LLNW

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://counter1-cdn-ssl.fc2.com/cimg/99/00000699/0.gif

Requested by

Host: newsoku.blog
URL: https://newsoku.blog/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

178.79.242.41 , United States, ASN22822 (LLNW, US),

Reverse DNS

https-178-79-242-41.fra.llnw.net

Software

nginx /

Resource Hash

ba2820b0e1ef34d6e7b3cedae73f5cacd148e50d1cde26f45049b1aeeb5f012b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://newsoku.blog/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 03 Aug 2021 15:08:41 GMT
x-content-type-options: nosniff
last-modified: Wed, 05 Apr 2006 19:01:49 GMT
server: nginx
age: 2663077
content-type: image/gif
x-xss-protection: 1; mode=block
cache-control: max-age=2678400
accept-ranges: bytes
content-length: 848
x-llid: 76b76919fbe5adccf852628cbdb79961
expires: Tue, 03 Aug 2021 19:24:04 GMT

GET
H2 200 5.gif
counter1-cdn-ssl.fc2.com/cimg/99/00000699/ 848 B
1 KB 23ms
22ms Image
image/gif 178.79.242.41
LLNW

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://counter1-cdn-ssl.fc2.com/cimg/99/00000699/5.gif

Requested by

Host: newsoku.blog
URL: https://newsoku.blog/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

178.79.242.41 , United States, ASN22822 (LLNW, US),

Reverse DNS

https-178-79-242-41.fra.llnw.net

Software

nginx /

Resource Hash

abdf77d7d21070b537ca17c17dd4a569b3ac19b32af7a5a7d797d99781123fbe

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://newsoku.blog/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 03 Aug 2021 15:08:41 GMT
x-content-type-options: nosniff
last-modified: Wed, 05 Apr 2006 19:01:49 GMT
server: nginx
age: 1620828
content-type: image/gif
x-xss-protection: 1; mode=block
cache-control: max-age=2678400
accept-ranges: bytes
content-length: 848
x-llid: ba7f92eb1c75ba13f9123af57b4b62a9
expires: Sun, 15 Aug 2021 20:54:53 GMT

GET
H2 200 7.gif
counter1-cdn-ssl.fc2.com/cimg/99/00000699/ 847 B
1 KB 22ms
21ms Image
image/gif 178.79.242.41
LLNW

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://counter1-cdn-ssl.fc2.com/cimg/99/00000699/7.gif

Requested by

Host: newsoku.blog
URL: https://newsoku.blog/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

178.79.242.41 , United States, ASN22822 (LLNW, US),

Reverse DNS

https-178-79-242-41.fra.llnw.net

Software

nginx /

Resource Hash

2fdc1be927c5fc7bbe9e2d1f556e0abef235d7f04b14056c7e5a53dca617cfe0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://newsoku.blog/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 03 Aug 2021 15:08:41 GMT
x-content-type-options: nosniff
last-modified: Wed, 05 Apr 2006 19:01:49 GMT
server: nginx
age: 930931
content-type: image/gif
x-xss-protection: 1; mode=block
cache-control: max-age=2678400
accept-ranges: bytes
content-length: 847
x-llid: c9717f286d7969ac5176106a4b9a36b2
expires: Mon, 23 Aug 2021 20:33:10 GMT

GET
H2 200 6.gif
counter1-cdn-ssl.fc2.com/cimg/99/00000699/ 847 B
1 KB 24ms
23ms Image
image/gif 178.79.242.41
LLNW

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://counter1-cdn-ssl.fc2.com/cimg/99/00000699/6.gif

Requested by

Host: newsoku.blog
URL: https://newsoku.blog/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

178.79.242.41 , United States, ASN22822 (LLNW, US),

Reverse DNS

https-178-79-242-41.fra.llnw.net

Software

nginx /

Resource Hash

032d7424ff8648f023de44b87fecd221968b9e3452d64ad8b39867381d8ad53c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://newsoku.blog/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 03 Aug 2021 15:08:41 GMT
x-content-type-options: nosniff
last-modified: Wed, 05 Apr 2006 19:01:49 GMT
server: nginx
age: 1794568
content-type: image/gif
x-xss-protection: 1; mode=block
cache-control: max-age=2678400
accept-ranges: bytes
content-length: 847
x-llid: 9ca37f6db53f04863cccff0de3f9b0ce
expires: Fri, 13 Aug 2021 20:39:13 GMT

GET
H2 200 3.gif
counter1-cdn-ssl.fc2.com/cimg/99/00000699/ 848 B
1 KB 23ms
22ms Image
image/gif 178.79.242.41
LLNW

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://counter1-cdn-ssl.fc2.com/cimg/99/00000699/3.gif

Requested by

Host: newsoku.blog
URL: https://newsoku.blog/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

178.79.242.41 , United States, ASN22822 (LLNW, US),

Reverse DNS

https-178-79-242-41.fra.llnw.net

Software

nginx /

Resource Hash

6300d6629cba686ceec6b44c979a8c83127baa72d2fa10374aeb41005d4002db

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://newsoku.blog/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 03 Aug 2021 15:08:41 GMT
x-content-type-options: nosniff
last-modified: Wed, 05 Apr 2006 19:01:49 GMT
server: nginx
age: 1485994
content-type: image/gif
x-xss-protection: 1; mode=block
cache-control: max-age=2678400
accept-ranges: bytes
content-length: 848
x-llid: 0443614a83bdf52b55e04002499a6004
expires: Tue, 17 Aug 2021 10:22:07 GMT

GET
H2 200 8.gif
counter1-cdn-ssl.fc2.com/cimg/99/00000699/ 848 B
1 KB 24ms
22ms Image
image/gif 178.79.242.41
LLNW

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://counter1-cdn-ssl.fc2.com/cimg/99/00000699/8.gif

Requested by

Host: newsoku.blog
URL: https://newsoku.blog/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

178.79.242.41 , United States, ASN22822 (LLNW, US),

Reverse DNS

https-178-79-242-41.fra.llnw.net

Software

nginx /

Resource Hash

d684ec10181e9bb78ff9c4fcc690967c7ad4eab281df878155b060e97a08c5da

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://newsoku.blog/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 03 Aug 2021 15:08:41 GMT
x-content-type-options: nosniff
last-modified: Wed, 05 Apr 2006 19:01:49 GMT
server: nginx
age: 2154752
content-type: image/gif
x-xss-protection: 1; mode=block
cache-control: max-age=2678400
accept-ranges: bytes
content-length: 848
x-llid: e3147b87729a9aba91a89593940ed49c
expires: Mon, 09 Aug 2021 16:36:09 GMT

GET
H3-29 200 pubads_impl_2021072901.js Show response
securepubads.g.doubleclick.net/gpt/ Frame 5697 325 KB
113 KB 28ms
28ms Script
text/javascript 142.250.74.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021072901.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.74.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s02-in-f2.1e100.net

Software

sffe /

Resource Hash

93a5aff7973bd2b1639e0499d27018a88782692ddb340169b27fac0d37dc6a66

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://newsoku.blog/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 03 Aug 2021 15:08:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 29 Jul 2021 08:44:06 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, immutable, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 116135
x-xss-protection: 0
expires: Tue, 03 Aug 2021 15:08:41 GMT

GET
H2 200 f.js Show response
cdn-fluct.sh.adingo.jp/ Frame 7326 3 KB
3 KB 567ms
297ms Script
application/javascript 130.211.14.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn-fluct.sh.adingo.jp/f.js?G=1000090646
Requested by: Host: j.microad.net
URL: https://j.microad.net/js/compass.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 130.211.14.194 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 194.14.211.130.bc.googleusercontent.com
Software: nginx /
Resource Hash: 94f36b60ffa01cf673284849dc3558bc77f69ade38897f6b9d88d831e803bf7e

Request headers

Referer: https://newsoku.blog/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 03 Aug 2021 15:08:41 GMT
via: 1.1 google
last-modified: Mon, 12 Apr 2021 01:23:17 GMT
server: nginx
etag: "cf5ec206a0bc2705586f1c0fb0bd458b"
content-type: application/javascript; charset=utf-8
cache-control: max-age=3600
accept-ranges: bytes
alt-svc: clear
content-length: 2747
expires: Tue, 03 Aug 2021 16:08:41 GMT

GET
H/1.1 200
200 ic
ssp.send.microadinc.com/ 43 B
443 B 946ms
251ms Image
image/gif 103.142.125.195
MICROAD MicroAd

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ssp.send.microadinc.com/ic?ep=4YQlb-DmjP8CAQ0D1UUae5l1g-2_-XFkUaYo7677rEIRhSMuotnZCGIs-ztfi-fLVjQOy8KxTuXODEnBZ3DrIh-Gp-9GOAOLwyDSKE7dycwCLOM3mgrMut7kG4ar6D7oot2VCObkEzci1qv2FiQfnoMg9uj-GRXUKjjzK1IS7ujA
Requested by: Host: newsoku.blog
URL: https://newsoku.blog/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 103.142.125.195 , Japan, ASN131957 (MICROAD MicroAd, Inc., JP),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://newsoku.blog/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 03 Aug 2021 15:08:41 GMT
Server: Apache
Connection: close
Content-Type: image/gif
Content-Length: 43
P3P: policyref="http://www.microad.jp/w3c/p3p.xml",CP="NOI DSP COR NID DEVo PSAo OUR STP STA PRE"

GET
H3-29 200 pubads_impl_2021072901.js Show response
securepubads.g.doubleclick.net/gpt/ Frame 697C 325 KB
113 KB 28ms
27ms Script
text/javascript 142.250.74.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021072901.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.74.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s02-in-f2.1e100.net

Software

sffe /

Resource Hash

93a5aff7973bd2b1639e0499d27018a88782692ddb340169b27fac0d37dc6a66

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://newsoku.blog/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 03 Aug 2021 15:08:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 29 Jul 2021 08:44:06 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, immutable, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 116135
x-xss-protection: 0
expires: Tue, 03 Aug 2021 15:08:41 GMT

GET
H3-29 200 pubads_impl_2021072901.js Show response
securepubads.g.doubleclick.net/gpt/ Frame F34D 325 KB
113 KB 30ms
30ms Script
text/javascript 142.250.74.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021072901.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.74.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s02-in-f2.1e100.net

Software

sffe /

Resource Hash

93a5aff7973bd2b1639e0499d27018a88782692ddb340169b27fac0d37dc6a66

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://newsoku.blog/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 03 Aug 2021 15:08:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 29 Jul 2021 08:44:06 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, immutable, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 116135
x-xss-protection: 0
expires: Tue, 03 Aug 2021 15:08:41 GMT

GET
H3-29 200 rum.js Show response
securepubads.g.doubleclick.net/pagead/js/ Frame 5697 56 KB
21 KB 20ms
19ms Script
text/javascript 142.250.74.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/js/rum.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021072901.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.74.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s02-in-f2.1e100.net

Software

cafe /

Resource Hash

a058429f767d4eed8439da0f4b34868c79bab6909a2a3597916a90d7ed0664fe

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://newsoku.blog/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 03 Aug 2021 14:18:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 3007
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 21516
x-xss-protection: 0
server: cafe
etag: 12513454152211517807
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=3600
timing-allow-origin: *
expires: Tue, 03 Aug 2021 15:18:34 GMT

GET
H2 200 integrator.js Show response
adservice.google.ch/adsid/ Frame 5697 107 B
853 B 37ms
15ms Script
application/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.ch/adsid/integrator.js?domain=newsoku.blog

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021072901.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://newsoku.blog/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 03 Aug 2021 15:08:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ Frame 5697 107 B
165 B 16ms
15ms Script
application/javascript 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=newsoku.blog

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021072901.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://newsoku.blog/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 03 Aug 2021 15:08:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-29 200 ads Show response
securepubads.g.doubleclick.net/gampad/ Frame 5697 65 KB
21 KB 361ms
360ms XHR
text/plain 142.250.74.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=3243664874205352&correlator=221827735506290&output=ldjh&impl=fifs&eid=31060033%2C31061165%2C20211866%2C31061691%2C31061693&vrg=2021072901&ptt=17&sc=1&sfv=1-0-38&ecs=20210803&iu_parts=34264398%2Cadstir_10509_82749_223620&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x250&cookie_enabled=1&bc=31&abxe=1&lmt=1628003321&dt=1628003321194&dlt=1628003320743&idt=415&ea=0&frm=23&biw=1600&bih=1200&isw=336&ish=280&oid=3&adxs=815&adys=6094&adks=159821761&ucis=on3ae6ogzoa1&ifi=1&ifk=1728655455&u_tz=120&u_his=2&u_java=false&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&nhd=1&url=https%3A%2F%2Fnewsoku.blog%2F&ref=https%3A%2F%2Fnewsoku.blog%2F&top=https%3A%2F%2Fnewsoku.blog%2F&rumc=3243664874205352&rume=1&vis=1&dmc=8&scr_x=0&scr_y=0&psz=336x280&msz=336x0&ga_vid=618322628.1628003321&ga_sid=1628003321&ga_hid=2010454438&ga_fc=false&fws=256&ohw=0&btvi=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021072901.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.74.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s02-in-f2.1e100.net

Software

cafe /

Resource Hash

a7fa4fe1baf1143b8ca47e70cb1ef29a05bdbd9905a2de83b865d74345fa076f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://newsoku.blog/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 03 Aug 2021 15:08:41 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 21002
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://newsoku.blog
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html Show response
b4c78a955062d9a7c1c9dcde3c5921a0.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 100A 6 KB
3 KB 46ms
13ms Document
text/html 2a00:1450:4001:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://b4c78a955062d9a7c1c9dcde3c5921a0.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021072901.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: b4c78a955062d9a7c1c9dcde3c5921a0.safeframe.googlesyndication.com
:scheme: https
:path: /safeframe/1-0-38/html/container.html?n=1
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://newsoku.blog/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://newsoku.blog/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 3108
date: Tue, 03 Aug 2021 15:08:41 GMT
expires: Wed, 03 Aug 2022 15:08:41 GMT
cache-control: public, immutable, max-age=31536000
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 5697 0
20 B 39ms
39ms Image
image/gif 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=ama_stats&su=newsoku.blog&doc=complete&pg_h=280&pg_w=336&pg_hs=280&c=0&aa_c=0&d=0&all_d=0&ard=0&all_ard=0&dt=d

Requested by

Host: newsoku.blog
URL: https://newsoku.blog/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://newsoku.blog/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 03 Aug 2021 15:08:41 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 csi
csi.gstatic.com/ Frame 5697 0
348 B 115ms
37ms Ping
image/gif 2a00:1450:4010:c0a::5e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=pagead&action=csi_pagead&dmc=8&puid=1~krw75667&c=3243664874205352&e=31060033%2C20211866%2C31061691%2C31061693&ctx=1&met.9=1.9m~2.bj&met.1=1.krw755t3~14.0~15.0~16.0~17.0~18.0~19.0~20.0~21.0&met.7=CDsQChgBIAMoAzDPAjjLAmixAnDMAnihwgGAAZfBAYgBz60EsAEBuAEDwAHizeqWCQ~CA4QChgBINsCKNsCMIwDODFo3AJw9wJ43osHgAGniweIAdCqFLABAbgBA8ABu4rWSw~CCgQChgBIK8DKK8DMMUDOBZosQNwxAN4qKgBgAGMqAGIAd--A7ABAbgBA8ABm-H6cA~CC8QBxgBILgDKLgDMMoDOBJougNwyQN4pQGAAWSIAWuwAQG4AQPAAZv_iccH
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/js/rum.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4010:c0a::5e Lappeenranta, Finland, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://newsoku.blog/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Tue, 03 Aug 2021 15:08:41 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 integrator.js Show response
adservice.google.com/adsid/ Frame 697C 107 B
122 B 15ms
15ms Script
application/javascript 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=newsoku.blog

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021072901.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://newsoku.blog/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 03 Aug 2021 15:08:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-29 200 ads Show response
securepubads.g.doubleclick.net/gampad/ Frame 697C 63 KB
20 KB 350ms
350ms XHR
text/plain 142.250.74.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=3215286206287082&correlator=1350072426499628&output=ldjh&impl=fifs&eid=31060439%2C31061181%2C20211866%2C31062064&vrg=2021072901&ptt=17&sc=1&sfv=1-0-38&ecs=20210803&iu_parts=34264398%2Cadstir_10509_82749_223350&enc_prev_ius=%2F0%2F1&prev_iu_szs=336x280%7C300x250&cookie_enabled=1&bc=31&abxe=1&lmt=1628003321&dt=1628003321253&dlt=1628003320781&idt=448&ea=0&frm=23&biw=1600&bih=1200&isw=336&ish=280&oid=3&adxs=256&adys=1728&adks=990452131&ucis=s6xh9a2aqwyp&ifi=1&ifk=1728655455&u_tz=120&u_his=2&u_java=false&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&nhd=1&url=https%3A%2F%2Fnewsoku.blog%2F&ref=https%3A%2F%2Fnewsoku.blog%2F&top=https%3A%2F%2Fnewsoku.blog%2F&vis=1&dmc=8&scr_x=0&scr_y=0&psz=336x280&msz=336x0&ga_vid=1768794540.1628003321&ga_sid=1628003321&ga_hid=2127069500&ga_fc=false&fws=256&ohw=0&btvi=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021072901.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.74.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s02-in-f2.1e100.net

Software

cafe /

Resource Hash

491cd918bd3246b23e93574abfcd5200eb3649fb095d4a7e20f7f068bc53a90a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://newsoku.blog/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 03 Aug 2021 15:08:41 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20722
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://newsoku.blog
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html Show response
04b69d6d8560a76f08fdb9f6dcb725ab.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 4F25 6 KB
3 KB 27ms
13ms Document
text/html 2a00:1450:4001:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://04b69d6d8560a76f08fdb9f6dcb725ab.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021072901.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: 04b69d6d8560a76f08fdb9f6dcb725ab.safeframe.googlesyndication.com
:scheme: https
:path: /safeframe/1-0-38/html/container.html?n=1
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://newsoku.blog/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://newsoku.blog/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 3108
date: Tue, 03 Aug 2021 15:08:41 GMT
expires: Wed, 03 Aug 2022 15:08:41 GMT
cache-control: public, immutable, max-age=31536000
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 integrator.js Show response
adservice.google.ch/adsid/ Frame F34D 107 B
122 B 29ms
15ms Script
application/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.ch/adsid/integrator.js?domain=newsoku.blog

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021072901.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://newsoku.blog/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 03 Aug 2021 15:08:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-29 200 integrator.js Show response
adservice.google.com/adsid/ Frame F34D 107 B
122 B 16ms
15ms Script
application/javascript 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=newsoku.blog

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021072901.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://newsoku.blog/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 03 Aug 2021 15:08:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-29 200 ads Show response
securepubads.g.doubleclick.net/gampad/ Frame F34D 62 KB
20 KB 313ms
313ms XHR
text/plain 142.250.74.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=1366492352355720&correlator=3054489063656780&output=ldjh&impl=fifs&eid=20211866%2C31062064&vrg=2021072901&ptt=17&sc=1&sfv=1-0-38&ecs=20210803&iu_parts=34264398%2Cadstir_10509_82749_223351&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x250%7C336x280&cookie_enabled=1&bc=31&abxe=1&lmt=1628003321&dt=1628003321305&dlt=1628003320972&idt=307&ea=0&frm=23&biw=1600&bih=1200&isw=336&ish=280&oid=3&adxs=256&adys=5334&adks=4214609656&ucis=p8vwldh7kdn0&ifi=1&ifk=1728655455&u_tz=120&u_his=2&u_java=false&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&nhd=1&url=https%3A%2F%2Fnewsoku.blog%2F&ref=https%3A%2F%2Fnewsoku.blog%2F&top=https%3A%2F%2Fnewsoku.blog%2F&vis=1&dmc=8&scr_x=0&scr_y=0&psz=336x280&msz=336x0&ga_vid=397266243.1628003321&ga_sid=1628003321&ga_hid=2000881342&ga_fc=false&fws=256&ohw=0&btvi=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021072901.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.74.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s02-in-f2.1e100.net

Software

cafe /

Resource Hash

5c6f3625274ab1e5a5aa63dce9d78aaf5207ac380604e7cad469d18bab46406a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://newsoku.blog/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 03 Aug 2021 15:08:41 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20391
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://newsoku.blog
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html Show response
352510982c2b3d189368b9f6ac9ac6e8.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 7543 6 KB
3 KB 27ms
13ms Document
text/html 2a00:1450:4001:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://352510982c2b3d189368b9f6ac9ac6e8.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021072901.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: 352510982c2b3d189368b9f6ac9ac6e8.safeframe.googlesyndication.com
:scheme: https
:path: /safeframe/1-0-38/html/container.html?n=1
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://newsoku.blog/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://newsoku.blog/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 3108
date: Tue, 03 Aug 2021 15:08:41 GMT
expires: Wed, 03 Aug 2022 15:08:41 GMT
cache-control: public, immutable, max-age=31536000
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ Frame 514E 70 KB
24 KB 37ms
37ms Script
text/javascript 142.250.74.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: j.microad.net
URL: https://j.microad.net/js/compass.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.74.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s02-in-f2.1e100.net

Software

sffe /

Resource Hash

89fabdb338f961ada69fc54d26edeb61a3aaefac4e51206f47789bb47827264f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://newsoku.blog/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 03 Aug 2021 15:08:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "947 / 308 of 1000 / last-modified: 1627988989"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 24733
x-xss-protection: 0
expires: Tue, 03 Aug 2021 15:08:41 GMT

GET
H/1.1 200
200 ic
ssp.send.microadinc.com/ 43 B
443 B 988ms
251ms Image
image/gif 103.142.125.195
MICROAD MicroAd

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ssp.send.microadinc.com/ic?ep=4YQlb-RVl58CDcfOXRmUo5yMc6Z9k4OaIhCW5gPjkg_1BOZTFlrhAvhX3mbPT1WXsjaW0C0NCBrevgXGmFfDPs9rVYu3Z8-dfdCQw1pe8caYQ9cqF7Mus3eyi5wZGHwLil6tAnyLJyqvb0mXv3KPhDHQtAPqmi3esFfHNt9E40-k
Requested by: Host: newsoku.blog
URL: https://newsoku.blog/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 103.142.125.195 , Japan, ASN131957 (MICROAD MicroAd, Inc., JP),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://newsoku.blog/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 03 Aug 2021 15:08:42 GMT
Server: Apache
Connection: close
Content-Type: image/gif
Content-Length: 43
P3P: policyref="http://www.microad.jp/w3c/p3p.xml",CP="NOI DSP COR NID DEVo PSAo OUR STP STA PRE"

GET
H3-29 200 pubads_impl_2021080201.js Show response
securepubads.g.doubleclick.net/gpt/ Frame 514E 328 KB
114 KB 28ms
27ms Script
text/javascript 142.250.74.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021080201.js?31062124

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.74.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s02-in-f2.1e100.net

Software

sffe /

Resource Hash

f19ec923daf7d72e5f2f155ba6229ffde0afd953ce121b44c1ad55e332db58f0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://newsoku.blog/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 03 Aug 2021 15:08:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 02 Aug 2021 08:47:00 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, immutable, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 116893
x-xss-protection: 0
expires: Tue, 03 Aug 2021 15:08:41 GMT

GET
H3-29 200 container.html Show response
b4c78a955062d9a7c1c9dcde3c5921a0.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 6B43 6 KB
3 KB 20ms
6ms Document
text/html 2a00:1450:4001:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://b4c78a955062d9a7c1c9dcde3c5921a0.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021072901.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: b4c78a955062d9a7c1c9dcde3c5921a0.safeframe.googlesyndication.com
:scheme: https
:path: /safeframe/1-0-38/html/container.html?n=1
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://newsoku.blog/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://newsoku.blog/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 3108
date: Tue, 03 Aug 2021 15:08:41 GMT
expires: Wed, 03 Aug 2022 15:08:41 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, immutable, max-age=31536000
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 osd.js Show response
www.googletagservices.com/activeview/js/current/ Frame 5697 73 KB
27 KB 29ms
29ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021072901.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4e3da77a5939fbc06cb620cc93ee888978121a1dcd5cdb746deeb936a4cd92f0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://newsoku.blog/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 03 Aug 2021 15:08:41 GMT
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
server: sffe
etag: "1627903448373927"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
x-content-type-options: nosniff
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 27995
x-xss-protection: 0
expires: Tue, 03 Aug 2021 15:08:41 GMT

GET
H3-29 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame 5697 11 KB
8 KB 29ms
28ms XHR
application/json 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2021072901&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021072901.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3191b46c3e68fc6e7da713a04e64f257e5eea0ae0b4b477031a1b885d9e83130

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://newsoku.blog/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 03 Aug 2021 15:08:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8602
x-xss-protection: 0

GET
H3-29 200 container.html Show response
04b69d6d8560a76f08fdb9f6dcb725ab.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame DA84 6 KB
3 KB 7ms
6ms Document
text/html 2a00:1450:4001:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://04b69d6d8560a76f08fdb9f6dcb725ab.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021072901.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: 04b69d6d8560a76f08fdb9f6dcb725ab.safeframe.googlesyndication.com
:scheme: https
:path: /safeframe/1-0-38/html/container.html?n=1
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://newsoku.blog/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://newsoku.blog/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 3108
date: Tue, 03 Aug 2021 15:08:41 GMT
expires: Wed, 03 Aug 2022 15:08:41 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, immutable, max-age=31536000
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 osd.js Show response
www.googletagservices.com/activeview/js/current/ Frame 697C 73 KB
27 KB 16ms
16ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021072901.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4e3da77a5939fbc06cb620cc93ee888978121a1dcd5cdb746deeb936a4cd92f0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://newsoku.blog/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 03 Aug 2021 15:08:41 GMT
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
server: sffe
etag: "1627903448373927"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
x-content-type-options: nosniff
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 27995
x-xss-protection: 0
expires: Tue, 03 Aug 2021 15:08:41 GMT

GET
H3-29 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame 697C 11 KB
8 KB 19ms
19ms XHR
application/json 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2021072901&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021072901.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f62621fd526781abbdedb404cd5fce6486e8e68933bfc761cd9117c36e3cc714

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://newsoku.blog/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 03 Aug 2021 15:08:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8661
x-xss-protection: 0

GET
H3-29 200 container.html Show response
352510982c2b3d189368b9f6ac9ac6e8.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 175E 6 KB
3 KB 6ms
6ms Document
text/html 2a00:1450:4001:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://352510982c2b3d189368b9f6ac9ac6e8.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021072901.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: 352510982c2b3d189368b9f6ac9ac6e8.safeframe.googlesyndication.com
:scheme: https
:path: /safeframe/1-0-38/html/container.html?n=1
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://newsoku.blog/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://newsoku.blog/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 3108
date: Tue, 03 Aug 2021 15:08:41 GMT
expires: Wed, 03 Aug 2022 15:08:41 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, immutable, max-age=31536000
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 osd.js Show response
www.googletagservices.com/activeview/js/current/ Frame F34D 73 KB
27 KB 17ms
17ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021072901.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4e3da77a5939fbc06cb620cc93ee888978121a1dcd5cdb746deeb936a4cd92f0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://newsoku.blog/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 03 Aug 2021 15:08:41 GMT
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
server: sffe
etag: "1627903448373927"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
x-content-type-options: nosniff
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 27995
x-xss-protection: 0
expires: Tue, 03 Aug 2021 15:08:41 GMT

GET
H3-29 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame F34D 11 KB
8 KB 32ms
32ms XHR
application/json 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2021072901&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021072901.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b0221299ca1ddedab7893318b8f9b2b070e0a829f321510cb2892b376f0ee3e6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://newsoku.blog/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 03 Aug 2021 15:08:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8640
x-xss-protection: 0

GET
H3-29 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame 5697 17 KB
6 KB 22ms
21ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021072901.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a5ead9037af4a0e749e217f63b25a25493a7705e17d98f04b336ab1370a353db

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://newsoku.blog/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 03 Aug 2021 15:08:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1624308425655142"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6467
x-xss-protection: 0
expires: Tue, 03 Aug 2021 15:08:41 GMT

GET
H3-29 200 integrator.js Show response
adservice.google.ch/adsid/ Frame 514E 107 B
122 B 17ms
16ms Script
application/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.ch/adsid/integrator.js?domain=newsoku.blog

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021080201.js?31062124

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://newsoku.blog/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 03 Aug 2021 15:08:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-29 200 integrator.js Show response
adservice.google.com/adsid/ Frame 514E 107 B
122 B 15ms
15ms Script
application/javascript 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=newsoku.blog

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021080201.js?31062124

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://newsoku.blog/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 03 Aug 2021 15:08:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-29 200 ads Show response
securepubads.g.doubleclick.net/gampad/ Frame 514E 62 KB
20 KB 303ms
302ms XHR
text/plain 142.250.74.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=2415913545197954&correlator=1182429048311322&output=ldjh&impl=fifs&eid=31062030%2C31062051%2C31062124%2C20211866%2C31062065&vrg=2021080201&ptt=17&sc=1&sfv=1-0-38&ecs=20210803&iu_parts=34264398%2Cadstir_10509_82749_223618&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x250&cookie=ID%3D2ff90714cab422f9%3AT%3D1628003321%3AS%3DALNI_MYE3g7M7-v5JNgheDtEX6B9L0mxyw&bc=31&abxe=1&lmt=1628003321&dt=1628003321709&dlt=1628003321500&idt=188&ea=0&frm=23&biw=1600&bih=1200&isw=336&ish=280&oid=3&adxs=256&adys=7338&adks=3029384592&ucis=coahm7lowi6e&ifi=1&ifk=1728655455&u_tz=120&u_his=2&u_java=false&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&nhd=1&url=https%3A%2F%2Fnewsoku.blog%2F&ref=https%3A%2F%2Fnewsoku.blog%2F&top=https%3A%2F%2Fnewsoku.blog%2F&vis=1&dmc=8&scr_x=0&scr_y=0&psz=336x280&msz=336x0&ga_vid=1627860737.1628003322&ga_sid=1628003322&ga_hid=1226957509&ga_fc=false&fws=256&ohw=0&btvi=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021080201.js?31062124

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.74.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s02-in-f2.1e100.net

Software

cafe /

Resource Hash

6618eded05d8bf560343ef87772a0152b51d2374fc06121c9b2bff1542df78e0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://newsoku.blog/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 03 Aug 2021 15:08:41 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19975
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://newsoku.blog
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html Show response
81d96fc7c4b1ba15300e6092c7f0125f.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame B34D 6 KB
3 KB 27ms
13ms Document
text/html 2a00:1450:4001:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://81d96fc7c4b1ba15300e6092c7f0125f.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021080201.js?31062124

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: 81d96fc7c4b1ba15300e6092c7f0125f.safeframe.googlesyndication.com
:scheme: https
:path: /safeframe/1-0-38/html/container.html?n=1
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://newsoku.blog/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://newsoku.blog/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 3108
date: Tue, 03 Aug 2021 15:08:41 GMT
expires: Wed, 03 Aug 2022 15:08:41 GMT
cache-control: public, immutable, max-age=31536000
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame 697C 17 KB
6 KB 15ms
14ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021072901.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a5ead9037af4a0e749e217f63b25a25493a7705e17d98f04b336ab1370a353db

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://newsoku.blog/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 03 Aug 2021 15:08:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1624308425655142"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6467
x-xss-protection: 0
expires: Tue, 03 Aug 2021 15:08:41 GMT

GET
H3-29 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame F34D 17 KB
6 KB 15ms
14ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021072901.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a5ead9037af4a0e749e217f63b25a25493a7705e17d98f04b336ab1370a353db

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://newsoku.blog/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 03 Aug 2021 15:08:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1624308425655142"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6467
x-xss-protection: 0
expires: Tue, 03 Aug 2021 15:08:41 GMT

GET
H3-29 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 9196 42 B
64 B 43ms
43ms Fetch
image/gif 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstcKSVh04JERx2zFuY_UzcbsmNn1u-A20Btt1TTvsW_I1N5HAI3EXAZCNYKQkWPbHGomFCNlTHJ1xf2iO9uYkRfceqFQYMTTbRj4JqKFwBn8nwAPvPFzeQ1sCK4FA&sai=AMfl-YTqO-vJlvf4Rk2Jz00LJ14RY_mQCiVhFbcqW4gkcMCDV6MWfroUEam-RqjRwE5IXhBiZcjOZGlIOuACK5wspPlyYq3wB5n0VJjd9B17iTZqhbrtiSU-GPlnOmE&sig=Cg0ArKJSzOZcVEOkxcQwEAE&cid=CAASPeRowQW13y0MMGZGT5ex4wlsgwGbkBfANLXyJEvbmridecANTpJJ7LB9lc5EXFAh8k7P63tPlr9QnLHphHs&id=lidar2&mcvt=1022&p=864,247,1144,1353&mtos=1022,1022,1022,1022,1022&tos=1022,0,0,0,0&v=20210802&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=22&adk=3236041453&rs=2&met=mue&la=1&cr=0&osd=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ%3D%3D&vs=4&eosm=0&rst=1628003319391&dlt=983&rpt=2&isd=0&msd=0&r=v

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 03 Aug 2021 15:08:41 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 / Show response
sh.adingo.jp/ Frame 7326 16 KB
6 KB 770ms
268ms Script
application/x-javascript 210.140.114.22
IDCF IDC Frontier...

General

Check archive.org

Show headers Download Go to

Full URL

https://sh.adingo.jp/?G=1000090646&href=https%3A%2F%2Fnewsoku.blog%2F&serial=71980982682727&guid=ON

Requested by

Host: cdn-fluct.sh.adingo.jp
URL: https://cdn-fluct.sh.adingo.jp/f.js?G=1000090646

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

210.140.114.22 , Japan, ASN4694 (IDCF IDC Frontier Inc., JP),

Reverse DNS

Software

nginx /

Resource Hash

55da1af7798ece12a69be0e27d50b3d3578d4009c0ecf71aff8694b8528b4ef1

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://newsoku.blog/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 03 Aug 2021 15:08:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 03 Aug 2021 15:08:42 GMT
server: nginx
vary: Accept-Encoding
p3p: CP=NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa HISa OUR SAMa OTRa STP UNI STA
cache-control: no-cache, must-revalidate
content-type: application/x-javascript; charset=UTF-8
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H3-29 200 359d8744270302c99802f1759c580b27.js Show response
www.gstatic.com/mysidia/ Frame 6B43 8 KB
3 KB 16ms
14ms Script
text/javascript 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/359d8744270302c99802f1759c580b27.js?tag=client_fast_engine_2019

Requested by

Host: b4c78a955062d9a7c1c9dcde3c5921a0.safeframe.googlesyndication.com
URL: https://b4c78a955062d9a7c1c9dcde3c5921a0.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

24b46213f316c4339410661249924ae9ec8dc9cccb2a2ff3cba18212e879fa3f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://b4c78a955062d9a7c1c9dcde3c5921a0.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 28 Jul 2021 22:19:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 492526
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3505
x-xss-protection: 0
last-modified: Wed, 28 Jul 2021 21:26:31 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Tue, 26 Oct 2021 22:19:55 GMT

GET
H3-29 200 f9f3c0a5b49ed63630987033d1c75e14.js Show response
www.gstatic.com/mysidia/ Frame 6B43 89 KB
33 KB 17ms
15ms Script
text/javascript 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/f9f3c0a5b49ed63630987033d1c75e14.js?tag=location/location_extension_rda

Requested by

Host: b4c78a955062d9a7c1c9dcde3c5921a0.safeframe.googlesyndication.com
URL: https://b4c78a955062d9a7c1c9dcde3c5921a0.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a8f3e2854cce3c90cfd1c7113495237bec2faeab89f85330f94c505b02711f2d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://b4c78a955062d9a7c1c9dcde3c5921a0.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 28 Jul 2021 23:05:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 489762
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 33550
x-xss-protection: 0
last-modified: Wed, 28 Jul 2021 21:26:31 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Tue, 26 Oct 2021 23:05:59 GMT

GET
H3-29 200 css
fonts.googleapis.com/ Frame 6B43 4 KB
618 B 25ms
24ms Stylesheet
text/css 2a00:1450:4001:831::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto%3A400%2C700

Requested by

Host: b4c78a955062d9a7c1c9dcde3c5921a0.safeframe.googlesyndication.com
URL: https://b4c78a955062d9a7c1c9dcde3c5921a0.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

f7bba0cc484923e9dc8eb46a451efbd2ebe40980e07195777adaa39956bc5cd5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://b4c78a955062d9a7c1c9dcde3c5921a0.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Tue, 03 Aug 2021 15:01:04 GMT
server: ESF
date: Tue, 03 Aug 2021 15:08:41 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 03 Aug 2021 15:08:41 GMT

GET
H3-29 200 load_preloaded_resource_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210729/r20110914/client/ Frame 6B43 1 KB
867 B 7ms
6ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210729/r20110914/client/load_preloaded_resource_fy2019.js

Requested by

Host: b4c78a955062d9a7c1c9dcde3c5921a0.safeframe.googlesyndication.com
URL: https://b4c78a955062d9a7c1c9dcde3c5921a0.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5d1f3a4ee5a02abdbc66a11aad769dd81cbe4d07f0b3799ff0940ad7b7d6cc1a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://b4c78a955062d9a7c1c9dcde3c5921a0.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 03 Aug 2021 15:01:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 404
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 830
x-xss-protection: 0
server: cafe
etag: 3558876194914413708
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 17 Aug 2021 15:01:57 GMT

GET
H3-29 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210729/r20110914/ Frame 6B43 18 KB
7 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210729/r20110914/abg_lite_fy2019.js

Requested by

Host: b4c78a955062d9a7c1c9dcde3c5921a0.safeframe.googlesyndication.com
URL: https://b4c78a955062d9a7c1c9dcde3c5921a0.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

cae4d3f5648800847dab3ac2c4d664356e91679561028920f4d5193570b747a9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://b4c78a955062d9a7c1c9dcde3c5921a0.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 03 Aug 2021 15:00:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 521
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7610
x-xss-protection: 0
server: cafe
etag: 7847795998687576317
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 17 Aug 2021 15:00:00 GMT

GET
H3-29 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210729/r20110914/client/ Frame 6B43 2 KB
1 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210729/r20110914/client/window_focus_fy2019.js

Requested by

Host: b4c78a955062d9a7c1c9dcde3c5921a0.safeframe.googlesyndication.com
URL: https://b4c78a955062d9a7c1c9dcde3c5921a0.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b6f6d0902ff385f68ec17c4c059d4fe89a0a08f1c022ab70580ea8552dfc0a11

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://b4c78a955062d9a7c1c9dcde3c5921a0.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 03 Aug 2021 15:04:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 225
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1339
x-xss-protection: 0
server: cafe
etag: 2275704724217174249
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 17 Aug 2021 15:04:56 GMT

GET
H3-29 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 6B43 124 KB
37 KB 17ms
16ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: b4c78a955062d9a7c1c9dcde3c5921a0.safeframe.googlesyndication.com
URL: https://b4c78a955062d9a7c1c9dcde3c5921a0.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c430c267231b0171372bc7daa045e7293403f2744255796e9121c320760f191a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://b4c78a955062d9a7c1c9dcde3c5921a0.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 03 Aug 2021 15:08:41 GMT
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
server: sffe
etag: "1627903459924584"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
x-content-type-options: nosniff
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 38134
x-xss-protection: 0
expires: Tue, 03 Aug 2021 15:08:41 GMT

GET
H3-29 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210729/r20110914/client/ Frame 6B43 14 KB
6 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210729/r20110914/client/qs_click_protection_fy2019.js

Requested by

Host: b4c78a955062d9a7c1c9dcde3c5921a0.safeframe.googlesyndication.com
URL: https://b4c78a955062d9a7c1c9dcde3c5921a0.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3c30f9db6ce74a9fadf8de7de2ae7e23428d3c043f576184c391908f8154d2f7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://b4c78a955062d9a7c1c9dcde3c5921a0.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 03 Aug 2021 15:05:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 202
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6204
x-xss-protection: 0
server: cafe
etag: 11055049251678278959
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 17 Aug 2021 15:05:19 GMT

GET
H3-29 204 l
www.google.com/ads/measurement/ Frame 6B43 0
0 14ms
13ms Image
text/html 2a00:1450:4001:828::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaTy4gK3pGtVyNDzekxpCnVZb7xyRbbZ55kX1ZzrG14bEUIroZOgfsFQI0kLAEoieIjVEcOx7AAd9bZHgCHUt__RZWirdA
Requested by: Host: b4c78a955062d9a7c1c9dcde3c5921a0.safeframe.googlesyndication.com
URL: https://b4c78a955062d9a7c1c9dcde3c5921a0.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://b4c78a955062d9a7c1c9dcde3c5921a0.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H3-29 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/224/ Frame 4491 12 KB
5 KB 6ms
6ms Document
text/html 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4fa0156d693856f79289525c8e4db988a188d55ce0283351c96d811c7ce3e2c3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/sodar2/224/runner.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://newsoku.blog/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://newsoku.blog/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
content-length: 5029
date: Tue, 03 Aug 2021 14:30:01 GMT
expires: Wed, 03 Aug 2022 14:30:01 GMT
last-modified: Wed, 02 Jun 2021 17:09:45 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 2320
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 00BD 783 B
529 B 17ms
17ms Document
text/html 2a00:1450:4001:828::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

5a6e38e6b094757fceda18c7f4b08d76a240c59d74ba49747db5a29644cc9e7d

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-mhrvFlXI6yXxpSp84/reNw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: www.google.com
:scheme: https
:path: /recaptcha/api2/aframe
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://newsoku.blog/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://newsoku.blog/

Response headers

expires: Tue, 03 Aug 2021 15:08:41 GMT
date: Tue, 03 Aug 2021 15:08:41 GMT
cache-control: private, max-age=300
content-type: text/html; charset=utf-8
content-security-policy: script-src 'report-sample' 'nonce-mhrvFlXI6yXxpSp84/reNw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 510
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 359d8744270302c99802f1759c580b27.js Show response
www.gstatic.com/mysidia/ Frame DA84 8 KB
3 KB 8ms
8ms Script
text/javascript 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/359d8744270302c99802f1759c580b27.js?tag=client_fast_engine_2019

Requested by

Host: 04b69d6d8560a76f08fdb9f6dcb725ab.safeframe.googlesyndication.com
URL: https://04b69d6d8560a76f08fdb9f6dcb725ab.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

24b46213f316c4339410661249924ae9ec8dc9cccb2a2ff3cba18212e879fa3f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://04b69d6d8560a76f08fdb9f6dcb725ab.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 28 Jul 2021 22:19:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 492526
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3505
x-xss-protection: 0
last-modified: Wed, 28 Jul 2021 21:26:31 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Tue, 26 Oct 2021 22:19:55 GMT

GET
H3-29 200 f9f3c0a5b49ed63630987033d1c75e14.js Show response
www.gstatic.com/mysidia/ Frame DA84 89 KB
33 KB 10ms
8ms Script
text/javascript 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/f9f3c0a5b49ed63630987033d1c75e14.js?tag=location/location_extension_rda

Requested by

Host: 04b69d6d8560a76f08fdb9f6dcb725ab.safeframe.googlesyndication.com
URL: https://04b69d6d8560a76f08fdb9f6dcb725ab.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a8f3e2854cce3c90cfd1c7113495237bec2faeab89f85330f94c505b02711f2d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://04b69d6d8560a76f08fdb9f6dcb725ab.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 28 Jul 2021 23:05:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 489762
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 33550
x-xss-protection: 0
last-modified: Wed, 28 Jul 2021 21:26:31 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Tue, 26 Oct 2021 23:05:59 GMT

GET
H3-29 200 css
fonts.googleapis.com/ Frame DA84 4 KB
618 B 18ms
15ms Stylesheet
text/css 2a00:1450:4001:831::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto%3A400%2C700

Requested by

Host: 04b69d6d8560a76f08fdb9f6dcb725ab.safeframe.googlesyndication.com
URL: https://04b69d6d8560a76f08fdb9f6dcb725ab.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

f7bba0cc484923e9dc8eb46a451efbd2ebe40980e07195777adaa39956bc5cd5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://04b69d6d8560a76f08fdb9f6dcb725ab.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Tue, 03 Aug 2021 15:07:15 GMT
server: ESF
date: Tue, 03 Aug 2021 15:08:41 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 03 Aug 2021 15:08:41 GMT

GET
H3-29 200 load_preloaded_resource_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210729/r20110914/client/ Frame DA84 1 KB
867 B 8ms
7ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210729/r20110914/client/load_preloaded_resource_fy2019.js

Requested by

Host: 04b69d6d8560a76f08fdb9f6dcb725ab.safeframe.googlesyndication.com
URL: https://04b69d6d8560a76f08fdb9f6dcb725ab.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5d1f3a4ee5a02abdbc66a11aad769dd81cbe4d07f0b3799ff0940ad7b7d6cc1a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://04b69d6d8560a76f08fdb9f6dcb725ab.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 03 Aug 2021 15:01:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 404
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 830
x-xss-protection: 0
server: cafe
etag: 3558876194914413708
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 17 Aug 2021 15:01:57 GMT

GET
H3-29 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210729/r20110914/ Frame DA84 18 KB
7 KB 12ms
6ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210729/r20110914/abg_lite_fy2019.js

Requested by

Host: 04b69d6d8560a76f08fdb9f6dcb725ab.safeframe.googlesyndication.com
URL: https://04b69d6d8560a76f08fdb9f6dcb725ab.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

cae4d3f5648800847dab3ac2c4d664356e91679561028920f4d5193570b747a9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://04b69d6d8560a76f08fdb9f6dcb725ab.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 03 Aug 2021 15:00:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 521
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7610
x-xss-protection: 0
server: cafe
etag: 7847795998687576317
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 17 Aug 2021 15:00:00 GMT

GET
H3-29 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210729/r20110914/client/ Frame DA84 2 KB
1 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210729/r20110914/client/window_focus_fy2019.js

Requested by

Host: 04b69d6d8560a76f08fdb9f6dcb725ab.safeframe.googlesyndication.com
URL: https://04b69d6d8560a76f08fdb9f6dcb725ab.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b6f6d0902ff385f68ec17c4c059d4fe89a0a08f1c022ab70580ea8552dfc0a11

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://04b69d6d8560a76f08fdb9f6dcb725ab.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 03 Aug 2021 15:04:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 225
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1339
x-xss-protection: 0
server: cafe
etag: 2275704724217174249
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 17 Aug 2021 15:04:56 GMT

GET
H3-29 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame DA84 124 KB
37 KB 35ms
32ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: 04b69d6d8560a76f08fdb9f6dcb725ab.safeframe.googlesyndication.com
URL: https://04b69d6d8560a76f08fdb9f6dcb725ab.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c430c267231b0171372bc7daa045e7293403f2744255796e9121c320760f191a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://04b69d6d8560a76f08fdb9f6dcb725ab.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 03 Aug 2021 15:08:41 GMT
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
server: sffe
etag: "1627903459924584"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
x-content-type-options: nosniff
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 38134
x-xss-protection: 0
expires: Tue, 03 Aug 2021 15:08:41 GMT

GET
H3-29 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210729/r20110914/client/ Frame DA84 14 KB
6 KB 12ms
6ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210729/r20110914/client/qs_click_protection_fy2019.js

Requested by

Host: 04b69d6d8560a76f08fdb9f6dcb725ab.safeframe.googlesyndication.com
URL: https://04b69d6d8560a76f08fdb9f6dcb725ab.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3c30f9db6ce74a9fadf8de7de2ae7e23428d3c043f576184c391908f8154d2f7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://04b69d6d8560a76f08fdb9f6dcb725ab.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 03 Aug 2021 15:05:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 202
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6204
x-xss-protection: 0
server: cafe
etag: 11055049251678278959
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 17 Aug 2021 15:05:19 GMT

GET
H3-29 204 l
www.google.com/ads/measurement/ Frame DA84 0
0 14ms
13ms Image
text/html 2a00:1450:4001:828::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaRjql1djODKkDEmzYs2cSXCnMdI8bb6eb4g9_-86aYyvaixdX-dxFwgXt6VCO46tsSAZcRNPw_MpFyyO50S6G52pDL7MQ
Requested by: Host: 04b69d6d8560a76f08fdb9f6dcb725ab.safeframe.googlesyndication.com
URL: https://04b69d6d8560a76f08fdb9f6dcb725ab.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://04b69d6d8560a76f08fdb9f6dcb725ab.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H3-29 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/224/ Frame 7BFC 12 KB
5 KB 6ms
6ms Document
text/html 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4fa0156d693856f79289525c8e4db988a188d55ce0283351c96d811c7ce3e2c3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/sodar2/224/runner.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://newsoku.blog/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://newsoku.blog/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
content-length: 5029
date: Tue, 03 Aug 2021 14:30:01 GMT
expires: Wed, 03 Aug 2022 14:30:01 GMT
last-modified: Wed, 02 Jun 2021 17:09:45 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 2320
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 aframe Show response
www.google.com/recaptcha/api2/ Frame CFB8 783 B
531 B 21ms
21ms Document
text/html 2a00:1450:4001:828::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

99c138202f220f26bc6441116f6e7e53b261a48709ad36546d0de945f418d3e4

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-uL7/0MTltMJNkV20Xoirlw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: www.google.com
:scheme: https
:path: /recaptcha/api2/aframe
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://newsoku.blog/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://newsoku.blog/

Response headers

expires: Tue, 03 Aug 2021 15:08:41 GMT
date: Tue, 03 Aug 2021 15:08:41 GMT
cache-control: private, max-age=300
content-type: text/html; charset=utf-8
content-security-policy: script-src 'report-sample' 'nonce-uL7/0MTltMJNkV20Xoirlw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 512
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 359d8744270302c99802f1759c580b27.js Show response
www.gstatic.com/mysidia/ Frame 175E 8 KB
3 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/359d8744270302c99802f1759c580b27.js?tag=client_fast_engine_2019

Requested by

Host: 352510982c2b3d189368b9f6ac9ac6e8.safeframe.googlesyndication.com
URL: https://352510982c2b3d189368b9f6ac9ac6e8.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

24b46213f316c4339410661249924ae9ec8dc9cccb2a2ff3cba18212e879fa3f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://352510982c2b3d189368b9f6ac9ac6e8.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 28 Jul 2021 22:19:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 492526
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3505
x-xss-protection: 0
last-modified: Wed, 28 Jul 2021 21:26:31 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Tue, 26 Oct 2021 22:19:55 GMT

GET
H3-29 200 f9f3c0a5b49ed63630987033d1c75e14.js Show response
www.gstatic.com/mysidia/ Frame 175E 89 KB
33 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/f9f3c0a5b49ed63630987033d1c75e14.js?tag=location/location_extension_rda

Requested by

Host: 352510982c2b3d189368b9f6ac9ac6e8.safeframe.googlesyndication.com
URL: https://352510982c2b3d189368b9f6ac9ac6e8.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a8f3e2854cce3c90cfd1c7113495237bec2faeab89f85330f94c505b02711f2d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://352510982c2b3d189368b9f6ac9ac6e8.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 28 Jul 2021 23:05:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 489762
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 33550
x-xss-protection: 0
last-modified: Wed, 28 Jul 2021 21:26:31 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Tue, 26 Oct 2021 23:05:59 GMT

GET
H3-29 200 css
fonts.googleapis.com/ Frame 175E 4 KB
618 B 19ms
18ms Stylesheet
text/css 2a00:1450:4001:831::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto%3A400%2C700

Requested by

Host: 352510982c2b3d189368b9f6ac9ac6e8.safeframe.googlesyndication.com
URL: https://352510982c2b3d189368b9f6ac9ac6e8.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

f7bba0cc484923e9dc8eb46a451efbd2ebe40980e07195777adaa39956bc5cd5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://352510982c2b3d189368b9f6ac9ac6e8.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Tue, 03 Aug 2021 15:06:31 GMT
server: ESF
date: Tue, 03 Aug 2021 15:08:41 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 03 Aug 2021 15:08:41 GMT

GET
H3-29 200 load_preloaded_resource_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210729/r20110914/client/ Frame 175E 1 KB
867 B 7ms
6ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210729/r20110914/client/load_preloaded_resource_fy2019.js

Requested by

Host: 352510982c2b3d189368b9f6ac9ac6e8.safeframe.googlesyndication.com
URL: https://352510982c2b3d189368b9f6ac9ac6e8.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5d1f3a4ee5a02abdbc66a11aad769dd81cbe4d07f0b3799ff0940ad7b7d6cc1a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://352510982c2b3d189368b9f6ac9ac6e8.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 03 Aug 2021 15:01:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 404
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 830
x-xss-protection: 0
server: cafe
etag: 3558876194914413708
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 17 Aug 2021 15:01:57 GMT

GET
H3-29 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210729/r20110914/ Frame 175E 18 KB
7 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210729/r20110914/abg_lite_fy2019.js

Requested by

Host: 352510982c2b3d189368b9f6ac9ac6e8.safeframe.googlesyndication.com
URL: https://352510982c2b3d189368b9f6ac9ac6e8.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

cae4d3f5648800847dab3ac2c4d664356e91679561028920f4d5193570b747a9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://352510982c2b3d189368b9f6ac9ac6e8.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 03 Aug 2021 15:00:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 521
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7610
x-xss-protection: 0
server: cafe
etag: 7847795998687576317
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 17 Aug 2021 15:00:00 GMT

GET
H3-29 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210729/r20110914/client/ Frame 175E 2 KB
1 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210729/r20110914/client/window_focus_fy2019.js

Requested by

Host: 352510982c2b3d189368b9f6ac9ac6e8.safeframe.googlesyndication.com
URL: https://352510982c2b3d189368b9f6ac9ac6e8.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b6f6d0902ff385f68ec17c4c059d4fe89a0a08f1c022ab70580ea8552dfc0a11

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://352510982c2b3d189368b9f6ac9ac6e8.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 03 Aug 2021 15:04:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 225
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1339
x-xss-protection: 0
server: cafe
etag: 2275704724217174249
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 17 Aug 2021 15:04:56 GMT

GET
H3-29 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 175E 124 KB
37 KB 38ms
37ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: 352510982c2b3d189368b9f6ac9ac6e8.safeframe.googlesyndication.com
URL: https://352510982c2b3d189368b9f6ac9ac6e8.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c430c267231b0171372bc7daa045e7293403f2744255796e9121c320760f191a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://352510982c2b3d189368b9f6ac9ac6e8.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 03 Aug 2021 15:08:41 GMT
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
server: sffe
etag: "1627903459924584"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
x-content-type-options: nosniff
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 38134
x-xss-protection: 0
expires: Tue, 03 Aug 2021 15:08:41 GMT

GET
H3-29 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210729/r20110914/client/ Frame 175E 14 KB
6 KB 16ms
16ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210729/r20110914/client/qs_click_protection_fy2019.js

Requested by

Host: 352510982c2b3d189368b9f6ac9ac6e8.safeframe.googlesyndication.com
URL: https://352510982c2b3d189368b9f6ac9ac6e8.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3c30f9db6ce74a9fadf8de7de2ae7e23428d3c043f576184c391908f8154d2f7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://352510982c2b3d189368b9f6ac9ac6e8.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 03 Aug 2021 15:05:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 202
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6204
x-xss-protection: 0
server: cafe
etag: 11055049251678278959
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 17 Aug 2021 15:05:19 GMT

GET
H3-29 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/224/ Frame 1AEC 12 KB
5 KB 8ms
6ms Document
text/html 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4fa0156d693856f79289525c8e4db988a188d55ce0283351c96d811c7ce3e2c3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/sodar2/224/runner.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://newsoku.blog/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://newsoku.blog/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
content-length: 5029
date: Tue, 03 Aug 2021 14:30:01 GMT
expires: Wed, 03 Aug 2022 14:30:01 GMT
last-modified: Wed, 02 Jun 2021 17:09:45 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 2320
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 aframe Show response
www.google.com/recaptcha/api2/ Frame CADA 783 B
529 B 17ms
16ms Document
text/html 2a00:1450:4001:828::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

d715818e1da0b1734752b170e87def4289e4598c02291de34b5f20c4bc0bc519

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-UisiToLAnIBUJU1roA+lEw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: www.google.com
:scheme: https
:path: /recaptcha/api2/aframe
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://newsoku.blog/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://newsoku.blog/

Response headers

expires: Tue, 03 Aug 2021 15:08:41 GMT
date: Tue, 03 Aug 2021 15:08:41 GMT
cache-control: private, max-age=300
content-type: text/html; charset=utf-8
content-security-policy: script-src 'report-sample' 'nonce-UisiToLAnIBUJU1roA+lEw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 510
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 7498642122148101717
googleads.g.doubleclick.net/simgad/ Frame 6B43 2 KB
2 KB 7ms
7ms Image
image/jpeg 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://googleads.g.doubleclick.net/simgad/7498642122148101717?w=100&h=100

Requested by

Host: b4c78a955062d9a7c1c9dcde3c5921a0.safeframe.googlesyndication.com
URL: https://b4c78a955062d9a7c1c9dcde3c5921a0.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

43cebd3a608ebebdb9077fd9cb68e7d47941b5d10fcd7e41f7e05025db54a4b9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://b4c78a955062d9a7c1c9dcde3c5921a0.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 01 Aug 2021 01:24:59 GMT
x-content-type-options: nosniff
age: 222222
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1759
x-xss-protection: 0
last-modified: Thu, 29 Oct 2020 08:06:31 GMT
server: sffe
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 01 Aug 2022 01:24:59 GMT

GET
H2 200 data=kpx91QJw0wgnxGPP1lfDhtmqINGpKwTPChe2kkrCFEXe70-TU_86u8gNhJhR3PBjoMIqjob2JyQCqPxyXBq-VOAlkY8LYKrglgIJBYgwlfLlRbadArJO5bnGfQ
mts0.google.com/vt/ Frame 6B43 28 KB
29 KB 27ms
7ms Image
image/png 2a00:1450:4001:82f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mts0.google.com/vt/data=kpx91QJw0wgnxGPP1lfDhtmqINGpKwTPChe2kkrCFEXe70-TU_86u8gNhJhR3PBjoMIqjob2JyQCqPxyXBq-VOAlkY8LYKrglgIJBYgwlfLlRbadArJO5bnGfQ

Requested by

Host: b4c78a955062d9a7c1c9dcde3c5921a0.safeframe.googlesyndication.com
URL: https://b4c78a955062d9a7c1c9dcde3c5921a0.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

paintfe /

Resource Hash

2423c9273ade507c8558a65499ee15ba19237cc11833e53a356fcd28179f0848

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'; base-uri 'none'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://b4c78a955062d9a7c1c9dcde3c5921a0.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 03 Aug 2021 15:00:40 GMT
x-content-type-options: nosniff
age: 481
cross-origin-resource-policy: cross-origin
server-timing: gfet4t7; dur=1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 29142
x-xss-protection: 0
x-server-version-bin: CggIBBCCwZ6IBg==
server: paintfe
etag: 0ba2018d6ffadd408
x-frame-options: SAMEORIGIN
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=3600
content-security-policy: script-src 'none'; object-src 'none'; base-uri 'none'
expires: Tue, 03 Aug 2021 16:00:40 GMT

GET
H3-29 200 adview
securepubads.g.doubleclick.net/pagead/ Frame 6B43 0
0 31ms
30ms Fetch
text/html 142.250.74.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=CjsY2-VsJYdPCDpWZ-gbzwKXoDIib7qNi9ea1wtYM29keEAEgruHQMGD1lc6B4ASgAf7b9IoCyAEJqQL3yDUzVY-yPuACAKgDAcgDmwSqBOYBT9BRIEs9sgY1u2L8Tn9D9xEsTfxXTP4XsivbhG7Nolv3plKEZosX59dJLsJhfaQxjORVa0g8UQZAuTI_Yo8je3E6AymtDbZ1S8GB0N4ZPWofqrDhbKGlGHsego7wErmCQoWQIaOSave8r949LpTgbIUo-_pwScjInsZoeXa45KNf50JtAv7_1bZ6K_KJQjstf5eiUU2ivY6W5_yCUfRaCN2yfO8O3pVJ-Oe1Acq-KsbD877igISSnLRWCMbkKtumLnGsPqbZFzqI1MskARD3lO6A8Vr6UvQTb2r5v0HCsPuaB-bfc2rABNXThLagA-AEAZIFBAgEGAGSBQQIBRgEkgUECAUYGJIFBQgFGKgBoAYugAfqo4v1AagH1ckbqAfw2RuoB_LZG6gHjs4bqAeT2BuoB7oGqAfulrECqAemvhuoB-zVG9gHAPIHBBD1pgLSCAcIgGEQARgd8ggbYWR4LXN1YnN5bi05MDI4NTM2ODAyNzY5MzIxgAoDyAsBuBP0C9gTDYgUB9AVAYAXAbIXGgoYCAASFHB1Yi0yODAxMzI2OTkwNTY4NTA4&sigh=eDZuoeCE9yQ&template_id=1524
Requested by: Host: b4c78a955062d9a7c1c9dcde3c5921a0.safeframe.googlesyndication.com
URL: https://b4c78a955062d9a7c1c9dcde3c5921a0.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 142.250.74.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra24s02-in-f2.1e100.net
Software: /
Resource Hash

Request headers

Referer: https://b4c78a955062d9a7c1c9dcde3c5921a0.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H3-29 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 6171 1 KB
749 B 6ms
6ms Document
text/html 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: b4c78a955062d9a7c1c9dcde3c5921a0.safeframe.googlesyndication.com
URL: https://b4c78a955062d9a7c1c9dcde3c5921a0.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: pagead2.googlesyndication.com
:scheme: https
:path: /pagead/s/cookie_push_onload.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://b4c78a955062d9a7c1c9dcde3c5921a0.safeframe.googlesyndication.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://b4c78a955062d9a7c1c9dcde3c5921a0.safeframe.googlesyndication.com/

Response headers

p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
date: Tue, 03 Aug 2021 03:09:05 GMT
expires: Wed, 04 Aug 2021 03:09:05 GMT
content-type: text/html; charset=UTF-8
etag: 48472445140208031
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 724
x-xss-protection: 0
age: 43176
cache-control: public, max-age=86400
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 7498642122148101717
googleads.g.doubleclick.net/simgad/ Frame DA84 2 KB
2 KB 7ms
6ms Image
image/jpeg 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://googleads.g.doubleclick.net/simgad/7498642122148101717?w=100&h=100

Requested by

Host: 04b69d6d8560a76f08fdb9f6dcb725ab.safeframe.googlesyndication.com
URL: https://04b69d6d8560a76f08fdb9f6dcb725ab.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

43cebd3a608ebebdb9077fd9cb68e7d47941b5d10fcd7e41f7e05025db54a4b9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://04b69d6d8560a76f08fdb9f6dcb725ab.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 01 Aug 2021 01:24:59 GMT
x-content-type-options: nosniff
age: 222222
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1759
x-xss-protection: 0
last-modified: Thu, 29 Oct 2020 08:06:31 GMT
server: sffe
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 01 Aug 2022 01:24:59 GMT

GET
H3-29 200 data=vJUtbCYIGciEPeZwa7mRZAc2GY12X4mCBizeorVSuoxMb6n640au4bTy8cAKaNX2NacgRUhej8qA2eircSU7fPUkqrLNzo_IJa7j684FthaSQp-ZIIvtt-Ddyw
mts0.google.com/vt/ Frame DA84 34 KB
34 KB 108ms
94ms Image
image/png 2a00:1450:4001:82f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mts0.google.com/vt/data=vJUtbCYIGciEPeZwa7mRZAc2GY12X4mCBizeorVSuoxMb6n640au4bTy8cAKaNX2NacgRUhej8qA2eircSU7fPUkqrLNzo_IJa7j684FthaSQp-ZIIvtt-Ddyw

Requested by

Host: 04b69d6d8560a76f08fdb9f6dcb725ab.safeframe.googlesyndication.com
URL: https://04b69d6d8560a76f08fdb9f6dcb725ab.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

paintfe /

Resource Hash

7ddeb781dd96c020a95231cecbdd2f075a32235aa14e26cce2ead5531efd80f8

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'; base-uri 'none'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://04b69d6d8560a76f08fdb9f6dcb725ab.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 03 Aug 2021 15:08:42 GMT
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
server-timing: gfet4t7; dur=88
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 34734
x-xss-protection: 0
x-server-version-bin: CggIBBCCwZ6IBg==
server: paintfe
etag: 05fcca65fc403a4c5
x-frame-options: SAMEORIGIN
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=3600
content-security-policy: script-src 'none'; object-src 'none'; base-uri 'none'
expires: Tue, 03 Aug 2021 16:08:42 GMT

GET
H3-29 200 adview
securepubads.g.doubleclick.net/pagead/ Frame DA84 0
0 29ms
29ms Fetch
text/html 142.250.74.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=CRdEa-VsJYcTLEtaRgAfEyI6wC4ib7qNi9ea1wtYM29keEAEgruHQMGD1lc6B4ASgAf7b9IoCyAEJqQIekFxGmJSyPuACAKgDAcgDmwSqBOMBT9AMr4T_DtoMCnxBa9kv8-oyjAhvVeW4IdQBdDuaK74vPMzszX59VBERxd0TvziOxSOuMTXXTHJe421xoBzA8P9s--BsYAm84wR5bFZ5TLZiyRaVeieq9LGXjm6_PLdqEYRaB79DPUgG3SIdLz1Jokn2NBFhXrltdkWkK8GcRXrUhRoF1xwSJnt-0Krvmwj5yYcX6ZT2jqkWP08FbDRbolKHfSEiUo1WUwtIIITkdXF3wWPm-dFxyJhUASCwrMNCUCBPXC2tX5jKyUWxwkVrIY5RiVrmFRvrl8oanZcQAjepBrbABNXThLagA-AEAZIFBAgEGAGSBQQIBRgEkgUECAUYGJIFBQgFGKgBoAYugAfqo4v1AagH1ckbqAfw2RuoB_LZG6gHjs4bqAeT2BuoB7oGqAfulrECqAemvhuoB-zVG9gHAPIHBBCmhQPSCAcIgGEQARgd8ggbYWR4LXN1YnN5bi05MDI4NTM2ODAyNzY5MzIxgAoDyAsBuBP0C9gTDYgUB9AVAYAXAbIXGgoYCAASFHB1Yi0yODAxMzI2OTkwNTY4NTA4&sigh=Ki6JzGusnt4&template_id=1524
Requested by: Host: 04b69d6d8560a76f08fdb9f6dcb725ab.safeframe.googlesyndication.com
URL: https://04b69d6d8560a76f08fdb9f6dcb725ab.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 142.250.74.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra24s02-in-f2.1e100.net
Software: /
Resource Hash

Request headers

Referer: https://04b69d6d8560a76f08fdb9f6dcb725ab.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H3-29 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame AB5D 1 KB
749 B 6ms
6ms Document
text/html 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: 04b69d6d8560a76f08fdb9f6dcb725ab.safeframe.googlesyndication.com
URL: https://04b69d6d8560a76f08fdb9f6dcb725ab.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: pagead2.googlesyndication.com
:scheme: https
:path: /pagead/s/cookie_push_onload.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://04b69d6d8560a76f08fdb9f6dcb725ab.safeframe.googlesyndication.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://04b69d6d8560a76f08fdb9f6dcb725ab.safeframe.googlesyndication.com/

Response headers

p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
date: Tue, 03 Aug 2021 03:09:05 GMT
expires: Wed, 04 Aug 2021 03:09:05 GMT
content-type: text/html; charset=UTF-8
etag: 48472445140208031
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 724
x-xss-protection: 0
age: 43176
cache-control: public, max-age=86400
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
DATA 200
OK truncated
/ Frame DA84 210 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 4f966bf43f2e7cee47386687c82018c769becf7210ace5e67535739b62a968a1

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame 6B43 216 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 992b2fdff553006dd4b943a17d8f6c85fe1bea57907ef57d466baec7c2a1a893

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H3-29 200 7498642122148101717
googleads.g.doubleclick.net/simgad/ Frame 175E 2 KB
2 KB 7ms
7ms Image
image/jpeg 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://googleads.g.doubleclick.net/simgad/7498642122148101717?w=100&h=100

Requested by

Host: 352510982c2b3d189368b9f6ac9ac6e8.safeframe.googlesyndication.com
URL: https://352510982c2b3d189368b9f6ac9ac6e8.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

43cebd3a608ebebdb9077fd9cb68e7d47941b5d10fcd7e41f7e05025db54a4b9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://352510982c2b3d189368b9f6ac9ac6e8.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 01 Aug 2021 01:24:59 GMT
x-content-type-options: nosniff
age: 222223
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1759
x-xss-protection: 0
last-modified: Thu, 29 Oct 2020 08:06:31 GMT
server: sffe
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 01 Aug 2022 01:24:59 GMT

GET
H3-29 200 data=vJUtbCYIGciEPeZwa7mRZAc2GY12X4mCBizeorVSuoxMb6n640au4bTy8cAKaNX2NacgRUhej8qA2eircSU7fPUkqrLNzo_IJa7j684FthaSQp-ZIIvtt-Ddyw
mts0.google.com/vt/ Frame 175E 34 KB
34 KB 79ms
79ms Image
image/png 2a00:1450:4001:82f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mts0.google.com/vt/data=vJUtbCYIGciEPeZwa7mRZAc2GY12X4mCBizeorVSuoxMb6n640au4bTy8cAKaNX2NacgRUhej8qA2eircSU7fPUkqrLNzo_IJa7j684FthaSQp-ZIIvtt-Ddyw

Requested by

Host: 352510982c2b3d189368b9f6ac9ac6e8.safeframe.googlesyndication.com
URL: https://352510982c2b3d189368b9f6ac9ac6e8.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

paintfe /

Resource Hash

7ddeb781dd96c020a95231cecbdd2f075a32235aa14e26cce2ead5531efd80f8

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'; base-uri 'none'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://352510982c2b3d189368b9f6ac9ac6e8.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 03 Aug 2021 15:08:42 GMT
x-content-type-options: nosniff
age: 0
cross-origin-resource-policy: cross-origin
server-timing: gfet4t7; dur=73
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 34734
x-xss-protection: 0
x-server-version-bin: CggIBBCCwZ6IBg==
server: paintfe
etag: 05fcca65fc403a4c5
x-frame-options: SAMEORIGIN
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=3600
content-security-policy: script-src 'none'; object-src 'none'; base-uri 'none'
expires: Tue, 03 Aug 2021 16:08:42 GMT

GET
H3-29 200 adview
securepubads.g.doubleclick.net/pagead/ Frame 175E 0
0 30ms
30ms Fetch
text/html 142.250.74.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=CCXRb-VsJYaK6FaLSgAfXrou4CIib7qNi9ea1wtYM29keEAEgruHQMGD1lc6B4ASgAf7b9IoCyAEJqQIekFxGmJSyPuACAKgDAcgDmwSqBOMBT9BSiTFnt3NBCMcQS7cP0G7nktb3-hEHbzKZthbhBm_HAekF8UqHjJKQAU3DkOjChuvbjRcXrLUDMzhuvQJchY6reNgf4BqWrACuMCmSTvXdJ3AU7EEqCOx17W5nPEbPjL11PUBotNEenx6CP1tU-hhRLqcPTb64t89L8Pz3YULII8HL9dV_PQPzyMyxJI4PYmKayTHlx8_AYAY4C4YgoEpZBRJFhiUDHYVI33Bb3HtQ-3L0_T2tbzSxlXc16qUdpf31T4YULqK2gbuysCsjUl8xiwNF45D2W5P3TWmwmYDq6R7ABNXThLagA-AEAZIFBAgEGAGSBQQIBRgEkgUECAUYGJIFBQgFGKgBoAYugAfqo4v1AagH1ckbqAfw2RuoB_LZG6gHjs4bqAeT2BuoB7oGqAfulrECqAemvhuoB-zVG9gHAPIHBBDv0gPSCAcIgGEQARgd8ggbYWR4LXN1YnN5bi05MDI4NTM2ODAyNzY5MzIxgAoDyAsBuBP0C9gTDYgUB9AVAYAXAbIXGgoYCAASFHB1Yi0yODAxMzI2OTkwNTY4NTA4&sigh=owkxHdsrsQw&template_id=1524
Requested by: Host: 352510982c2b3d189368b9f6ac9ac6e8.safeframe.googlesyndication.com
URL: https://352510982c2b3d189368b9f6ac9ac6e8.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 142.250.74.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra24s02-in-f2.1e100.net
Software: /
Resource Hash

Request headers

Referer: https://352510982c2b3d189368b9f6ac9ac6e8.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H3-29 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame D848 1 KB
749 B 6ms
6ms Document
text/html 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: 352510982c2b3d189368b9f6ac9ac6e8.safeframe.googlesyndication.com
URL: https://352510982c2b3d189368b9f6ac9ac6e8.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: pagead2.googlesyndication.com
:scheme: https
:path: /pagead/s/cookie_push_onload.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://352510982c2b3d189368b9f6ac9ac6e8.safeframe.googlesyndication.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://352510982c2b3d189368b9f6ac9ac6e8.safeframe.googlesyndication.com/

Response headers

p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
date: Tue, 03 Aug 2021 03:09:05 GMT
expires: Wed, 04 Aug 2021 03:09:05 GMT
content-type: text/html; charset=UTF-8
etag: 48472445140208031
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 724
x-xss-protection: 0
age: 43177
cache-control: public, max-age=86400
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
DATA 200
OK truncated
/ Frame 175E 215 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ae3d01ce60fae6ac2b80ea3c6aaed648df5d5eb3044661e1577966f9dea633b6

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H3-29 200 KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v27/ Frame 6B43 15 KB
15 KB 6ms
6ms Font
font/woff2 2a00:1450:4001:800::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v27/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A400%2C700

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0eaeadb58e6995ba85eccb6198aaef77eeb1d4b66699e4e1f3fc10eb6adfcdb9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://b4c78a955062d9a7c1c9dcde3c5921a0.safeframe.googlesyndication.com
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 03 Aug 2021 12:00:01 GMT
x-content-type-options: nosniff
age: 11321
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15828
x-xss-protection: 0
last-modified: Mon, 05 Apr 2021 21:10:46 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 03 Aug 2022 12:00:01 GMT

GET
H3-29 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v27/ Frame 6B43 15 KB
15 KB 7ms
6ms Font
font/woff2 2a00:1450:4001:800::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v27/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A400%2C700

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://b4c78a955062d9a7c1c9dcde3c5921a0.safeframe.googlesyndication.com
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 02 Aug 2021 18:26:24 GMT
x-content-type-options: nosniff
age: 74538
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15688
x-xss-protection: 0
last-modified: Mon, 05 Apr 2021 21:10:35 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 02 Aug 2022 18:26:24 GMT

GET
H3-29 200 container.html Show response
81d96fc7c4b1ba15300e6092c7f0125f.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame F790 6 KB
3 KB 7ms
6ms Document
text/html 2a00:1450:4001:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://81d96fc7c4b1ba15300e6092c7f0125f.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021080201.js?31062124

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: 81d96fc7c4b1ba15300e6092c7f0125f.safeframe.googlesyndication.com
:scheme: https
:path: /safeframe/1-0-38/html/container.html?n=1
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://newsoku.blog/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://newsoku.blog/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 3108
date: Tue, 03 Aug 2021 15:08:41 GMT
expires: Wed, 03 Aug 2022 15:08:41 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, immutable, max-age=31536000
age: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 osd.js Show response
www.googletagservices.com/activeview/js/current/ Frame 514E 73 KB
27 KB 22ms
22ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021080201.js?31062124

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4e3da77a5939fbc06cb620cc93ee888978121a1dcd5cdb746deeb936a4cd92f0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://newsoku.blog/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 03 Aug 2021 15:08:42 GMT
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
server: sffe
etag: "1627903448373927"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
x-content-type-options: nosniff
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 27995
x-xss-protection: 0
expires: Tue, 03 Aug 2021 15:08:42 GMT

GET
H3-29 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame 514E 11 KB
8 KB 20ms
19ms XHR
application/json 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2021080201&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021080201.js?31062124

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1be85989c4f40b08a96cb0180f37bad09e0a9242cf8e385498c10bf66d3a51c2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://newsoku.blog/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 03 Aug 2021 15:08:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8531
x-xss-protection: 0

GET
H3-29 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame 514E 17 KB
6 KB 23ms
23ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021080201.js?31062124

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a5ead9037af4a0e749e217f63b25a25493a7705e17d98f04b336ab1370a353db

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://newsoku.blog/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 03 Aug 2021 15:08:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1624308425655142"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6467
x-xss-protection: 0
expires: Tue, 03 Aug 2021 15:08:42 GMT

GET
H3-29 200 tBv30B7cEwOfmOtuBIU0RKM2cx09bPxFJYI-bfU5S6g.js Show response
pagead2.googlesyndication.com/bg/ Frame 4491 35 KB
13 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/tBv30B7cEwOfmOtuBIU0RKM2cx09bPxFJYI-bfU5S6g.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b41bf7d01edc13039f98eb6e04853444a336731d3d6cfc4525823e6df5394ba8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 01 Aug 2021 09:00:12 GMT
content-encoding: br
x-content-type-options: nosniff
age: 194910
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13260
x-xss-protection: 0
last-modified: Mon, 26 Jul 2021 08:58:00 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Mon, 01 Aug 2022 09:00:12 GMT

GET
H3-29 200 KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v27/ Frame DA84 15 KB
15 KB 6ms
6ms Font
font/woff2 2a00:1450:4001:800::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v27/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A400%2C700

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0eaeadb58e6995ba85eccb6198aaef77eeb1d4b66699e4e1f3fc10eb6adfcdb9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://04b69d6d8560a76f08fdb9f6dcb725ab.safeframe.googlesyndication.com
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 03 Aug 2021 12:00:01 GMT
x-content-type-options: nosniff
age: 11321
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15828
x-xss-protection: 0
last-modified: Mon, 05 Apr 2021 21:10:46 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 03 Aug 2022 12:00:01 GMT

GET
H3-29 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v27/ Frame DA84 15 KB
15 KB 7ms
6ms Font
font/woff2 2a00:1450:4001:800::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v27/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A400%2C700

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://04b69d6d8560a76f08fdb9f6dcb725ab.safeframe.googlesyndication.com
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 02 Aug 2021 18:26:24 GMT
x-content-type-options: nosniff
age: 74538
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15688
x-xss-protection: 0
last-modified: Mon, 05 Apr 2021 21:10:35 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 02 Aug 2022 18:26:24 GMT

GET
H3-29 200 tBv30B7cEwOfmOtuBIU0RKM2cx09bPxFJYI-bfU5S6g.js Show response
pagead2.googlesyndication.com/bg/ Frame 7BFC 35 KB
13 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/tBv30B7cEwOfmOtuBIU0RKM2cx09bPxFJYI-bfU5S6g.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b41bf7d01edc13039f98eb6e04853444a336731d3d6cfc4525823e6df5394ba8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 01 Aug 2021 09:00:12 GMT
content-encoding: br
x-content-type-options: nosniff
age: 194910
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13260
x-xss-protection: 0
last-modified: Mon, 26 Jul 2021 08:58:00 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Mon, 01 Aug 2022 09:00:12 GMT

GET
H2 200 google
match.adsrvr.org/track/cmf/ Frame 6171 70 B
264 B 46ms
40ms Image
image/gif 13.248.242.197
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/google?google_gid=CAESEDwz0F2BLoxIKt-6hjH90pU&google_cver=1&google_push=AYg5qPJUGr6OqqdTdQbSZc92l24ew9mvadGNy0b5j3Axv2-psZMw96IPuVCmwghnTSxn-tfzAAbugdadn7nsjNmd1uP1X6sXqtBn
Requested by: Host: b4c78a955062d9a7c1c9dcde3c5921a0.safeframe.googlesyndication.com
URL: https://b4c78a955062d9a7c1c9dcde3c5921a0.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.248.242.197 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a97adde81b00f2ca4.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 03 Aug 2021 15:08:42 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-type: image/gif
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H3-29

200

pixel
cm.g.doubleclick.net/ Frame 6171
Redirect Chain

https://fksnk.com/cs/google?google_gid=CAESEGaC3vReBBkHROP5FNrLibk&google_cver=1&google_push=AYg5qPLwdEYjCtpNk3xVNpXlRbZqhu3xYodgKaLnO_y8RpR1f3E8Eld-YcJNJhN6dvVcfa13BdMIwyQ9FHh-x0G7CdfOGojgqpPc
https://cm.g.doubleclick.net/pixel?google_nid=fiksu&google_hm=QzIzQjBGOUIxMjlBQjA5OQ==

170 B
188 B

30ms
30ms

Image
image/png

142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=fiksu&google_hm=QzIzQjBGOUIxMjlBQjA5OQ==

Requested by

Host: newsoku.blog
URL: https://newsoku.blog/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 03 Aug 2021 15:08:42 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=fiksu&google_hm=QzIzQjBGOUIxMjlBQjA5OQ==
date: Tue, 03 Aug 2021 15:08:42 GMT
content-language: en-US
content-type: text/html;charset=ISO-8859-1

GET match
um.wbtrk.net/doubleclick/user/ Frame 6171 0
0

GET
H3-29

200

pixel
cm.g.doubleclick.net/ Frame 6171
Redirect Chain

https://c.eu1.dyntrk.com/adx/ga/us.php?dynk=ga2ex&google_gid=CAESEDVW2KkYh6gNy-iGtBJ2NAU&google_cver=1&google_push=AYg5qPKFAqfcCt9Bpd8eH-sQ08MR7gyURIq6Ka-b2d65U9P_hk8Aa5GuG6ygKEMbl5FrkU6DyTAsT4MJGB...
https://c.eu1.dyntrk.com/adx/ga/us.php?dynk=ga2ex&google_gid=CAESEDVW2KkYh6gNy-iGtBJ2NAU&google_cver=1&google_push=AYg5qPKFAqfcCt9Bpd8eH-sQ08MR7gyURIq6Ka-b2d65U9P_hk8Aa5GuG6ygKEMbl5FrkU6DyTAsT4MJGB...
https://cm.g.doubleclick.net/pixel?google_nid=dynadmic&google_push=AYg5qPKFAqfcCt9Bpd8eH-sQ08MR7gyURIq6Ka-b2d65U9P_hk8Aa5GuG6ygKEMbl5FrkU6DyTAsT4MJGBr0a5U8q32tql59Zuwk&google_hm=MDMwMzAwMDNfNjEwOTV...

170 B
188 B

47ms
29ms

Image
image/png

142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=dynadmic&google_push=AYg5qPKFAqfcCt9Bpd8eH-sQ08MR7gyURIq6Ka-b2d65U9P_hk8Aa5GuG6ygKEMbl5FrkU6DyTAsT4MJGBr0a5U8q32tql59Zuwk&google_hm=MDMwMzAwMDNfNjEwOTViZmEzZTYyMA%3D%3D

Requested by

Host: newsoku.blog
URL: https://newsoku.blog/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 03 Aug 2021 15:08:42 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Tue, 03 Aug 2021 15:08:42 GMT
server: nginx
access-control-allow-origin: *
transfer-encoding: chunked
access-control-allow-methods: POST, GET, OPTIONS
p3p: CP="NOI DEV OUR BUS UNI"
location: https://cm.g.doubleclick.net/pixel?google_nid=dynadmic&google_push=AYg5qPKFAqfcCt9Bpd8eH-sQ08MR7gyURIq6Ka-b2d65U9P_hk8Aa5GuG6ygKEMbl5FrkU6DyTAsT4MJGBr0a5U8q32tql59Zuwk&google_hm=MDMwMzAwMDNfNjEwOTViZmEzZTYyMA%3D%3D
cache-control: no-cache
content-type: text/html; charset=UTF-8
access-control-allow-headers: Origin
keep-alive: timeout=10

GET
H3-29

200

pixel
cm.g.doubleclick.net/ Frame 6171
Redirect Chain

https://ssp.adriver.ru/cgi-bin/sync.cgi?ssp_id=10&external_id=&google_gid=CAESEJtt6_8YRsorL9IzrA_2CRs&google_cver=1&google_push=AYg5qPIkzA_eSuopm1hjaLZgbOs_0hTZMhnojNzLmhLm-ZCEzlrZ2FtfglMCfKERZO7Rz...
https://cm.g.doubleclick.net/pixel?google_nid=ADR&google_push=AYg5qPIkzA_eSuopm1hjaLZgbOs_0hTZMhnojNzLmhLm-ZCEzlrZ2FtfglMCfKERZO7Rz5JyDxAYz4mpd86F2IJGY-qziExFZQg&google_hm=QWVyMTgxTkNEZ1p6UUZyQzlNS...

170 B
188 B

29ms
29ms

Image
image/png

142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=ADR&google_push=AYg5qPIkzA_eSuopm1hjaLZgbOs_0hTZMhnojNzLmhLm-ZCEzlrZ2FtfglMCfKERZO7Rz5JyDxAYz4mpd86F2IJGY-qziExFZQg&google_hm=QWVyMTgxTkNEZ1p6UUZyQzlNSU5CRUE=

Requested by

Host: newsoku.blog
URL: https://newsoku.blog/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 03 Aug 2021 15:08:42 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: //cm.g.doubleclick.net/pixel?google_nid=ADR&google_push=AYg5qPIkzA_eSuopm1hjaLZgbOs_0hTZMhnojNzLmhLm-ZCEzlrZ2FtfglMCfKERZO7Rz5JyDxAYz4mpd86F2IJGY-qziExFZQg&google_hm=QWVyMTgxTkNEZ1p6UUZyQzlNSU5CRUE=
Date: Tue, 03 Aug 2021 15:08:42 GMT
Server: nginx
Connection: keep-alive
Transfer-Encoding: chunked

GET

pixel
cm.g.doubleclick.net/ Frame 6171
Redirect Chain

https://cs.chocolateplatform.com/pub?pid=ebda&google_gid=CAESELPmMCkhVd225Y6IZDUUnNc&google_cver=1&google_push=AYg5qPK_rDm8XMYf-GEHQJ90j3nwvcJ-9WI5Ttq0nYIhjx-eoczizlEZNv4Lz3dtVUq5_EbjtmC7f0ikRfQWYD...
https://cm.g.doubleclick.net/pixel?google_nid=chocolateplatform&google_hm=Y3AtNzNkNGU2NDZhOGZiNGZhMTU4MDkwMDhhNzYxYjRhOTU=&google_push=AYg5qPK_rDm8XMYf-GEHQJ90j3nwvcJ-9WI5Ttq0nYIhjx-eoczizlEZNv4Lz3...
https://cm.g.doubleclick.net/pixel?google_nid=chocolateplatform&google_hm=Y3AtNzNkNGU2NDZhOGZiNGZhMTU4MDkwMDhhNzYxYjRhOTU=&google_push=AYg5qPK_rDm8XMYf-GEHQJ90j3nwvcJ-9WI5Ttq0nYIhjx-eoczizlEZNv4Lz3...
https://cm.g.doubleclick.net/pixel?google_nid=chocolateplatform&google_hm=Y3AtNzNkNGU2NDZhOGZiNGZhMTU4MDkwMDhhNzYxYjRhOTU=&google_push=AYg5qPK_rDm8XMYf-GEHQJ90j3nwvcJ-9WI5Ttq0nYIhjx-eoczizlEZNv4Lz3...
https://cm.g.doubleclick.net/pixel?google_nid=chocolateplatform&google_hm=Y3AtNzNkNGU2NDZhOGZiNGZhMTU4MDkwMDhhNzYxYjRhOTU=&google_push=AYg5qPK_rDm8XMYf-GEHQJ90j3nwvcJ-9WI5Ttq0nYIhjx-eoczizlEZNv4Lz3...
https://cm.g.doubleclick.net/pixel?google_nid=chocolateplatform&google_hm=Y3AtNzNkNGU2NDZhOGZiNGZhMTU4MDkwMDhhNzYxYjRhOTU=&google_push=AYg5qPK_rDm8XMYf-GEHQJ90j3nwvcJ-9WI5Ttq0nYIhjx-eoczizlEZNv4Lz3...
https://cm.g.doubleclick.net/pixel?google_nid=chocolateplatform&google_hm=Y3AtNzNkNGU2NDZhOGZiNGZhMTU4MDkwMDhhNzYxYjRhOTU=&google_push=AYg5qPK_rDm8XMYf-GEHQJ90j3nwvcJ-9WI5Ttq0nYIhjx-eoczizlEZNv4Lz3...
https://cm.g.doubleclick.net/pixel?google_nid=chocolateplatform&google_hm=Y3AtNzNkNGU2NDZhOGZiNGZhMTU4MDkwMDhhNzYxYjRhOTU=&google_push=AYg5qPK_rDm8XMYf-GEHQJ90j3nwvcJ-9WI5Ttq0nYIhjx-eoczizlEZNv4Lz3...
https://cm.g.doubleclick.net/pixel?google_nid=chocolateplatform&google_hm=Y3AtNzNkNGU2NDZhOGZiNGZhMTU4MDkwMDhhNzYxYjRhOTU=&google_push=AYg5qPK_rDm8XMYf-GEHQJ90j3nwvcJ-9WI5Ttq0nYIhjx-eoczizlEZNv4Lz3...
https://cm.g.doubleclick.net/pixel?google_nid=chocolateplatform&google_hm=Y3AtNzNkNGU2NDZhOGZiNGZhMTU4MDkwMDhhNzYxYjRhOTU=&google_push=AYg5qPK_rDm8XMYf-GEHQJ90j3nwvcJ-9WI5Ttq0nYIhjx-eoczizlEZNv4Lz3...
https://cm.g.doubleclick.net/pixel?google_nid=chocolateplatform&google_hm=Y3AtNzNkNGU2NDZhOGZiNGZhMTU4MDkwMDhhNzYxYjRhOTU=&google_push=AYg5qPK_rDm8XMYf-GEHQJ90j3nwvcJ-9WI5Ttq0nYIhjx-eoczizlEZNv4Lz3...
https://cm.g.doubleclick.net/pixel?google_nid=chocolateplatform&google_hm=Y3AtNzNkNGU2NDZhOGZiNGZhMTU4MDkwMDhhNzYxYjRhOTU=&google_push=AYg5qPK_rDm8XMYf-GEHQJ90j3nwvcJ-9WI5Ttq0nYIhjx-eoczizlEZNv4Lz3...
https://cm.g.doubleclick.net/pixel?google_nid=chocolateplatform&google_hm=Y3AtNzNkNGU2NDZhOGZiNGZhMTU4MDkwMDhhNzYxYjRhOTU=&google_push=AYg5qPK_rDm8XMYf-GEHQJ90j3nwvcJ-9WI5Ttq0nYIhjx-eoczizlEZNv4Lz3...
https://cm.g.doubleclick.net/pixel?google_nid=chocolateplatform&google_hm=Y3AtNzNkNGU2NDZhOGZiNGZhMTU4MDkwMDhhNzYxYjRhOTU=&google_push=AYg5qPK_rDm8XMYf-GEHQJ90j3nwvcJ-9WI5Ttq0nYIhjx-eoczizlEZNv4Lz3...
https://cm.g.doubleclick.net/pixel?google_nid=chocolateplatform&google_hm=Y3AtNzNkNGU2NDZhOGZiNGZhMTU4MDkwMDhhNzYxYjRhOTU=&google_push=AYg5qPK_rDm8XMYf-GEHQJ90j3nwvcJ-9WI5Ttq0nYIhjx-eoczizlEZNv4Lz3...
https://cm.g.doubleclick.net/pixel?google_nid=chocolateplatform&google_hm=Y3AtNzNkNGU2NDZhOGZiNGZhMTU4MDkwMDhhNzYxYjRhOTU=&google_push=AYg5qPK_rDm8XMYf-GEHQJ90j3nwvcJ-9WI5Ttq0nYIhjx-eoczizlEZNv4Lz3...
https://cm.g.doubleclick.net/pixel?google_nid=chocolateplatform&google_hm=Y3AtNzNkNGU2NDZhOGZiNGZhMTU4MDkwMDhhNzYxYjRhOTU=&google_push=AYg5qPK_rDm8XMYf-GEHQJ90j3nwvcJ-9WI5Ttq0nYIhjx-eoczizlEZNv4Lz3...
https://cm.g.doubleclick.net/pixel?google_nid=chocolateplatform&google_hm=Y3AtNzNkNGU2NDZhOGZiNGZhMTU4MDkwMDhhNzYxYjRhOTU=&google_push=AYg5qPK_rDm8XMYf-GEHQJ90j3nwvcJ-9WI5Ttq0nYIhjx-eoczizlEZNv4Lz3...
https://cm.g.doubleclick.net/pixel?google_nid=chocolateplatform&google_hm=Y3AtNzNkNGU2NDZhOGZiNGZhMTU4MDkwMDhhNzYxYjRhOTU=&google_push=AYg5qPK_rDm8XMYf-GEHQJ90j3nwvcJ-9WI5Ttq0nYIhjx-eoczizlEZNv4Lz3...
https://cm.g.doubleclick.net/pixel?google_nid=chocolateplatform&google_hm=Y3AtNzNkNGU2NDZhOGZiNGZhMTU4MDkwMDhhNzYxYjRhOTU=&google_push=AYg5qPK_rDm8XMYf-GEHQJ90j3nwvcJ-9WI5Ttq0nYIhjx-eoczizlEZNv4Lz3...
https://cm.g.doubleclick.net/pixel?google_nid=chocolateplatform&google_hm=Y3AtNzNkNGU2NDZhOGZiNGZhMTU4MDkwMDhhNzYxYjRhOTU=&google_push=AYg5qPK_rDm8XMYf-GEHQJ90j3nwvcJ-9WI5Ttq0nYIhjx-eoczizlEZNv4Lz3...

0
0

GET
H3-29

200

pixel
cm.g.doubleclick.net/ Frame 6171
Redirect Chain

https://match.sharethrough.com/E4rooAtA/v1?google_gid=CAESEPQHws8MWvy82Q_8v5m-2NI&google_cver=1&google_push=AYg5qPLYjInesLvvS-gP3lPmTcN03ULKPOppoPx5eRRy0maQOvHy92prVIiuzPl_R4Oypqs-_JBK_8HkkS6kqXTG6...
https://cm.g.doubleclick.net/pixel?google_nid=sharethrough_ob&google_hm=NzcxYmU3M2MtOTMwOS00MDA2LWE5OGYtY2MxY2Y1ZGVmZjc3&google_push=AYg5qPLYjInesLvvS-gP3lPmTcN03ULKPOppoPx5eRRy0maQOvHy92prVIiuzPl_...

170 B
188 B

31ms
30ms

Image
image/png

142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=sharethrough_ob&google_hm=NzcxYmU3M2MtOTMwOS00MDA2LWE5OGYtY2MxY2Y1ZGVmZjc3&google_push=AYg5qPLYjInesLvvS-gP3lPmTcN03ULKPOppoPx5eRRy0maQOvHy92prVIiuzPl_R4Oypqs-_JBK_8HkkS6kqXTG62E5Bk-DbmyWIg

Requested by

Host: newsoku.blog
URL: https://newsoku.blog/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 03 Aug 2021 15:08:42 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=sharethrough_ob&google_hm=NzcxYmU3M2MtOTMwOS00MDA2LWE5OGYtY2MxY2Y1ZGVmZjc3&google_push=AYg5qPLYjInesLvvS-gP3lPmTcN03ULKPOppoPx5eRRy0maQOvHy92prVIiuzPl_R4Oypqs-_JBK_8HkkS6kqXTG62E5Bk-DbmyWIg
date: Tue, 03 Aug 2021 15:08:42 GMT
content-length: 0

GET
H2 204 attr
cm.g.doubleclick.net/pixel/ Frame 6171 0
253 B 87ms
26ms Image
text/html 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13LSVWhsjrod7yVQBes4yN-Sp9N0IQcetR36zKotPlRDxFazBZqUvX1RKrnE6SFeEVJclDySvw

Requested by

Host: b4c78a955062d9a7c1c9dcde3c5921a0.safeframe.googlesyndication.com
URL: https://b4c78a955062d9a7c1c9dcde3c5921a0.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 03 Aug 2021 15:08:42 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H2

200

/
r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/ Frame AB5D
Redirect Chain

https://ad.turn.com/r/cs?pid=3&google_gid=CAESEDkWjr0QVsaVlgOZD9WV3LU&google_cver=1&google_push=AYg5qPJH2FOrkHWOJCNOYJ3JwujtPO56Vh4TexHbHxKTS27yGX0lhUBDWN7mHzrc49ZGaRMMB1atDHYRr4JgwMZtowRzQ01qJOM
https://cm.g.doubleclick.net/pixel?google_nid=turn1&google_cm&google_sc&google_hm=MjM4MDU0MzUxNDY2NDkyNjAyNA==
https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?google_gid=CAESEDkWjr0QVsaVlgOZD9WV3LU&google_cver=1

43 B
407 B

33ms
13ms

Image
image/gif

2001:678:cb4:bbbb::11
TURN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?google_gid=CAESEDkWjr0QVsaVlgOZD9WV3LU&google_cver=1
Requested by: Host: newsoku.blog
URL: https://newsoku.blog/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2001:678:cb4:bbbb::11 , United Kingdom, ASN56396 (TURN, GB),
Reverse DNS
Software: /
Resource Hash: 48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 03 Aug 2021 15:08:41 GMT
cache-control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-type: image/gif
content-length: 43
p3p: policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"

Redirect headers

pragma: no-cache
date: Tue, 03 Aug 2021 15:08:42 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?google_gid=CAESEDkWjr0QVsaVlgOZD9WV3LU&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 301
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 current
dclk-match.dotomi.com/match/bounce/ Frame AB5D 0
104 B 92ms
62ms Image
text/plain 2a02:fa8:8806:12::1370
VCLK-EU-SE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dclk-match.dotomi.com/match/bounce/current?networkId=14000&version=1&google_gid=CAESEGvNYzVIlupRDUsPNOM7VQw&google_cver=1&google_push=AYg5qPJ1p8Id5QVtrD9w6ArI7HTvJE79WCFBBprvTYwD2OkIQH4ZfWHhfJgM_R7RKYm791L3SMaRlPJ4z_qoWFfRNlnkxcUL1A
Requested by: Host: 04b69d6d8560a76f08fdb9f6dcb725ab.safeframe.googlesyndication.com
URL: https://04b69d6d8560a76f08fdb9f6dcb725ab.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2a02:fa8:8806:12::1370 , United States, ASN41041 (VCLK-EU-SE, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 03 Aug 2021 15:08:42 GMT
cache-control: no-cache, private, max-age=0, no-store
server: nginx
expires: 0

GET
H3-29

200

pixel
cm.g.doubleclick.net/ Frame AB5D
Redirect Chain

https://px.ads.linkedin.com/setuid?partner=googleadxdb&google_gid=CAESEO1phy1CP7J0SbwFDF6-N1w&google_cver=1&google_push=AYg5qPLXfuqvd--h5u9naBTkZmLdJAUzkXuU0tsssMD7ah0F7eIMErgwNXLe-hSR2mk-sanZ4Js9e...
https://cm.g.doubleclick.net/pixel?google_nid=linkedin&google_push=AYg5qPLXfuqvd--h5u9naBTkZmLdJAUzkXuU0tsssMD7ah0F7eIMErgwNXLe-hSR2mk-sanZ4Js9e0brJm8_b8FXT61yyEdExQ

170 B
188 B

32ms
28ms

Image
image/png

142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=linkedin&google_push=AYg5qPLXfuqvd--h5u9naBTkZmLdJAUzkXuU0tsssMD7ah0F7eIMErgwNXLe-hSR2mk-sanZ4Js9e0brJm8_b8FXT61yyEdExQ

Requested by

Host: newsoku.blog
URL: https://newsoku.blog/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 03 Aug 2021 15:08:42 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Tue, 03 Aug 2021 15:08:42 GMT
nel: {"report_to":"network-errors","max_age":1296000,"success_fraction":0.00066,"failure_fraction":1,"include_subdomains":true}
server: Play
linkedin-action: 1
report-to: {"group":"network-errors","max_age":2592000,"endpoints":[{"url":"https://www.linkedin.com/li/rep"}],"include_subdomains":true}
x-li-fabric: prod-ltx1
location: https://cm.g.doubleclick.net/pixel?google_nid=linkedin&google_push=AYg5qPLXfuqvd--h5u9naBTkZmLdJAUzkXuU0tsssMD7ah0F7eIMErgwNXLe-hSR2mk-sanZ4Js9e0brJm8_b8FXT61yyEdExQ
x-li-proto: http/2
x-li-pop: prod-eda6
content-length: 0
x-li-uuid: aeqUZGXUlxbAMbJH4ioAAA==

GET
H3-29

200

pixel
cm.g.doubleclick.net/ Frame AB5D
Redirect Chain

https://gcm.ctnsnet.com/int/cm?exc=1&acc=crimtan&google_gid=CAESEDETQeM7fr2KMezEERmTkWE&google_cver=1&google_push=AYg5qPIg8eJ4BO-TTolYD1y0cUDKO6rHZVx4I4dtQRqIW3Sluvemz3krRiURxJl0LNYhpDcFfY4RL-TKYOu...
https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=AYg5qPIg8eJ4BO-TTolYD1y0cUDKO6rHZVx4I4dtQRqIW3Sluvemz3krRiURxJl0LNYhpDcFfY4RL-TKYOu4gT5f3hgm6NIGnQ&google_hm=TKJi2xcvR_yi0pxgvhXbsOQ

170 B
188 B

30ms
29ms

Image
image/png

142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=AYg5qPIg8eJ4BO-TTolYD1y0cUDKO6rHZVx4I4dtQRqIW3Sluvemz3krRiURxJl0LNYhpDcFfY4RL-TKYOu4gT5f3hgm6NIGnQ&google_hm=TKJi2xcvR_yi0pxgvhXbsOQ

Requested by

Host: newsoku.blog
URL: https://newsoku.blog/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 03 Aug 2021 15:08:42 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Tue, 03 Aug 2021 15:08:41 GMT
via: 1.1 google
server: Apache-Coyote/1.1
status: 302
p3p: CP="NOI DSP COR NID CUR OUR NOR"
location: https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=AYg5qPIg8eJ4BO-TTolYD1y0cUDKO6rHZVx4I4dtQRqIW3Sluvemz3krRiURxJl0LNYhpDcFfY4RL-TKYOu4gT5f3hgm6NIGnQ&google_hm=TKJi2xcvR_yi0pxgvhXbsOQ
cache-control: no-cache, must-revalidate
content-type: text/html;charset=UTF-8
alt-svc: clear
content-length: 0
x-xss-protection: 1; mode=block
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29

200

pixel
cm.g.doubleclick.net/ Frame AB5D
Redirect Chain

https://match.adsby.bidtheatre.com/adxcookie?id=&google_gid=CAESEIPo3yXizME8xudPHaj92-I&google_cver=1&google_push=AYg5qPLDrrWYv1TmYLi745sARr2ZCSIKiTLKQfiXEfAM6no353m2Jy69sMdg0ssHdLnyiawFtr3dya_oCPI...
https://cm.g.doubleclick.net/pixel?google_nid=bt&google_push=AYg5qPLDrrWYv1TmYLi745sARr2ZCSIKiTLKQfiXEfAM6no353m2Jy69sMdg0ssHdLnyiawFtr3dya_oCPIH3tQWxPlqoNWe21o
https://cm.g.doubleclick.net/pixel?google_nid=bt&google_push=AYg5qPLDrrWYv1TmYLi745sARr2ZCSIKiTLKQfiXEfAM6no353m2Jy69sMdg0ssHdLnyiawFtr3dya_oCPIH3tQWxPlqoNWe21o&google_tc=

170 B
188 B

32ms
27ms

Image
image/png

142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=bt&google_push=AYg5qPLDrrWYv1TmYLi745sARr2ZCSIKiTLKQfiXEfAM6no353m2Jy69sMdg0ssHdLnyiawFtr3dya_oCPIH3tQWxPlqoNWe21o&google_tc=

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 03 Aug 2021 15:08:44 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Tue, 03 Aug 2021 15:08:44 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://cm.g.doubleclick.net/pixel?google_nid=bt&google_push=AYg5qPLDrrWYv1TmYLi745sARr2ZCSIKiTLKQfiXEfAM6no353m2Jy69sMdg0ssHdLnyiawFtr3dya_oCPIH3tQWxPlqoNWe21o&google_tc=
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 376
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29

200

pixel
cm.g.doubleclick.net/ Frame AB5D
Redirect Chain

https://rtb.openx.net/sync/dds?google_gid=CAESEI3s3WqNkphD9Vc8wDiipWw&google_cver=1&google_push=AYg5qPKh1DKDnUZTYuFDPw-ywKKbj5fQV5rjktZP0nz1NmQRC9HefqYo-e7RQmnNIT8n6-xSqvQs3fGzoFnqztej7Ix0cqmpnxI
https://rtb.openx.net/sync/dds?google_gid=CAESEI3s3WqNkphD9Vc8wDiipWw&google_cver=1&google_push=AYg5qPKh1DKDnUZTYuFDPw-ywKKbj5fQV5rjktZP0nz1NmQRC9HefqYo-e7RQmnNIT8n6-xSqvQs3fGzoFnqztej7Ix0cqmpnxI&o...
https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AYg5qPKh1DKDnUZTYuFDPw-ywKKbj5fQV5rjktZP0nz1NmQRC9HefqYo-e7RQmnNIT8n6-xSqvQs3fGzoFnqztej7Ix0cqmpnxI&google_hm=6v3pZf-KwXQLsGvfLcCimw==

170 B
188 B

47ms
29ms

Image
image/png

142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AYg5qPKh1DKDnUZTYuFDPw-ywKKbj5fQV5rjktZP0nz1NmQRC9HefqYo-e7RQmnNIT8n6-xSqvQs3fGzoFnqztej7Ix0cqmpnxI&google_hm=6v3pZf-KwXQLsGvfLcCimw==

Requested by

Host: newsoku.blog
URL: https://newsoku.blog/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 03 Aug 2021 15:08:42 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Tue, 03 Aug 2021 15:08:41 GMT
via: 1.1 google
server: Cowboy
access-control-allow-origin: null
vary: Origin
p3p: CP="CUR ADM OUR NOR STA NID"
location: https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AYg5qPKh1DKDnUZTYuFDPw-ywKKbj5fQV5rjktZP0nz1NmQRC9HefqYo-e7RQmnNIT8n6-xSqvQs3fGzoFnqztej7Ix0cqmpnxI&google_hm=6v3pZf-KwXQLsGvfLcCimw==
access-control-expose-headers
cache-control: private, max-age=0, no-cache, must-revalidate
access-control-allow-credentials: true
alt-svc: clear
content-length: 0
x-request-id: obpm6srqsgvgnlok3l71h2if6bq4f13m

GET
H3-29

200

pixel
cm.g.doubleclick.net/ Frame AB5D
Redirect Chain

https://sync.1rx.io/usersync2/rmpssp?sub=google&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3D%5BRX_SPD%5D%26google_hm%3D%5BRX_UUID_B64_BIN%5D&google_gid=CAESEC...
https://sync.targeting.unrulymedia.com/csync/RX-e4744920-7288-4916-ab99-53044d047961-003?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3DAYg5qPK6fbu1CsOOdO1XX2fOj...
https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=AYg5qPK6fbu1CsOOdO1XX2fOjzoMXU6SVVLcNLIYrGqwojsVhmbdhsH_q773Ws3wPDE4CMy1s9h43u9x_WbcGQgiyTH06wDciDE&google_hm=A-R0SSByiEkWq5lTBE0EeWE

170 B
188 B

31ms
29ms

Image
image/png

142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=AYg5qPK6fbu1CsOOdO1XX2fOjzoMXU6SVVLcNLIYrGqwojsVhmbdhsH_q773Ws3wPDE4CMy1s9h43u9x_WbcGQgiyTH06wDciDE&google_hm=A-R0SSByiEkWq5lTBE0EeWE

Requested by

Host: newsoku.blog
URL: https://newsoku.blog/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 03 Aug 2021 15:08:42 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=AYg5qPK6fbu1CsOOdO1XX2fOjzoMXU6SVVLcNLIYrGqwojsVhmbdhsH_q773Ws3wPDE4CMy1s9h43u9x_WbcGQgiyTH06wDciDE&google_hm=A-R0SSByiEkWq5lTBE0EeWE
date: Tue, 03 Aug 2021 15:08:42 GMT
server: Tengine
p3p: CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
etag: RXe474492072884916ab9953044d047961003
content-type: text/html

GET
H2 204 attr
cm.g.doubleclick.net/pixel/ Frame AB5D 0
40 B 74ms
27ms Image
text/html 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13In2R25SbAynzeFk-kdKt_6w7luumayV_KDyMGTqd_uc-bU7-UaaYvTqfm39dwPSdwxr3D4

Requested by

Host: 04b69d6d8560a76f08fdb9f6dcb725ab.safeframe.googlesyndication.com
URL: https://04b69d6d8560a76f08fdb9f6dcb725ab.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 03 Aug 2021 15:08:42 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H3-29 200 359d8744270302c99802f1759c580b27.js Show response
www.gstatic.com/mysidia/ Frame F790 8 KB
3 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/359d8744270302c99802f1759c580b27.js?tag=client_fast_engine_2019

Requested by

Host: 81d96fc7c4b1ba15300e6092c7f0125f.safeframe.googlesyndication.com
URL: https://81d96fc7c4b1ba15300e6092c7f0125f.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

24b46213f316c4339410661249924ae9ec8dc9cccb2a2ff3cba18212e879fa3f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://81d96fc7c4b1ba15300e6092c7f0125f.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 28 Jul 2021 22:19:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 492527
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3505
x-xss-protection: 0
last-modified: Wed, 28 Jul 2021 21:26:31 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Tue, 26 Oct 2021 22:19:55 GMT

GET
H3-29 200 f9f3c0a5b49ed63630987033d1c75e14.js Show response
www.gstatic.com/mysidia/ Frame F790 89 KB
33 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/f9f3c0a5b49ed63630987033d1c75e14.js?tag=location/location_extension_rda

Requested by

Host: 81d96fc7c4b1ba15300e6092c7f0125f.safeframe.googlesyndication.com
URL: https://81d96fc7c4b1ba15300e6092c7f0125f.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a8f3e2854cce3c90cfd1c7113495237bec2faeab89f85330f94c505b02711f2d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://81d96fc7c4b1ba15300e6092c7f0125f.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 28 Jul 2021 23:05:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 489763
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 33550
x-xss-protection: 0
last-modified: Wed, 28 Jul 2021 21:26:31 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Tue, 26 Oct 2021 23:05:59 GMT

GET
H3-29 200 css
fonts.googleapis.com/ Frame F790 4 KB
618 B 16ms
16ms Stylesheet
text/css 2a00:1450:4001:831::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto%3A400%2C700

Requested by

Host: 81d96fc7c4b1ba15300e6092c7f0125f.safeframe.googlesyndication.com
URL: https://81d96fc7c4b1ba15300e6092c7f0125f.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

f7bba0cc484923e9dc8eb46a451efbd2ebe40980e07195777adaa39956bc5cd5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://81d96fc7c4b1ba15300e6092c7f0125f.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Tue, 03 Aug 2021 13:09:09 GMT
server: ESF
date: Tue, 03 Aug 2021 15:08:42 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 03 Aug 2021 15:08:42 GMT

GET
H3-29 200 load_preloaded_resource_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210729/r20110914/client/ Frame F790 1 KB
867 B 14ms
14ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210729/r20110914/client/load_preloaded_resource_fy2019.js

Requested by

Host: 81d96fc7c4b1ba15300e6092c7f0125f.safeframe.googlesyndication.com
URL: https://81d96fc7c4b1ba15300e6092c7f0125f.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5d1f3a4ee5a02abdbc66a11aad769dd81cbe4d07f0b3799ff0940ad7b7d6cc1a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://81d96fc7c4b1ba15300e6092c7f0125f.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 03 Aug 2021 15:01:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 405
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 830
x-xss-protection: 0
server: cafe
etag: 3558876194914413708
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 17 Aug 2021 15:01:57 GMT

GET
H3-29 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210729/r20110914/ Frame F790 18 KB
7 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210729/r20110914/abg_lite_fy2019.js

Requested by

Host: 81d96fc7c4b1ba15300e6092c7f0125f.safeframe.googlesyndication.com
URL: https://81d96fc7c4b1ba15300e6092c7f0125f.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

cae4d3f5648800847dab3ac2c4d664356e91679561028920f4d5193570b747a9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://81d96fc7c4b1ba15300e6092c7f0125f.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 03 Aug 2021 15:00:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 522
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7610
x-xss-protection: 0
server: cafe
etag: 7847795998687576317
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 17 Aug 2021 15:00:00 GMT

GET
H3-29 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210729/r20110914/client/ Frame F790 2 KB
1 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210729/r20110914/client/window_focus_fy2019.js

Requested by

Host: 81d96fc7c4b1ba15300e6092c7f0125f.safeframe.googlesyndication.com
URL: https://81d96fc7c4b1ba15300e6092c7f0125f.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b6f6d0902ff385f68ec17c4c059d4fe89a0a08f1c022ab70580ea8552dfc0a11

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://81d96fc7c4b1ba15300e6092c7f0125f.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 03 Aug 2021 15:04:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 226
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1339
x-xss-protection: 0
server: cafe
etag: 2275704724217174249
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 17 Aug 2021 15:04:56 GMT

GET
H3-29 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame F790 124 KB
37 KB 39ms
38ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: 81d96fc7c4b1ba15300e6092c7f0125f.safeframe.googlesyndication.com
URL: https://81d96fc7c4b1ba15300e6092c7f0125f.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c430c267231b0171372bc7daa045e7293403f2744255796e9121c320760f191a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://81d96fc7c4b1ba15300e6092c7f0125f.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 03 Aug 2021 15:08:42 GMT
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
server: sffe
etag: "1627903459924584"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
x-content-type-options: nosniff
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 38134
x-xss-protection: 0
expires: Tue, 03 Aug 2021 15:08:42 GMT

GET
H3-29 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210729/r20110914/client/ Frame F790 14 KB
6 KB 8ms
8ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210729/r20110914/client/qs_click_protection_fy2019.js

Requested by

Host: 81d96fc7c4b1ba15300e6092c7f0125f.safeframe.googlesyndication.com
URL: https://81d96fc7c4b1ba15300e6092c7f0125f.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3c30f9db6ce74a9fadf8de7de2ae7e23428d3c043f576184c391908f8154d2f7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://81d96fc7c4b1ba15300e6092c7f0125f.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 03 Aug 2021 15:05:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 203
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6204
x-xss-protection: 0
server: cafe
etag: 11055049251678278959
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 17 Aug 2021 15:05:19 GMT

GET
H3-29 204 l
www.google.com/ads/measurement/ Frame F790 0
0 33ms
15ms Image
text/html 2a00:1450:4001:828::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaSBrK0A7e0tK_pLDTfBVVlyfc9gFdkkTNuGmAQP0wqlL4wXyQUggoB8pJ5jdPd1uBpDf0lRLMgXmZGJsvZw21Z4m4BJvw
Requested by: Host: 81d96fc7c4b1ba15300e6092c7f0125f.safeframe.googlesyndication.com
URL: https://81d96fc7c4b1ba15300e6092c7f0125f.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://81d96fc7c4b1ba15300e6092c7f0125f.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H3-29 200 rum.js Show response
securepubads.g.doubleclick.net/pagead/js/ Frame 6B43 56 KB
21 KB 20ms
19ms Script
text/javascript 142.250.74.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/js/rum.js

Requested by

Host: b4c78a955062d9a7c1c9dcde3c5921a0.safeframe.googlesyndication.com
URL: https://b4c78a955062d9a7c1c9dcde3c5921a0.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.74.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s02-in-f2.1e100.net

Software

cafe /

Resource Hash

a058429f767d4eed8439da0f4b34868c79bab6909a2a3597916a90d7ed0664fe

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://b4c78a955062d9a7c1c9dcde3c5921a0.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 03 Aug 2021 14:18:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 3008
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 21516
x-xss-protection: 0
server: cafe
etag: 12513454152211517807
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=3600
timing-allow-origin: *
expires: Tue, 03 Aug 2021 15:18:34 GMT

GET
H3-29 200 KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v27/ Frame 175E 15 KB
15 KB 11ms
7ms Font
font/woff2 2a00:1450:4001:800::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v27/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A400%2C700

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0eaeadb58e6995ba85eccb6198aaef77eeb1d4b66699e4e1f3fc10eb6adfcdb9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://352510982c2b3d189368b9f6ac9ac6e8.safeframe.googlesyndication.com
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 03 Aug 2021 12:00:01 GMT
x-content-type-options: nosniff
age: 11321
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15828
x-xss-protection: 0
last-modified: Mon, 05 Apr 2021 21:10:46 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 03 Aug 2022 12:00:01 GMT

GET
H3-29 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v27/ Frame 175E 15 KB
15 KB 10ms
6ms Font
font/woff2 2a00:1450:4001:800::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v27/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A400%2C700

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://352510982c2b3d189368b9f6ac9ac6e8.safeframe.googlesyndication.com
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 02 Aug 2021 18:26:24 GMT
x-content-type-options: nosniff
age: 74538
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15688
x-xss-protection: 0
last-modified: Mon, 05 Apr 2021 21:10:35 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 02 Aug 2022 18:26:24 GMT

GET
H3-29 200 tBv30B7cEwOfmOtuBIU0RKM2cx09bPxFJYI-bfU5S6g.js Show response
pagead2.googlesyndication.com/bg/ Frame 1AEC 35 KB
13 KB 9ms
7ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/tBv30B7cEwOfmOtuBIU0RKM2cx09bPxFJYI-bfU5S6g.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b41bf7d01edc13039f98eb6e04853444a336731d3d6cfc4525823e6df5394ba8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 01 Aug 2021 09:00:12 GMT
content-encoding: br
x-content-type-options: nosniff
age: 194910
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13260
x-xss-protection: 0
last-modified: Mon, 26 Jul 2021 08:58:00 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Mon, 01 Aug 2022 09:00:12 GMT

GET
H2 204 AdxPixel
tr.blismedia.com/v1/api/sync/ Frame D848 0
136 B 62ms
27ms Image
text/plain 34.96.105.8
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tr.blismedia.com/v1/api/sync/AdxPixel?google_gid=CAESEKJCuMkGfNtVzJoYdqfQ11w&google_cver=1&google_push=AYg5qPJNrY4IS-8OwrdZIBsrdESZ5DO3MRjP5G1XtfLFEyER9t0kVX8nrtmg_x909PYAnWvbLYUyUIK2rtuUQKKknNeHQq1X5qw
Requested by: Host: 352510982c2b3d189368b9f6ac9ac6e8.safeframe.googlesyndication.com
URL: https://352510982c2b3d189368b9f6ac9ac6e8.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.96.105.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 03 Aug 2021 15:08:42 GMT
via: 1.1 google
alt-svc: clear

GET
H3-29

200

pixel
cm.g.doubleclick.net/ Frame D848
Redirect Chain

https://dsp.adfarm1.adition.com/cookie/?ssp=2&google_gid=CAESEJk9u2j1bCcSRKWDOEeLOQE&google_cver=1&google_push=AYg5qPJr4LqcBYF8NpPWE9dRnO_MmCrHDrqvkwa_ZFbb3G3ybmnKr8hrOl8HZK2B3g9i8kZUNmr1QQXUhToO7z...
https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=Njk5MjIyMTAyNTc3NjY5NTQ0MA%3D%3D&google_push=AYg5qPJr4LqcBYF8NpPWE9dRnO_MmCrHDrqvkwa_ZFbb3G3ybmnKr8hrOl8HZK2B3g9i8kZUNmr1QQXUhToO7z42a3...

170 B
188 B

30ms
29ms

Image
image/png

142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=Njk5MjIyMTAyNTc3NjY5NTQ0MA%3D%3D&google_push=AYg5qPJr4LqcBYF8NpPWE9dRnO_MmCrHDrqvkwa_ZFbb3G3ybmnKr8hrOl8HZK2B3g9i8kZUNmr1QQXUhToO7z42a3oOQfi60j7-

Requested by

Host: newsoku.blog
URL: https://newsoku.blog/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 03 Aug 2021 15:08:42 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=Njk5MjIyMTAyNTc3NjY5NTQ0MA%3D%3D&google_push=AYg5qPJr4LqcBYF8NpPWE9dRnO_MmCrHDrqvkwa_ZFbb3G3ybmnKr8hrOl8HZK2B3g9i8kZUNmr1QQXUhToO7z42a3oOQfi60j7-
Date: Tue, 03 Aug 2021 15:08:42 GMT
Server: nginx
Connection: keep-alive
Transfer-Encoding: chunked
p3p: policyref="http://imagesrv.adition.com/w3c/p3p.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"

GET
H3-29

200

pixel
cm.g.doubleclick.net/ Frame D848
Redirect Chain

https://a.c.appier.net/gcm?google_gid=CAESEEQP1Pl1Guz9IpNVAe10Jd4&google_cver=1&google_push=AYg5qPK0KcAH_kLi-_31Qx2djXEm9opDGsVK-gGo9IBiRUrScqwmvyQthhqSWkywrNozvRS87whK_aP6Lqw24xqdVaGq8EZGDVA
https://cm.g.doubleclick.net/pixel?google_nid=appier&google_hm=N0ZRNFBmWWRETmVxVGM0RC1sc0pZUQ%3D%3D&google_push=AYg5qPK0KcAH_kLi-_31Qx2djXEm9opDGsVK-gGo9IBiRUrScqwmvyQthhqSWkywrNozvRS87whK_aP6Lqw24...
https://cm.g.doubleclick.net/pixel?google_nid=appier&google_hm=N0ZRNFBmWWRETmVxVGM0RC1sc0pZUQ%3D%3D&google_push=AYg5qPK0KcAH_kLi-_31Qx2djXEm9opDGsVK-gGo9IBiRUrScqwmvyQthhqSWkywrNozvRS87whK_aP6Lqw24...

170 B
188 B

29ms
28ms

Image
image/png

142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=appier&google_hm=N0ZRNFBmWWRETmVxVGM0RC1sc0pZUQ%3D%3D&google_push=AYg5qPK0KcAH_kLi-_31Qx2djXEm9opDGsVK-gGo9IBiRUrScqwmvyQthhqSWkywrNozvRS87whK_aP6Lqw24xqdVaGq8EZGDVA&google_tc=

Requested by

Host: newsoku.blog
URL: https://newsoku.blog/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 03 Aug 2021 15:08:43 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Tue, 03 Aug 2021 15:08:43 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://cm.g.doubleclick.net/pixel?google_nid=appier&google_hm=N0ZRNFBmWWRETmVxVGM0RC1sc0pZUQ%3D%3D&google_push=AYg5qPK0KcAH_kLi-_31Qx2djXEm9opDGsVK-gGo9IBiRUrScqwmvyQthhqSWkywrNozvRS87whK_aP6Lqw24xqdVaGq8EZGDVA&google_tc=
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 431
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29

200

pixel
cm.g.doubleclick.net/ Frame D848
Redirect Chain

https://x.bidswitch.net/sync?ssp=google&google_gid=CAESEK1Ueh4WFOqVa-Dm7cjy1fM&google_cver=1&google_push=AYg5qPKucJsfWiRu-aZoX_N3N6BsNAyC3yvZsgD8ozVF7d_GV-90JIHjZNcQV3glwxqsLQYsQH4Rv4ed1NQXh8CD2Efs...
https://x.bidswitch.net/ul_cb/sync?ssp=google&google_gid=CAESEK1Ueh4WFOqVa-Dm7cjy1fM&google_cver=1&google_push=AYg5qPKucJsfWiRu-aZoX_N3N6BsNAyC3yvZsgD8ozVF7d_GV-90JIHjZNcQV3glwxqsLQYsQH4Rv4ed1NQXh8...
https://r.scoota.co/sync?ssp=bidswitch&bidswitch_ssp_id=google
https://r.scoota.co/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=google
https://x.bidswitch.net/sync?dsp_id=29&expires=30&user_id=fb070cd9-49bc-4f74-ab51-b8ec3f7ac5d6&ssp=google
https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=AYg5qPKucJsfWiRu-aZoX_N3N6BsNAyC3yvZsgD8ozVF7d_GV-90JIHjZNcQV3glwxqsLQYsQH4Rv4ed1NQXh8CD2Efs78D6OlLI&google_hm=ZnbOZkCqTEix_Lb_X6xBow==

170 B
188 B

29ms
29ms

Image
image/png

142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=AYg5qPKucJsfWiRu-aZoX_N3N6BsNAyC3yvZsgD8ozVF7d_GV-90JIHjZNcQV3glwxqsLQYsQH4Rv4ed1NQXh8CD2Efs78D6OlLI&google_hm=ZnbOZkCqTEix_Lb_X6xBow==

Requested by

Host: newsoku.blog
URL: https://newsoku.blog/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 03 Aug 2021 15:08:42 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: //cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=AYg5qPKucJsfWiRu-aZoX_N3N6BsNAyC3yvZsgD8ozVF7d_GV-90JIHjZNcQV3glwxqsLQYsQH4Rv4ed1NQXh8CD2Efs78D6OlLI&google_hm=ZnbOZkCqTEix_Lb_X6xBow==
date: Tue, 03 Aug 2021 15:08:42 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0

GET
H3-29

200

pixel
cm.g.doubleclick.net/ Frame D848
Redirect Chain

https://rtb.openx.net/sync/dds?google_gid=CAESEI3s3WqNkphD9Vc8wDiipWw&google_cver=1&google_push=AYg5qPKSjr9J1sqvbI29so1nODbgH3kWdmIya23AS4M9H6fhUO3xlDw61NbPiWx4buZwxAE-D4TCF7ehBGBDNV28E_0Yoctn7zQT
https://rtb.openx.net/sync/dds?google_gid=CAESEI3s3WqNkphD9Vc8wDiipWw&google_cver=1&google_push=AYg5qPKSjr9J1sqvbI29so1nODbgH3kWdmIya23AS4M9H6fhUO3xlDw61NbPiWx4buZwxAE-D4TCF7ehBGBDNV28E_0Yoctn7zQT&...
https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AYg5qPKSjr9J1sqvbI29so1nODbgH3kWdmIya23AS4M9H6fhUO3xlDw61NbPiWx4buZwxAE-D4TCF7ehBGBDNV28E_0Yoctn7zQT&google_hm=6v3pZf-KwXQLsGvfLcCimw==

170 B
188 B

49ms
31ms

Image
image/png

142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AYg5qPKSjr9J1sqvbI29so1nODbgH3kWdmIya23AS4M9H6fhUO3xlDw61NbPiWx4buZwxAE-D4TCF7ehBGBDNV28E_0Yoctn7zQT&google_hm=6v3pZf-KwXQLsGvfLcCimw==

Requested by

Host: newsoku.blog
URL: https://newsoku.blog/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 03 Aug 2021 15:08:42 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Tue, 03 Aug 2021 15:08:41 GMT
via: 1.1 google
server: Cowboy
access-control-allow-origin: null
vary: Origin
p3p: CP="CUR ADM OUR NOR STA NID"
location: https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AYg5qPKSjr9J1sqvbI29so1nODbgH3kWdmIya23AS4M9H6fhUO3xlDw61NbPiWx4buZwxAE-D4TCF7ehBGBDNV28E_0Yoctn7zQT&google_hm=6v3pZf-KwXQLsGvfLcCimw==
access-control-expose-headers
cache-control: private, max-age=0, no-cache, must-revalidate
access-control-allow-credentials: true
alt-svc: clear
content-length: 0
x-request-id: 56vsk2bdhhorbe8fd4dfhfrac2tldgsd

GET
H3-29

200

pixel
cm.g.doubleclick.net/ Frame D848
Redirect Chain

https://sync.srv.stackadapt.com/sync?nid=154&google_gid=CAESEGp_F0jj8F58h-UVLnRBXG8&google_cver=1&google_push=AYg5qPJN9VCWOlff8KjvxrVFS0kv6oq4q3td-Y1DFLN4qbsc1m0hs8K7wG3Nlxpznm0KGYoRfrF28OAL5jnpRBr...
https://cm.g.doubleclick.net/pixel?google_nid=stackadapt_usd&google_hm=FET8ZBpBSAt4Aj82xniedLnsyeQ&google_push=AYg5qPJN9VCWOlff8KjvxrVFS0kv6oq4q3td-Y1DFLN4qbsc1m0hs8K7wG3Nlxpznm0KGYoRfrF28OAL5jnpRB...

170 B
188 B

29ms
29ms

Image
image/png

142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=stackadapt_usd&google_hm=FET8ZBpBSAt4Aj82xniedLnsyeQ&google_push=AYg5qPJN9VCWOlff8KjvxrVFS0kv6oq4q3td-Y1DFLN4qbsc1m0hs8K7wG3Nlxpznm0KGYoRfrF28OAL5jnpRBrXohoiykNXLvTY

Requested by

Host: newsoku.blog
URL: https://newsoku.blog/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 03 Aug 2021 15:08:42 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://cm.g.doubleclick.net/pixel?google_nid=stackadapt_usd&google_hm=FET8ZBpBSAt4Aj82xniedLnsyeQ&google_push=AYg5qPJN9VCWOlff8KjvxrVFS0kv6oq4q3td-Y1DFLN4qbsc1m0hs8K7wG3Nlxpznm0KGYoRfrF28OAL5jnpRBrXohoiykNXLvTY
Date: Tue, 03 Aug 2021 15:08:42 GMT
Connection: keep-alive
Content-Length: 242
Content-Type: text/html; charset=utf-8

GET

pixel
cm.g.doubleclick.net/ Frame D848
Redirect Chain

https://ads.avads.net/sync/ggl?google_gid=CAESEI-iE6scQx2bWknEn2I_6kw&google_cver=1&google_push=AYg5qPLp01fHxmM0uMawz_HJkIrouDbApWDDh_AvgQUNaWisACk2ZLY3LwEhDHuAzwu5RbHQcuvmwq7I6S7h7YvDzFHXCEwqn5zdgA
https://ads.avads.net/sync/ggl?google_gid=CAESEI-iE6scQx2bWknEn2I_6kw&google_cver=1&google_push=AYg5qPLp01fHxmM0uMawz_HJkIrouDbApWDDh_AvgQUNaWisACk2ZLY3LwEhDHuAzwu5RbHQcuvmwq7I6S7h7YvDzFHXCEwqn5zdg...
https://ads.avads.net/sync/ggl?google_gid=CAESEI-iE6scQx2bWknEn2I_6kw&google_cver=1&google_push=AYg5qPLp01fHxmM0uMawz_HJkIrouDbApWDDh_AvgQUNaWisACk2ZLY3LwEhDHuAzwu5RbHQcuvmwq7I6S7h7YvDzFHXCEwqn5zdgA
https://cm.g.doubleclick.net/pixel?google_nid=antvoice&google_hm=NzNiMDI1M2YtMzc1Mi00NDI0LThkNWEtZGExYjQwOGIwOGNh&google_push=AYg5qPLp01fHxmM0uMawz_HJkIrouDbApWDDh_AvgQUNaWisACk2ZLY3LwEhDHuAzwu5RbH...
https://cm.g.doubleclick.net/pixel?google_nid=antvoice&google_hm=NzNiMDI1M2YtMzc1Mi00NDI0LThkNWEtZGExYjQwOGIwOGNh&google_push=AYg5qPLp01fHxmM0uMawz_HJkIrouDbApWDDh_AvgQUNaWisACk2ZLY3LwEhDHuAzwu5RbH...
https://cm.g.doubleclick.net/pixel?google_nid=antvoice&google_hm=NzNiMDI1M2YtMzc1Mi00NDI0LThkNWEtZGExYjQwOGIwOGNh&google_push=AYg5qPLp01fHxmM0uMawz_HJkIrouDbApWDDh_AvgQUNaWisACk2ZLY3LwEhDHuAzwu5RbH...
https://cm.g.doubleclick.net/pixel?google_nid=antvoice&google_hm=NzNiMDI1M2YtMzc1Mi00NDI0LThkNWEtZGExYjQwOGIwOGNh&google_push=AYg5qPLp01fHxmM0uMawz_HJkIrouDbApWDDh_AvgQUNaWisACk2ZLY3LwEhDHuAzwu5RbH...
https://cm.g.doubleclick.net/pixel?google_nid=antvoice&google_hm=NzNiMDI1M2YtMzc1Mi00NDI0LThkNWEtZGExYjQwOGIwOGNh&google_push=AYg5qPLp01fHxmM0uMawz_HJkIrouDbApWDDh_AvgQUNaWisACk2ZLY3LwEhDHuAzwu5RbH...
https://cm.g.doubleclick.net/pixel?google_nid=antvoice&google_hm=NzNiMDI1M2YtMzc1Mi00NDI0LThkNWEtZGExYjQwOGIwOGNh&google_push=AYg5qPLp01fHxmM0uMawz_HJkIrouDbApWDDh_AvgQUNaWisACk2ZLY3LwEhDHuAzwu5RbH...
https://cm.g.doubleclick.net/pixel?google_nid=antvoice&google_hm=NzNiMDI1M2YtMzc1Mi00NDI0LThkNWEtZGExYjQwOGIwOGNh&google_push=AYg5qPLp01fHxmM0uMawz_HJkIrouDbApWDDh_AvgQUNaWisACk2ZLY3LwEhDHuAzwu5RbH...
https://cm.g.doubleclick.net/pixel?google_nid=antvoice&google_hm=NzNiMDI1M2YtMzc1Mi00NDI0LThkNWEtZGExYjQwOGIwOGNh&google_push=AYg5qPLp01fHxmM0uMawz_HJkIrouDbApWDDh_AvgQUNaWisACk2ZLY3LwEhDHuAzwu5RbH...
https://cm.g.doubleclick.net/pixel?google_nid=antvoice&google_hm=NzNiMDI1M2YtMzc1Mi00NDI0LThkNWEtZGExYjQwOGIwOGNh&google_push=AYg5qPLp01fHxmM0uMawz_HJkIrouDbApWDDh_AvgQUNaWisACk2ZLY3LwEhDHuAzwu5RbH...
https://cm.g.doubleclick.net/pixel?google_nid=antvoice&google_hm=NzNiMDI1M2YtMzc1Mi00NDI0LThkNWEtZGExYjQwOGIwOGNh&google_push=AYg5qPLp01fHxmM0uMawz_HJkIrouDbApWDDh_AvgQUNaWisACk2ZLY3LwEhDHuAzwu5RbH...
https://cm.g.doubleclick.net/pixel?google_nid=antvoice&google_hm=NzNiMDI1M2YtMzc1Mi00NDI0LThkNWEtZGExYjQwOGIwOGNh&google_push=AYg5qPLp01fHxmM0uMawz_HJkIrouDbApWDDh_AvgQUNaWisACk2ZLY3LwEhDHuAzwu5RbH...
https://cm.g.doubleclick.net/pixel?google_nid=antvoice&google_hm=NzNiMDI1M2YtMzc1Mi00NDI0LThkNWEtZGExYjQwOGIwOGNh&google_push=AYg5qPLp01fHxmM0uMawz_HJkIrouDbApWDDh_AvgQUNaWisACk2ZLY3LwEhDHuAzwu5RbH...
https://cm.g.doubleclick.net/pixel?google_nid=antvoice&google_hm=NzNiMDI1M2YtMzc1Mi00NDI0LThkNWEtZGExYjQwOGIwOGNh&google_push=AYg5qPLp01fHxmM0uMawz_HJkIrouDbApWDDh_AvgQUNaWisACk2ZLY3LwEhDHuAzwu5RbH...
https://cm.g.doubleclick.net/pixel?google_nid=antvoice&google_hm=NzNiMDI1M2YtMzc1Mi00NDI0LThkNWEtZGExYjQwOGIwOGNh&google_push=AYg5qPLp01fHxmM0uMawz_HJkIrouDbApWDDh_AvgQUNaWisACk2ZLY3LwEhDHuAzwu5RbH...
https://cm.g.doubleclick.net/pixel?google_nid=antvoice&google_hm=NzNiMDI1M2YtMzc1Mi00NDI0LThkNWEtZGExYjQwOGIwOGNh&google_push=AYg5qPLp01fHxmM0uMawz_HJkIrouDbApWDDh_AvgQUNaWisACk2ZLY3LwEhDHuAzwu5RbH...
https://cm.g.doubleclick.net/pixel?google_nid=antvoice&google_hm=NzNiMDI1M2YtMzc1Mi00NDI0LThkNWEtZGExYjQwOGIwOGNh&google_push=AYg5qPLp01fHxmM0uMawz_HJkIrouDbApWDDh_AvgQUNaWisACk2ZLY3LwEhDHuAzwu5RbH...
https://cm.g.doubleclick.net/pixel?google_nid=antvoice&google_hm=NzNiMDI1M2YtMzc1Mi00NDI0LThkNWEtZGExYjQwOGIwOGNh&google_push=AYg5qPLp01fHxmM0uMawz_HJkIrouDbApWDDh_AvgQUNaWisACk2ZLY3LwEhDHuAzwu5RbH...
https://cm.g.doubleclick.net/pixel?google_nid=antvoice&google_hm=NzNiMDI1M2YtMzc1Mi00NDI0LThkNWEtZGExYjQwOGIwOGNh&google_push=AYg5qPLp01fHxmM0uMawz_HJkIrouDbApWDDh_AvgQUNaWisACk2ZLY3LwEhDHuAzwu5RbH...

0
0

GET
H2 204 attr
cm.g.doubleclick.net/pixel/ Frame D848 0
40 B 35ms
27ms Image
text/html 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13J2T7yFBIcQqqrRUrqf5xYrEg-GGiNGZMZjKOYkTFoznJgi-zgd2RQmRlLHuv1abc-lw9NBOA

Requested by

Host: 352510982c2b3d189368b9f6ac9ac6e8.safeframe.googlesyndication.com
URL: https://352510982c2b3d189368b9f6ac9ac6e8.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 03 Aug 2021 15:08:42 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H3-29 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/224/ Frame DDF4 12 KB
5 KB 6ms
6ms Document
text/html 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4fa0156d693856f79289525c8e4db988a188d55ce0283351c96d811c7ce3e2c3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/sodar2/224/runner.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://newsoku.blog/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://newsoku.blog/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
content-length: 5029
date: Tue, 03 Aug 2021 14:30:01 GMT
expires: Wed, 03 Aug 2022 14:30:01 GMT
last-modified: Wed, 02 Jun 2021 17:09:45 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 2321
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 aframe Show response
www.google.com/recaptcha/api2/ Frame B9A0 783 B
531 B 17ms
16ms Document
text/html 2a00:1450:4001:828::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

eca99dbbf29504adfe26e21761f1e5112df070d33a2014d9ecaa9fcfce2dd08b

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-1S2bsmJSfmlFuAzDCYVd0Q' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: www.google.com
:scheme: https
:path: /recaptcha/api2/aframe
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://newsoku.blog/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://newsoku.blog/

Response headers

expires: Tue, 03 Aug 2021 15:08:42 GMT
date: Tue, 03 Aug 2021 15:08:42 GMT
cache-control: private, max-age=300
content-type: text/html; charset=utf-8
content-security-policy: script-src 'report-sample' 'nonce-1S2bsmJSfmlFuAzDCYVd0Q' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 512
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 7498642122148101717
googleads.g.doubleclick.net/simgad/ Frame F790 2 KB
2 KB 8ms
7ms Image
image/jpeg 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://googleads.g.doubleclick.net/simgad/7498642122148101717?w=100&h=100

Requested by

Host: 81d96fc7c4b1ba15300e6092c7f0125f.safeframe.googlesyndication.com
URL: https://81d96fc7c4b1ba15300e6092c7f0125f.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

43cebd3a608ebebdb9077fd9cb68e7d47941b5d10fcd7e41f7e05025db54a4b9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://81d96fc7c4b1ba15300e6092c7f0125f.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 01 Aug 2021 01:24:59 GMT
x-content-type-options: nosniff
age: 222223
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1759
x-xss-protection: 0
last-modified: Thu, 29 Oct 2020 08:06:31 GMT
server: sffe
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 01 Aug 2022 01:24:59 GMT

GET
H3-29 200 data=kpx91QJw0wgnxGPP1lfDhtmqINGpKwTPChe2kkrCFEXe70-TU_86u8gNhJhR3PBjoMIqjob2JyQCqPxyXBq-VOAlkY8LYKrglgIJBYgwlfLlRbadArJO5bnGfQ
mts0.google.com/vt/ Frame F790 28 KB
28 KB 10ms
7ms Image
image/png 2a00:1450:4001:82f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mts0.google.com/vt/data=kpx91QJw0wgnxGPP1lfDhtmqINGpKwTPChe2kkrCFEXe70-TU_86u8gNhJhR3PBjoMIqjob2JyQCqPxyXBq-VOAlkY8LYKrglgIJBYgwlfLlRbadArJO5bnGfQ

Requested by

Host: 81d96fc7c4b1ba15300e6092c7f0125f.safeframe.googlesyndication.com
URL: https://81d96fc7c4b1ba15300e6092c7f0125f.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

paintfe /

Resource Hash

2423c9273ade507c8558a65499ee15ba19237cc11833e53a356fcd28179f0848

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'; base-uri 'none'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://81d96fc7c4b1ba15300e6092c7f0125f.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 03 Aug 2021 15:00:40 GMT
x-content-type-options: nosniff
age: 482
cross-origin-resource-policy: cross-origin
server-timing: gfet4t7; dur=1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 29142
x-xss-protection: 0
x-server-version-bin: CggIBBCCwZ6IBg==
server: paintfe
etag: 0ba2018d6ffadd408
x-frame-options: SAMEORIGIN
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=3600
content-security-policy: script-src 'none'; object-src 'none'; base-uri 'none'
expires: Tue, 03 Aug 2021 16:00:40 GMT

POST
H3-29 204 csi
csi.gstatic.com/ Frame 6B43 0
17 B 77ms
38ms Ping
image/gif 2a00:1450:4010:c0a::5e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=pagead&action=csi_pagead&dmc=8&puid=1~krw7572c&chm=1&c=3243664874205352&ctx=2&qqid=CJOjn_2QlfICFZWM3godc2AJzQ&met.4=fb.5s~lb.be~cmrload.fy~ol.g1~idt.0~dt.-bj&met.3=749.fy_3~735.ht_2~113.l8_3~112.l7_4&met.1=1.krw756h5~6.2~7.3~8.3~9.3~10.g~11.3~12.g~13.m~14.n~15.1t~16.be~17.be~18.bf~19.fy~20.fy~21.g1&met.7=CBsQCBgBKAIwFzjBBFADWBBgA2gQcBd4vRiAAaQYiAHOL7ABAbgBAw~CBsQBxgBIM8BKM8BMOABOBI~CBsQBxgBIM8BKM8BMOsBOBw~CBIQBxgBINEBKNEBMOsBOBpQ0gFY4AFg0gFo0wFw6gF46gSAAc8EiAGgH6oBEAoOUm9ib3RvOjQwMCw3MDCwAQG4AQM~CBwQChgBINEBKNEBMJgCOEdokQJwlwJ44waAAb4GiAH_CrABAbgBAw~CAkQChgBINEBKNEBMNoBOAlo0wFw2QF43zuAAbo7iAH-kQGwAQG4AQM~CB4QChgBINEBKNEBMJoCOElokQJwmQJ44AqAAbsKiAHhE7ABAbgBAw~CCoQChgBINEBKNEBMOoBOBk~CBwQChgBINEBKNEBMNoBOAlo0wFw2gF45TCAAbwwiAGKcLABAbgBAw~CBsQBhgBINIBKNIBMKgCOFc~CCgQAhgBIKkCKKkCMLACOAhoqQJwsAJ4-A2AAd8NiAHfDbABAbgBAw~CBsQAhgBIKkCKKkCMMoCOCI~CCEQBBgBIMwCKMwCMOsCOB8~CBwQBRgBIM4CKM4CMNYCOAho0AJw1gJ47QWAAdQFiAGWCbABAbgBAw~CBMQAhgBIOADKOADMOcDOAho4ANw5gN47XuAAdR7iAHUe6oBDAoGcm9ib3RvEBsYArABAbgBAw~CBMQAhgBIOEDKOEDMOgDOAho4QNw6AN44XqAAch6iAHIeqoBDAoGcm9ib3RvEBsYArABAbgBAw~CCgQChgBIN0EKN0EMPIEOBVo3gRw8QR4qKgBgAGMqAGIAd--A7ABAbgBAw
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/js/rum.js
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4010:c0a::5e Lappeenranta, Finland, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://b4c78a955062d9a7c1c9dcde3c5921a0.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Tue, 03 Aug 2021 15:08:42 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 adview
securepubads.g.doubleclick.net/pagead/ Frame F790 0
0 30ms
29ms Fetch
text/html 142.250.74.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=Cihdy-VsJYZSDLpWWgAfXo46oBIib7qNi9ea1wtYM29keEAEgruHQMGD1lc6B4ASgAf7b9IoCyAEJqQK6p4JiLoyyPuACAKgDAcgDmwSqBOYBT9CUxQ1rmpiIz1CohPr6uW6UbHsi-lsW5mImLQyh58JtBkx9G0_3_SLKbqi11usMksIs_D3ikbZ6N6TVVJJDjn-AWLv3WON_s71GKKgFgAOSFPezFmEuQ_GOTfbmi6LAzdGaj6vb23hy20Z5OCgXxPkoDYfVhh_9T3OlJGRoy7p9otLMbVYpPdqLTC524QAeOvSecpSKp0ADR2GtV_1Rorg0c2xjkqzSpJrq6Q_fKgGah6pKCqUPM4snxUx4MXCSmsNF7E6I1dwiSt7XckJgNrOjKLiSCFU4L2Ja37NAgnZou-YNxVvABNXThLagA-AEAZIFBAgEGAGSBQQIBRgEkgUECAUYGJIFBQgFGKgBoAYugAfqo4v1AagH1ckbqAfw2RuoB_LZG6gHjs4bqAeT2BuoB7oGqAfulrECqAemvhuoB-zVG9gHAPIHAxCoetIIBwiAYRABGB3yCBthZHgtc3Vic3luLTkwMjg1MzY4MDI3NjkzMjGACgPICwG4E_QL2BMNiBQH0BUBgBcBshcaChgIABIUcHViLTI4MDEzMjY5OTA1Njg1MDg&sigh=UryT7k_y2_I&template_id=1524
Requested by: Host: 81d96fc7c4b1ba15300e6092c7f0125f.safeframe.googlesyndication.com
URL: https://81d96fc7c4b1ba15300e6092c7f0125f.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 142.250.74.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra24s02-in-f2.1e100.net
Software: /
Resource Hash

Request headers

Referer: https://81d96fc7c4b1ba15300e6092c7f0125f.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H3-29 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 53F1 1 KB
749 B 6ms
6ms Document
text/html 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: 81d96fc7c4b1ba15300e6092c7f0125f.safeframe.googlesyndication.com
URL: https://81d96fc7c4b1ba15300e6092c7f0125f.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: pagead2.googlesyndication.com
:scheme: https
:path: /pagead/s/cookie_push_onload.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://81d96fc7c4b1ba15300e6092c7f0125f.safeframe.googlesyndication.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://81d96fc7c4b1ba15300e6092c7f0125f.safeframe.googlesyndication.com/

Response headers

p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
date: Tue, 03 Aug 2021 03:09:05 GMT
expires: Wed, 04 Aug 2021 03:09:05 GMT
content-type: text/html; charset=UTF-8
etag: 48472445140208031
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 724
x-xss-protection: 0
age: 43177
cache-control: public, max-age=86400
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
DATA 200
OK truncated
/ Frame F790 209 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d06564850f6dde47de820b8e316c460eb034243c23547eae16c76e4eaa89d951

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 brain.js Show response
cdn-fluct.sh.adingo.jp/nativead/ Frame FFDA 17 KB
17 KB 299ms
298ms Script
application/javascript 130.211.14.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn-fluct.sh.adingo.jp/nativead/brain.js
Requested by: Host: sh.adingo.jp
URL: https://sh.adingo.jp/?G=1000090646&href=https%3A%2F%2Fnewsoku.blog%2F&serial=71980982682727&guid=ON
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 130.211.14.194 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 194.14.211.130.bc.googleusercontent.com
Software: nginx /
Resource Hash: 50e9eac0952feb208cb45b749e0e758faed9e41e814c2e1193ba44c1acd64356

Request headers

Referer: https://newsoku.blog/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 03 Aug 2021 15:08:42 GMT
via: 1.1 google
last-modified: Thu, 15 Nov 2018 08:27:45 GMT
server: nginx
x-goog-meta-goog-reserved-file-mtime: 1541652271
etag: "15e6b5035860af06495b3f5ec4b900db"
content-type: application/javascript; charset=utf-8
cache-control: max-age=3600
accept-ranges: bytes
alt-svc: clear
content-length: 17182
expires: Tue, 03 Aug 2021 16:08:42 GMT

GET
H2 200 /
i.adingo.jp/ Frame 7326 43 B
308 B 752ms
248ms Image
image/gif 210.140.201.9
IDCF IDC Frontier...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.adingo.jp/?p=lOQUgr6cK6HjArhf1YpBsb5vP8oBQBB9QZTxkAlFtdqcAVIac5fyZjGz-x2UKLDu-roBXFevoKL4Idkb3UIBd3AnZ_4B86LNEeNe29YeadXgMsO353d01dDn5CKNjJP1uA8h0AywDxg7p6RcpgNm1pF_PGYEzl5j_NgmQZbP5ATLLEsfQpazy5U02wHHNnqDIPPOAsjmtx2CI4ljqLpM67rPT4WdJt_DPveopZJ_gUbmQ116kxXalmYWj7zYwGPu0Hj1FwzEy-_7D7fureVx5qIiOo4nUnJ_2fFrnxtvU-Ag6aR-UwA.&v=4WBZ8mav1pXKEQ4a&k=3&R=

Requested by

Host: newsoku.blog
URL: https://newsoku.blog/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

210.140.201.9 Adachi, Japan, ASN4694 (IDCF IDC Frontier Inc., JP),

Reverse DNS

Software

nginx /

Resource Hash

b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000

Request headers

Referer: https://newsoku.blog/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 03 Aug 2021 15:08:43 GMT
server: nginx
strict-transport-security: max-age=63072000
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa HISa OUR SAMa OTRa STP UNI STA"
cache-control: private, no-cache, no-cache=Set-Cookie, proxy-revalidate
content-type: image/gif
content-length: 43
expires: Wed, 17 Sep 1975 21:32:10 GMT

GET
H3-29 200 KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v27/ Frame F790 15 KB
15 KB 6ms
6ms Font
font/woff2 2a00:1450:4001:800::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v27/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A400%2C700

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0eaeadb58e6995ba85eccb6198aaef77eeb1d4b66699e4e1f3fc10eb6adfcdb9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://81d96fc7c4b1ba15300e6092c7f0125f.safeframe.googlesyndication.com
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 03 Aug 2021 12:00:01 GMT
x-content-type-options: nosniff
age: 11321
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15828
x-xss-protection: 0
last-modified: Mon, 05 Apr 2021 21:10:46 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 03 Aug 2022 12:00:01 GMT

GET
H3-29 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v27/ Frame F790 15 KB
15 KB 7ms
6ms Font
font/woff2 2a00:1450:4001:800::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v27/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A400%2C700

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://81d96fc7c4b1ba15300e6092c7f0125f.safeframe.googlesyndication.com
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 02 Aug 2021 18:26:24 GMT
x-content-type-options: nosniff
age: 74538
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15688
x-xss-protection: 0
last-modified: Mon, 05 Apr 2021 21:10:35 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 02 Aug 2022 18:26:24 GMT

GET
H3-29

200

pixel
cm.g.doubleclick.net/ Frame 53F1
Redirect Chain

https://sync.mathtag.com/sync/img?mt_exid=4&google_gid=CAESEGpiJdtKzjTghLMDDWm7Yl0&google_cver=1&google_push=AYg5qPKZq1So85YvxwoNXvoihFFeZyZ-OGY7gQFKMxj91yG2GBIBmCqMqPO1W1-oStbq2YnjO2vA4_nvzb_GSQ82...
https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=AYg5qPKZq1So85YvxwoNXvoihFFeZyZ-OGY7gQFKMxj91yG2GBIBmCqMqPO1W1-oStbq2YnjO2vA4_nvzb_GSQ82udbtlT_QKrdh

170 B
188 B

30ms
30ms

Image
image/png

142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=AYg5qPKZq1So85YvxwoNXvoihFFeZyZ-OGY7gQFKMxj91yG2GBIBmCqMqPO1W1-oStbq2YnjO2vA4_nvzb_GSQ82udbtlT_QKrdh

Requested by

Host: newsoku.blog
URL: https://newsoku.blog/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 03 Aug 2021 15:08:42 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date: Tue, 03 Aug 2021 15:11:12 GMT
Server: MT3 3820 7698daf master cdg-pixel-x13
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location: https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=AYg5qPKZq1So85YvxwoNXvoihFFeZyZ-OGY7gQFKMxj91yG2GBIBmCqMqPO1W1-oStbq2YnjO2vA4_nvzb_GSQ82udbtlT_QKrdh
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Keep-Alive: timeout=360
Content-Length: 0
Expires: Tue, 03 Aug 2021 15:11:11 GMT

GET
H3-29

200

pixel
cm.g.doubleclick.net/ Frame 53F1
Redirect Chain

https://gcm.ctnsnet.com/int/cm?exc=1&acc=crimtan&google_gid=CAESEDETQeM7fr2KMezEERmTkWE&google_cver=1&google_push=AYg5qPK7LfFK0Codshoaiwdag65u1NIywPTAajUYgO2zr034SpfUhTlCvrq2EBEF8IffAnPW41hjYT0gZ-Q...
https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=AYg5qPK7LfFK0Codshoaiwdag65u1NIywPTAajUYgO2zr034SpfUhTlCvrq2EBEF8IffAnPW41hjYT0gZ-QZg-yg7nw-Eq2dN4SVzQ&google_hm=TKJi2xcvR_yi0pxgvh...

170 B
188 B

32ms
32ms

Image
image/png

142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=AYg5qPK7LfFK0Codshoaiwdag65u1NIywPTAajUYgO2zr034SpfUhTlCvrq2EBEF8IffAnPW41hjYT0gZ-QZg-yg7nw-Eq2dN4SVzQ&google_hm=TKJi2xcvR_yi0pxgvhXbsOQ

Requested by

Host: newsoku.blog
URL: https://newsoku.blog/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 03 Aug 2021 15:08:42 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Tue, 03 Aug 2021 15:08:42 GMT
via: 1.1 google
server: Apache-Coyote/1.1
status: 302
p3p: CP="NOI DSP COR NID CUR OUR NOR"
location: https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=AYg5qPK7LfFK0Codshoaiwdag65u1NIywPTAajUYgO2zr034SpfUhTlCvrq2EBEF8IffAnPW41hjYT0gZ-QZg-yg7nw-Eq2dN4SVzQ&google_hm=TKJi2xcvR_yi0pxgvhXbsOQ
cache-control: no-cache, must-revalidate
content-type: text/html;charset=UTF-8
alt-svc: clear
content-length: 0
x-xss-protection: 1; mode=block
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29

200

pixel
cm.g.doubleclick.net/ Frame 53F1
Redirect Chain

https://c.eu1.dyntrk.com/adx/ga/us.php?dynk=ga2ex&google_gid=CAESEDVW2KkYh6gNy-iGtBJ2NAU&google_cver=1&google_push=AYg5qPLQDAK_b-RjLHDmUVkBoGDl61poRKFlsDtkcwc2RgOCV7RZg7v4LbqA9eLKkIO2KEz2LHekebwlAE...
https://c.eu1.dyntrk.com/adx/ga/us.php?dynk=ga2ex&google_gid=CAESEDVW2KkYh6gNy-iGtBJ2NAU&google_cver=1&google_push=AYg5qPLQDAK_b-RjLHDmUVkBoGDl61poRKFlsDtkcwc2RgOCV7RZg7v4LbqA9eLKkIO2KEz2LHekebwlAE...
https://cm.g.doubleclick.net/pixel?google_nid=dynadmic&google_push=AYg5qPLQDAK_b-RjLHDmUVkBoGDl61poRKFlsDtkcwc2RgOCV7RZg7v4LbqA9eLKkIO2KEz2LHekebwlAEw-VX2ZeIuf8Nsg6---HQ&google_hm=MDMwMzAwMDNfNjEwO...

170 B
188 B

29ms
29ms

Image
image/png

142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=dynadmic&google_push=AYg5qPLQDAK_b-RjLHDmUVkBoGDl61poRKFlsDtkcwc2RgOCV7RZg7v4LbqA9eLKkIO2KEz2LHekebwlAEw-VX2ZeIuf8Nsg6---HQ&google_hm=MDMwMzAwMDNfNjEwOTViZmEzZTYyMA%3D%3D

Requested by

Host: newsoku.blog
URL: https://newsoku.blog/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 03 Aug 2021 15:08:42 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Tue, 03 Aug 2021 15:08:42 GMT
server: nginx
access-control-allow-origin: *
transfer-encoding: chunked
access-control-allow-methods: POST, GET, OPTIONS
p3p: CP="NOI DEV OUR BUS UNI"
location: https://cm.g.doubleclick.net/pixel?google_nid=dynadmic&google_push=AYg5qPLQDAK_b-RjLHDmUVkBoGDl61poRKFlsDtkcwc2RgOCV7RZg7v4LbqA9eLKkIO2KEz2LHekebwlAEw-VX2ZeIuf8Nsg6---HQ&google_hm=MDMwMzAwMDNfNjEwOTViZmEzZTYyMA%3D%3D
cache-control: no-cache
content-type: text/html; charset=UTF-8
access-control-allow-headers: Origin
keep-alive: timeout=10

GET
H3-29

200

pixel
cm.g.doubleclick.net/ Frame 53F1
Redirect Chain

https://ads.yieldmo.com/exptsync?google_gid=CAESEO6oeUkEkU5QYVWAdk0vUKE&google_cver=1&google_push=AYg5qPKeD783LI9yQqNUjeypi546h-ohZJLRlX0BNN4QgcGFIbt1eLKa5ZBwZOXPWYqx83JLnWQvPZslUUTSblJMr2XRV7dfWsFlXw
https://cm.g.doubleclick.net/pixel?google_nid=yieldmo&google_push=AYg5qPKeD783LI9yQqNUjeypi546h-ohZJLRlX0BNN4QgcGFIbt1eLKa5ZBwZOXPWYqx83JLnWQvPZslUUTSblJMr2XRV7dfWsFlXw&google_hm=Z2IwMDJkYTA0YTFkNz...
https://cm.g.doubleclick.net/pixel?google_nid=yieldmo&google_push=AYg5qPKeD783LI9yQqNUjeypi546h-ohZJLRlX0BNN4QgcGFIbt1eLKa5ZBwZOXPWYqx83JLnWQvPZslUUTSblJMr2XRV7dfWsFlXw&google_hm=Z2IwMDJkYTA0YTFkNz...

170 B
188 B

28ms
28ms

Image
image/png

142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=yieldmo&google_push=AYg5qPKeD783LI9yQqNUjeypi546h-ohZJLRlX0BNN4QgcGFIbt1eLKa5ZBwZOXPWYqx83JLnWQvPZslUUTSblJMr2XRV7dfWsFlXw&google_hm=Z2IwMDJkYTA0YTFkNzNkMDljNjY=&google_tc=

Requested by

Host: newsoku.blog
URL: https://newsoku.blog/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 03 Aug 2021 15:08:43 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Tue, 03 Aug 2021 15:08:43 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://cm.g.doubleclick.net/pixel?google_nid=yieldmo&google_push=AYg5qPKeD783LI9yQqNUjeypi546h-ohZJLRlX0BNN4QgcGFIbt1eLKa5ZBwZOXPWYqx83JLnWQvPZslUUTSblJMr2XRV7dfWsFlXw&google_hm=Z2IwMDJkYTA0YTFkNzNkMDljNjY=&google_tc=
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 427
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29

200

pixel
cm.g.doubleclick.net/ Frame 53F1
Redirect Chain

https://match.360yield.com/match/ebda?google_gid=CAESENAmIAzA5NQrHf3iHYKkxHA&google_cver=1&google_push=AYg5qPIw1mDuWCAFwYx3IhuKigoW8bn4GayAFEw5VEQcY9p2jxxU8OmMQeuuuz8IFHEM8UVMSUjQr0BzN4WfPpxst2Oa2p...
https://match.360yield.com/ul_cb/match/ebda?google_gid=CAESENAmIAzA5NQrHf3iHYKkxHA&google_cver=1&google_push=AYg5qPIw1mDuWCAFwYx3IhuKigoW8bn4GayAFEw5VEQcY9p2jxxU8OmMQeuuuz8IFHEM8UVMSUjQr0BzN4WfPpxs...
https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=LhTk0EaGTmCbJCO5yS7bXg&google_push=AYg5qPIw1mDuWCAFwYx3IhuKigoW8bn4GayAFEw5VEQcY9p2jxxU8OmMQeuuuz8IFHEM8UVMSUjQr0BzN4WfPpx...

170 B
188 B

34ms
33ms

Image
image/png

142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=LhTk0EaGTmCbJCO5yS7bXg&google_push=AYg5qPIw1mDuWCAFwYx3IhuKigoW8bn4GayAFEw5VEQcY9p2jxxU8OmMQeuuuz8IFHEM8UVMSUjQr0BzN4WfPpxst2Oa2pl-WTW2

Requested by

Host: newsoku.blog
URL: https://newsoku.blog/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 03 Aug 2021 15:08:43 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=LhTk0EaGTmCbJCO5yS7bXg&google_push=AYg5qPIw1mDuWCAFwYx3IhuKigoW8bn4GayAFEw5VEQcY9p2jxxU8OmMQeuuuz8IFHEM8UVMSUjQr0BzN4WfPpxst2Oa2pl-WTW2
date: Tue, 03 Aug 2021 15:08:42 GMT
access-control-allow-origin: *
content-type: text/plain
content-length: 0
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"

GET
H3-29

200

pixel
cm.g.doubleclick.net/ Frame 53F1
Redirect Chain

https://ssbsync.smartadserver.com/api/sync?callerId=3&google_gid=CAESEDptXZxin7-t85WCeqEcTNw&google_cver=1&google_push=AYg5qPK6mWFSSdOzvylNsIjznTJu0I74y0bo6H56QwgCgm-eikkTY8qTxAfccva_IXLvl8yQpmbjSi...
https://cm.g.doubleclick.net/pixel?google_nid=smart_adserver_eb&google_push=AYg5qPK6mWFSSdOzvylNsIjznTJu0I74y0bo6H56QwgCgm-eikkTY8qTxAfccva_IXLvl8yQpmbjSi5c9Xy7RkAuxfF-mct62JrI&google_hm=NzYxNDkyMj...

170 B
188 B

34ms
28ms

Image
image/png

142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=smart_adserver_eb&google_push=AYg5qPK6mWFSSdOzvylNsIjznTJu0I74y0bo6H56QwgCgm-eikkTY8qTxAfccva_IXLvl8yQpmbjSi5c9Xy7RkAuxfF-mct62JrI&google_hm=NzYxNDkyMjE2MDY5OTczOTI4NQ%3D%3D

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 03 Aug 2021 15:08:43 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=smart_adserver_eb&google_push=AYg5qPK6mWFSSdOzvylNsIjznTJu0I74y0bo6H56QwgCgm-eikkTY8qTxAfccva_IXLvl8yQpmbjSi5c9Xy7RkAuxfF-mct62JrI&google_hm=NzYxNDkyMjE2MDY5OTczOTI4NQ%3D%3D
date: Tue, 03 Aug 2021 15:08:43 GMT
content-length: 0

GET
H3-29

200

pixel
cm.g.doubleclick.net/ Frame 53F1
Redirect Chain

https://sm.rtb.mts.ru/p?ssp=googlevid&pm=1&google_gid=CAESECxk4t0McdC97EA8Oi6ZTNs&google_cver=1&google_push=AYg5qPJ8jEn7cWnMHCjhqtJeTKQ2nACRarYo8p-ZTXX2DAL1_cmWH57M0PAlm6gUkvUEMh2aJCC4TF8_ym_PeS68x...
https://sm.rtb.mts.ru/match/second?r=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dstream_llc_2%26id%3Db58f3a2f-7158-4c53-b20e-359931165edd%26google_push%3DAYg5qPJ8jEn7cWnMHCjhqtJeTKQ2n...
https://tech.rtb.mts.ru/?dsp_uid=b58f3a2f-7158-4c53-b20e-359931165edd&return_url=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dstream_llc_2%26id%3Db58f3a2f-7158-4c53-b20e-359931165edd%2...
https://cm.g.doubleclick.net/pixel?google_nid=stream_llc_2&id=b58f3a2f-7158-4c53-b20e-359931165edd&google_push=AYg5qPJ8jEn7cWnMHCjhqtJeTKQ2nACRarYo8p-ZTXX2DAL1_cmWH57M0PAlm6gUkvUEMh2aJCC4TF8_ym_PeS...

170 B
188 B

31ms
30ms

Image
image/png

142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=stream_llc_2&id=b58f3a2f-7158-4c53-b20e-359931165edd&google_push=AYg5qPJ8jEn7cWnMHCjhqtJeTKQ2nACRarYo8p-ZTXX2DAL1_cmWH57M0PAlm6gUkvUEMh2aJCC4TF8_ym_PeS68xwMzjUw2ZsCzvW8

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 03 Aug 2021 15:08:44 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date: Tue, 03 Aug 2021 15:08:44 GMT
Server: nginx/1.13.12
Transfer-Encoding: chunked
Access-Control-Allow-Methods: GET, POST, PUT, DELETE, OPTIONS
Content-Type: text/html; charset=utf-8
Location: https://cm.g.doubleclick.net/pixel?google_nid=stream_llc_2&id=b58f3a2f-7158-4c53-b20e-359931165edd&google_push=AYg5qPJ8jEn7cWnMHCjhqtJeTKQ2nACRarYo8p-ZTXX2DAL1_cmWH57M0PAlm6gUkvUEMh2aJCC4TF8_ym_PeS68xwMzjUw2ZsCzvW8
Access-Control-Allow-Credentials: true
Connection: keep-alive
Access-Control-Allow-Headers: Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With

GET
H3-29 204 attr
cm.g.doubleclick.net/pixel/ Frame 53F1 0
12 B 29ms
27ms Image
text/html 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13LStwB00qVqemfa5HnToERPIx-lH3xIMmmCxh12tJDCgZR-yFEmQ_mOIUbstNPuqtAuSNCniw

Requested by

Host: 81d96fc7c4b1ba15300e6092c7f0125f.safeframe.googlesyndication.com
URL: https://81d96fc7c4b1ba15300e6092c7f0125f.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 03 Aug 2021 15:08:42 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H3-29 200 tBv30B7cEwOfmOtuBIU0RKM2cx09bPxFJYI-bfU5S6g.js Show response
pagead2.googlesyndication.com/bg/ Frame DDF4 35 KB
13 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/tBv30B7cEwOfmOtuBIU0RKM2cx09bPxFJYI-bfU5S6g.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b41bf7d01edc13039f98eb6e04853444a336731d3d6cfc4525823e6df5394ba8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 01 Aug 2021 09:00:12 GMT
content-encoding: br
x-content-type-options: nosniff
age: 194910
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13260
x-xss-protection: 0
last-modified: Mon, 26 Jul 2021 08:58:00 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Mon, 01 Aug 2022 09:00:12 GMT

GET
H3-29 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 5697 0
20 B 41ms
41ms Image
image/gif 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=224&t=2&li=gpt_2021072901&jk=3243664874205352&bg=!UFOlUxfNAAals0SOpbM7ACkAdvg8WuJ8nI_eKeAQFSl-TOP6ugpN9I2RywKNWZT2NqhSqiptDSCHHAIAAAIdUgAAAE9oAQeZAoYapH7luMNZiQZq27ee8uWjIM8LrtXNYPXnwnU1DzWFXsC7s7reuE4G6gxleAe7AOeak5LuwGIqcdy04VmuGntI5IAKDXkNAqsXNqr4bB9LSY_mrc5A445gseBFQ0KG2POGILIzk0OWcHi6xjcs9vmpsPL6pwkK5dLipwV6buT6p7WSyNuG3qXIk8D2amw3cmtCGDt9uu8tUdKcy4XTmSUYikNe0n6yWZNcnR1CPVieJCIAfgn_M2qR_XOlvyuvMk8eLBMZmPWFak3WSt9WevGXX-tz8hXDx7vRDtSBTDEBRqntOAoN_LuXEWSTba0kcBeIUCyuAcr2FD1-yDsyWfU4XPVmivImKhbVj3dLh-4JiPQYqY0s-8oS79IeJkbzEUjKsabqHSYbh6gIot4SrYPcEra6rZ8aN3w2XYlLYFYbCpp_67XA2bREx_5C5gRtYQJErEyGNYdKzY1xCgjWnuWY0F55wUiz2LgK3E1A4oggLsB9LlL8O9nQ46Z6BxCqWM2gIe0KzzNNHHnjmMLAvgwoUvqKP_Y21lnNgTINNopsq13P_cAUK8-_HlQ5tC4fMQh-jfxpTGQzcpEsjjBgAeUSqBQ3TYmYvOh9SwqKCn_s2ORWJJ-i8jTfD3DkhKqV86bivaz9fPErL3uOa6h9jjIY-sZvoTcoLMdaYdzCGeNNqHVIaNJRxskqZHbwSPs7gxxZDUm8TDRK6SqkYqJqC-apAM1cfxLxOsxj7CNc1sVFutsCA4IPwSIGKbp3KiOh_IP0w9Y8XnO9ZccUx7uTjT6xrXmY0c4ou51toyBXZlV5__wSOoBdlZH0D_jw6C9mJZ_2f2tUrFERjXn8kQUKB8e_P-1YpHVW

Requested by

Host: newsoku.blog
URL: https://newsoku.blog/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://newsoku.blog/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 03 Aug 2021 15:08:42 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame F34D 0
20 B 42ms
42ms Image
image/gif 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=224&t=2&li=gpt_2021072901&jk=1366492352355720&bg=!NzSlNHDNAAals0SOpbM7ACkAdvg8WllzR0sPss5NJLoM0tAJT8eOXHr_w10VaQHZet5dgzbIBiS5oQIAAAIMUgAAABVoAQcKAOusy3Be2PpD5VXTekcHQ45jL_MIamftU3nKIZSWdfNMT-O8VWTEc9CIPhovPvSloh0al-6BmORbXa_iaPnSeiznP4_R_vLfe_Z1iNY3FUImrURNcdtnJvFmyul7cHy9IFAVIPUrjs8SoiiAaHrs-akWGpkTQHfYLMAnep-TPBpzhOplSKla_h65Ha1VSZ7MzXrqsyMxRkgCLxVPSC2PQK8YycQwj0Zqgxx0hdpcgx3hgu51Qd2Juv4KBMHIGTUVuE2wyX1OWwQc_byP1CBmgOseoqvy1L8MjQfXrlug4qk37PTQ4ilxgwzeN2pMmQJ-odX4R033jBR3Wgfr3vIg0CsgZguHQg63MjSfP3BsmHP-PEGUinePhnSznkNI_fRgkyeOneuidMEzJzw2sLhgSv1GB2HVTxLSqjtfRlRvHxC9Y8V0f7H2GkFagAsikJltm1yCs8ryM4whtFvfJ6cTQJcEEYq-BiHA_kRHUFMoAW6OknSFWFW1pzxnYfNpOMVXQ0LQd_dDV-FFacUp-jLnMjy6FTYz8XA9dOncQ8QUF9w1_qR2E_ozhkTVSBiRaUWXi28Q3-siz6XldNr1Fd5qNdx7WWSKknGtCzSgDIlmytMX55DwLS_EEJlavImz0j112hXNKClE3AgmxfpZYH9apkCzA7Q1ZePuITaWuZbKVRS-1_-g_A4YD5E0o9UyE2-IVvpsQ7Tt7BBulxpvsb32AvNVxMd5K4c7JiYTFwGEekPmzdBOi9bDrBuJ3pfZU9-ZizfNLCBQUrxQMsbrDtzdY_GaNOIArp7ElBveWiIzmsDUQIvuTEYN-Ay0g3SAkGS5FfqcQCWPVK23EMZT-KmRB_CikR3wF_KXvQ7fX99HH8E4X3a2hV6_84kdGF-tZ1YMIVtCHePIAAN-PbJrP4udE05Q0oyYOUKn1T3U74_6bUiZqR7_JYP0Vzmdbd4za6gD4PRHTxJFU5ucxicYzYzWpdz_PO0bfoDxaTp3JG0r2xF9GQe234TNt7VrVyX25s9wTpZk2WqQLEcwJtWP4_uYLmp9Zq-19gu1x3PsybM-_aAPNPyxFxlznkpw2IGc9OuC7WpBnR48JmX_84CDglMmj9NU1tLOMV4XsMVEkZEgub-yuSPlVvZcY0ApITTseUmDfJl856jJRuCln_K2ZuM

Requested by

Host: newsoku.blog
URL: https://newsoku.blog/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://newsoku.blog/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 03 Aug 2021 15:08:42 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 697C 0
20 B 43ms
43ms Image
image/gif 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=224&t=2&li=gpt_2021072901&jk=3215286206287082&bg=!ZGelZyPNAAals0SOpbM7ACkAdvg8WgyIaVoZYmh4v_vYUfmOdOnjpxpFLdKiZf9zOZnp6uRXbGT1lQIAAAJwUgAAACRoAQcKAQIjD05lds8Rr7MRUjR3q1VOLGSaR_PCxJuriAjBFpx3Y7y22y6PwWupWyTfHn-HLKfIQLnniU5FwimG_T9OqfyIqrUkiH9Wa9by6PrZSawu026QI-UbRIMfzfzemNzJzK4vz4MA4BsdJZUc7S4rObtjQEetKmrV23D0TkvmcSNS1oFA_ZWJKIVg0NJtohNWv1hwbeFiExZgEYx3uoT2zTKnYh95wOeB7HpnHGdAciSEa-eCxV8DsUVPDqrEkL27rZukKE1ZsXQ7TaWiOZpcidzp0lwy0xYoqrSSby0TLEK8-tv-NssaS6iiZqLbjWcomAbd8-vu643S1gpTFBLAe5TNwJOZAo4DzMIVGBy9fK3xCpHgD7L95Aw3ENEJbkmUkU74kfCO0MIijZSBWp2IEFuscfwtezdJp_E0C9taoVRhvZXthYEzDz2upZZI79isc7G1tNt983xaRzoWMihTTVXLKgAfppGpJi-Z0rHKc9Cb6y4yQDvrQEdK-uuaJTRFKw5M0-FiluHM0AR9gnnCLCNGhZbHV1yCcBEw10kZZClrI8VLpG3f2LDGxkYwniemzP7VjRXIJbQP-wuDE5QKQrGkjgRpGiLcyWwlCElf158xZPdSVUcYQepcBhpzMZP_of7lQaefOpimFwbe44sGt13gU6W2qVNb6PWnx55WtWHZw3xFHd1ScPuJN0csauSJYiyou7MiI3bPywkb-rH3k1FQULx-ic-CNUuldnYMBeKKrZVdjMw_AanFYNH6DHXWQbvgi4Uckl30iIgbmoQ6XUh2H4Xar6wSNuWmO75CfnBJwze_zTq6QdnQ1NXfMBAfVKPR5IZNfS-go6Ou9VL7JKhL7sgoEaccvCvWAbWDC32dFYYeKkQK3FXqHZRHAYPbut3r-gv29nLywXyP8xR0lL4VpsyfTwt1kW47M129QbMCxxDCdIl7IOe_37J-FEm8WbKoweM58dTpvRiC7p7uID39TMDqc54W0y01SA9RDGsvDwBN_UnW8XvHkHyffh_dGZDJgGTMCif9qYvKoV7710E7xS8KPs6Qu8WWnNVQ-1PJJTuIxOLnWsUaq_xhegbKU1N6-r8dZWgQ9SiVe1AspjCoPiW5Vn--P8urN-4ZWY0L-hwx2ffjHenWCKOciuvfqijQC47O4wwweGvIGpUWo6sIWln3Y-QrokAUvRX3Nv9iTgCA4dmVH1YiYr6P9tPuylZqdcY

Requested by

Host: newsoku.blog
URL: https://newsoku.blog/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://newsoku.blog/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 03 Aug 2021 15:08:42 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200 v2 Show response
sh.zucks.net/opt/native/api/ Frame FFDA 545 B
1 KB 1012ms
249ms XHR
application/json 54.249.21.2
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://sh.zucks.net/opt/native/api/v2?frameid=357343

Requested by

Host: cdn-fluct.sh.adingo.jp
URL: https://cdn-fluct.sh.adingo.jp/nativead/brain.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.249.21.2 Tokyo, Japan, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

d3289ff1eeb29416aaf4ad9760dd59d8a04108138d39298e00c112fd097c00c6

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://newsoku.blog/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
Date: Tue, 03 Aug 2021 15:08:43 GMT
X-Content-Type-Options: nosniff
Last-Modified: Tue, 03 Aug 2021 15:08:43 GMT
transfer-encoding: chunked
P3P: CP='NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa HISa OUR SAMa OTRa STP UNI STA'
Access-Control-Allow-Origin: https://newsoku.blog
Cache-Control: no-cache, must-revalidate, no-cache="set-cookie"
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json;charset=UTF-8
Expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H3-29 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 514E 0
20 B 44ms
41ms Image
image/gif 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=224&t=2&li=gpt_2021080201&jk=2415913545197954&bg=!6-il6KzNAAals0SOpbM7ACkAdvg8Ws0zBOuouA55uERKjJNlUqifBBxhO6X2za_Ggw67BhIflKVb3gIAAAD2UgAAAAxoAQcKADQS9WI68BT8L4sWr9PRQ9XrfZADyO6FXeDhIqRUOfXiAtkeoxlJ3-MmSlfcgVymjRCgeDlemQKLjefCZPVaAlVdx6FnZLfYwN_pTDKykMTKhdAud8FYVXX_PX2fe2i3Iq3cGc1SZmbC2XiTZPcwdMxqeu0us698E6nYdGtASD8eEIghSLpD6lwbNC0VgaKU89526HwcTp2Riz-KirfBLP7lN46HUha7tUVTeAcXCWmgCf6ypw1cjdCbCDdCPVcpeZzYxh6CW0PwKlmP-mmErmnYFviD3-35tI9_lCDW0hWp9ApgJQhjGpZ9MII51B_WQLx_WocSpS3liMYqFVxuIXO4Ti8GPtgTcElNpL6uovzclPMX5oVYXQm2WToRpvmD-FFUU3wXMeo0epVVOMqPEV5roAoQ6N9hSfcXOwVFnfEBcFMjvz_aR-VFkjw20EyVEbrdr5vF5z_j4mnFfVSGlPsaeaRp6Qd-3-j8dp5n_lmU_BYipSBqZkVK6s3jIYWyrhS4Hie2O_r3iGKxIAmycIPHJwC_pE7IfLlKz4U0dKM1HwIT1SxDSj5HdFj1EugQYqnCWNsg54KGZudqfm83I0huF_V_Tgzqj7KdplVyQLJMURGznoeGHRN-VtKPIzN4NO32CbRTzzlci3GETo7DXc9FrtSePfUiComUVVdJi76DTthslbg3XkohCvbPWfLVCl0LuvfuMrBw-mXC2CZ522ayopvjjEne1NfVI4Sfb9dURwT1uBA78TJ7-OUgpaCAQP4rhR7wxsWK4vpm-LF3PHMYgAFd9nRzchMxzTTX1pODIU7VCHagOMzkRb98OykRMi4altwNeQkwsQZBSzA27FTzqSMy5YfM8BQYNtBRoCtidltzKBiAoGDiyB6NeNntEyH3ACogDwK6c_5_AhbhQr_yXQ5IDBl61uwnUuMreSmlUyHD

Requested by

Host: newsoku.blog
URL: https://newsoku.blog/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://newsoku.blog/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 03 Aug 2021 15:08:43 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 11 KB
8 KB 19ms
19ms XHR
application/json 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20210729&st=env

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ed0abb891628b5888eb336858e3cd3ec1b52a22f20b7ed999acd546e798026d1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://newsoku.blog/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 03 Aug 2021 15:08:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8612
x-xss-protection: 0

POST
H2 200 rum Show response
cloudflareinsights.com/cdn-cgi/ 0
77 B 22ms
21ms XHR
text/plain 2606:4700::6810:5e41
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cloudflareinsights.com/cdn-cgi/rum

Requested by

Host: static.cloudflareinsights.com
URL: https://static.cloudflareinsights.com/beacon.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:5e41 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://newsoku.blog/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
content-type: application/json

Response headers

date: Tue, 03 Aug 2021 15:08:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cloudflare
x-frame-options: DENY
access-control-allow-methods: POST,OPTIONS
content-type: text/plain
access-control-allow-origin: https://newsoku.blog
access-control-max-age: 86400
access-control-allow-credentials: true
cf-ray: 6790768398474e8b-FRA
vary: Origin

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 15ms
15ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a5ead9037af4a0e749e217f63b25a25493a7705e17d98f04b336ab1370a353db

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://newsoku.blog/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 03 Aug 2021 15:08:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1624308425655142"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6467
x-xss-protection: 0
expires: Tue, 03 Aug 2021 15:08:43 GMT

OPTIONS
H2 200 rum
cloudflareinsights.com/cdn-cgi/ Frame 0
0 83ms
12ms Preflight
text/plain 2606:4700::6810:5e41
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cloudflareinsights.com/cdn-cgi/rum

Protocol

Server

2606:4700::6810:5e41 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://newsoku.blog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

date: Tue, 03 Aug 2021 15:08:43 GMT
content-type: text/plain
access-control-allow-origin: https://newsoku.blog
access-control-allow-methods: POST,OPTIONS
access-control-allow-headers: Content-Type
access-control-max-age: 86400
vary: Origin
access-control-allow-credentials: true
server: cloudflare
cf-ray: 6790768388164e8b-FRA
x-frame-options: DENY
x-content-type-options: nosniff
content-encoding: gzip

GET
H3-29 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/224/ Frame 0CE3 12 KB
5 KB 6ms
6ms Document
text/html 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4fa0156d693856f79289525c8e4db988a188d55ce0283351c96d811c7ce3e2c3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/sodar2/224/runner.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://newsoku.blog/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://newsoku.blog/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
content-length: 5029
date: Tue, 03 Aug 2021 14:30:01 GMT
expires: Wed, 03 Aug 2022 14:30:01 GMT
last-modified: Wed, 02 Jun 2021 17:09:45 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 2322
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame E8F0 783 B
759 B 16ms
16ms Document
text/html 2a00:1450:4001:828::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

ea6403bd57b1dbaaba6f09e9e866a11024b05d8ba68c5bc2f43d0d547f8277f1

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-Tdi5tbVP/a/N/2AXDBaQNg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: www.google.com
:scheme: https
:path: /recaptcha/api2/aframe
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://newsoku.blog/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://newsoku.blog/

Response headers

expires: Tue, 03 Aug 2021 15:08:43 GMT
date: Tue, 03 Aug 2021 15:08:43 GMT
cache-control: private, max-age=300
content-type: text/html; charset=utf-8
content-security-policy: script-src 'report-sample' 'nonce-Tdi5tbVP/a/N/2AXDBaQNg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 512
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 tBv30B7cEwOfmOtuBIU0RKM2cx09bPxFJYI-bfU5S6g.js Show response
pagead2.googlesyndication.com/bg/ Frame 0CE3 35 KB
13 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/tBv30B7cEwOfmOtuBIU0RKM2cx09bPxFJYI-bfU5S6g.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b41bf7d01edc13039f98eb6e04853444a336731d3d6cfc4525823e6df5394ba8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 01 Aug 2021 09:00:12 GMT
content-encoding: br
x-content-type-options: nosniff
age: 194911
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13260
x-xss-protection: 0
last-modified: Mon, 26 Jul 2021 08:58:00 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Mon, 01 Aug 2022 09:00:12 GMT

GET
H3-29 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 40ms
40ms Image
image/gif 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=224&t=2&li=gda_r20210729&jk=1267796506519893&bg=!ERKlElbNAAals0SOpbM7ACkAdvg8Wjb0Co3IvQl9fk6ho23Y9hZI0gS2vHFP-GgGekjmwS6vvO6f6wIAAACGUgAAAA1oAQeZAnH1C1L1YRRqOjMXxTGAld0LiXoeSibXpMF5v_IZ44hm0CebX9BmywEj8O4orUwBM-FrEPeVklhgPig9sPexYBDXdm1MDvAslFOO6DDg6g400NiTOUhdFBN3ujMzWa-4SZ4CxutGKptrr-qDNMyRIDU0cviVKbHdZoEBGs8BRJtiMEDSTyVCtFN29r1VAX3q1dCr-Dm2Kkq5nPVGmauWaDIVwSEyMRAnvXkuBkq23ISm52SC0uTNupeVZhkE4EDWRypZkAOOd_bfLFfjtN80I_PxhWIdq_9VxiP2gm2vbX8Wn_zHPvsm-oLleO4UxOz71EVEzy1E7Eyg4_90XUxMi8D92L42pBvqxbDRMuoARiVu52vfuGegbBQPBUKxFnChLvDlhRjGkh_rDDTWQbKUOjHGFar31J4g0sE57pSUldw2K2OKqMa1AUx8X6fV7mmRSnvIpnexv3Tmg8UGY25o27lX3K5hYi-2qIoQbMpJH0abVmWpXJHKjQIUcokrS7RhXvrur0ZQ5ad3h8j1bjKWjZaI9hedb1hFrZq7sqCzGnUq7BPFy0pu6JjRYZd34b0Wv49E14Y9OHn8oRmKR4PkDmquoKXIOlf1UpqK4FilW_SKJTefnYWS-cPjh-uJx7JoxBRWy37gPLckZpeL_eGUrzEEtLiz2KucLRyMbVFYJ-jpKD9ku0ozcmFlchAiIZ9cLgYjBkguHTVCD7pbHK8XQGw2grsdvR38RrHWBLl7yrhqlsgdfZkSZ_nGgN8kEttjZD-WrQop_muGsgPv5fzssOh_ut4mQA4nG6gLuafFYiHy1OiTmRpitbPL-_gq-DaUslJY

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://newsoku.blog/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 03 Aug 2021 15:08:43 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 6.gif
p4-azawbssdnwqhi-mqnd6znxwtgq5ixb-995799-i1-v6exp3.v4.metric.gstatic.com/v6exp3/ Frame 7388 35 B
427 B 89ms
27ms Image
image/gif 142.250.184.242
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://p4-azawbssdnwqhi-mqnd6znxwtgq5ixb-995799-i1-v6exp3.v4.metric.gstatic.com/v6exp3/6.gif

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.242 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f18.1e100.net

Software

sffe /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://p4-azawbssdnwqhi-mqnd6znxwtgq5ixb-if-v6exp3-v4.metric.gstatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 03 Aug 2021 15:08:50 GMT
x-content-type-options: nosniff
last-modified: Thu, 03 Oct 2019 10:15:00 GMT
server: sffe
content-type: image/gif
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 6.gif
p4-azawbssdnwqhi-mqnd6znxwtgq5ixb-995799-i2-v6exp3.ds.metric.gstatic.com/v6exp3/ Frame 7388 35 B
427 B 49ms
13ms Image
image/gif 2a00:1450:4001:80e::2012
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://p4-azawbssdnwqhi-mqnd6znxwtgq5ixb-995799-i2-v6exp3.ds.metric.gstatic.com/v6exp3/6.gif

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2012 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://p4-azawbssdnwqhi-mqnd6znxwtgq5ixb-if-v6exp3-v4.metric.gstatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 03 Aug 2021 15:08:50 GMT
x-content-type-options: nosniff
last-modified: Thu, 03 Oct 2019 10:15:00 GMT
server: sffe
content-type: image/gif
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

OPTIONS rum
cloudflareinsights.com/cdn-cgi/ Frame 0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: um.wbtrk.net
URL: https://um.wbtrk.net/doubleclick/user/match?google_gid=CAESEGs_RL9HmKaU-KHYhmgkKZQ&google_cver=1&google_push=AYg5qPK_bHFQCQ8HfwAqSXnfCHveN2Myejt0h2K_wi6nIWAktcS-d-9q2wPZB24SyLb2BX3CUuyoplxkbPSE_DQfaKfHpAZ2HMeQ

Domain: cm.g.doubleclick.net
URL: https://cm.g.doubleclick.net/pixel?google_nid=chocolateplatform&google_hm=Y3AtNzNkNGU2NDZhOGZiNGZhMTU4MDkwMDhhNzYxYjRhOTU=&google_push=AYg5qPK_rDm8XMYf-GEHQJ90j3nwvcJ-9WI5Ttq0nYIhjx-eoczizlEZNv4Lz3dtVUq5_EbjtmC7f0ikRfQWYDVexxP90IhCIT24&google_tc=

Domain: cm.g.doubleclick.net
URL: https://cm.g.doubleclick.net/pixel?google_nid=antvoice&google_hm=NzNiMDI1M2YtMzc1Mi00NDI0LThkNWEtZGExYjQwOGIwOGNh&google_push=AYg5qPLp01fHxmM0uMawz_HJkIrouDbApWDDh_AvgQUNaWisACk2ZLY3LwEhDHuAzwu5RbHQcuvmwq7I6S7h7YvDzFHXCEwqn5zdgA&google_tc=

Domain: cloudflareinsights.com
URL: https://cloudflareinsights.com/cdn-cgi/rum

Verdicts & Comments Add Verdict or Comment

124 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

1 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			.doubleclick.net/	1970-01-19 20:13:24	Name: test_cookie Value: CheckForPermission

4 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	info	URL: https://cdn.ampproject.org/rtv/012107240354000/amp4ads-v0.mjs(Line 6) Message: Powered by AMP ⚡ HTML – Version 2107240354000 https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4110214929210244&output=html&h=600&slotname=4858775902&adk=2423983721&adf=4117875246&pi=t.ma~as.4858775902&w=300&fwrn=4&fwrnh=100&lmt=1628003318&rafmt=1&psa=0&format=300x600&url=https%3A%2F%2Fnewsoku.blog%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1628003319581&bpp=2&bdt=1257&idt=2&shv=r20210729&mjsv=m202107290101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D70788018dd48af57-22dd5d5890c900e0%3AT%3D1628003319%3ART%3D1628003319%3AS%3DALNI_MbaYN8En-COu8JidTAj9lI-9LYyQA&prev_fmts=0x0%2C1106x280%2C1106x280%2C680x280&nras=1&correlator=1858602499989&frm=20&pv=1&ga_vid=1952375638.1628003319&ga_sid=1628003319&ga_hid=1915987041&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=274&ady=2601&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C20211866&oid=3&pvsid=1267796506519893&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=lCDDxK0JOU&p=https%3A//newsoku.blog&dtd=6
console-api	log	URL: https://newsoku.blog/wp-content/cache/wpfc-minified/1s4y1w1p/hdd34.js(Line 1) Message: JQMIGRATE: Migrate is installed, version 3.3.2
console-api	log	URL: https://newsoku.blog/wp-content/cache/wpfc-minified/1s4y1w1p/hdd34.js(Line 54) Message: q2w3_sidebar_options not found!
console-api	info	URL: https://cdn.ampproject.org/rtv/012107240354000/amp4ads-v0.mjs(Line 6) Message: Powered by AMP ⚡ HTML – Version 2107240354000 https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4110214929210244&output=html&h=280&slotname=3175488137&adk=148966444&adf=3061787000&pi=t.ma~as.3175488137&w=336&fwrn=4&fwrnh=100&lmt=1628003318&rafmt=1&psa=0&format=336x280&url=https%3A%2F%2Fnewsoku.blog%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1628003319599&bpp=1&bdt=1275&idt=1&shv=r20210729&mjsv=m202107290101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D70788018dd48af57-22dd5d5890c900e0%3AT%3D1628003319%3ART%3D1628003319%3AS%3DALNI_MbaYN8En-COu8JidTAj9lI-9LYyQA&prev_fmts=0x0%2C1106x280%2C1106x280%2C680x280%2C300x600&nras=1&correlator=1858602499989&frm=20&pv=1&ga_vid=1952375638.1628003319&ga_sid=1628003319&ga_hid=1915987041&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=256&ady=3901&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C20211866&oid=3&pvsid=1267796506519893&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=6&uci=a!6&btvi=4&fsb=1&xpc=jWuEFoM6Mx&p=https%3A//newsoku.blog&dtd=5

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

04b69d6d8560a76f08fdb9f6dcb725ab.safeframe.googlesyndication.com
352510982c2b3d189368b9f6ac9ac6e8.safeframe.googlesyndication.com
81d96fc7c4b1ba15300e6092c7f0125f.safeframe.googlesyndication.com
a.c.appier.net
ad.jp.ap.valuecommerce.com
ad.turn.com
ads.yieldmo.com
adservice.google.ch
adservice.google.com
adservice.google.de
aid.send.microad.jp
b4c78a955062d9a7c1c9dcde3c5921a0.safeframe.googlesyndication.com
blogroll.livedoor.net
c.eu1.dyntrk.com
cache.send.microadinc.com
cdn-fluct.sh.adingo.jp
cdn.ampproject.org
cloudflareinsights.com
cm.g.doubleclick.net
counter1-cdn-ssl.fc2.com
counter1.fc2.com
csi.gstatic.com
dclk-match.dotomi.com
dsp.adfarm1.adition.com
feedrapp.lliy.biz
fksnk.com
fonts.googleapis.com
fonts.gstatic.com
gcm.ctnsnet.com
googleads.g.doubleclick.net
gum.criteo.com
i.adingo.jp
i.imgvc.com
j.microad.net
jgl.microad.net
match.360yield.com
match.adsby.bidtheatre.com
match.adsrvr.org
match.sharethrough.com
mlb.valuecommerce.com
mts0.google.com
newsoku.blog
p4-azawbssdnwqhi-mqnd6znxwtgq5ixb-995799-i1-v6exp3.v4.metric.gstatic.com
p4-azawbssdnwqhi-mqnd6znxwtgq5ixb-995799-i2-v6exp3.ds.metric.gstatic.com
p4-azawbssdnwqhi-mqnd6znxwtgq5ixb-if-v6exp3-v4.metric.gstatic.com
pagead2.googlesyndication.com
partner.googleadservices.com
px.ads.linkedin.com
r.scoota.co
r.turn.com
rranking9.ziyu.net
rtb.openx.net
s-rtb.send.microadinc.com
securepubads.g.doubleclick.net
sh.adingo.jp
sh.zucks.net
sm.rtb.mts.ru
ssbsync.smartadserver.com
ssp.adriver.ru
ssp.send.microadinc.com
static.cloudflareinsights.com
stats.g.doubleclick.net
sync.1rx.io
sync.mathtag.com
sync.srv.stackadapt.com
sync.targeting.unrulymedia.com
tech.rtb.mts.ru
tpc.googlesyndication.com
tr.blismedia.com
um.wbtrk.net
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
x.bidswitch.net
cloudflareinsights.com
cm.g.doubleclick.net
um.wbtrk.net
103.142.125.193
103.142.125.195
104.111.228.89
13.248.242.197
130.211.14.194
133.242.86.196
142.250.181.226
142.250.184.242
142.250.186.163
142.250.74.194
143.204.98.55
147.92.191.167
159.65.196.12
172.104.105.5
178.79.242.41
18.184.94.176
18.210.5.212
185.29.135.226
185.86.137.107
2001:678:cb4:bbbb::11
202.233.84.1
210.140.114.22
210.140.201.9
210.152.186.218
213.19.147.44
213.87.44.187
217.66.147.162
2606:4700:3033::6815:3978
2606:4700:3035::ac43:af3d
2606:4700::6810:5e41
2606:4700::6810:5f41
2620:119:50e3:101::6cae:b45
2a00:1450:4001:800::2001
2a00:1450:4001:800::2003
2a00:1450:4001:803::2002
2a00:1450:4001:80e::2012
2a00:1450:4001:80f::2003
2a00:1450:4001:80f::200e
2a00:1450:4001:812::2003
2a00:1450:4001:813::2002
2a00:1450:4001:827::2002
2a00:1450:4001:828::2004
2a00:1450:4001:828::2008
2a00:1450:4001:82f::200e
2a00:1450:4001:830::2002
2a00:1450:4001:831::2001
2a00:1450:4001:831::2002
2a00:1450:4001:831::200a
2a00:1450:400c:c06::9d
2a00:1450:4010:c0a::5e
2a02:2638::1c
2a02:fa8:8806:12::1370
2a04:4e42:3::737
34.212.109.130
34.96.105.8
35.157.249.55
35.158.223.21
35.186.193.173
35.186.253.211
44.194.225.67
51.178.20.139
52.17.35.107
52.208.100.147
54.249.21.2
81.222.128.215
85.114.159.93
00a0d0da4524782a36ccb400080add32816b7a813c9bbef382913dac381abd5a
01ac0b8e84e2e1291f832e521a0382c7bd8a93dcfbdc0514b3ed5a02e607f1c7
032d7424ff8648f023de44b87fecd221968b9e3452d64ad8b39867381d8ad53c
05c43a7a09a10889ed3e26315298115bf370c6b7318502fc26db583d30d6bd40
0745d5244ce414b3c41c4e9d3c71c61bae9ed3bf397cd4b4c4bcfa91e9dd5ba3
0b80f6bab833ac724ca1abba7179e4cc76eded869df0929184e4f5a1145f960a
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0d80f3242f87172d31de75947d120ff8da9caf53b5827e5ca96c2bce0daaad19
0e567066985125e7974f68b42914dcb134e3c38373a4a3d668bdb38a3e55f299
0eaeadb58e6995ba85eccb6198aaef77eeb1d4b66699e4e1f3fc10eb6adfcdb9
0f291be20656907c8df9b192ff260ea1d2e02d433cc9c243568db93b2fe7c026
0f67a744ec50567f11b95186ba88b16abdccb649be04777f4108430c2429929f
11c4b6aac8a71e3c7ea7ee134e871895f33ee8ce8481431b5f0b6145370b6a5a
13b4cb1e8f744dbc4085d2d55103bf1be6f2eefbdca1b7b78fd9447bfe279c95
1609bdcf4696c8146359638f33c35febdaba621dea00137283c61efc17504909
1780f5cfab0200a003ac252b6ada34ff27fda228f075546ec3a6a344d0df426d
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
18823a038c5c0161d2ee22fdce041611e8afdda41b9a32e1e8238225c7bafbff
1be85989c4f40b08a96cb0180f37bad09e0a9242cf8e385498c10bf66d3a51c2
1e50f76135cc95fff5370f1cc12cf75aaec06a62d6506be45de107fa968a245d
21161526e04840490e533e0233cabdd93eb1fe6632c84622e192c023c3bcc21b
2152e009f6f6a4b2cd233039b8cf3652dd9c7702462b0a92fe37654505a5d981
236caf7e2e9841d778636516c702aea4d731e8b975087adef8663c38be73aa7a
24180076912619bfdda14fe2cd15327c01d178bda15002cf9c2e4e8bb20abb8f
2423c9273ade507c8558a65499ee15ba19237cc11833e53a356fcd28179f0848
2456fb8d798b3cd903d1d5aa87ab4a0d04041905c11193466c2c13ba0de854c0
24b46213f316c4339410661249924ae9ec8dc9cccb2a2ff3cba18212e879fa3f
251d2b5423a0840a5487933246d2662ec3df5244480dd53c6231f12f60d58349
25897b37917ec3d56c2532ea78e2420c36b08af75b8af7bd94d1bd0d1a0ea4fb
26f90071422a01b2d41f6e76aa7ef14053db9b988d9daa055d57e204d4083fbf
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
2be571bb157e91a4b0d4dccac8883ffe3f5af5dc0b527464ad2916901344555d
2eddec2ca7c220a9be44b28bd5f6fa18401480c4449fecdb559eb9ab8513463c
2fdc1be927c5fc7bbe9e2d1f556e0abef235d7f04b14056c7e5a53dca617cfe0
3191b46c3e68fc6e7da713a04e64f257e5eea0ae0b4b477031a1b885d9e83130
31f6e6c579a8ff2b68df6a0835b6cc55e6e127da579b3015db8529c3ad25cc6e
33530b007071281a97e79baab13ddf7cc4b9de942ebd3e212224857335f7cb97
33ee4a8c8a79b4ad2409c2fa5a560647c1ae021e0e497a1583fecae77e9da829
3797f447bfc7d0b40b680141d493479c6017d494fd2c711b7d50fdb86d9a2809
38514c8f34e2825e860a6f3b1c9b1981cd75ee81238999a52aaa7a0ad0873bbf
396a64dbad0329e4c3687da65342ca6b1633e0adfebb5ccbdf52a79e8bb28d37
3a0e75996c3d46bc700f5afe72b5ca7518c8922bfb7bf2533da0e9c81764549b
3a8e4c86e7b057ed0163644164fa0538234308e226deb7934278a2b95a21da5e
3b3c3a714f1f02c5a2170135d230c23391ed4876eec1b5a6b80a456ae7602350
3c30f9db6ce74a9fadf8de7de2ae7e23428d3c043f576184c391908f8154d2f7
4075d8c0c312c24df5548f967cab5fbf808fe78fdcef9d4032bad92f6cacbb70
4365d8a4c65e281fd14d7802f528c5d164524fb4637821acd4bcb2ba8083900e
43cebd3a608ebebdb9077fd9cb68e7d47941b5d10fcd7e41f7e05025db54a4b9
44ccdd6493fd66e1bd0a1a3400877c951c72431a7af3ad8051ac4795ba813816
4527c806df258be9d6ac87c7056b67493ed62b0ab9d77a65a77773cbc4c2cb66
4659031891bafc2ea1d492464f6304a4ab4014b02cf94716dc17ca96793d4448
46bdf98ce93980c477de96ced5a49b0c17a2b5207097506b76f1bfd413c8c22b
46ffaecafd3168c8a1886374da78cf22b9410fc6687b5cc6e9d02d9029b46256
477985b51222038f2370de006db4a40db9d45d9b50d935936949c8b330e703e5
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
491cd918bd3246b23e93574abfcd5200eb3649fb095d4a7e20f7f068bc53a90a
4dbbf8d44a9a55ac9a1fe47d32e14e06db3bd8402711690172e2f1e64a0c4165
4e3da77a5939fbc06cb620cc93ee888978121a1dcd5cdb746deeb936a4cd92f0
4f966bf43f2e7cee47386687c82018c769becf7210ace5e67535739b62a968a1
4fa0156d693856f79289525c8e4db988a188d55ce0283351c96d811c7ce3e2c3
4fdf598bdfa945144137fd55cc9fd8fc86e29219e3e78e315734bcf72f1bcd0c
50e9eac0952feb208cb45b749e0e758faed9e41e814c2e1193ba44c1acd64356
53b99e4bde7498900885e58f9d6c383258f8a59b04389d6b54d3d4b89537b6f2
54a37f6b7e605a186be68e0014a2272f7c90902efcd4b95c30f5591c644b1c07
552c61b3b4d0d0e7b457353852c366ed67f863a524e2e1c5d1a2cbabedc42909
55da1af7798ece12a69be0e27d50b3d3578d4009c0ecf71aff8694b8528b4ef1
582a2d1e56d7d3d5b1016936f17c6546f8e0c83692062b426664b42594ce6ce7
59af45ac1734c6a3c42f9341dbeebe8856eaea3f0cde6e89762540e54714f1eb
5a6e38e6b094757fceda18c7f4b08d76a240c59d74ba49747db5a29644cc9e7d
5c6f3625274ab1e5a5aa63dce9d78aaf5207ac380604e7cad469d18bab46406a
5d1310353e02e0a006b79b7d607131cb6d9411543a8957b772f565816fdf3ce4
5d1f3a4ee5a02abdbc66a11aad769dd81cbe4d07f0b3799ff0940ad7b7d6cc1a
5e657b28cb084ea0db5d890b2e2c087134cca2e68cecdf498ae903d01c9427c1
5e9c977bb143d804e5e7503df054ba529da052aa6a94891f03cc0a4b99ceac77
5f40816c8f9caab013dce5ea0926b5c38b2bee51036d6dfe642f79e8c2f6510b
5fbb36bdcd7fcb6a1962d355dccfab3262736d4d198a389ffb85a3fa3d2440d4
60e627b061c0458373f2c4f81b1aa777ee898fbfc1de98a7c1766ba736ff6d90
613603afe8c5203c59d7f9df1cbac87109df7ffdf245fd20becfa6bd95b92155
6300d6629cba686ceec6b44c979a8c83127baa72d2fa10374aeb41005d4002db
6618eded05d8bf560343ef87772a0152b51d2374fc06121c9b2bff1542df78e0
693bb2b202a2371b7c81e4968f24e5c70beeef526953941e5b9f3aa964f42d19
6b0e27a75265d66818b7d21b2f049f36ec16ba0084246f161d2d2cfc3e9c4040
6c64daf911643b5212275ae769d35ea84a159704fcee2594c92bd655b51fc7e5
70b315f4b1ab5a1d1114714f2e4a21b5652e4ec55a09ea3d2fb3e55254429b1a
76ebd2a7078570fa9f6a50855b4ade57c6b558cca7c95801b2b247406b274975
78a94c206bfcbb8c13f0991b653c71ff50b4feddc6818ae9edb88f048846ec15
78e0bdeabeebc2dc279c8a9321a3c05dfee71e89123ee3d480fb83fe9d308aed
7c689d09d8b6ecb19e622aa51f0db38e33dfcd35a3d26419bf4b8fcf235fe221
7ddeb781dd96c020a95231cecbdd2f075a32235aa14e26cce2ead5531efd80f8
82810b9b842b7e32470c4f154051e3293db4e59a25af387425567577c6ddb84d
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
8365b5198a29f1254f938c7863af48baae82a54572e497b86480936860336aa5
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
85a64faec356c3a72f249a98a037317adc730ec6d38e47653cd53be5485d80a1
89fabdb338f961ada69fc54d26edeb61a3aaefac4e51206f47789bb47827264f
8c641f871d303f00c2431556fca2d50690ff200abd043196c8758e4bc590b848
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
8eb2ef3f120cb7cdf7307489008aabe8f9ed2bd7a3731c1c3aed0a9e29c6d415
8ecd8a2a755277092117f555282f52424d3d041ec869e59112df2bbd408d6f95
93a5aff7973bd2b1639e0499d27018a88782692ddb340169b27fac0d37dc6a66
94f36b60ffa01cf673284849dc3558bc77f69ade38897f6b9d88d831e803bf7e
951a39578447c900897fb1c1a5228bcfaa75ae369f88a491d9365a72fe373eb1
952105810639a287608d81a207f6457caa592cc224f48945e27bda7105a1a5a8
9908d1f53b4dcf722f59376276c005cb3a187cd142d9be15db695da4ea1c9dd9
992b2fdff553006dd4b943a17d8f6c85fe1bea57907ef57d466baec7c2a1a893
99c138202f220f26bc6441116f6e7e53b261a48709ad36546d0de945f418d3e4
9a283c5f794ceb65117b3616612560b09199d82daa99f50187afaad1a2c5c732
9a2a73e53d1ef7e569c68c3885fbf26c3fa895e5b724c2f79c40cf26f4919273
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9d13f808bb67864acf7117755a87e4c9c033416736075a7959176de663025d71
9e43d52b52e0432c5d9c39c6fd337162ab0656c3291300f69907b76acdd3819f
9e9acccf65e489a80e935906fc427eb227177f5b53224605903a8c57ae882bf0
a058429f767d4eed8439da0f4b34868c79bab6909a2a3597916a90d7ed0664fe
a4071dbca008823e72a0fbcf9f4806230d5a8cf68884f4450981ed686f9e24b5
a489692e0aa52e287bc5482b045f756e530a9b551ba55203d0bbff6147041b98
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a5ead9037af4a0e749e217f63b25a25493a7705e17d98f04b336ab1370a353db
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
a7fa4fe1baf1143b8ca47e70cb1ef29a05bdbd9905a2de83b865d74345fa076f
a8ec2dc0c4be3e5fc619defcf1ad621da4b82e1ede50060cfa2d1b8ded6df921
a8f3e2854cce3c90cfd1c7113495237bec2faeab89f85330f94c505b02711f2d
aa86d8de79bb079f356f46778a7ae56a9c5131fe0064cbdf7e946b59ae2672b3
aaf6d87f6baf6032a7c5f0963a2b1c0777b3818cf056b20cb421a11fb3019a9b
abdf77d7d21070b537ca17c17dd4a569b3ac19b32af7a5a7d797d99781123fbe
adbd9cb2bedd56368be5b47be178c83fc8e51983ea6415fb81f5f3d1d948317b
ae3d01ce60fae6ac2b80ea3c6aaed648df5d5eb3044661e1577966f9dea633b6
b0221299ca1ddedab7893318b8f9b2b070e0a829f321510cb2892b376f0ee3e6
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b31a2dfb910d5e0292d6639f0c1a9b6ecc2471ba71ba18e3dc27cd5a033cf463
b368359e282a537881629e0e2aa8b6639bc61f41c9689a575d0057edbbd7a9f4
b41bf7d01edc13039f98eb6e04853444a336731d3d6cfc4525823e6df5394ba8
b6f458f491e7ecde0a4e60957a29acdb0aa2af0c9834a0a64bf349f7a949aca6
b6f6d0902ff385f68ec17c4c059d4fe89a0a08f1c022ab70580ea8552dfc0a11
b826f485873b923a0a9046262b9d026e8f4d2094da1e98e527f279eb9b148d6c
ba2820b0e1ef34d6e7b3cedae73f5cacd148e50d1cde26f45049b1aeeb5f012b
bdf72009ad226c17f1954ba602292902a780b80af07dbcbab1322bdf5c32be66
c430c267231b0171372bc7daa045e7293403f2744255796e9121c320760f191a
c54bad592dee9c726bf1781ed73e7ab8d5906d0f558a454011e3825c5ae185c1
c8efcb1e9a27f93ac0fa629bc5af03f4e590bcece7d9c9479d098f8e66d1da43
cae4d3f5648800847dab3ac2c4d664356e91679561028920f4d5193570b747a9
cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca
d06564850f6dde47de820b8e316c460eb034243c23547eae16c76e4eaa89d951
d3289ff1eeb29416aaf4ad9760dd59d8a04108138d39298e00c112fd097c00c6
d5a7079611270b8f242e09cfb89559e4a7ba77243bf9a5aba175a7aeb9323b67
d684ec10181e9bb78ff9c4fcc690967c7ad4eab281df878155b060e97a08c5da
d715818e1da0b1734752b170e87def4289e4598c02291de34b5f20c4bc0bc519
d8810da4c489a6a73ecaa3a4355666adfc1ade70a064d0a6a308a22bac71386c
d9eaa07a41373347d4a952ceeec9c707f8a41d45c253a95a782cf0a5727e4669
dac43ee603984a0cc147709cfa5c93cd3d42ea34dd2af211469fabfeacaf230c
db5d64a9ea32ed3abb874f295003ef2465cecc2f669efe951930e182c34a5013
ddcbb7b6f3e6ca8ed9ba275cdecf2a46f6e52342ee3b1d5f1e7be868f168b450
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
e08223ed22ff67b5f44d145e598133b54fea34ab5830af0954c4557c323c246c
e353d4321b4e069a05fd434c4b17e7b5207f8a8bdf7326f3917f513b514c9781
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e61660c659c426e45bce2937dddb01af6b550502a2904546575c1ec2ba1121dd
e654ab4838bc0825c49012ef7f1204c5e4015cbe5f1de4b3a41a0747129e2ca4
e789af88035c963e2e592312981c4ce1ab86a1e0d62600f3a09bb81219cc52a5
e7f8fb3de1908cf50ce35acee4c5932760e17fba860ec7c2a591ea5dcffa306d
ea6403bd57b1dbaaba6f09e9e866a11024b05d8ba68c5bc2f43d0d547f8277f1
eaef7318763f1b2b04f86fd3ab0ee028f8ce31f53f3e2eaf8f098bdb0fce0897
eca99dbbf29504adfe26e21761f1e5112df070d33a2014d9ecaa9fcfce2dd08b
ed0abb891628b5888eb336858e3cd3ec1b52a22f20b7ed999acd546e798026d1
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f19ec923daf7d72e5f2f155ba6229ffde0afd953ce121b44c1ad55e332db58f0
f47c010865dd2f8ca816ba441d757b2bd4b3bf4f615b8b682cca0e6f2670361d
f62621fd526781abbdedb404cd5fce6486e8e68933bfc761cd9117c36e3cc714
f7bba0cc484923e9dc8eb46a451efbd2ebe40980e07195777adaa39956bc5cd5
f82eeb7d741fcdd22be2f05939c7196ba620b539243541c6a56ab6cd62462613
fb39bc66f48ae2764e26903a9e4ba387d4fb00254e72dcf76c8d663fb92504d2
fbe1583d8642d89d0c349b00c0125e485dd55976282165a6b5f2d29ea9d44549
fbff6753a3068fe064dee668f39e1cff9f2d522b9f1bd90d9fa4e331aa1c7bd4

newsoku.blog Open in urlscan Pro 2606:4700:3035::ac43:af3d Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Detected technologies

Page Statistics

354 Requests

99 %HTTPS

41 %IPv6

51 Domains

77 Subdomains

46 IPs

10 Countries

3439 kBTransfer

8543 kBSize

1 Cookies

118 Outgoing links

Redirected requests

354 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 11 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

newsoku.blog Open in urlscan Pro
2606:4700:3035::ac43:af3d Public Scan

Screenshot
Live screenshot

Full Image

354
Requests

99 %
HTTPS

41 %
IPv6

51
Domains

77
Subdomains

46
IPs

10
Countries

3439 kB
Transfer

8543 kB
Size

1
Cookies

354 HTTP transactions
11 data transactions