urlscan.io logo urlscan.io
SecurityTrails logo

www.nyasatimes.com Open in urlscan Pro
2606:4700:20::ac43:4681  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://nyasatimes.com/
Effective URL: https://www.nyasatimes.com/
Submission Tags: tranco_l324
Submission: On November 09 via api from DE — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 100 IPs in 13 countries across 96 domains to perform 857 HTTP transactions. The main IP is 2606:4700:20::ac43:4681, located in United States and belongs to CLOUDFLARENET, US. The main domain is www.nyasatimes.com.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on June 15th 2021. Valid for: a year.
This is the only time www.nyasatimes.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
2 20 2606:4700:20:... 13335 (CLOUDFLAR...)
6 94.31.29.96 33438 (HIGHWINDS2)
6 2606:4700:303... 13335 (CLOUDFLAR...)
8 2a00:1450:400... 15169 (GOOGLE)
2 2606:4700::68... 13335 (CLOUDFLAR...)
3 2a00:1450:400... 15169 (GOOGLE)
12 2606:4700:10:... 13335 (CLOUDFLAR...)
2 2a00:1450:400... 15169 (GOOGLE)
1 3.129.250.65 16509 (AMAZON-02)
1 18 2a00:1450:400... 15169 (GOOGLE)
46 142.250.186.130 15169 (GOOGLE)
1 142.250.181.226 15169 (GOOGLE)
1 2.18.235.93 16625 (AKAMAI-AS)
4 2a00:1450:400... 15169 (GOOGLE)
1 2 148.69.64.76 12353 (VODAFONE-...)
5 35.190.90.202 15169 (GOOGLE)
1 1 83.147.204.132 202492 (SGHL1-AS)
1 1 178.253.54.48 202492 (SGHL1-AS)
1 2 45.135.122.42 56630 (MELBICOM-...)
1 21 151.101.193.44 54113 (FASTLY)
50 2a00:1450:400... 15169 (GOOGLE)
7 142.250.186.98 15169 (GOOGLE)
16 151.139.128.11 20446 (HIGHWINDS3)
2 2.18.234.233 16625 (AKAMAI-AS)
1 2606:4700::68... 13335 (CLOUDFLAR...)
2 2a03:2880:f01... 32934 (FACEBOOK)
1 142.250.186.142 15169 (GOOGLE)
2 2 66.155.71.25 13768 (COGECO-PEER1)
2 18.158.22.228 16509 (AMAZON-02)
5 5 3.120.169.248 16509 (AMAZON-02)
1 1 3.70.38.61 16509 (AMAZON-02)
17 146.20.128.151 27357 (RACKSPACE)
1 2a00:1450:400... 15169 (GOOGLE)
6 142.250.186.161 15169 (GOOGLE)
1 2600:9000:215... 16509 (AMAZON-02)
35 146.20.132.196 27357 (RACKSPACE)
8 8 2001:678:cb4:... 56396 (AMOBEE)
1 2 2a03:2880:f11... 32934 (FACEBOOK)
87 146.20.128.190 27357 (RACKSPACE)
3 14 37.157.2.237 198622 (ADFORM)
3 185.94.180.123 35220 (SPOTX-AMS)
28 35.156.156.223 16509 (AMAZON-02)
104 2.18.233.180 16625 (AKAMAI-AS)
37 142.250.186.65 15169 (GOOGLE)
8 2600:9000:215... 16509 (AMAZON-02)
5 142.250.185.97 15169 (GOOGLE)
2 20 185.33.220.243 29990 (ASN-APPNEX)
3 8 185.64.190.78 62713 (AS-PUBMATIC)
2 2 213.155.156.166 1299 (TWELVE99 ...)
7 185.64.190.80 62713 (AS-PUBMATIC)
1 178.250.0.163 44788 (ASN-CRITE...)
10 38 172.217.16.130 15169 (GOOGLE)
2 2 185.29.134.248 30419 (MEDIAMATH...)
2 198.47.127.20 3257 (GTT-BACKB...)
1 2 159.122.14.34 36351 (SOFTLAYER)
15 185.64.189.110 62713 (AS-PUBMATIC)
3 3 35.71.131.137 16509 (AMAZON-02)
2 2 2620:116:800d... 16509 (AMAZON-02)
20 185.64.189.111 62713 (AS-PUBMATIC)
15 2a00:1450:400... 15169 (GOOGLE)
7 142.250.185.195 15169 (GOOGLE)
9 2a00:1450:400... 15169 (GOOGLE)
2 6 2.18.234.21 16625 (AKAMAI-AS)
4 6 35.244.159.8 15169 (GOOGLE)
2 104.111.242.245 16625 (AKAMAI-AS)
8 3.139.192.142 16509 (AMAZON-02)
32 2a00:1450:400... 15169 (GOOGLE)
1 2a04:4e42::300 54113 (FASTLY)
1 141.226.224.32 200478 (TABOOLA-AS)
1 1 85.114.159.118 24961 (MYLOC-AS ...)
2 2 151.101.194.49 54113 (FASTLY)
2 2 35.201.96.126 15169 (GOOGLE)
1 185.64.189.229 62713 (AS-PUBMATIC)
1 2 77.243.60.138 42697 (NETIC-AS)
1 2606:4700:10:... 13335 (CLOUDFLAR...)
1 2 34.192.120.237 14618 (AMAZON-AES)
2 2 18.156.0.31 16509 (AMAZON-02)
1 2a05:d018:d29... 16509 (AMAZON-02)
1 1 51.75.146.160 16276 (OVH)
1 2a02:fa8:8806... 41041 (VCLK-EU-SE)
8 138.201.135.164 24940 (HETZNER-AS)
1 4 144.76.104.53 24940 (HETZNER-AS)
4 4 145.239.193.130 16276 (OVH)
2 88.198.250.30 24940 (HETZNER-AS)
1 3 104.111.239.217 16625 (AKAMAI-AS)
1 1 85.239.105.10 16097 (HLKOMM 04...)
5 2606:4700::68... 13335 (CLOUDFLAR...)
2 46.236.13.147 12703 (PULSANT-AS)
2 2 94.23.99.218 16276 (OVH)
2 54.76.176.197 16509 (AMAZON-02)
1 2606:4700::68... 13335 (CLOUDFLAR...)
1 143.204.98.5 16509 (AMAZON-02)
1 2606:4700::68... 13335 (CLOUDFLAR...)
1 1 162.55.6.212 24940 (HETZNER-AS)
1 2606:4700:20:... 13335 (CLOUDFLAR...)
1 72.251.245.179 29791 (VOXEL-DOT...)
3 3 213.19.147.45 3356 (LEVEL3)
1 2 2606:4700::68... 13335 (CLOUDFLAR...)
1 169.197.150.7 398989 (DEEPINTENT)
1 1 195.5.165.20 44968 (IPROM-AS)
1 1 34.98.107.212 15169 (GOOGLE)
1 1 185.33.221.53 29990 (ASN-APPNEX)
1 52.208.210.171 16509 (AMAZON-02)
2 52.215.101.139 16509 (AMAZON-02)
1 38.27.122.158 174 (COGENT-174)
2 2 3.127.92.82 16509 (AMAZON-02)
1 1 87.98.242.60 16276 (OVH)
1 1 54.175.198.118 14618 (AMAZON-AES)
1 1 52.202.13.238 14618 (AMAZON-AES)
2 108.128.44.193 16509 (AMAZON-02)
5 2a00:1450:400... 15169 (GOOGLE)
1 151.101.193.108 54113 (FASTLY)
2 5 35.244.174.68 15169 (GOOGLE)
4 34.98.67.61 15169 (GOOGLE)
1 1 35.186.253.211 15169 (GOOGLE)
2 2 69.173.144.165 26667 (RUBICONPR...)
2 3 2a05:d01c:1d8... 16509 (AMAZON-02)
1 1 217.182.200.29 16276 (OVH)
1 2 185.94.180.126 35220 (SPOTX-AMS)
1 2a00:1288:80:... 203220 (YAHOO-DEB)
3 3 63.32.201.39 16509 (AMAZON-02)
4 4 104.111.215.191 16625 (AKAMAI-AS)
2 142.250.184.227 15169 (GOOGLE)
1 1 18.196.159.27 16509 (AMAZON-02)
3 78.46.90.238 24940 (HETZNER-AS)
1 2 142.250.186.102 15169 (GOOGLE)
1 1 69.173.144.139 26667 (RUBICONPR...)
2 142.250.74.194 15169 (GOOGLE)
2 2a02:26f0:6c0... 20940 (AKAMAI-ASN1)
1 74.205.28.1 27357 (RACKSPACE)
2 4 143.204.98.125 16509 (AMAZON-02)
2 213.254.244.20 36062 (DOUBLE-VE...)
1 142.250.184.242 ()
857 100
20    2606:4700:20::ac43:4681 (United States)

ASN13335 (CLOUDFLARENET, US)
nyasatimes.com
www.nyasatimes.com
6    94.31.29.96 (United Kingdom)

ASN33438 (HIGHWINDS2, US)
PTR: 94.31.29.96.IPYX-077437-ZYO.above.net
3e58xg3iuaa84csjh2769ipd-wpengine.netdna-ssl.com
6    2606:4700:3031::ac43:d645 (United States)

ASN13335 (CLOUDFLARENET, US)
use.fontawesome.com
8    2a00:1450:4001:811::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
2    2606:4700::6812:bcf (United States)

ASN13335 (CLOUDFLARENET, US)
maxcdn.bootstrapcdn.com
3    2a00:1450:4001:82b::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
12    2606:4700:10::6816:4d5b (United States)

ASN13335 (CLOUDFLARENET, US)
scripts.cleverwebserver.com
ui.cleverwebserver.com
lp.cleverwebserver.com
2    2a00:1450:4001:80f::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
ajax.googleapis.com
1    3.129.250.65 (Columbus, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-129-250-65.us-east-2.compute.amazonaws.com
ads.vidoomy.com
18    2a00:1450:4001:82a::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
46    142.250.186.130 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s07-in-f2.1e100.net
securepubads.g.doubleclick.net
www.googletagservices.com
partner.googleadservices.com
1    142.250.181.226 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s56-in-f2.1e100.net
pagead2.googlesyndication.com
1    2.18.235.93 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-235-93.deploy.static.akamaitechnologies.com
contextual.media.net
4    2a00:1450:4001:808::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
2    148.69.64.76 (Porto, Portugal)

ASN12353 (VODAFONE-PT Vodafone Portugal, PT)
PTR: are.clevernt.com
sender.clevernt.com
5    35.190.90.202 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 202.90.190.35.bc.googleusercontent.com
steadfastsystem.com
1    83.147.204.132 (Iran, Islamic Republic Of)

ASN202492 (SGHL1-AS, NL)
refpasrasw.world
1    178.253.54.48 (Iran, Islamic Republic Of)

ASN202492 (SGHL1-AS, NL)
links22.com
2    45.135.122.42 (Amsterdam, Netherlands)

ASN56630 (MELBICOM-EU-AS Melbikomas UAB, LT)
22bet.com
21    151.101.193.44 (United States)

ASN54113 (FASTLY, US)
cdn.taboola.com
trc.taboola.com
images.taboola.com
match.taboola.com
50    2a00:1450:4001:80f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
pagead2.googlesyndication.com
7    142.250.186.98 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s06-in-f2.1e100.net
googleads.g.doubleclick.net
adservice.google.com
16    151.139.128.11 (United States)

ASN20446 (HIGHWINDS3, US)
ad.lkqd.net
creative.lkqd.net
2    2.18.234.233 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-234-233.deploy.static.akamaitechnologies.com
ads.stickyadstv.com
1    2606:4700::6810:135e (United States)

ASN13335 (CLOUDFLARENET, US)
cdnjs.cloudflare.com
2    2a03:2880:f01c:8012:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
connect.facebook.net
1    142.250.186.142 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s07-in-f14.1e100.net
cse.google.com
2    66.155.71.25 (Portsmouth, United Kingdom)

ASN13768 (COGECO-PEER1, CA)
pixel-sync.sitescout.com
2    18.158.22.228 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-158-22-228.eu-central-1.compute.amazonaws.com
a.vidoomy.com
5    3.120.169.248 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-120-169-248.eu-central-1.compute.amazonaws.com
x.bidswitch.net
1    3.70.38.61 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-70-38-61.eu-central-1.compute.amazonaws.com
sonata-notifications.taptapnetworks.com
17    146.20.128.151 (United States)

ASN27357 (RACKSPACE, US)
v.lkqd.net
1    2a00:1450:4001:82a::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.de
6    142.250.186.161 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s08-in-f1.1e100.net
40c08bcac5bf885dbd447c370f4f6d6d.safeframe.googlesyndication.com
1    2600:9000:2156:7800:8:48e:53c0:93a1 (United States)

ASN16509 (AMAZON-02, US)
static.adsafeprotected.com
35    146.20.132.196 (United States)

ASN27357 (RACKSPACE, US)
cs.lkqd.net
8    2001:678:cb4:bbbb::11 (United Kingdom)

ASN56396 (AMOBEE, GB)
ad.turn.com
2    2a03:2880:f11c:8183:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
www.facebook.com
87    146.20.128.190 (United States)

ASN27357 (RACKSPACE, US)
t.lkqd.net
14    37.157.2.237 (Denmark)

ASN198622 (ADFORM, DK)
adx.adform.net
c1.adform.net
3    185.94.180.123 (Amsterdam, Netherlands)

ASN35220 (SPOTX-AMS, US)
search.spotxchange.com
28    35.156.156.223 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-35-156-156-223.eu-central-1.compute.amazonaws.com
ads.adaptv.advertising.com
104    2.18.233.180 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-233-180.deploy.static.akamaitechnologies.com
vpaid.pubmatic.com
ads.pubmatic.com
aktrack.pubmatic.com
37    142.250.186.65 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s05-in-f1.1e100.net
tpc.googlesyndication.com
8    2600:9000:2156:7a00:15:6f6c:b180:93a1 (United States)

ASN16509 (AMAZON-02, US)
vpaid.springserve.com
5    142.250.185.97 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s49-in-f1.1e100.net
cdn.ampproject.org
20    185.33.220.243 (Amsterdam, Netherlands)

ASN29990 (ASN-APPNEX, US)
PTR: 722.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
ib.adnxs.com
8    185.64.190.78 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
image6.pubmatic.com
2    213.155.156.166 (Uppsala, Sweden)

ASN1299 (TWELVE99 Twelve99, Telia Carrier, SE)
PTR: 213-155-156-166.teliacarrier-cust.com
d5p.de17a.com
7    185.64.190.80 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
image2.pubmatic.com
1    178.250.0.163 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
dis.criteo.com
38    172.217.16.130 (United States)

ASN15169 (GOOGLE, US)
PTR: fra15s46-in-f2.1e100.net
cm.g.doubleclick.net
2    185.29.134.248 (United Kingdom)

ASN30419 (MEDIAMATH-INC, US)
sync.mathtag.com
2    198.47.127.20 (United States)

ASN3257 (GTT-BACKBONE GTT, US)
image4.pubmatic.com
2    159.122.14.34 (United States)

ASN36351 (SOFTLAYER, US)
PTR: 22.0e.7a9f.ip4.static.sl-reverse.com
um.simpli.fi
15    185.64.189.110 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
simage2.pubmatic.com
3    35.71.131.137 (United States)

ASN16509 (AMAZON-02, US)
PTR: a6370ebea231e0c9a.awsglobalaccelerator.com
match.adsrvr.org
2    2620:116:800d:21:51e4:db4b:4436:b305 (United States)

ASN16509 (AMAZON-02, US)
pixel.quantserve.com
cms.quantserve.com
20    185.64.189.111 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
vid.pubmatic.com
15    2a00:1450:4001:829::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net
adservice.google.de
7    142.250.185.195 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s52-in-f3.1e100.net
www.gstatic.com
9    2a00:1450:4001:801::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
s0.2mdn.net
6    2.18.234.21 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-234-21.deploy.static.akamaitechnologies.com
dsum-sec.casalemedia.com
6    35.244.159.8 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 8.159.244.35.bc.googleusercontent.com
us-u.openx.net
2    104.111.242.245 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-111-242-245.deploy.static.akamaitechnologies.com
sync.teads.tv
8    3.139.192.142 (Columbus, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-139-192-142.us-east-2.compute.amazonaws.com
vid-io-cle.springserve.com
32    2a00:1450:4001:80f::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
tpc.googlesyndication.com
1    2a04:4e42::300 (United States)

ASN54113 (FASTLY, US)
pips.taboola.com
1    141.226.224.32 (United States)

ASN200478 (TABOOLA-AS, IL)
cds.taboola.com
1    85.114.159.118 (Germany)

ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE)
PTR: dsp.adfarm1.adition.com
dsp.adfarm1.adition.com
2    151.101.194.49 (United States)

ASN54113 (FASTLY, US)
sync-tm.everesttech.net
2    35.201.96.126 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 126.96.201.35.bc.googleusercontent.com
visitor.fiftyt.com
1    185.64.189.229 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
aud.pubmatic.com
2    77.243.60.138 (Aalborg, Denmark)

ASN42697 (NETIC-AS, DK)
uipglob.semasio.net
1    2606:4700:10::6816:1857 (United States)

ASN13335 (CLOUDFLARENET, US)
mwzeom.zeotap.com
2    34.192.120.237 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-192-120-237.compute-1.amazonaws.com
a.audrte.com
2    18.156.0.31 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-156-0-31.eu-central-1.compute.amazonaws.com
ups.analytics.yahoo.com
1    2a05:d018:d29:3602:583a:9407:39a3:79c8 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
pr-bh.ybp.yahoo.com
1    51.75.146.160 (France)

ASN16276 (OVH, FR)
PTR: de03.roqad.pl
ws.rqtrk.eu
1    2a02:fa8:8806:12::1370 (Singapore)

ASN41041 (VCLK-EU-SE, US)
pubmatic-match.dotomi.com
8    138.201.135.164 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.164.135.201.138.clients.your-server.de
hal9000.redintelligence.net
4    144.76.104.53 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.53.104.76.144.clients.your-server.de
hal900022.redintelligence.net
4    145.239.193.130 (France)

ASN16276 (OVH, FR)
pv.medialead.de
2    88.198.250.30 (Schwaig, Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.88-198-250-30.clients.your-server.de
pb.media01.eu
3    104.111.239.217 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-111-239-217.deploy.static.akamaitechnologies.com
www.awin1.com
1    85.239.105.10 (Leipzig, Germany)

ASN16097 (HLKOMM 04107 Leipzig, DE)
trf.greatviews.de
5    2606:4700::6813:ba79 (United States)

ASN13335 (CLOUDFLARENET, US)
singles.parship.de
2    46.236.13.147 (United Kingdom)

ASN12703 (PULSANT-AS, GB)
PTR: 46-236-13-147.servers.dedipower.net
track.webgains.com
2    94.23.99.218 (France)

ASN16276 (OVH, FR)
PTR: ip218.ip-94-23-99.eu
medialead.de
2    54.76.176.197 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-76-176-197.eu-west-1.compute.amazonaws.com
ad-server.eu
1    2606:4700::6810:5f41 (United States)

ASN13335 (CLOUDFLARENET, US)
static.cloudflareinsights.com
1    143.204.98.5 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-98-5.fra50.r.cloudfront.net
analytics.webgains.io
1    2606:4700::6810:9df3 (United States)

ASN13335 (CLOUDFLARENET, US)
eum.instana.io
1    162.55.6.212 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.212.6.55.162.clients.your-server.de
csync.loopme.me
1    2606:4700:20::ac43:4a81 (United States)

ASN13335 (CLOUDFLARENET, US)
ad4m.at
1    72.251.245.179 (Amsterdam, Netherlands)

ASN29791 (VOXEL-DOT-NET, US)
cm.adgrx.com
3    213.19.147.45 (United Kingdom)

ASN3356 (LEVEL3, US)
sync.1rx.io
sync.targeting.unrulymedia.com
2    2606:4700::6812:d05 (United States)

ASN13335 (CLOUDFLARENET, US)
a.tribalfusion.com
s.tribalfusion.com
1    169.197.150.7 (United States)

ASN398989 (DEEPINTENT, US)
PTR: g.deepintent.com
match.deepintent.com
1    195.5.165.20 (Slovenia)

ASN44968 (IPROM-AS, SI)
core.iprom.net
1    34.98.107.212 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 212.107.98.34.bc.googleusercontent.com
ads.playground.xyz
1    185.33.221.53 (Amsterdam, Netherlands)

ASN29990 (ASN-APPNEX, US)
PTR: 718.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
secure.adnxs.com
1    52.208.210.171 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-208-210-171.eu-west-1.compute.amazonaws.com
rtb.gumgum.com
2    52.215.101.139 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-215-101-139.eu-west-1.compute.amazonaws.com
api.webgains.io
1    38.27.122.158 (Chestertown, United States)

ASN174 (COGENT-174, US)
match.bnmla.com
2    3.127.92.82 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-127-92-82.eu-central-1.compute.amazonaws.com
pm.w55c.net
1    87.98.242.60 (Saarbrücken, Germany)

ASN16276 (OVH, FR)
PTR: ip60.ip-87-98-242.eu
green.erne.co
1    54.175.198.118 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-175-198-118.compute-1.amazonaws.com
sync.srv.stackadapt.com
1    52.202.13.238 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-202-13-238.compute-1.amazonaws.com
sync.ipredictive.com
2    108.128.44.193 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-108-128-44-193.eu-west-1.compute.amazonaws.com
eum-eu-west-1.instana.io
5    2a00:1450:4001:803::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.com
1    151.101.193.108 (United States)

ASN54113 (FASTLY, US)
acdn.adnxs.com
5    35.244.174.68 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 68.174.244.35.bc.googleusercontent.com
id.rlcdn.com
4    34.98.67.61 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 61.67.98.34.bc.googleusercontent.com
odr.mookie1.com
1    35.186.253.211 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 211.253.186.35.bc.googleusercontent.com
rtb.openx.net
2    69.173.144.165 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)
pixel.rubiconproject.com
3    2a05:d01c:1d8:8100:f976:bfd0:751d:6023 (London, United Kingdom)

ASN16509 (AMAZON-02, US)
ag.innovid.com
1    217.182.200.29 (France)

ASN16276 (OVH, FR)
PTR: gcm7.host.hit.gemius.pl
googlecm.hit.gemius.pl
2    185.94.180.126 (Amsterdam, Netherlands)

ASN35220 (SPOTX-AMS, US)
sync.search.spotxchange.com
1    2a00:1288:80:800::7001 (Frankfurt am Main, Germany)

ASN203220 (YAHOO-DEB, GB)
ads.yahoo.com
3    63.32.201.39 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-63-32-201-39.eu-west-1.compute.amazonaws.com
pixel.everesttech.net
4    104.111.215.191 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-111-215-191.deploy.static.akamaitechnologies.com
e.dlx.addthis.com
2    142.250.184.227 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s12-in-f3.1e100.net
p4-fuszz6cmgm5pa-whplufyift7qeelh-if-v6exp3-v4.metric.gstatic.com
1    18.196.159.27 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-196-159-27.eu-central-1.compute.amazonaws.com
d.agkn.com
3    78.46.90.238 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.238.90.46.78.clients.your-server.de
hal900019.redintelligence.net
2    142.250.186.102 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s06-in-f6.1e100.net
8019191.fls.doubleclick.net
1    69.173.144.139 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)
token.rubiconproject.com
2    142.250.74.194 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s02-in-f2.1e100.net
googleads4.g.doubleclick.net
2    2a02:26f0:6c00:286::4469 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
cdn.doubleverify.com
1    74.205.28.1 (United States)

ASN27357 (RACKSPACE, US)
server-204.lkqd.net
4    143.204.98.125 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-98-125.fra50.r.cloudfront.net
sb.scorecardresearch.com
2    213.254.244.20 (United States)

ASN36062 (DOUBLE-VERIFY, US)
tps.doubleverify.com
tps20243.doubleverify.com
1    142.250.184.242 (None, )

ASN- ()
p4-fuszz6cmgm5pa-whplufyift7qeelh-762194-i2-v6exp3.v4.metric.gstatic.com
Apex Domain
Subdomains		 Transfer
157 pubmatic.com
vpaid.pubmatic.com
ads.pubmatic.com
image6.pubmatic.com
image2.pubmatic.com
image4.pubmatic.com
simage2.pubmatic.com
vid.pubmatic.com
aktrack.pubmatic.com
aud.pubmatic.com
1 MB
156 lkqd.net
ad.lkqd.net
v.lkqd.net
cs.lkqd.net
t.lkqd.net
creative.lkqd.net
server-204.lkqd.net
1 MB
126 googlesyndication.com
pagead2.googlesyndication.com
40c08bcac5bf885dbd447c370f4f6d6d.safeframe.googlesyndication.com
tpc.googlesyndication.com
2 MB
86 doubleclick.net
securepubads.g.doubleclick.net
googleads.g.doubleclick.net
cm.g.doubleclick.net
8019191.fls.doubleclick.net
googleads4.g.doubleclick.net
422 KB
28 advertising.com
ads.adaptv.advertising.com
12 KB
26 google.com
www.google.com Failed
cse.google.com
adservice.google.com
50 KB
23 taboola.com
cdn.taboola.com
trc.taboola.com
images.taboola.com
pips.taboola.com
cds.taboola.com
match.taboola.com
257 KB
22 adnxs.com
ib.adnxs.com
secure.adnxs.com
acdn.adnxs.com
40 KB
20 nyasatimes.com
nyasatimes.com
www.nyasatimes.com
301 KB
18 googletagservices.com
www.googletagservices.com
665 KB
16 springserve.com
vpaid.springserve.com
vid-io-cle.springserve.com
697 KB
15 redintelligence.net
hal9000.redintelligence.net
hal900022.redintelligence.net
hal900019.redintelligence.net
104 KB
14 adform.net
adx.adform.net
c1.adform.net
9 KB
14 gstatic.com
fonts.gstatic.com
www.gstatic.com
p4-fuszz6cmgm5pa-whplufyift7qeelh-if-v6exp3-v4.metric.gstatic.com
p4-fuszz6cmgm5pa-whplufyift7qeelh-762194-i1-v6exp3.ds.metric.gstatic.com Failed
p4-fuszz6cmgm5pa-whplufyift7qeelh-762194-i2-v6exp3.v4.metric.gstatic.com
275 KB
12 cleverwebserver.com
scripts.cleverwebserver.com
ui.cleverwebserver.com
lp.cleverwebserver.com
209 KB
10 googleapis.com
fonts.googleapis.com
ajax.googleapis.com
49 KB
9 2mdn.net
s0.2mdn.net
93 KB
8 turn.com
ad.turn.com
3 KB
7 openx.net
us-u.openx.net
rtb.openx.net
1014 B
6 medialead.de
pv.medialead.de
medialead.de
4 KB
6 casalemedia.com
dsum-sec.casalemedia.com
4 KB
6 fontawesome.com
use.fontawesome.com
197 KB
6 netdna-ssl.com
3e58xg3iuaa84csjh2769ipd-wpengine.netdna-ssl.com
261 KB
5 rlcdn.com
id.rlcdn.com
2 KB
5 parship.de
singles.parship.de
15 KB
5 everesttech.net
sync-tm.everesttech.net
pixel.everesttech.net
2 KB
5 ampproject.org
cdn.ampproject.org
103 KB
5 spotxchange.com
search.spotxchange.com
sync.search.spotxchange.com
5 KB
5 bidswitch.net
x.bidswitch.net
3 KB
5 steadfastsystem.com
steadfastsystem.com
31 KB
4 scorecardresearch.com
sb.scorecardresearch.com
2 KB
4 doubleverify.com
cdn.doubleverify.com
tps.doubleverify.com
tps20243.doubleverify.com
97 KB
4 addthis.com
e.dlx.addthis.com
3 KB
4 mookie1.com
odr.mookie1.com
642 B
4 yahoo.com
ups.analytics.yahoo.com
pr-bh.ybp.yahoo.com
ads.yahoo.com
2 KB
4 google.de
adservice.google.de
1 KB
3 innovid.com
ag.innovid.com
1 KB
3 rubiconproject.com
pixel.rubiconproject.com
token.rubiconproject.com
1 KB
3 instana.io
eum.instana.io
eum-eu-west-1.instana.io
10 KB
3 webgains.io
analytics.webgains.io
api.webgains.io
51 KB
3 awin1.com
www.awin1.com
2 KB
3 adsrvr.org
match.adsrvr.org
1 KB
3 vidoomy.com
ads.vidoomy.com
a.vidoomy.com
6 KB
3 google-analytics.com
www.google-analytics.com
20 KB
2 w55c.net
pm.w55c.net
2 KB
2 tribalfusion.com
a.tribalfusion.com
s.tribalfusion.com
1 KB
2 1rx.io
sync.1rx.io
1 KB
2 ad-server.eu
ad-server.eu
624 B
2 webgains.com
track.webgains.com
3 KB
2 media01.eu
pb.media01.eu
811 B
2 audrte.com
a.audrte.com
1 KB
2 semasio.net
uipglob.semasio.net
1 KB
2 fiftyt.com
visitor.fiftyt.com
1 KB
2 teads.tv
sync.teads.tv
344 B
2 quantserve.com
pixel.quantserve.com
cms.quantserve.com
1 KB
2 simpli.fi
um.simpli.fi
1 KB
2 mathtag.com
sync.mathtag.com
1 KB
2 de17a.com
d5p.de17a.com
637 B
2 facebook.com
www.facebook.com
3 KB
2 sitescout.com
pixel-sync.sitescout.com
600 B
2 facebook.net
connect.facebook.net
77 KB
2 stickyadstv.com
ads.stickyadstv.com
1 KB
2 22bet.com
22bet.com
688 B
2 clevernt.com
sender.clevernt.com
786 B
2 bootstrapcdn.com
maxcdn.bootstrapcdn.com
37 KB
1 agkn.com
d.agkn.com
763 B
1 gemius.pl
googlecm.hit.gemius.pl
339 B
1 ipredictive.com
sync.ipredictive.com
522 B
1 stackadapt.com
sync.srv.stackadapt.com
653 B
1 erne.co
green.erne.co
326 B
1 bnmla.com
match.bnmla.com
114 B
1 googleadservices.com
partner.googleadservices.com
278 B
1 gumgum.com
rtb.gumgum.com
238 B
1 playground.xyz
ads.playground.xyz
485 B
1 iprom.net
core.iprom.net
522 B
1 deepintent.com
match.deepintent.com
44 B
1 unrulymedia.com
sync.targeting.unrulymedia.com
535 B
1 adgrx.com
cm.adgrx.com
408 B
1 ad4m.at
ad4m.at
915 B
1 loopme.me
csync.loopme.me
217 B
1 cloudflareinsights.com
static.cloudflareinsights.com
5 KB
1 greatviews.de
trf.greatviews.de
1 KB
1 dotomi.com
pubmatic-match.dotomi.com
104 B
1 rqtrk.eu
ws.rqtrk.eu
516 B
1 zeotap.com
mwzeom.zeotap.com
456 B
1 adition.com
dsp.adfarm1.adition.com
501 B
1 criteo.com
dis.criteo.com
334 B
1 adsafeprotected.com
static.adsafeprotected.com
482 B
1 taptapnetworks.com
sonata-notifications.taptapnetworks.com
320 B
1 cloudflare.com
cdnjs.cloudflare.com
7 KB
1 links22.com
links22.com
520 B
1 refpasrasw.world
refpasrasw.world
198 B
1 media.net
contextual.media.net
46 KB
0 bidtheatre.com Failed
match.adsby.bidtheatre.com Failed
0 contextweb.com Failed
bh.contextweb.com Failed
0 onaudience.com Failed
pixel.onaudience.com Failed
857 96
Domain Requested by
87 t.lkqd.net ad.lkqd.net
69 tpc.googlesyndication.com securepubads.g.doubleclick.net
www.nyasatimes.com
40c08bcac5bf885dbd447c370f4f6d6d.safeframe.googlesyndication.com
tpc.googlesyndication.com
googleads.g.doubleclick.net
pagead2.googlesyndication.com
51 pagead2.googlesyndication.com www.nyasatimes.com
pagead2.googlesyndication.com
securepubads.g.doubleclick.net
40c08bcac5bf885dbd447c370f4f6d6d.safeframe.googlesyndication.com
googleads.g.doubleclick.net
tpc.googlesyndication.com
www.googletagservices.com
www.google.com
43 vpaid.pubmatic.com ad.lkqd.net
vpaid.springserve.com
blank
41 ads.pubmatic.com vpaid.pubmatic.com
ads.pubmatic.com
38 cm.g.doubleclick.net 10 redirects googleads.g.doubleclick.net
35 cs.lkqd.net ad.lkqd.net
28 ads.adaptv.advertising.com ad.lkqd.net
vpaid.springserve.com
27 securepubads.g.doubleclick.net www.nyasatimes.com
securepubads.g.doubleclick.net
40c08bcac5bf885dbd447c370f4f6d6d.safeframe.googlesyndication.com
www.googletagservices.com
20 aktrack.pubmatic.com
20 vid.pubmatic.com vpaid.pubmatic.com
20 ib.adnxs.com 2 redirects vpaid.springserve.com
googleads.g.doubleclick.net
acdn.adnxs.com
19 www.nyasatimes.com 1 redirects www.nyasatimes.com
3e58xg3iuaa84csjh2769ipd-wpengine.netdna-ssl.com
18 www.googletagservices.com securepubads.g.doubleclick.net
40c08bcac5bf885dbd447c370f4f6d6d.safeframe.googlesyndication.com
googleads.g.doubleclick.net
18 www.google.com www.nyasatimes.com
cse.google.com
securepubads.g.doubleclick.net
40c08bcac5bf885dbd447c370f4f6d6d.safeframe.googlesyndication.com
tpc.googlesyndication.com
googleads.g.doubleclick.net
17 v.lkqd.net ad.lkqd.net
17 googleads.g.doubleclick.net pagead2.googlesyndication.com
40c08bcac5bf885dbd447c370f4f6d6d.safeframe.googlesyndication.com
www.nyasatimes.com
googleads.g.doubleclick.net
15 simage2.pubmatic.com ads.pubmatic.com
15 ad.lkqd.net www.nyasatimes.com
ad.lkqd.net
10 adx.adform.net ad.lkqd.net
10 lp.cleverwebserver.com www.nyasatimes.com
lp.cleverwebserver.com
9 s0.2mdn.net www.nyasatimes.com
s0.2mdn.net
9 cdn.taboola.com www.nyasatimes.com
cdn.taboola.com
8 hal9000.redintelligence.net 40c08bcac5bf885dbd447c370f4f6d6d.safeframe.googlesyndication.com
hal900022.redintelligence.net
googleads.g.doubleclick.net
hal900019.redintelligence.net
8 vid-io-cle.springserve.com vpaid.springserve.com
8 image6.pubmatic.com 3 redirects ads.pubmatic.com
8 vpaid.springserve.com ad.lkqd.net
8 ad.turn.com 8 redirects
8 images.taboola.com
8 fonts.googleapis.com www.nyasatimes.com
lp.cleverwebserver.com
hal900022.redintelligence.net
googleads.g.doubleclick.net
hal900019.redintelligence.net
7 www.gstatic.com www.google.com
googleads.g.doubleclick.net
7 image2.pubmatic.com ads.pubmatic.com
7 adservice.google.com securepubads.g.doubleclick.net
pagead2.googlesyndication.com
8019191.fls.doubleclick.net
6 us-u.openx.net 4 redirects googleads.g.doubleclick.net
6 dsum-sec.casalemedia.com 2 redirects googleads.g.doubleclick.net
6 40c08bcac5bf885dbd447c370f4f6d6d.safeframe.googlesyndication.com securepubads.g.doubleclick.net
6 use.fontawesome.com www.nyasatimes.com
use.fontawesome.com
6 3e58xg3iuaa84csjh2769ipd-wpengine.netdna-ssl.com www.nyasatimes.com
3e58xg3iuaa84csjh2769ipd-wpengine.netdna-ssl.com
5 id.rlcdn.com 2 redirects googleads.g.doubleclick.net
5 singles.parship.de hal900022.redintelligence.net
singles.parship.de
eum.instana.io
5 cdn.ampproject.org securepubads.g.doubleclick.net
5 x.bidswitch.net 5 redirects
5 steadfastsystem.com www.nyasatimes.com
steadfastsystem.com
4 sb.scorecardresearch.com 2 redirects
4 e.dlx.addthis.com 4 redirects
4 odr.mookie1.com googleads.g.doubleclick.net
4 pv.medialead.de 4 redirects
4 hal900022.redintelligence.net 1 redirects 40c08bcac5bf885dbd447c370f4f6d6d.safeframe.googlesyndication.com
hal900022.redintelligence.net
4 c1.adform.net 3 redirects ads.pubmatic.com
4 adservice.google.de securepubads.g.doubleclick.net
pagead2.googlesyndication.com
4 fonts.gstatic.com fonts.googleapis.com
3 hal900019.redintelligence.net hal9000.redintelligence.net
hal900019.redintelligence.net
3 pixel.everesttech.net 3 redirects
3 ag.innovid.com 2 redirects googleads.g.doubleclick.net
3 www.awin1.com 1 redirects googleads.g.doubleclick.net
3 match.adsrvr.org 3 redirects
3 search.spotxchange.com ad.lkqd.net
3 trc.taboola.com 1 redirects cdn.taboola.com
3 www.google-analytics.com www.nyasatimes.com
www.google-analytics.com
2 cdn.doubleverify.com ad.lkqd.net
www.nyasatimes.com
2 googleads4.g.doubleclick.net www.nyasatimes.com
2 8019191.fls.doubleclick.net 1 redirects www.nyasatimes.com
2 p4-fuszz6cmgm5pa-whplufyift7qeelh-if-v6exp3-v4.metric.gstatic.com googleads.g.doubleclick.net
p4-fuszz6cmgm5pa-whplufyift7qeelh-if-v6exp3-v4.metric.gstatic.com
2 sync.search.spotxchange.com 1 redirects googleads.g.doubleclick.net
2 pixel.rubiconproject.com 2 redirects
2 eum-eu-west-1.instana.io eum.instana.io
2 pm.w55c.net 2 redirects
2 api.webgains.io analytics.webgains.io
2 sync.1rx.io 2 redirects
2 ad-server.eu 40c08bcac5bf885dbd447c370f4f6d6d.safeframe.googlesyndication.com
googleads.g.doubleclick.net
2 medialead.de 2 redirects
2 track.webgains.com www.nyasatimes.com
40c08bcac5bf885dbd447c370f4f6d6d.safeframe.googlesyndication.com
2 pb.media01.eu hal900022.redintelligence.net
hal900019.redintelligence.net
2 ups.analytics.yahoo.com 2 redirects
2 a.audrte.com 1 redirects ads.pubmatic.com
2 uipglob.semasio.net 1 redirects ads.pubmatic.com
2 visitor.fiftyt.com 2 redirects
2 sync-tm.everesttech.net 2 redirects
2 sync.teads.tv googleads.g.doubleclick.net
2 um.simpli.fi 1 redirects ads.pubmatic.com
2 image4.pubmatic.com ads.pubmatic.com
2 sync.mathtag.com 2 redirects
2 d5p.de17a.com 2 redirects
2 www.facebook.com 1 redirects connect.facebook.net
2 a.vidoomy.com www.nyasatimes.com
2 pixel-sync.sitescout.com 2 redirects
2 connect.facebook.net www.nyasatimes.com
connect.facebook.net
2 ads.stickyadstv.com ad.lkqd.net
2 22bet.com 1 redirects lp.cleverwebserver.com
2 sender.clevernt.com 1 redirects www.nyasatimes.com
2 ajax.googleapis.com www.nyasatimes.com
2 maxcdn.bootstrapcdn.com www.nyasatimes.com
1 p4-fuszz6cmgm5pa-whplufyift7qeelh-762194-i2-v6exp3.v4.metric.gstatic.com
1 tps20243.doubleverify.com cdn.doubleverify.com
1 tps.doubleverify.com cdn.doubleverify.com
1 server-204.lkqd.net
1 creative.lkqd.net
1 token.rubiconproject.com 1 redirects
1 d.agkn.com 1 redirects
1 ads.yahoo.com googleads.g.doubleclick.net
1 googlecm.hit.gemius.pl 1 redirects
1 rtb.openx.net 1 redirects
1 cms.quantserve.com 1 redirects
1 acdn.adnxs.com vpaid.springserve.com
1 sync.ipredictive.com 1 redirects
1 sync.srv.stackadapt.com 1 redirects
1 green.erne.co 1 redirects
1 match.bnmla.com ads.pubmatic.com
1 partner.googleadservices.com pagead2.googlesyndication.com
1 rtb.gumgum.com ads.pubmatic.com
1 secure.adnxs.com 1 redirects
1 ads.playground.xyz 1 redirects
1 match.taboola.com ads.pubmatic.com
1 core.iprom.net 1 redirects
1 match.deepintent.com ads.pubmatic.com
1 s.tribalfusion.com ads.pubmatic.com
1 a.tribalfusion.com 1 redirects
1 sync.targeting.unrulymedia.com 1 redirects
1 cm.adgrx.com ads.pubmatic.com
1 ad4m.at ads.pubmatic.com
1 csync.loopme.me 1 redirects
1 eum.instana.io singles.parship.de
1 analytics.webgains.io track.webgains.com
1 static.cloudflareinsights.com singles.parship.de
1 trf.greatviews.de 1 redirects
1 pubmatic-match.dotomi.com ads.pubmatic.com
1 ws.rqtrk.eu 1 redirects
1 pr-bh.ybp.yahoo.com ads.pubmatic.com
1 mwzeom.zeotap.com ads.pubmatic.com
1 aud.pubmatic.com ads.pubmatic.com
1 dsp.adfarm1.adition.com 1 redirects
1 cds.taboola.com cdn.taboola.com
1 pips.taboola.com cdn.taboola.com
1 pixel.quantserve.com 1 redirects
1 dis.criteo.com ads.pubmatic.com
1 static.adsafeprotected.com
1 sonata-notifications.taptapnetworks.com 1 redirects
1 cse.google.com www.nyasatimes.com
1 cdnjs.cloudflare.com www.nyasatimes.com
1 links22.com 1 redirects
1 refpasrasw.world 1 redirects
1 ui.cleverwebserver.com www.nyasatimes.com
1 contextual.media.net www.nyasatimes.com
1 ads.vidoomy.com www.nyasatimes.com
1 scripts.cleverwebserver.com www.nyasatimes.com
1 nyasatimes.com 1 redirects
0 p4-fuszz6cmgm5pa-whplufyift7qeelh-762194-i1-v6exp3.ds.metric.gstatic.com Failed
0 match.adsby.bidtheatre.com Failed ads.pubmatic.com
0 bh.contextweb.com Failed ads.pubmatic.com
0 pixel.onaudience.com Failed ads.pubmatic.com
857 150

This site contains links to these domains. Also see Links.

Domain
twitter.com
www.facebook.com
popup.taboola.com
Subject Issuer Validity Valid
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2021-06-15 -
2022-06-14		 a year crt.sh
*.netdna-ssl.com
Sectigo RSA Domain Validation Secure Server CA		 2021-02-22 -
2022-03-18		 a year crt.sh
upload.video.google.com
GTS CA 1C3		 2021-10-18 -
2022-01-10		 3 months crt.sh
*.google-analytics.com
GTS CA 1C3		 2021-10-18 -
2022-01-10		 3 months crt.sh
*.vidoomy.com
Sectigo RSA Domain Validation Secure Server CA		 2021-08-06 -
2022-09-05		 a year crt.sh
www.google.com
GTS CA 1C3		 2021-10-18 -
2022-01-10		 3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2021-10-18 -
2022-01-10		 3 months crt.sh
*.media.net
DigiCert SHA2 Secure Server CA		 2021-04-12 -
2022-04-20		 a year crt.sh
*.gstatic.com
GTS CA 1C3		 2021-10-18 -
2022-01-10		 3 months crt.sh
*.clevernt.com
Sectigo RSA Domain Validation Secure Server CA		 2021-02-23 -
2022-02-23		 a year crt.sh
steadfastsystem.com
R3		 2021-10-13 -
2022-01-11		 3 months crt.sh
*.22bet.com
R3		 2021-10-04 -
2022-01-02		 3 months crt.sh
*.taboola.com
DigiCert TLS RSA SHA256 2020 CA1		 2020-11-25 -
2021-12-26		 a year crt.sh
ad.lkqd.net
R3		 2021-09-28 -
2021-12-27		 3 months crt.sh
ads.stickyadstv.com
DigiCert SHA2 Secure Server CA		 2021-09-19 -
2022-09-20		 a year crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2021-08-18 -
2021-11-16		 3 months crt.sh
*.google.com
GTS CA 1C3		 2021-10-18 -
2022-01-10		 3 months crt.sh
*.lkqd.net
DigiCert TLS RSA SHA256 2020 CA1		 2021-07-09 -
2022-07-14		 a year crt.sh
*.google.de
GTS CA 1C3		 2021-10-18 -
2022-01-10		 3 months crt.sh
static.adsafeprotected.com
Amazon		 2021-09-05 -
2022-10-04		 a year crt.sh
track.adform.net
DigiCert TLS RSA SHA256 2020 CA1		 2021-09-06 -
2022-10-07		 a year crt.sh
*.spotxchange.com
GeoTrust RSA CA 2018		 2021-03-10 -
2022-03-29		 a year crt.sh
*.v.ssp.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2021-10-19 -
2022-04-13		 6 months crt.sh
*.pubmatic.com
DigiCert SHA2 Secure Server CA		 2021-03-30 -
2022-04-04		 a year crt.sh
tpc.googlesyndication.com
GTS CA 1C3		 2021-10-18 -
2022-01-10		 3 months crt.sh
*.springserve.com
Amazon		 2021-04-30 -
2022-05-29		 a year crt.sh
misc-sni.google.com
GTS CA 1C3		 2021-10-18 -
2022-01-10		 3 months crt.sh
*.adnxs.com
GeoTrust ECC CA 2018		 2021-03-05 -
2022-02-19		 a year crt.sh
*.criteo.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2021-09-09 -
2021-12-07		 3 months crt.sh
*.simpli.fi
DigiCert SHA2 Secure Server CA		 2019-09-18 -
2021-12-12		 2 years crt.sh
*.doubleclick.net
GTS CA 1C3		 2021-10-18 -
2022-01-10		 3 months crt.sh
teads.tv
R3		 2021-11-03 -
2022-02-01		 3 months crt.sh
*.ybp.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2021-08-24 -
2022-02-16		 6 months crt.sh
*.dotomi.com
GlobalSign RSA OV SSL CA 2018		 2021-08-10 -
2022-09-11		 a year crt.sh
redintelligence.net
R3		 2021-10-21 -
2022-01-19		 3 months crt.sh
*.media01.eu
RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1		 2021-05-27 -
2022-05-27		 a year crt.sh
singles.parship.de
Cloudflare Inc ECC CA-3		 2021-06-29 -
2022-06-28		 a year crt.sh
*.webgains.com
Sectigo RSA Domain Validation Secure Server CA		 2021-05-20 -
2022-06-20		 a year crt.sh
*.webgains.io
Amazon		 2021-03-12 -
2022-04-10		 a year crt.sh
*.instana.io
DigiCert TLS RSA SHA256 2020 CA1		 2020-11-24 -
2021-12-25		 a year crt.sh
public1.adgear.com
Sectigo RSA Domain Validation Secure Server CA		 2021-02-24 -
2022-03-26		 a year crt.sh
*.deepintent.com
Go Daddy Secure Certificate Authority - G2		 2020-04-09 -
2022-06-08		 2 years crt.sh
*.gumgum.com
Amazon		 2021-06-05 -
2022-07-04		 a year crt.sh
*.bnmla.com
Go Daddy Secure Certificate Authority - G2		 2021-01-06 -
2022-02-07		 a year crt.sh
cdn.adnxs.com
GlobalSign Organization Validated CA - SHA256 - G4		 2021-05-10 -
2022-06-11		 a year crt.sh
*.mookie1.com
DigiCert TLS RSA SHA256 2020 CA1		 2021-02-22 -
2022-03-25		 a year crt.sh
*.rlcdn.com
Sectigo RSA Domain Validation Secure Server CA		 2021-02-25 -
2022-03-28		 a year crt.sh
*.innovid.com
RapidSSL RSA CA 2018		 2020-02-07 -
2022-04-07		 2 years crt.sh
ui.aps.ads.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2021-10-25 -
2021-12-15		 2 months crt.sh
san.casalemedia.com
GeoTrust RSA CA 2018		 2021-02-05 -
2022-02-09		 a year crt.sh
www.awin1.com
DigiCert SHA2 Secure Server CA		 2021-06-11 -
2022-06-16		 a year crt.sh
creative.lkqd.net
R3		 2021-09-27 -
2021-12-26		 3 months crt.sh
*.doubleverify.com
DigiCert SHA2 Secure Server CA		 2021-01-10 -
2022-01-17		 a year crt.sh
*.v4.metric.gstatic.com
GTS CA 1C3		 2021-10-18 -
2022-01-10		 3 months crt.sh

This page contains 151 frames:

Primary Page: https://www.nyasatimes.com/
Frame ID: FA3B5D3A89440F707639701988C679FB
Requests: 158 HTTP requests in this frame

Frame: https://lp.cleverwebserver.com/22bet/aa/sports/grp1/?id=366535&group=34090&tracker=aHR0cHM6Ly9yZWZwYXNyYXN3LndvcmxkL0w%2FdGFnPWRfMzQ2NDk3bV83NjY5Y19HVEFBRldCVFBMREFBV1cmc2l0ZT0zNDY0OTcmYWQ9NzY2OSZyPXJlZ2lzdHJhdGlvbi8%3D&ref=aHR0cHM6Ly93d3cubnlhc2F0aW1lcy5jb20v&r=758568840
Frame ID: 405AD300D367034C6BA5E6E7B1EA6810
Requests: 12 HTTP requests in this frame

Frame: https://22bet.com/de/registration/?tag=d_346497m_7669c_GTAAFWBTPLDAAWW
Frame ID: 618B5A5E0033D4DA754237D48F1192AB
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20211103/r20190131/zrt_lookup.html
Frame ID: FF09814C47FC74B6678281101B19E9F4
Requests: 1 HTTP requests in this frame

Frame: https://ad.lkqd.net/vpaid/formats.js
Frame ID: 239DF91C447F12E3C619441F9B398A0F
Requests: 7 HTTP requests in this frame

Frame: https://ad.lkqd.net/vpaid/formats.js
Frame ID: 21214D05308A1EFC48FBB3374F16D26E
Requests: 2 HTTP requests in this frame

Frame: https://a.vidoomy.com/api/rtbserver/cookie?i=CEN&uid=no-consent
Frame ID: 68072477013F021A3712066AE47C9B78
Requests: 1 HTTP requests in this frame

Frame: https://ad.lkqd.net/cookie-sync/usync.html
Frame ID: D190173C24620C0A2F69674B8581DE4A
Requests: 6 HTTP requests in this frame

Frame: https://ad.lkqd.net/cookie-sync/usync.html
Frame ID: 29FB880493C30E0B97B426185603CEBA
Requests: 6 HTTP requests in this frame

Frame: https://40c08bcac5bf885dbd447c370f4f6d6d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 9E7A36558AF681A907470F91BF121738
Requests: 1 HTTP requests in this frame

Frame: https://www.facebook.com/login/?next=https%3A%2F%2Fwww.facebook.com%2Fplugins%2Fpage.php%3Fadapt_container_width%3Dfalse%26app_id%26channel%3Dhttps%253A%252F%252Fstaticxx.facebook.com%252Fx%252Fconnect%252Fxd_arbiter%252F%253Fversion%253D46%2523cb%253Df41688f3e11088%2526domain%253Dwww.nyasatimes.com%2526is_canvas%253Dfalse%2526origin%253Dhttps%25253A%25252F%25252Fwww.nyasatimes.com%25252Ff21e489ef8f323%2526relation%253Dparent.parent%26container_width%3D284%26height%3D300%26hide_cover%3Dfalse%26href%3Dhttps%253A%252F%252Fwww.facebook.com%252FANCCLeeds%26locale%3Den_US%26sdk%3Djoey%26show_facepile%3Dfalse%26small_header%3Dtrue%26tabs%3Dtimeline%26width%3D300
Frame ID: 04DE6821A84E2AD3E58355755E5C1688
Requests: 1 HTTP requests in this frame

Frame: https://t.lkqd.net/t
Frame ID: B4568B35F341291E389FA9DA395083C3
Requests: 1 HTTP requests in this frame

Frame: https://t.lkqd.net/t
Frame ID: 4CD225BAC0AF5FFD320479B43184C3A1
Requests: 2 HTTP requests in this frame

Frame: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Frame ID: C2AFC9543F3BD20E64E44BD351A9AF51
Requests: 3 HTTP requests in this frame

Frame: https://ad.lkqd.net/cookie-sync/usync.html
Frame ID: 147FC223FA5694DC562FDFB342F501D1
Requests: 6 HTTP requests in this frame

Frame: https://t.lkqd.net/t
Frame ID: 05585A31045A070C66885F359E3166B9
Requests: 8 HTTP requests in this frame

Frame: https://vpaid.springserve.com/production/vpaid_d700fabb.js
Frame ID: 19B7D48B1CE4490E874BB75A9475B889
Requests: 7 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssQk-3nWSbYkzthhvBMKpaeZ33mDKjHBMKtvtegnuXRYhjxwagshvx8PJ3rgagpkDI_Hvf_dQr13IH3FI_0EfVImmkpd2vfpb_9HmvRAY-q09DzX53yDu2u18-dJY2LmR14xGBcn4bqZtMqQbulIV8XYkjODJEbjlGYjbxaSNmk6NxDUtm2OgoqKaoC0BmLAIpanKmaw9IPTaM40dz1_qLmWUzj6FmtGhTsMcgBeNyIRzFDIHmBkJ02rCjfmZkcC23G6Nm9jHxtkyCMsAXat1MGy8sYmbNsL8pR9aUaqJYkpitCjdRyQ-WVcIHNFPJQM8Ne-UtPKLh9W3RCeg&sai=AMfl-YTdOiOwbetB-hF9xaqRe2pC11cA6HptQA0xBDhzs1Vee5M1szwMhIIVduo1nCuiIjFva3BfCShPDKtUUhAMCjEf4KeKMzSqYTKN6SlEZINMZufois0KBcOtnHQWE44&sig=Cg0ArKJSzGPjfkMoQo77EAE&uach_m=[UACH]&adurl=
Frame ID: 150E153F7DFDFC9E4CF4D71B87DCF3AA
Requests: 8 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuFGcIFftYa9m62mM_Thcks9TAU6rUYY7c9sbY0leTSwLlZqTPqB3PlnmmUe3ON8VTN-iEvByviytaksxBvc4ajMlW9v6GhsU4KA_tutdnGBske-8einNoVRQjnN1SBwd0MGGjGrLckv2HIZxmzhoQcfvp2iiq-4HRxOq7EBIZOhsj1T57MdJDnfJTmG97LhEfvrfuEJNepXqIYeT4nOEo-i4vHNm3pyCSPMdZcwJKC-8DdzoZzAwiouDyb9I1B0QFlrGh8wEMEOaaDbps0EI0g6rbrg-TwnGkCqDxi-VhpBWLe-KiyP2TYf7WXeuPNo7hKQcP1mSre-oE3ve4&sai=AMfl-YTSNI2lAWKetgTm8J96rYYQtGOaxsVRFy4XFnR8eaTWuXUY1kCpEnPCNUZZO52fRZhuX9DTkIH8hYBCIarwiEfG-OQdbM0KJCTgNMatc2i2LLmlDF-VIZ5Az60OUHs&sig=Cg0ArKJSzDSwDqL0sDeMEAE&uach_m=[UACH]&adurl=
Frame ID: 20BDD4542AA5BFAAE64A2FBF4F9D0B89
Requests: 7 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuV2xw636iG46y0EzWSxJ7beV5RDh2S7EmWZGuhfixn-eB50X50z9oYOEphNo60RCR6Jtep73FYfsPCsv1P6cVTiLOrJV6PuFiOPRK7PCBpf5zkx8C2fssUvs3jIBMjKDPzuLKBAeCcw4iJdqnP6FsSAv11mkPH2ZpBspa8TdjLfR-IfHu_A0539394n9FMDlGav46YVJxBlJ80Po-1CiAyQkEH9JTjo2fSjmSTNfxMXFDey2ot7AKl0-svfV_X4NCoQ7hri0TpOQ5UjgxZX6XWtD2W8Yn1Efy_XV3G99cacII0HXJLsvjcKb1xmO5t_4uufTsC6Rcf7Mj8eUA&sai=AMfl-YSjRXemHjd6M1vm7KlQqU-XWneEks7gKbIvKD46XWWaYa_L4nnN7COP4aJ5sKzpItmkyA-_kkTBer6iUa0TOcXaKck078NbAGV6pFtykzrpyMb5jouTuFrhrnu31YI&sig=Cg0ArKJSzP7WxA_mQsxsEAE&uach_m=[UACH]&adurl=
Frame ID: 593886E72123C362303A8A5A2ECA2FC0
Requests: 8 HTTP requests in this frame

Frame: https://40c08bcac5bf885dbd447c370f4f6d6d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: C2B10ACF532AAEDE0241A24C0575DB3C
Requests: 13 HTTP requests in this frame

Frame: https://40c08bcac5bf885dbd447c370f4f6d6d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 6C8C38653F561F0ECAA1225BD3180F10
Requests: 13 HTTP requests in this frame

Frame: https://40c08bcac5bf885dbd447c370f4f6d6d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 3C299D166E9D35F72FBB7B82A6AD0AB6
Requests: 15 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/012110042008000/amp4ads-v0.mjs
Frame ID: 3614441545A4BC99746A988796C3E6F5
Requests: 13 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsstMiVupRG40vn9g8kZAkK94FFkPs1Kfe0D7vqJA2_f_EbtVMlgc8CGSSJa6xWU-n1si5e_ZA6SndTRNy09eSWm8wkKlg4HW0fyYNRWk2bBHB4totqWFLUZOTzRME2JO8mS1ILhhbSFl21qv4I1tzee8FnUgPMMUo2cC3FisicvLPmZw0L60rDxPvCDAT4q6nA34rdIb5Wue47u0_aVLY03vxUkBVZgNulhhC6FIvUHgS5JqHcWoaFGZni67_0HBNtWHbx2ZtlyIJkN57JzVR_mKGeGuRGG_T9J7R9qXD20YrOIG8TPa4W3N6r1TKDZXZTAIMsaZToF5BBO&sai=AMfl-YT9mjMhm0nMRI7WoIrSHs-tuqUnTc4ImXsQtxkuovgaaDSXq8v8cv5Gv4JZSfFPBjpqljcaNY9RBvhn-LlGmj7KRBgKpU_BhkA7IHNzwKKMBpSD84axDfIemqMyzcA&sig=Cg0ArKJSzNz126IrOw5YEAE&uach_m=[UACH]&adurl=
Frame ID: DEC422A7BFC0736C0434C5552F835D4D
Requests: 8 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsu_u7As4OdmoNVyzXElZJoMXtDeJ7QpbzLpOlM55VDIf-oWCVbj_j_gfDBqItoKKBNFsAL4t1nThH7LYojfLD6gZuT2eZoK7ocCKja8XcRCLvTXfuJGEbLAwmgqwt_rbmixJQg38RgLN-1KEt_ZQ0u8jqsm15QwcYTYScOo_6tcckYFtd6kK9J-Ap89RIglxCPmYWj3TwsK5_G-pYquhuTvfzo-JNh9LtawVsBACsqarpsuE1BHWE9iNTg_CAcmZVv1X67-JTzIoUGtDI3RBZuYucpth2kgt4wgiXUOJc-_CTXYY17zsHtU-ydsTMcLdPIfHhDHwmhq8AvS&sai=AMfl-YSX1cvLUgTpSEhps0kwL6z7sb03AHBTm3D_03I1WuLkDC-w8n3LDAFZckJ83KRh6HnT0RswUNaZn_UZ30Ipw7B6_pNSE9JQKB0AGjriwGnxJjq3sK7vrGn9x5F7NFc&sig=Cg0ArKJSzLodwUHT2JqpEAE&uach_m=[UACH]&adurl=
Frame ID: AADEF2FFD972E297851BEBFEAD9D2848
Requests: 8 HTTP requests in this frame

Frame: https://40c08bcac5bf885dbd447c370f4f6d6d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 40B12744ED3F25EB86A295315AF4BB46
Requests: 13 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuNvSUutw53x1fst7YKY_G3vHsR9OQUASVyPvtzjO4Tq5g6yv1qY3O9qfPHLN8lk69WtOW2CchhO_uZZSrSLWTWTR1h52UehdopZnWg70LVmRanymC_cY_NcFpwi31Pjo1YAalUnuuWuxysiP_EN48Nf--wLc6tKFqz0T3GRo78HBW0M3PVul1kjS_WWPOMtGKwRYGCN6Q5-VMZjFlesyl5nCfaGk_jGSEqq7DBKOvjnADD0I2_bz9gF4l7f4yLnGLrdddAPPxQd8uFKyYaWli_bnVOOn7eTGNDgMi8dBj9jLVHxr5yqyo60BYfMcxccJHsUy9jnGRr&sai=AMfl-YSb1fKIs56IGnKriVW2kneQmoJAa82WfaEHtuDxU1no3wNrAo-D7nWB1NoqVdEOeC9XR70CWY_trhmo6vSQ3u7t_SNqy-TkqMInUpKgoGtol0ZWgditiGoBZ3TTn8Q&sig=Cg0ArKJSzDDvyCFZbCVLEAE&uach_m=[UACH]&adurl=
Frame ID: 3388D1F7FD98C1F6D433A55003C080A5
Requests: 7 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjss4Wz8VbcYcLWwA88aQxTqe9y9UA4TKglq5EOhTmiurC46cPzSrIMBfpJDDaD-9yFsiKKmfUEAg82ZsQQAU2Yu5Ga3mI0cIkcVmkTeGpK7e5aiOr2xsjB_Xa2-A48AaR3moTNw9pQOPSQlsiSLijvGcGOeHTTDljmWj8V5A72Up53J9kGpwKCxlHooEYxH9vyUAlP3JRT1so5nC76VC2J8TniZffZ7ejwlA-r9gx1uSxb91ziPJ4fXYllgqUsQkAeJ2pEeVI-tKOSaB-C4S7H_CmGd7eWecp4_t94wJSta0da4EoAkWypHuqXdaalivUSQZwmxjaf1bQA&sai=AMfl-YTMyJ2PTyrW07qWDk5RRC9P4ikyd_Il1g6BfzEn5ypln8ZYg41rRR9SYnKyTOvXvljMB6wureDQZBTMyNBdCRe8W12Cs3qV2RZXu6svCgkZat-J_pfr1ViIZBaLa6k&sig=Cg0ArKJSzLdICM3Qz2_rEAE&uach_m=[UACH]&adurl=
Frame ID: 09ACB159B39FBBF6599EE28E48667651
Requests: 8 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvgq0WNRo-ZarYmWY1RBg0HQbXsWkHGXSVQ2EunCfsvP51at6pBo9Muluxb_zm7jin0MondU2x8P7FVcrbAJCPGKLwL4jxu1P-RYu3Xatw9j5lL5-CTgks4pqeoJSRU06ezDc1V1qYEv0c2xafMZyrBHnmaQ7sUUUqYAjWJOdzaZsN5J588Av07_d4lDYR5fcUYrM-1CLMtJdzvbACy41yYY4SMvEWq-Top3sFAmKoOknjRFw7QJBm4uM9U4l8Xx1GPD8nMMx2SjHq9i1ML7N6qsvoJCtl8WKZsR3Ri9WHxQ31tNp9tKgTZ6ec31slE_bQ3Rj248iYfAHY&sai=AMfl-YRKq8olFtZxT96MnlIv4sGqZCqcUrF7xLiVtDduYCeQHy12ebPqPlHOKjZ1FYB2bwLEy7-1_lzl4CSkWLnEiOrRm3wu2-e5oYWnQrMUH4U6G0rBzs0LYBoDByqMKPs&sig=Cg0ArKJSzNwMMGe5a2O_EAE&uach_m=[UACH]&adurl=
Frame ID: 9D4BD304024F30FE2109847386901CD7
Requests: 8 HTTP requests in this frame

Frame: https://40c08bcac5bf885dbd447c370f4f6d6d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 560DA59B20153AF830CD1080D7EEAA7E
Requests: 17 HTTP requests in this frame

Frame: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr==&gdpr_consent=&kadpageurl=https%3A%2F%2Fwww.nyasatimes.com%2F&schain=1.0,1!vidoomy.com,62144,1,1636433736609,,
Frame ID: 3D85D7C232C23CF81FBD5382486488F2
Requests: 3 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/showad.js
Frame ID: 332459B19774926E927E87A3A7D4CE03
Requests: 13 HTTP requests in this frame

Frame: https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=AAFDB41B-E8AC-4A9F-A422-22410BCE2BD1
Frame ID: CA185E7C970578F96706DDC5F1C870E6
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=5649455818980043838
Frame ID: 2E17D21EA2843344EAB0845FEA3F2DBF
Requests: 1 HTTP requests in this frame

Frame: https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@
Frame ID: F019E811599CC117EBAA1F554B953513
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CIvVChDJgxMYqsOXuQEwAQ&v=APEucNXBPmOBgh5AkuHpuatjJRp12ycMfH-E52u5RwofqN0AiHYW2ApmBVQdQQ2qMxJpKawVjhw04NsjXnOrw4tTzYpL5Rv5ji9xKxh28cZVvOh2TOuUwPf8GJJTVzi8tqQc9Dj73WNRy-TuMKxyPfB5q13nOQfwxfkyl3UU3laKv4lpHmcEOT4
Frame ID: 602A4AC81289940FA2F194CA4AA8FE82
Requests: 5 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhCn9EsYj6_ClQEwAQ&v=APEucNUOSbLtzXC-pKJut9jFAh_Zux5dFZElZ39hawGzxiD45PSLaKReJUEZpEgElxrubCDvw7YI1NPdzPyKBIf9h2sOoNqLjcSGNbRNQ14FhS8hB1RjHT2tOOJAf_KsAbfmgkWStWS5q7QsRqL4_GH22hN6b0YjerbyaXRVCwOrVVBbvWjuj-M
Frame ID: 1D5103A4A55D4F6F470F2F52E353C260
Requests: 5 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html
Frame ID: 8030E04222B84C899FC8C5384B6153CD
Requests: 2 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: DBD86DAC14C071EA811ED339D69F090B
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 6AD64D5C28C3A664361890EF3B6AD0BD
Requests: 3 HTTP requests in this frame

Frame: https://vpaid.springserve.com/production/vpaid_d700fabb.js
Frame ID: 34D28584441400087A85C2C4752075AB
Requests: 7 HTTP requests in this frame

Frame: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr==&gdpr_consent=&kadpageurl=https%3A%2F%2Fwww.nyasatimes.com%2F&schain=1.0,1!vidoomy.com,62144,1,1636433736608,,
Frame ID: CD8A3B26DCA1AC9C3F2E114B9954981D
Requests: 3 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/showad.js
Frame ID: 010B23E625B90F60C2C1025F6BFEE47C
Requests: 13 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA=&piggybackCookie=7028429386789025937
Frame ID: 3FCA65009551166389616E1F5C36A9A7
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=YYn-SgADLMrjmAAz&gdpr=0&gdpr_consent=&_test=YYn-SgADLMrjmAAz
Frame ID: 9A4A4544D8ADADB4E585064325DD3442
Requests: 1 HTTP requests in this frame

Frame: https://bh.contextweb.com/bh/rtset?do=add&pid=558502&ev=AAHwWE7DE_8AABP6esANPw&rurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fbee_sync_partners%3Dsas%252Cpm%26bee_sync_current_partner%3Dpp%26bee_sync_initiator%3Dadx%26bee_sync_hop_count%3D2
Frame ID: B8B66971CD932A758653BC07C7F2C4E0
Requests: 1 HTTP requests in this frame

Frame: https://pb.media01.eu/view.aspx?trackid=529D4F146E3238B0FD87AE72E1190AD4&dt_subid1=52180&dt_subid2=19350300013651700710584011773022&actionid=879111&produktid=ratenkredit&dt_url=
Frame ID: 566B285B2C04494517B96C51B58DB9AC
Requests: 1 HTTP requests in this frame

Frame: https://singles.parship.de/lp/v00/6/U/htlp/index2.html?pscode=01_100_60078_1026_0001_0001_empty_AF00ID_GV1636433739.5503284.48ab17ac-4119-11ec-82f1-00155d255900ID
Frame ID: 42B1ABC65B27DFFC54A208265726EA5B
Requests: 9 HTTP requests in this frame

Frame: https://hal900022.redintelligence.net/request_content.php?s=19350300013651700710584011773022&a=007198d4
Frame ID: 0B7630D267135C9E0E5D3682B9AEF4A0
Requests: 8 HTTP requests in this frame

Frame: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr=0&gdpr_consent=&kadpageurl=https%3A%2F%2Fwww.nyasatimes.com%2F&schain=1.0%2C1%21vidoomy.com%2C62144%2C1%2C54283961372527544011935234587%2C%2C
Frame ID: EA0AB9B3C22534D084D8EA4D4C723FE0
Requests: 4 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/showad.js
Frame ID: CA13B34D6D9B6E78FC6A817A72B9533E
Requests: 4 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode&gdpr_consent=null&piggybackCookie={device_id}&gdpr=0
Frame ID: 5EB719D976B5FDCC27D9AC640958575E
Requests: 1 HTTP requests in this frame

Frame: https://ad4m.at/ad/dpe?b=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjkmdGw9MTI5NjAw&piggybackCookie=$UID
Frame ID: 56410B8CD7424BAB18260BB71252FDDB
Requests: 1 HTTP requests in this frame

Frame: https://cm.adgrx.com/bridge?AG_PID=pubmatic&AG_SETCOOKIE&gdpr=0&gdpr_consent=
Frame ID: 514EDE2089249B0AF758FC017D57E998
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA=&piggybackCookie=RX-7acde18c-f6c6-4d6a-bf33-3329d6889aec-003
Frame ID: F77DC04FAB958B2431158175EB1239FC
Requests: 1 HTTP requests in this frame

Frame: https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
Frame ID: 98A4A9622909EE17730F6F91981A7961
Requests: 1 HTTP requests in this frame

Frame: https://match.deepintent.com/usersync/141?gdpr=0&gdpr_consent=
Frame ID: CF0B044A6F4F5667775B1A4BCD172786
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzcmdGw9ODY0MDA=&piggybackCookie=uid:10141410113735
Frame ID: D1908132EA358D6F4689E686FE2D5002
Requests: 1 HTTP requests in this frame

Frame: https://match.taboola.com/sg/pubmatic-ssp-network/1/rtb-h?taboola_hm=1&tbid=84e54cc0-0f5b-40ac-a93b-e207a6b04de3-tuct88384cb&query=taboola_hm%3D1%26redir%3Dhttps%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM0MjcmdGw9MTI5NjAw%26piggybackCookie%3Duid%3A%24UID&isDirect=0
Frame ID: AB6D23465DDB43D2D1558CC4AEFEF275
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6272874513322487&output=html&adk=1812271804&adf=3025194257&lmt=1636433740&plat=3%3A32%2C4%3A32%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fwww.nyasatimes.com%2F&ea=0&flash=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1636433735654&bpp=4&bdt=3262&idt=4413&shv=r20211103&mjsv=m202111080101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D794056464356ba8c-22ee49fb40cb0076%3AT%3D1636433736%3AS%3DALNI_MZxGv2IOQA2RS0JcD_TPrlKHt_CvA&nras=1&correlator=3787691824628&frm=20&pv=2&ga_vid=1514767491.1636433735&ga_sid=1636433736&ga_hid=803458727&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062944%2C31063355%2C31063682&oid=2&pvsid=2168745486402461&pem=902&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=4433
Frame ID: 3D10E1B2996BC9038A34F772653395AB
Requests: 1 HTTP requests in this frame

Frame: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr=0&gdpr_consent=&kadpageurl=https%3A%2F%2Fwww.nyasatimes.com%2F&schain=1.0%2C1%21vidoomy.com%2C62144%2C1%2C6240666375428396137252754401%2C%2C
Frame ID: B3743E143FC173ACFC3D7F5C70E419AC
Requests: 4 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/showad.js
Frame ID: 25C5016D63FC65C2308A6A2D8C8FD52C
Requests: 1 HTTP requests in this frame

Frame: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr=0&gdpr_consent=&kadpageurl=https%3A%2F%2Fwww.nyasatimes.com%2F&schain=1.0%2C1%21vidoomy.com%2C62144%2C1%2C5428396137252754401925154198%2C%2C
Frame ID: C021556D7E555AB729F7C858CA90C8B2
Requests: 4 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/showad.js
Frame ID: F4A0F9855024C87E3A7C3243FDC546ED
Requests: 3 HTTP requests in this frame

Frame: https://match.bnmla.com/usersync?sspid=10738&redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTI3NzUmdGw9MTI5NjAw%26piggybackCookie%3D%5BUUID%5D
Frame ID: 751C7C0FDAADD2D32AF48256ACA588E8
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:4C5nLrAO1MKjaA5&gdpr=0&gdpr_consent=
Frame ID: F8507D499CE24E14480C5676669C323C
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw&piggybackCookie=XzC0w1dATbi0qnhrI2GqXyVn
Frame ID: C6A9D0F53F3F53F55FE4069A6B428897
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:5B494D62A10C4AC6B237AE512971C575
Frame ID: 8CFB97473CCD984D01ADBC5F8815229A
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=BUmmYzgbTfZDbmXiysfiCrnVm6U
Frame ID: E4AE872C1872F08700B3EBD099B5E7DE
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 3C58F2A2EC95CC07D5AB0ED51152C12B
Requests: 3 HTTP requests in this frame

Frame: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Frame ID: 4FE8DFC3A92CDBE8D757A343C5B926C2
Requests: 3 HTTP requests in this frame

Frame: https://ad.lkqd.net/cookie-sync/usync.html
Frame ID: 23A199085074EA91C590A61ACA938372
Requests: 6 HTTP requests in this frame

Frame: https://t.lkqd.net/t
Frame ID: 3D446DD7BEB71546C6384B617502BDB7
Requests: 8 HTTP requests in this frame

Frame: https://vpaid.springserve.com/production/vpaid_d700fabb.js
Frame ID: DF007E023072E57312F6A12373D10F75
Requests: 7 HTTP requests in this frame

Frame: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr==&gdpr_consent=&kadpageurl=https%3A%2F%2Fwww.nyasatimes.com%2F&schain=1.0,1!vidoomy.com,62144,1,1636433742316,,
Frame ID: C0C24A126C71C9A560A0C894B61B8523
Requests: 3 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/showad.js
Frame ID: 37DA252DA26DF23E7B5B9D19356B8852
Requests: 2 HTTP requests in this frame

Frame: https://vpaid.springserve.com/production/vpaid_d700fabb.js
Frame ID: 96774A1A79FFD3E458B2CFE910FD22EE
Requests: 7 HTTP requests in this frame

Frame: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr==&gdpr_consent=&kadpageurl=https%3A%2F%2Fwww.nyasatimes.com%2F&schain=1.0,1!vidoomy.com,62144,1,1636433742316,,
Frame ID: A0F5606580C8E09BE48295C91B874C2E
Requests: 3 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/showad.js
Frame ID: 3AF3C7C2DE26B478AC01582C69787DC6
Requests: 1 HTTP requests in this frame

Frame: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr=0&gdpr_consent=&kadpageurl=https%3A%2F%2Fwww.nyasatimes.com%2F&schain=1.0%2C1%21vidoomy.com%2C62144%2C1%2C1083521826631421030118426251%2C%2C
Frame ID: 4CFF60A57D7D51FF6E4F51C6150D3B4F
Requests: 4 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/showad.js
Frame ID: C564C490F50A22D7680114D173BCEB9A
Requests: 1 HTTP requests in this frame

Frame: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr=0&gdpr_consent=&kadpageurl=https%3A%2F%2Fwww.nyasatimes.com%2F&schain=1.0%2C1%21vidoomy.com%2C62144%2C1%2C2713954881083521826631421030%2C%2C
Frame ID: 6CBCC7DD8397C36A134B8837036D4C2D
Requests: 4 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/showad.js
Frame ID: 68CAF540F783DBC50A74FE66CB20903B
Requests: 1 HTTP requests in this frame

Frame: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr=0&gdpr_consent=&kadpageurl=https%3A%2F%2Fwww.nyasatimes.com%2F&schain=1.0%2C1%21vidoomy.com%2C62144%2C1%2C1083521826631421030929664512%2C%2C
Frame ID: 0C6E3A16BD32995DDBA0FB26FC1557F7
Requests: 4 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/showad.js
Frame ID: C92D875F359A54A8FA23CB27E5820664
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20211103/r20110914/zrt_lookup.html?fsb=1
Frame ID: 040247E04CC39B48B1762EAFC677D7C2
Requests: 5 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20211103/r20110914/zrt_lookup.html?fsb=1
Frame ID: 4A4D7E6CE1E0B48DF4B436DF89480E58
Requests: 14 HTTP requests in this frame

Frame: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Frame ID: FCB60475E87B2E130CED34A400640CC7
Requests: 8 HTTP requests in this frame

Frame: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Frame ID: 5E79EA6F855FB8E96A383AD103ED9B58
Requests: 3 HTTP requests in this frame

Frame: https://ad.lkqd.net/cookie-sync/usync.html
Frame ID: ECACC3B6DDE0C5604279440C02F9C2C7
Requests: 6 HTTP requests in this frame

Frame: https://t.lkqd.net/t
Frame ID: 7D9CC17FB4DE50BAD88488B266FDF1D2
Requests: 8 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 1287117D635EFEC36248BE1A68773BC5
Requests: 9 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: F662BC42DA29D07BADFF81ECD5950E12
Requests: 8 HTTP requests in this frame

Frame: https://vpaid.springserve.com/production/vpaid_d700fabb.js
Frame ID: 902011990020268BD59FD7BBC73EB5E6
Requests: 7 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: 9986B6B85FCB3AF6DA9E02A4D4BCDC0C
Requests: 2 HTTP requests in this frame

Frame: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr==&gdpr_consent=&kadpageurl=https%3A%2F%2Fwww.nyasatimes.com%2F&schain=1.0,1!vidoomy.com,62144,1,1636433746982,,
Frame ID: 5A532DB29DE56E9FB7EA5005F57ABCCD
Requests: 3 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/zcxQrsBjZtkA-sIi55aDcbNRce-W4yNq16DL4AdK1J0.js
Frame ID: C7710D75A185A98ADD55109363FFA75B
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/showad.js
Frame ID: 5402C8A499AB30D8CC36C051B2F608E2
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/zcxQrsBjZtkA-sIi55aDcbNRce-W4yNq16DL4AdK1J0.js
Frame ID: 0F92F0F663279D4B1F08BFDD0814912B
Requests: 1 HTTP requests in this frame

Frame: https://vpaid.springserve.com/production/vpaid_d700fabb.js
Frame ID: DC310591EBC157DB9E9A06E8D730213C
Requests: 7 HTTP requests in this frame

Frame: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr==&gdpr_consent=&kadpageurl=https%3A%2F%2Fwww.nyasatimes.com%2F&schain=1.0,1!vidoomy.com,62144,1,1636433746982,,
Frame ID: D3C40D75037DC0C6370880481CD543A5
Requests: 3 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/showad.js
Frame ID: CB0F1C2378FE8175585DC70D2D384D57
Requests: 1 HTTP requests in this frame

Frame: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr=0&gdpr_consent=&kadpageurl=https%3A%2F%2Fwww.nyasatimes.com%2F&schain=1.0%2C1%21vidoomy.com%2C62144%2C1%2C864018690098919857110650245%2C%2C
Frame ID: 080DF1F6AF91A08E8FEC8F8DD514BEFE
Requests: 4 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/showad.js
Frame ID: F871E6972116DE81FFCA0E4A71F303FC
Requests: 1 HTTP requests in this frame

Frame: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr=0&gdpr_consent=&kadpageurl=https%3A%2F%2Fwww.nyasatimes.com%2F&schain=1.0%2C1%21vidoomy.com%2C62144%2C1%2C2051206655864018690098919857%2C%2C
Frame ID: 37D2E50093A9FC9BD6A5524668FBBD6C
Requests: 4 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6272874513322487&output=html&h=250&slotname=6384578477&adk=1846531979&adf=776186312&pi=t.ma~as.6384578477&w=300&psa=0&format=300x250&url=https%3A%2F%2Fwww.nyasatimes.com%2F&ea=0&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1636433742983&bpp=4&bdt=5644&idt=6412&shv=r20211103&mjsv=m202111040101&ptt=9&saldr=aa&correlator=2528790567943&frm=24&ife=3&pv=2&ga_vid=628199854.1636433749&ga_sid=1636433749&ga_hid=1992209139&ga_fc=0&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=300&ish=250&ifk=4290881538&scr_x=-12245933&scr_y=-12245933&eid=31060032%2C44748552&oid=2&pvsid=1329697686204708&pem=848&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.h3zi3xrz7pfb&fsb=1&dtd=6423
Frame ID: 4A2D585F500EECFB1CF65520AAB0FD22
Requests: 10 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/showad.js
Frame ID: 6F754601C0FFBD66C9E38B94D6CBA413
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6272874513322487&output=html&h=90&slotname=8623798812&adk=3893537616&adf=776186306&pi=t.ma~as.8623798812&w=728&psa=0&format=728x90&url=https%3A%2F%2Fwww.nyasatimes.com%2F&ea=0&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1636433743870&bpp=4&bdt=6496&idt=5866&shv=r20211103&mjsv=m202111040101&ptt=9&saldr=aa&correlator=4653366252255&frm=24&ife=3&pv=2&ga_vid=702292323.1636433750&ga_sid=1636433750&ga_hid=1407238254&ga_fc=0&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=728&ish=90&ifk=1565869666&scr_x=-12245933&scr_y=-12245933&eid=44754331%2C31063355%2C31063681&oid=2&pvsid=1907843007424657&pem=848&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.kp2obwvw52ai&fsb=1&dtd=5883
Frame ID: ECCE46801AF11546F94B5E7BBCAEDE44
Requests: 15 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6272874513322487&output=html&h=250&slotname=6384578477&adk=1846531979&adf=776186319&pi=t.ma~as.6384578477&w=300&psa=0&format=300x250&url=https%3A%2F%2Fwww.nyasatimes.com%2F&ea=0&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1636433743833&bpp=1&bdt=6485&idt=5947&shv=r20211103&mjsv=m202111040101&ptt=9&saldr=aa&correlator=5893607863727&frm=24&ife=3&pv=2&ga_vid=41738721.1636433750&ga_sid=1636433750&ga_hid=1346727697&ga_fc=0&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=300&ish=250&ifk=4290881538&scr_x=-12245933&scr_y=-12245933&eid=44752093%2C44754331%2C31062945%2C31063355%2C31063361&oid=2&pvsid=3587062973168272&pem=848&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.rvv642hkv21k&fsb=1&dtd=5952
Frame ID: 8A2DE7E5C90B6C81F3AD744A1E7FEAAD
Requests: 10 HTTP requests in this frame

Frame: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr=0&gdpr_consent=&kadpageurl=https%3A%2F%2Fwww.nyasatimes.com%2F&schain=1.0%2C1%21vidoomy.com%2C62144%2C1%2C864018690098919857152153064%2C%2C
Frame ID: C078AD59C22E4E1599EFD5DB8677F5D4
Requests: 4 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/showad.js
Frame ID: 2E88F7650E4FEFF9933061B4B6AE9938
Requests: 1 HTTP requests in this frame

Frame: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Frame ID: B6EF1AFD505064623D763253EF11582F
Requests: 3 HTTP requests in this frame

Frame: https://ad.lkqd.net/cookie-sync/usync.html
Frame ID: 3A9285E8FE220964ADF40020D4078599
Requests: 6 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 88735756559FBFEC5D3570C775D292A7
Requests: 9 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhCn9EsYvNLFlQEwAQ&v=APEucNUMjdQC5fEbr0_NwAZZK3sPdZ7zhFx8FGrbImwzv9MZujNks2wZ8YUYcUDhBgQ8qPYdlvBomz8TLoPSxa70YrNQgyd6PPoz5zQo-tc7My9Xrh42b2ukbVErbgwrnmgc32-uHPT2Py8keRt57cuL9WAr_0SmIHaKNWnh98kGmjGwJs47IOE
Frame ID: 91FEDF3E1E841F14E406FD98E7E9050C
Requests: 4 HTTP requests in this frame

Frame: https://t.lkqd.net/t
Frame ID: F584B375D5741A8BF1BCF3DBFF3DF316
Requests: 8 HTTP requests in this frame

Frame: https://vpaid.springserve.com/production/vpaid_d700fabb.js
Frame ID: 116527AE9A55968B7E34B8213EF8F3A7
Requests: 7 HTTP requests in this frame

Frame: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr==&gdpr_consent=&kadpageurl=https%3A%2F%2Fwww.nyasatimes.com%2F&schain=1.0,1!vidoomy.com,62144,1,1636433751469,,
Frame ID: 9FB52DD4C1E8BB0721E16B0F21E8D216
Requests: 3 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/showad.js
Frame ID: 331ADD6655F4C37C2D406A52725ED7FC
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/zcxQrsBjZtkA-sIi55aDcbNRce-W4yNq16DL4AdK1J0.js
Frame ID: 458AA904792CFF1D5E42B27196446C4F
Requests: 1 HTTP requests in this frame

Frame: https://vpaid.springserve.com/production/vpaid_d700fabb.js
Frame ID: 3AD1D3419ABBEC7F95DB9006DA6BD64F
Requests: 7 HTTP requests in this frame

Frame: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr==&gdpr_consent=&kadpageurl=https%3A%2F%2Fwww.nyasatimes.com%2F&schain=1.0,1!vidoomy.com,62144,1,1636433751473,,
Frame ID: F278A1B72E34414C53CE8EF72158F3C0
Requests: 3 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/showad.js
Frame ID: 2B5F2777125BE405E45E689BDEF1F033
Requests: 1 HTTP requests in this frame

Frame: https://p4-fuszz6cmgm5pa-whplufyift7qeelh-if-v6exp3-v4.metric.gstatic.com/v6exp3/iframe.html
Frame ID: FE68CFD0E74476AD1FCC9B136E6A4F3B
Requests: 4 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 8E070AAC9A223BA21270C1963ACC0B95
Requests: 8 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/zcxQrsBjZtkA-sIi55aDcbNRce-W4yNq16DL4AdK1J0.js
Frame ID: 3DC57590177F74EEA7B7ADB5CE6A94D2
Requests: 1 HTTP requests in this frame

Frame: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr=0&gdpr_consent=&kadpageurl=https%3A%2F%2Fwww.nyasatimes.com%2F&schain=1.0%2C1%21vidoomy.com%2C62144%2C1%2C49000376608330150591745889038%2C%2C
Frame ID: 7352E45F170534F20A92031A41908E79
Requests: 4 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/showad.js
Frame ID: 22F731A87780AEF2E71036A78E417840
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 9D9D1EDE910BCFB2C73C2B2C07512817
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html
Frame ID: A69417D50FC3D9DB67F9C70D41C305A2
Requests: 2 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: C6B5A1ABCB02C1974365F4C5B0F64B1C
Requests: 2 HTTP requests in this frame

Frame: https://pb.media01.eu/view.aspx?trackid=529D4F146E3238B0FD87AE72E1190AD4&dt_subid1=52180&dt_subid2=33506400014560200710612011773019&actionid=879111&produktid=ratenkredit&dt_url=
Frame ID: 8B4498511BA0B0F9143D6897A300C980
Requests: 1 HTTP requests in this frame

Frame: https://8019191.fls.doubleclick.net/activityi;dc_pre=CNr77-S-ivQCFRME4AodtSwFMw;src=8019191;type=invmedia;cat=1up4h04i;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=7111219509845.03
Frame ID: D728FAC9E48631DC2D091F55176F851B
Requests: 2 HTTP requests in this frame

Frame: https://hal900019.redintelligence.net/request_content.php?s=33506400014560200710612011773019&a=383cb0cc
Frame ID: 64AD625CB9A5D0741AEC1C27EEB16CB7
Requests: 6 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 3AF7619F1A5548EC98C83A6709836382
Requests: 9 HTTP requests in this frame

Frame: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr=0&gdpr_consent=&kadpageurl=https%3A%2F%2Fwww.nyasatimes.com%2F&schain=1.0%2C1%21vidoomy.com%2C62144%2C1%2C7522160614900037660833015059%2C%2C
Frame ID: DDE10E78415B2120E92F8BE69CD11E8E
Requests: 4 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/showad.js
Frame ID: E88D3BF3D557269E7BFD4D3D76B62E49
Requests: 1 HTTP requests in this frame

Frame: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr=0&gdpr_consent=&kadpageurl=https%3A%2F%2Fwww.nyasatimes.com%2F&schain=1.0%2C1%21vidoomy.com%2C62144%2C1%2C49000376608330150591668537246%2C%2C
Frame ID: 5DF3E42ED6A89B24202FDFBE43672D19
Requests: 4 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/showad.js
Frame ID: AE04E4943070F1FA06B93702A7894387
Requests: 1 HTTP requests in this frame

Frame: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Frame ID: 1A95213FD07EBAA2CE59919C067220AE
Requests: 6 HTTP requests in this frame

Frame: https://ad.lkqd.net/cookie-sync/usync.html
Frame ID: A1E0205B3C115A7D9412D9A7C9EB4EF6
Requests: 6 HTTP requests in this frame

Frame: https://s0.2mdn.net/8243461/1635517596078/dis_dbm_2111_ohne-euch-sind-es-nur-moebel_reach_fp_banner_728x90_esszimmer/index.html
Frame ID: 0A643EFB79C0C8DFDA7873453A8E0559
Requests: 8 HTTP requests in this frame

Frame: https://t.lkqd.net/t
Frame ID: 2330C11E7F0CF57A5EB454CC727ABAC0
Requests: 9 HTTP requests in this frame

Frame: https://ad.lkqd.net/vpaid/ad.js
Frame ID: 85CA65742E2DED4970278ECD3D49A743
Requests: 1 HTTP requests in this frame

Frame: https://cdn.doubleverify.com/dvtp_src.js?ctx=21728770&cmp=DV485761&sid=Verve&plc=Verve-IQM_20210404001_VidJS&adsrv=0&advid=3891363&dvtagver=6.1.src&ppid=302&DVP_PP_IMP_ID=2689063147895070768&DVP_DV_TT=1&DVP_DV_CT=2&tagtype=video&DVP_C1=&DVP_C2=&DVP_PUB=430&DVP_SITE=1151941&DVP_CRT=1062085&DVP_PP_BUNDLE_ID=&DVP_PP_AUCTION_IP=&DVPX_PP_AUCTION_UA=Mozilla%2F5.0%20%28Windows%20NT%2010.0%3B%20Win64%3B%20x64%29%20AppleWebKit%2F537.36%20%28KHTML%2C%20like%20Gecko%29%20Chrome%2F95.0.4638.54%20Safari%2F537.36&turl=https%3A%2F%2Fwww.nyasatimes.com%2F
Frame ID: F5111EC28E6A91B8A85A92A6F05D3D85
Requests: 1 HTTP requests in this frame

Frame: https://cdn.doubleverify.com/dv-measurements1800.js
Frame ID: B6EBA65242D2F69CEFF4551DF383A154
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html
Frame ID: 136C6B2005D04F9AA464AA7D256E4DAB
Requests: 2 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 3D5510FA8EF279B55E7CA6DC48C5BA93
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html
Frame ID: CE9EEB09D0D877190668141DC1912D7D
Requests: 2 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 61C6C44AC4DE7F9FD39FCE6A7A3C6E70
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Malawi Nyasa Times - News from Malawi about Malawi

Page URL History Show full URLs

  1. http://nyasatimes.com/ HTTP 301
    http://www.nyasatimes.com/ HTTP 301
    https://www.nyasatimes.com/ Page URL

Page Statistics

857
Requests

90 %
HTTPS

26 %
IPv6

96
Domains

150
Subdomains

100
IPs

13
Countries

9388 kB
Transfer

25869 kB
Size

131
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://nyasatimes.com/ HTTP 301
    http://www.nyasatimes.com/ HTTP 301
    https://www.nyasatimes.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 34
  • https://sender.clevernt.com/transporter/34090.php?ppuc=1&ppu=0&id=366535&ref=aHR0cHM6Ly93d3cubnlhc2F0aW1lcy5jb20v&ruri=&r=758568840&tok=33419711310201791433&cc=1&iv=-1&ctr=DE&sz=1200&landing=1&hei=360&mode=topscroll HTTP 302
  • https://lp.cleverwebserver.com/22bet/aa/sports/grp1/?id=366535&group=34090&tracker=aHR0cHM6Ly9yZWZwYXNyYXN3LndvcmxkL0w%2FdGFnPWRfMzQ2NDk3bV83NjY5Y19HVEFBRldCVFBMREFBV1cmc2l0ZT0zNDY0OTcmYWQ9NzY2OSZyPXJlZ2lzdHJhdGlvbi8%3D&ref=aHR0cHM6Ly93d3cubnlhc2F0aW1lcy5jb20v&r=758568840
Request Chain 51
  • https://refpasrasw.world/L?tag=d_346497m_7669c_GTAAFWBTPLDAAWW&site=346497&ad=7669&r=registration/ HTTP 303
  • https://links22.com/registration/?tag=d_346497m_7669c_GTAAFWBTPLDAAWW HTTP 303
  • https://22bet.com/registration/?tag=d_346497m_7669c_GTAAFWBTPLDAAWW HTTP 307
  • https://22bet.com/de/registration/?tag=d_346497m_7669c_GTAAFWBTPLDAAWW
Request Chain 68
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=120&redir=https%3A%2F%2Fa.vidoomy.com%2Fapi%2Frtbserver%2Fcookie%3Fi%3DCEN%26uid%3D%7BuserId%7D HTTP 302
  • https://a.vidoomy.com/api/rtbserver/cookie?i=CEN&uid=no-consent
Request Chain 69
  • https://x.bidswitch.net/sync?ssp=vidoomy&user_id=723762174.64314511657569340.6030751 HTTP 302
  • https://x.bidswitch.net/ul_cb/sync?ssp=vidoomy&user_id=723762174.64314511657569340.6030751 HTTP 302
  • https://sonata-notifications.taptapnetworks.com/web/cookie/bidswitch/sync?bidswitch_ssp_id=vidoomy&bsw_custom_parameter=db823f7b-313a-4551-a5a4-d28b8d688688&gdpr=&gdpr_consent=&gdpr_pd= HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=413&ssp=vidoomy&user_id=csonata_f31f1a10-01cc-42ca-acc1-2e503e6d082f&bsw_param=db823f7b-313a-4551-a5a4-d28b8d688688&expires=10 HTTP 302
  • https://a.vidoomy.com/api/rtbserver/cookie?i=BS&uid=db823f7b-313a-4551-a5a4-d28b8d688688
Request Chain 102
  • https://ad.turn.com/r/cs?pid=65 HTTP 302
  • https://cs.lkqd.net/cs?partnerId=94&partnerUserId=3126939706246334990
Request Chain 103
  • https://www.facebook.com/v2.5/plugins/page.php?adapt_container_width=false&app_id=&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df41688f3e11088%26domain%3Dwww.nyasatimes.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fwww.nyasatimes.com%252Ff21e489ef8f323%26relation%3Dparent.parent&container_width=284&height=300&hide_cover=false&href=https%3A%2F%2Fwww.facebook.com%2FANCCLeeds&locale=en_US&sdk=joey&show_facepile=false&small_header=true&tabs=timeline&width=300 HTTP 302
  • https://www.facebook.com/login/?next=https%3A%2F%2Fwww.facebook.com%2Fplugins%2Fpage.php%3Fadapt_container_width%3Dfalse%26app_id%26channel%3Dhttps%253A%252F%252Fstaticxx.facebook.com%252Fx%252Fconnect%252Fxd_arbiter%252F%253Fversion%253D46%2523cb%253Df41688f3e11088%2526domain%253Dwww.nyasatimes.com%2526is_canvas%253Dfalse%2526origin%253Dhttps%25253A%25252F%25252Fwww.nyasatimes.com%25252Ff21e489ef8f323%2526relation%253Dparent.parent%26container_width%3D284%26height%3D300%26hide_cover%3Dfalse%26href%3Dhttps%253A%252F%252Fwww.facebook.com%252FANCCLeeds%26locale%3Den_US%26sdk%3Djoey%26show_facepile%3Dfalse%26small_header%3Dtrue%26tabs%3Dtimeline%26width%3D300
Request Chain 108
  • https://ad.turn.com/r/cs?pid=65 HTTP 302
  • https://cs.lkqd.net/cs?partnerId=94&partnerUserId=2910766924132551182
Request Chain 129
  • https://ad.turn.com/r/cs?pid=65 HTTP 302
  • https://cs.lkqd.net/cs?partnerId=94&partnerUserId=2910766924132551182
Request Chain 224
  • https://c1.adform.net/serving/cookie/match?party=14&cid=AAFDB41B-E8AC-4A9F-A422-22410BCE2BD1 HTTP 302
  • https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=AAFDB41B-E8AC-4A9F-A422-22410BCE2BD1
Request Chain 225
  • https://d5p.de17a.com/getuid/pubmatic?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID HTTP 302
  • https://d5p.de17a.com/getuid/pubmatic;c?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=5649455818980043838
Request Chain 227
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=qv20G-isSp-kIiJBC84r0Q%3D%3D HTTP 302
  • https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=
Request Chain 228
  • https://sync.mathtag.com/sync/img?mt_exid=3&redir=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3FpartnerID%3D27%26partnerUID%3D%5BMM_UUID%5D HTTP 302
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=8e806189-ff49-4f00-818e-d1eaebf3619c
Request Chain 229
  • https://pixel.onaudience.com/?partner=214&mapped=AAFDB41B-E8AC-4A9F-A422-22410BCE2BD1 HTTP 302
  • https://sync.crwdcntrl.net/map/c=8587/tp=CLOD?https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D104%26icm%26cver%26mapped%3D%24%7Bprofile_id%7D HTTP 302
  • https://sync.crwdcntrl.net/map/ct=y/c=8587/tp=CLOD?https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D104%26icm%26cver%26mapped%3D%24%7Bprofile_id%7D HTTP 302
  • https://pixel.onaudience.com/?partner=104&icm&cver&mapped=3ecc42ef4dd5082f9e07e941e157487f
Request Chain 230
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=QUFGREI0MUItRThBQy00QTlGLUE0MjItMjI0MTBCQ0UyQkQx&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
Request Chain 231
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESELU8enLxENvw5QujXWiAYE4&google_cver=1
Request Chain 233
  • https://sync.mathtag.com/sync/img?mt_exid=3&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA%3D%3D%26piggybackCookie%3Duid%3A%5BMM_UUID%5D HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA==&piggybackCookie=uid:f2636189-ff49-4300-a8a8-3c29f45d21f7&gdpr=0&gdpr_consent=
Request Chain 234
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
  • https://match.adsrvr.org/track/cmb/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=d698b73d-77bd-436e-abfb-366d9d32e243
Request Chain 235
  • https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COOKIES%20HERE]&gdpr=0&gdpr_consent= HTTP 302
  • https://c1.adform.net/serving/cookie/match?CC=1&party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COOKIES%20HERE]&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=64795979698098495
Request Chain 236
  • https://ib.adnxs.com/getuid?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=6956644907051674345&gdpr=0&gdpr_consent=
Request Chain 237
  • https://pixel.quantserve.com/pixel/p-5aWVS_roA1dVM.gif?idmatch=0&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=lC0ZNcR6FTWPKEM7lHkMOsN-FDSPKEU9kHnftxCo
Request Chain 274
  • https://www.google.com/pagead/drt/ui HTTP 302
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Request Chain 291
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEBRQ_HcAipZ3skpVH4jRWEo&google_cver=1
Request Chain 292
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
  • https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YYn-SUCgsvsSfCCgq.TDfQAA HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEBRQ_HcAipZ3skpVH4jRWEo&google_cver=1&google_hm=2
Request Chain 293
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
  • https://ib.adnxs.com/setuid?entity=101&code=CAESEK3-qFZ2fv4b8bLwr4N3B7o&google_cver=1
Request Chain 294
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=Njk1NjY0NDkwNzA1MTY3NDM0NQ%3D%3D
Request Chain 295
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_dbm HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEJlwi3G6gXXEvKSIbluWBsg&google_cver=1
Request Chain 296
  • https://us-u.openx.net/w/1.0/cm?id=9ca165a9-d9fe-2ff6-d83d-d145a80b0d37&r=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dopenx%26google_hm%3D%7Bopenx_uuid_base64%7D HTTP 302
  • https://us-u.openx.net/w/1.0/cm?cc=1&id=9ca165a9-d9fe-2ff6-d83d-d145a80b0d37&r=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dopenx%26google_hm%3D%7Bopenx_uuid_base64%7D HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=MGNmMThhNmItYjU0Yi0yMmUzLWYzYzUtNzQxYjEyNmI1YmVh
Request Chain 297
  • https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_cm&google_dbm HTTP 302
  • https://sync.teads.tv/um?eid=3&uid=CAESEGX7LHC2Nk2oJPtKuQ4UIkQ&google_cver=1
Request Chain 323
  • https://dsp.adfarm1.adition.com/cookie/?ssp=9 HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA=&piggybackCookie=7028429386789025937
Request Chain 324
  • https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%7D%26gdpr%3D0%26gdpr_consent%3D HTTP 302
  • https://sync-tm.everesttech.net/ct/upi/pid/b9pj45k4?redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%7D%26gdpr%3D0%26gdpr_consent%3D&_test=YYn-SgADLMrjmAAz HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=YYn-SgADLMrjmAAz&gdpr=0&gdpr_consent=&_test=YYn-SgADLMrjmAAz
Request Chain 325
  • https://match.prod.bidr.io/cookie-sync/pm&gdpr=0&gdpr_consent= HTTP 303
  • https://match.prod.bidr.io/cookie-sync/pm&gdpr=0&gdpr_consent=?_bee_ppp=1 HTTP 303
  • https://cm.g.doubleclick.net/pixel?google_nid=beeswaxio&google_sc=&google_hm=QUFId1dFN0RFXzhBQUJQNmVzQU5Qdw&bee_sync_partners=pp%2Csas%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1 HTTP 302
  • https://match.prod.bidr.io/cookie-sync/adx?bee_sync_partners=pp%2Csas%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1 HTTP 303
  • https://bh.contextweb.com/bh/rtset?do=add&pid=558502&ev=AAHwWE7DE_8AABP6esANPw&rurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fbee_sync_partners%3Dsas%252Cpm%26bee_sync_current_partner%3Dpp%26bee_sync_initiator%3Dadx%26bee_sync_hop_count%3D2
Request Chain 326
  • https://visitor.fiftyt.com/p.gif?ev=sync&p=pm&pm_uid=AAFDB41B-E8AC-4A9F-A422-22410BCE2BD1&gdpr= HTTP 302
  • https://visitor.fiftyt.com/p.gif?ev=sync&p=pm&pm_uid=AAFDB41B-E8AC-4A9F-A422-22410BCE2BD1&gdpr=&fbounce=1 HTTP 302
  • https://aud.pubmatic.com/AdServer/Artemis?dpid=431&userid=AAFDB41B-E8AC-4A9F-A422-22410BCE2BD1&addseg=19,36,42
Request Chain 327
  • https://uipglob.semasio.net/pubmatic/1/info?sType=sync&sExtCookieId=AAFDB41B-E8AC-4A9F-A422-22410BCE2BD1&sInitiator=external&gdpr=0&gdpr_consent= HTTP 302
  • https://uipglob.semasio.net/pubmatic/1/info2?sType=sync&sExtCookieId=AAFDB41B-E8AC-4A9F-A422-22410BCE2BD1&sInitiator=external&gdpr=0&gdpr_consent=
Request Chain 329
  • https://a.audrte.com/match?gdpr=0&gdpr_consent=&p=M1717054901&uid=AAFDB41B-E8AC-4A9F-A422-22410BCE2BD1 HTTP 302
  • https://a.audrte.com/p
Request Chain 330
  • https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=AAFDB41B-E8AC-4A9F-A422-22410BCE2BD1&redir=true&gdpr=0&gdpr_consent= HTTP 302
  • https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=AAFDB41B-E8AC-4A9F-A422-22410BCE2BD1&redir=true&gdpr=0&gdpr_consent=&verify=true HTTP 302
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-VrXR7NdE2uXcMagZ36z3yYCqSFsb7mQ-~A&gdpr=0&gdpr_consent=
Request Chain 332
  • https://x.bidswitch.net/sync?ssp=pubmatic&gdpr=0&gdpr_consent= HTTP 302
  • https://ws.rqtrk.eu/pull?redirect=https%3A%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D193%26user_id%3D%24BROWSER_ID%26expires%3D1%26ssp%3D%24bidswitch_ssp_id&return-unstable=true&eb=&bidswitch_ssp_id=pubmatic&g=1&gdpr_pd=&gdpr=0&gdpr_consent= HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=193&user_id=&expires=1&ssp=pubmatic HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=db823f7b-313a-4551-a5a4-d28b8d688688&gdpr=&gdpr_consent=&gdpr_pd=
Request Chain 334
  • https://ad.turn.com/r/cs?pid=1&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=2910766924132551182&gdpr=0&gdpr_consent=&us_privacy=
Request Chain 335
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=3&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5NjkmdGw9MjU5MjAw=&piggybackCookie=no-consent&gdpr=1&gdpr_consent=
Request Chain 339
  • https://hal900022.redintelligence.net/request.php?zone=hjtkt1t9m63l&nw=20&renderingType=javascript&namespace=467bbd7e13&subid=&uid=158b04a774540a91&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=300x250&scrollPos=0x0&extData[]=&envData=&gdpr=-1&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DChbq2SP-JYeCVBOSS7_UP3ZmQwAqP4PiGU_Woi6TKDPAuEAEgvv-xCmCV4pCCoAfIAQmpAuQaiiddcbM-qAMBqgSVAk_Q2VRLL4b23HUIMqaCovOlKJRwBpcmLHIhvbe2pVzZyc59e69eBUtj8j7UFgsdZ4iX4OyHABIBcsL4-nVrWk0E0OatSeFkIgT_ADvia-ek6BuRdmvnr7YwGhTgVLzWCvZv-MKn7hN5ay7ZrXCiaUkuDQOE7pYHqpOr3oa4Hn_u_7NF6INzsbm1pU2biK2bizBbD__qS1GQlnbp69BSE6wQyASQXpiXVNmkA-trFNlKqhI2-icEW36_Erl8axSXCcTN9CPNL9Fv7c-z64Xq13NjYWo9tlUU6LyXs91SU9kx4lwYODTvnbz0Nq_KuPN7i9Cn8yOvPSIzrGzqWNsia0UkIqYK5X_2wxUKHby6Rf75DloAsX3ABLvxqMDPAeAEA5AGAaAGTYAH6-foXqgH8NkbqAfy2RuoB47OG6gHk9gbqAfulrECqAf-nrECqAfVyRuoB6a-G6gH89EbqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAkIiOGAEBABGB2ACgGYCwHICwGADAGwE8Ka2grQEwDYEwPYFAHQFQGAFwE%26ae%3D1%26num%3D1%26cid%3DCAASFeRoFOmyYbADMZzuC95bVCZ17soWUw%26sig%3DAOD64_3WSO6kAtWku3Q9HPWUjcfLnX9ktg%26client%3Dca-pub-6272874513322487%26dbm_c%3DAKAmf-Cc3DNCyIF-ZFuNDbHzW8AqM34S7JKrRER-_8g0UWNKyf8W-wU7z0647-KX3IOOSEcdNKUNEtQu0kVKwbMO9SJ6P4zr88iS0d23iKcqzg4GT8TaZFJ9g6_XuQ0RZnS5eddx4PtJYyYJUA95cOGXLMW4Fdq2bw%26cry%3D1%26dbm_d%3DAKAmf-BddLsz3GMqVdSPagvyGql4KrztP7hJ7Oc67f4b9q8vK9NnehZY0__jPhTXsySASRHRIQ4xOLGabdb49kykLq_ms1VoPriPH05CqndI-JIJ-vw1q4UmS6qeIki2fkBDRP1m870Yhf7SboM3oVCcGGcYmaxKSbUfgjyra85ZGy6QkOZ5FGMxJhhss-Lx_-A60kRf6QEb9PRi7_0jrYySQNM2WNxVfrRQkTN-WIDL2WrbWhiV8jKhIMQe2Pwb5yZ9iCpqbjNT6rkbEWJuiYBYK2wU1FC_npn3yD_UNrDVmXxK_LP9Q7V7srankgNwnVSLIwzlKv9mjT6soH9wR_mJfG8cnvueuTaOenIg5YLtH5uJ_lDiriEggb3hY7ufcwWGblwYeXFqVXQBcbuEZTThSOqwXn7D5X4cY-behCdMzSjuAQGdvNSKMlVbBEgZrGrCEe8-VCa5%26adurl%3D&documentReferer=https%3A%2F%2Fwww.nyasatimes.com%2F&ancestorOrigins=https%3A%2F%2Fwww.nyasatimes.com&random=5648909947885&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0 HTTP 302
  • https://hal900022.redintelligence.net/request.php?zone=hjtkt1t9m63l&nw=20&renderingType=javascript&namespace=467bbd7e13&subid=&uid=158b04a774540a91&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=300x250&scrollPos=0x0&extData[]=&envData=&gdpr=-1&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DChbq2SP-JYeCVBOSS7_UP3ZmQwAqP4PiGU_Woi6TKDPAuEAEgvv-xCmCV4pCCoAfIAQmpAuQaiiddcbM-qAMBqgSVAk_Q2VRLL4b23HUIMqaCovOlKJRwBpcmLHIhvbe2pVzZyc59e69eBUtj8j7UFgsdZ4iX4OyHABIBcsL4-nVrWk0E0OatSeFkIgT_ADvia-ek6BuRdmvnr7YwGhTgVLzWCvZv-MKn7hN5ay7ZrXCiaUkuDQOE7pYHqpOr3oa4Hn_u_7NF6INzsbm1pU2biK2bizBbD__qS1GQlnbp69BSE6wQyASQXpiXVNmkA-trFNlKqhI2-icEW36_Erl8axSXCcTN9CPNL9Fv7c-z64Xq13NjYWo9tlUU6LyXs91SU9kx4lwYODTvnbz0Nq_KuPN7i9Cn8yOvPSIzrGzqWNsia0UkIqYK5X_2wxUKHby6Rf75DloAsX3ABLvxqMDPAeAEA5AGAaAGTYAH6-foXqgH8NkbqAfy2RuoB47OG6gHk9gbqAfulrECqAf-nrECqAfVyRuoB6a-G6gH89EbqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAkIiOGAEBABGB2ACgGYCwHICwGADAGwE8Ka2grQEwDYEwPYFAHQFQGAFwE%26ae%3D1%26num%3D1%26cid%3DCAASFeRoFOmyYbADMZzuC95bVCZ17soWUw%26sig%3DAOD64_3WSO6kAtWku3Q9HPWUjcfLnX9ktg%26client%3Dca-pub-6272874513322487%26dbm_c%3DAKAmf-Cc3DNCyIF-ZFuNDbHzW8AqM34S7JKrRER-_8g0UWNKyf8W-wU7z0647-KX3IOOSEcdNKUNEtQu0kVKwbMO9SJ6P4zr88iS0d23iKcqzg4GT8TaZFJ9g6_XuQ0RZnS5eddx4PtJYyYJUA95cOGXLMW4Fdq2bw%26cry%3D1%26dbm_d%3DAKAmf-BddLsz3GMqVdSPagvyGql4KrztP7hJ7Oc67f4b9q8vK9NnehZY0__jPhTXsySASRHRIQ4xOLGabdb49kykLq_ms1VoPriPH05CqndI-JIJ-vw1q4UmS6qeIki2fkBDRP1m870Yhf7SboM3oVCcGGcYmaxKSbUfgjyra85ZGy6QkOZ5FGMxJhhss-Lx_-A60kRf6QEb9PRi7_0jrYySQNM2WNxVfrRQkTN-WIDL2WrbWhiV8jKhIMQe2Pwb5yZ9iCpqbjNT6rkbEWJuiYBYK2wU1FC_npn3yD_UNrDVmXxK_LP9Q7V7srankgNwnVSLIwzlKv9mjT6soH9wR_mJfG8cnvueuTaOenIg5YLtH5uJ_lDiriEggb3hY7ufcwWGblwYeXFqVXQBcbuEZTThSOqwXn7D5X4cY-behCdMzSjuAQGdvNSKMlVbBEgZrGrCEe8-VCa5%26adurl%3D&documentReferer=https%3A%2F%2Fwww.nyasatimes.com%2F&ancestorOrigins=https%3A%2F%2Fwww.nyasatimes.com&random=5648909947885&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0&uidRedirect=1
Request Chain 341
  • https://pv.medialead.de/trck/epv/e99aace94e6e5873881d3400993e1e7e?subid=19350300013651700710584011773022&t=htlp HTTP 301
  • https://pb.media01.eu/view.aspx?trackid=529D4F146E3238B0FD87AE72E1190AD4&dt_subid1=52180&dt_subid2=19350300013651700710584011773022&actionid=879111&produktid=ratenkredit&dt_url=
Request Chain 342
  • https://www.awin1.com/cshow.php?s=2661283&v=11524&q=391598&r=296283&pref1=19350300013651700710584011773022&pv=1 HTTP 302
  • https://trf.greatviews.de/cl?m315=c&q=nyVlHJ2acuRY7q9fsD728kyQ HTTP 302
  • https://singles.parship.de/lp/v00/6/U/htlp/index2.html?pscode=01_100_60078_1026_0001_0001_empty_AF00ID_GV1636433739.5503284.48ab17ac-4119-11ec-82f1-00155d255900ID
Request Chain 345
  • https://medialead.de/trck/eview/e99aace94e6e5873881d3400993e1e7e?subid=19350300013651700710584011773022 HTTP 302
  • https://pv.medialead.de/trck/eview/e99aace94e6e5873881d3400993e1e7e?subid=19350300013651700710584011773022 HTTP 301
  • https://ad-server.eu/wm/pb/native.png
Request Chain 366
  • https://csync.loopme.me/?redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzImdGw9MTI5NjAw&piggybackCookie={device_id}&gdpr=0&gdpr_consent= HTTP 307
  • https://simage2.pubmatic.com/AdServer/Pug?vcode&gdpr_consent=null&piggybackCookie={device_id}&gdpr=0
Request Chain 369
  • https://sync.1rx.io/usersync2/pubmatic&gdpr=0&gdpr_consent= HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=2678031625 HTTP 302
  • https://sync.1rx.io/usersync/tradedesk/d698b73d-77bd-436e-abfb-366d9d32e243 HTTP 302
  • https://sync.targeting.unrulymedia.com/csync/RX-7acde18c-f6c6-4d6a-bf33-3329d6889aec-003?redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA%3D%26piggybackCookie%3DRX-7acde18c-f6c6-4d6a-bf33-3329d6889aec-003 HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA=&piggybackCookie=RX-7acde18c-f6c6-4d6a-bf33-3329d6889aec-003
Request Chain 370
  • https://a.tribalfusion.com/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID} HTTP 302
  • https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
Request Chain 372
  • https://core.iprom.net/cookiesync HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzcmdGw9ODY0MDA=&piggybackCookie=uid:10141410113735
Request Chain 373
  • https://trc.taboola.com/sg/pubmatic-ssp-network/1/rtb-h?taboola_hm=1&redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjcmdGw9MTI5NjAw&piggybackCookie=uid:$UID HTTP 302
  • https://match.taboola.com/sg/pubmatic-ssp-network/1/rtb-h?taboola_hm=1&tbid=84e54cc0-0f5b-40ac-a93b-e207a6b04de3-tuct88384cb&query=taboola_hm%3D1%26redir%3Dhttps%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM0MjcmdGw9MTI5NjAw%26piggybackCookie%3Duid%3A%24UID&isDirect=0
Request Chain 374
  • https://ads.playground.xyz/usersync/apn?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID HTTP 302
  • https://secure.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=6956644907051674345
Request Chain 404
  • https://pm.w55c.net/ping_match.gif?ei=PUBMATIC&rurl=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:_wfivefivec_&gdpr=0&gdpr_consent= HTTP 302
  • https://pm.w55c.net/ping_match.gif?scc=1&ei=PUBMATIC&rurl=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:_wfivefivec_&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:4C5nLrAO1MKjaA5&gdpr=0&gdpr_consent=
Request Chain 405
  • https://green.erne.co/pubmatic/cm HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw&piggybackCookie=XzC0w1dATbi0qnhrI2GqXyVn
Request Chain 406
  • https://um.simpli.fi/pm_match?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:$UID HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:5B494D62A10C4AC6B237AE512971C575
Request Chain 407
  • https://sync.srv.stackadapt.com/sync?nid=11 HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=BUmmYzgbTfZDbmXiysfiCrnVm6U
Request Chain 408
  • https://sync.ipredictive.com/d/sync/cookie/generic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzI1MCZ0bD0xMjk2MDA=&piggybackCookie=${ADELPHIC_CUID}&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzI1MCZ0bD0xMjk2MDA=&piggybackCookie=49ea1cb4-4119-11ec-9dfb-3f0efd89842f&gdpr=0&gdpr_consent=
Request Chain 433
  • https://ad.turn.com/r/cs?pid=65 HTTP 302
  • https://cs.lkqd.net/cs?partnerId=94&partnerUserId=2910766924132551182
Request Chain 542
  • https://ad.turn.com/r/cs?pid=65 HTTP 302
  • https://cs.lkqd.net/cs?partnerId=94&partnerUserId=2910766924132551182
Request Chain 569
  • https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESECYjZ2Tc0xNQULsuOzswr2M&google_cver=1&google_push=AYg5qPI1jhOTjk-lnLKuo0MUIcfYsdAGLIQUGvRd4Vbmw6I0DTSe_ZZZyDwNV1x3ar_7daBgqNkRvKLGmKoNtrIQI_4EKKJKnYU HTTP 302
  • https://cm.g.doubleclick.net/pixel?gdpr=1&google_nid=B765081F39B1F7&google_push=AYg5qPI1jhOTjk-lnLKuo0MUIcfYsdAGLIQUGvRd4Vbmw6I0DTSe_ZZZyDwNV1x3ar_7daBgqNkRvKLGmKoNtrIQI_4EKKJKnYU&google_hm=O9dQQul4odzISx6YaPrhRQ
Request Chain 570
  • https://id.rlcdn.com/466606.gif?cparams=google_push%3DAYg5qPKuUEMqV6feLGK02yzRHVVy5lNG_dxDfOSZZ-JqME4mwaM5pvE5rlZyfUH3oOshn9Ej-VDeofDlChKjIcJxUNNG9IzhPnU&google_gid=CAESEAC8382M2fNFENlKYHnQQc4&google_cver=1 HTTP 307
  • https://id.rlcdn.com/1000.gif?memo=CK69HBoNCNP-p4wGEgUI6AcQAEIASm9nb29nbGVfcHVzaD1BWWc1cVBLdVVFTXFWNmZlTEdLMDJ5elJIVlZ5NWxOR19keERmT1NaWi1KcU1FNG13YU01cHZFNXJsWnlmVUgzb09zaG45RWotVkRlb2ZEbENoS2pJY0p4VU5ORzlJemhQblU HTTP 307
  • https://cm.g.doubleclick.net/pixel?google_nid=liveramp&google_hm=WGMzMDcwZV9xTG1zTkdqTnVBSXpFam95QnNQdDV1ajR2X012MlZqMGlpLTF0YlVqZw==&google_push
Request Chain 572
  • https://rtb.openx.net/sync/dds?google_gid=CAESEN2v0BCUBvuZRM46eS73ot0&google_cver=1&google_push=AYg5qPLQ1kVSQndQgemV-Qh82m0uhE9p_vD4PHWAkE7S45YTKQ6lYQCz3DAAGy0-Zx8i0OFtze76UdB_LGcD5X27iSbYYkF0VZs HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AYg5qPLQ1kVSQndQgemV-Qh82m0uhE9p_vD4PHWAkE7S45YTKQ6lYQCz3DAAGy0-Zx8i0OFtze76UdB_LGcD5X27iSbYYkF0VZs&google_hm=_8jTndW6xWkAUWIVC5CvMA==
Request Chain 573
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESENC7BGISqiLWA0LWvAUqlIc&google_cver=1&google_push=AYg5qPIrOpgovsplifG1UXANcOSqB3FDNj6KfFnEm6YmL1PhfnX1h7NgvySaQxbu9ncdnCOt2iuo4GxMr1Tv5llk82B9oMNCtCE HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=qv20G-isSp-kIiJBC84r0Q%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AYg5qPIrOpgovsplifG1UXANcOSqB3FDNj6KfFnEm6YmL1PhfnX1h7NgvySaQxbu9ncdnCOt2iuo4GxMr1Tv5llk82B9oMNCtCE
Request Chain 574
  • https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEJzLms53leo2ZB2HTLKSe78&google_cver=1&google_push=AYg5qPI47qf75cyiVZkdD183snaWgw382j81Lo1VmFoMMRGopxvo3qTV8AbctMdRiD6t_6fZNvXwynNRSzVqLYn5-vHmI9Q0AG4 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1ZSTUVHSlEtSi0yRUVU&google_push=AYg5qPI47qf75cyiVZkdD183snaWgw382j81Lo1VmFoMMRGopxvo3qTV8AbctMdRiD6t_6fZNvXwynNRSzVqLYn5-vHmI9Q0AG4
Request Chain 575
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEFYa9KjnHEidbuFn8KIVKR4&google_cver=1&google_push=AYg5qPL_ZsP67ecl-o9s9yMB46nGFKQL-1fu2nHdCpWD8ySSw9uTaPkqbT99ltiC5KARcAdH9uKeYP6v8KWK8Ljxngn8dw0tLOA HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YYn_SUCgsvsSfCCgq-TDfQAABHMAAAIB&google_cver=1&google_push=AYg5qPL_ZsP67ecl-o9s9yMB46nGFKQL-1fu2nHdCpWD8ySSw9uTaPkqbT99ltiC5KARcAdH9uKeYP6v8KWK8Ljxngn8dw0tLOA&google_gid=CAESEFYa9KjnHEidbuFn8KIVKR4 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YYn_SUCgsvsSfCCgq-TDfQAABHMAAAIB&google_cver=1&google_push=AYg5qPL_ZsP67ecl-o9s9yMB46nGFKQL-1fu2nHdCpWD8ySSw9uTaPkqbT99ltiC5KARcAdH9uKeYP6v8KWK8Ljxngn8dw0tLOA&google_gid=CAESEFYa9KjnHEidbuFn8KIVKR4 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YYn_SUCgsvsSfCCgq-TDfQAABHMAAAIB&google_cver=1&google_push=AYg5qPL_ZsP67ecl-o9s9yMB46nGFKQL-1fu2nHdCpWD8ySSw9uTaPkqbT99ltiC5KARcAdH9uKeYP6v8KWK8Ljxngn8dw0tLOA&google_gid=CAESEFYa9KjnHEidbuFn8KIVKR4 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YYn_SUCgsvsSfCCgq-TDfQAABHMAAAIB&google_cver=1&google_push=AYg5qPL_ZsP67ecl-o9s9yMB46nGFKQL-1fu2nHdCpWD8ySSw9uTaPkqbT99ltiC5KARcAdH9uKeYP6v8KWK8Ljxngn8dw0tLOA&google_gid=CAESEFYa9KjnHEidbuFn8KIVKR4 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YYn_SUCgsvsSfCCgq-TDfQAABHMAAAIB&google_cver=1&google_push=AYg5qPL_ZsP67ecl-o9s9yMB46nGFKQL-1fu2nHdCpWD8ySSw9uTaPkqbT99ltiC5KARcAdH9uKeYP6v8KWK8Ljxngn8dw0tLOA&google_gid=CAESEFYa9KjnHEidbuFn8KIVKR4 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YYn_SUCgsvsSfCCgq-TDfQAABHMAAAIB&google_cver=1&google_push=AYg5qPL_ZsP67ecl-o9s9yMB46nGFKQL-1fu2nHdCpWD8ySSw9uTaPkqbT99ltiC5KARcAdH9uKeYP6v8KWK8Ljxngn8dw0tLOA&google_gid=CAESEFYa9KjnHEidbuFn8KIVKR4 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YYn_SUCgsvsSfCCgq-TDfQAABHMAAAIB&google_cver=1&google_push=AYg5qPL_ZsP67ecl-o9s9yMB46nGFKQL-1fu2nHdCpWD8ySSw9uTaPkqbT99ltiC5KARcAdH9uKeYP6v8KWK8Ljxngn8dw0tLOA&google_gid=CAESEFYa9KjnHEidbuFn8KIVKR4 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YYn_SUCgsvsSfCCgq-TDfQAABHMAAAIB&google_cver=1&google_push=AYg5qPL_ZsP67ecl-o9s9yMB46nGFKQL-1fu2nHdCpWD8ySSw9uTaPkqbT99ltiC5KARcAdH9uKeYP6v8KWK8Ljxngn8dw0tLOA&google_gid=CAESEFYa9KjnHEidbuFn8KIVKR4 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YYn_SUCgsvsSfCCgq-TDfQAABHMAAAIB&google_cver=1&google_push=AYg5qPL_ZsP67ecl-o9s9yMB46nGFKQL-1fu2nHdCpWD8ySSw9uTaPkqbT99ltiC5KARcAdH9uKeYP6v8KWK8Ljxngn8dw0tLOA&google_gid=CAESEFYa9KjnHEidbuFn8KIVKR4 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YYn_SUCgsvsSfCCgq-TDfQAABHMAAAIB&google_cver=1&google_push=AYg5qPL_ZsP67ecl-o9s9yMB46nGFKQL-1fu2nHdCpWD8ySSw9uTaPkqbT99ltiC5KARcAdH9uKeYP6v8KWK8Ljxngn8dw0tLOA&google_gid=CAESEFYa9KjnHEidbuFn8KIVKR4 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YYn_SUCgsvsSfCCgq-TDfQAABHMAAAIB&google_cver=1&google_push=AYg5qPL_ZsP67ecl-o9s9yMB46nGFKQL-1fu2nHdCpWD8ySSw9uTaPkqbT99ltiC5KARcAdH9uKeYP6v8KWK8Ljxngn8dw0tLOA&google_gid=CAESEFYa9KjnHEidbuFn8KIVKR4 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YYn_SUCgsvsSfCCgq-TDfQAABHMAAAIB&google_cver=1&google_push=AYg5qPL_ZsP67ecl-o9s9yMB46nGFKQL-1fu2nHdCpWD8ySSw9uTaPkqbT99ltiC5KARcAdH9uKeYP6v8KWK8Ljxngn8dw0tLOA&google_gid=CAESEFYa9KjnHEidbuFn8KIVKR4 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YYn_SUCgsvsSfCCgq-TDfQAABHMAAAIB&google_cver=1&google_push=AYg5qPL_ZsP67ecl-o9s9yMB46nGFKQL-1fu2nHdCpWD8ySSw9uTaPkqbT99ltiC5KARcAdH9uKeYP6v8KWK8Ljxngn8dw0tLOA&google_gid=CAESEFYa9KjnHEidbuFn8KIVKR4 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YYn_SUCgsvsSfCCgq-TDfQAABHMAAAIB&google_cver=1&google_push=AYg5qPL_ZsP67ecl-o9s9yMB46nGFKQL-1fu2nHdCpWD8ySSw9uTaPkqbT99ltiC5KARcAdH9uKeYP6v8KWK8Ljxngn8dw0tLOA&google_gid=CAESEFYa9KjnHEidbuFn8KIVKR4 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YYn_SUCgsvsSfCCgq-TDfQAABHMAAAIB&google_cver=1&google_push=AYg5qPL_ZsP67ecl-o9s9yMB46nGFKQL-1fu2nHdCpWD8ySSw9uTaPkqbT99ltiC5KARcAdH9uKeYP6v8KWK8Ljxngn8dw0tLOA&google_gid=CAESEFYa9KjnHEidbuFn8KIVKR4 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YYn_SUCgsvsSfCCgq-TDfQAABHMAAAIB&google_cver=1&google_push=AYg5qPL_ZsP67ecl-o9s9yMB46nGFKQL-1fu2nHdCpWD8ySSw9uTaPkqbT99ltiC5KARcAdH9uKeYP6v8KWK8Ljxngn8dw0tLOA&google_gid=CAESEFYa9KjnHEidbuFn8KIVKR4 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YYn_SUCgsvsSfCCgq-TDfQAABHMAAAIB&google_cver=1&google_push=AYg5qPL_ZsP67ecl-o9s9yMB46nGFKQL-1fu2nHdCpWD8ySSw9uTaPkqbT99ltiC5KARcAdH9uKeYP6v8KWK8Ljxngn8dw0tLOA&google_gid=CAESEFYa9KjnHEidbuFn8KIVKR4 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YYn_SUCgsvsSfCCgq-TDfQAABHMAAAIB&google_cver=1&google_push=AYg5qPL_ZsP67ecl-o9s9yMB46nGFKQL-1fu2nHdCpWD8ySSw9uTaPkqbT99ltiC5KARcAdH9uKeYP6v8KWK8Ljxngn8dw0tLOA&google_gid=CAESEFYa9KjnHEidbuFn8KIVKR4 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YYn_SUCgsvsSfCCgq-TDfQAABHMAAAIB&google_cver=1&google_push=AYg5qPL_ZsP67ecl-o9s9yMB46nGFKQL-1fu2nHdCpWD8ySSw9uTaPkqbT99ltiC5KARcAdH9uKeYP6v8KWK8Ljxngn8dw0tLOA&google_gid=CAESEFYa9KjnHEidbuFn8KIVKR4 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YYn_SUCgsvsSfCCgq-TDfQAABHMAAAIB&google_cver=1&google_push=AYg5qPL_ZsP67ecl-o9s9yMB46nGFKQL-1fu2nHdCpWD8ySSw9uTaPkqbT99ltiC5KARcAdH9uKeYP6v8KWK8Ljxngn8dw0tLOA&google_gid=CAESEFYa9KjnHEidbuFn8KIVKR4
Request Chain 583
  • https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEJzLms53leo2ZB2HTLKSe78&google_cver=1&google_push=AYg5qPKftRU1rwPbo8yXNTqXwwMLO67iuJYUhT6gBaTpfkKmihC3pR0UpXmMMGnHWZfCLvXONaM4ePlBB1Akw6a7sjIkB3-Ywbkr HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1ZSTUVHTEEtMVctNVg4WQ==&google_push=AYg5qPKftRU1rwPbo8yXNTqXwwMLO67iuJYUhT6gBaTpfkKmihC3pR0UpXmMMGnHWZfCLvXONaM4ePlBB1Akw6a7sjIkB3-Ywbkr
Request Chain 584
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEFYa9KjnHEidbuFn8KIVKR4&google_cver=1&google_push=AYg5qPIltg-H-rBGexldh1XgwYFOHZ4JFzzbxlg0wClPC83H_kjvhFM82mM0zh0pY30TcOwPe5hnR4B4t8mV0nkX5n5Hk4VMiwIZ HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YYn_SUCgsvsSfCCgq-TDfQAABHMAAAIB&google_cver=1&google_gid=CAESEFYa9KjnHEidbuFn8KIVKR4&google_push=AYg5qPIltg-H-rBGexldh1XgwYFOHZ4JFzzbxlg0wClPC83H_kjvhFM82mM0zh0pY30TcOwPe5hnR4B4t8mV0nkX5n5Hk4VMiwIZ HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YYn_SUCgsvsSfCCgq-TDfQAABHMAAAIB&google_cver=1&google_gid=CAESEFYa9KjnHEidbuFn8KIVKR4&google_push=AYg5qPIltg-H-rBGexldh1XgwYFOHZ4JFzzbxlg0wClPC83H_kjvhFM82mM0zh0pY30TcOwPe5hnR4B4t8mV0nkX5n5Hk4VMiwIZ HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YYn_SUCgsvsSfCCgq-TDfQAABHMAAAIB&google_cver=1&google_gid=CAESEFYa9KjnHEidbuFn8KIVKR4&google_push=AYg5qPIltg-H-rBGexldh1XgwYFOHZ4JFzzbxlg0wClPC83H_kjvhFM82mM0zh0pY30TcOwPe5hnR4B4t8mV0nkX5n5Hk4VMiwIZ HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YYn_SUCgsvsSfCCgq-TDfQAABHMAAAIB&google_cver=1&google_gid=CAESEFYa9KjnHEidbuFn8KIVKR4&google_push=AYg5qPIltg-H-rBGexldh1XgwYFOHZ4JFzzbxlg0wClPC83H_kjvhFM82mM0zh0pY30TcOwPe5hnR4B4t8mV0nkX5n5Hk4VMiwIZ HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YYn_SUCgsvsSfCCgq-TDfQAABHMAAAIB&google_cver=1&google_gid=CAESEFYa9KjnHEidbuFn8KIVKR4&google_push=AYg5qPIltg-H-rBGexldh1XgwYFOHZ4JFzzbxlg0wClPC83H_kjvhFM82mM0zh0pY30TcOwPe5hnR4B4t8mV0nkX5n5Hk4VMiwIZ HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YYn_SUCgsvsSfCCgq-TDfQAABHMAAAIB&google_cver=1&google_gid=CAESEFYa9KjnHEidbuFn8KIVKR4&google_push=AYg5qPIltg-H-rBGexldh1XgwYFOHZ4JFzzbxlg0wClPC83H_kjvhFM82mM0zh0pY30TcOwPe5hnR4B4t8mV0nkX5n5Hk4VMiwIZ HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YYn_SUCgsvsSfCCgq-TDfQAABHMAAAIB&google_cver=1&google_gid=CAESEFYa9KjnHEidbuFn8KIVKR4&google_push=AYg5qPIltg-H-rBGexldh1XgwYFOHZ4JFzzbxlg0wClPC83H_kjvhFM82mM0zh0pY30TcOwPe5hnR4B4t8mV0nkX5n5Hk4VMiwIZ HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YYn_SUCgsvsSfCCgq-TDfQAABHMAAAIB&google_cver=1&google_gid=CAESEFYa9KjnHEidbuFn8KIVKR4&google_push=AYg5qPIltg-H-rBGexldh1XgwYFOHZ4JFzzbxlg0wClPC83H_kjvhFM82mM0zh0pY30TcOwPe5hnR4B4t8mV0nkX5n5Hk4VMiwIZ HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YYn_SUCgsvsSfCCgq-TDfQAABHMAAAIB&google_cver=1&google_gid=CAESEFYa9KjnHEidbuFn8KIVKR4&google_push=AYg5qPIltg-H-rBGexldh1XgwYFOHZ4JFzzbxlg0wClPC83H_kjvhFM82mM0zh0pY30TcOwPe5hnR4B4t8mV0nkX5n5Hk4VMiwIZ HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YYn_SUCgsvsSfCCgq-TDfQAABHMAAAIB&google_cver=1&google_gid=CAESEFYa9KjnHEidbuFn8KIVKR4&google_push=AYg5qPIltg-H-rBGexldh1XgwYFOHZ4JFzzbxlg0wClPC83H_kjvhFM82mM0zh0pY30TcOwPe5hnR4B4t8mV0nkX5n5Hk4VMiwIZ HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YYn_SUCgsvsSfCCgq-TDfQAABHMAAAIB&google_cver=1&google_gid=CAESEFYa9KjnHEidbuFn8KIVKR4&google_push=AYg5qPIltg-H-rBGexldh1XgwYFOHZ4JFzzbxlg0wClPC83H_kjvhFM82mM0zh0pY30TcOwPe5hnR4B4t8mV0nkX5n5Hk4VMiwIZ HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YYn_SUCgsvsSfCCgq-TDfQAABHMAAAIB&google_cver=1&google_gid=CAESEFYa9KjnHEidbuFn8KIVKR4&google_push=AYg5qPIltg-H-rBGexldh1XgwYFOHZ4JFzzbxlg0wClPC83H_kjvhFM82mM0zh0pY30TcOwPe5hnR4B4t8mV0nkX5n5Hk4VMiwIZ HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YYn_SUCgsvsSfCCgq-TDfQAABHMAAAIB&google_cver=1&google_gid=CAESEFYa9KjnHEidbuFn8KIVKR4&google_push=AYg5qPIltg-H-rBGexldh1XgwYFOHZ4JFzzbxlg0wClPC83H_kjvhFM82mM0zh0pY30TcOwPe5hnR4B4t8mV0nkX5n5Hk4VMiwIZ HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YYn_SUCgsvsSfCCgq-TDfQAABHMAAAIB&google_cver=1&google_gid=CAESEFYa9KjnHEidbuFn8KIVKR4&google_push=AYg5qPIltg-H-rBGexldh1XgwYFOHZ4JFzzbxlg0wClPC83H_kjvhFM82mM0zh0pY30TcOwPe5hnR4B4t8mV0nkX5n5Hk4VMiwIZ HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YYn_SUCgsvsSfCCgq-TDfQAABHMAAAIB&google_cver=1&google_gid=CAESEFYa9KjnHEidbuFn8KIVKR4&google_push=AYg5qPIltg-H-rBGexldh1XgwYFOHZ4JFzzbxlg0wClPC83H_kjvhFM82mM0zh0pY30TcOwPe5hnR4B4t8mV0nkX5n5Hk4VMiwIZ HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YYn_SUCgsvsSfCCgq-TDfQAABHMAAAIB&google_cver=1&google_gid=CAESEFYa9KjnHEidbuFn8KIVKR4&google_push=AYg5qPIltg-H-rBGexldh1XgwYFOHZ4JFzzbxlg0wClPC83H_kjvhFM82mM0zh0pY30TcOwPe5hnR4B4t8mV0nkX5n5Hk4VMiwIZ HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YYn_SUCgsvsSfCCgq-TDfQAABHMAAAIB&google_cver=1&google_gid=CAESEFYa9KjnHEidbuFn8KIVKR4&google_push=AYg5qPIltg-H-rBGexldh1XgwYFOHZ4JFzzbxlg0wClPC83H_kjvhFM82mM0zh0pY30TcOwPe5hnR4B4t8mV0nkX5n5Hk4VMiwIZ HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YYn_SUCgsvsSfCCgq-TDfQAABHMAAAIB&google_cver=1&google_gid=CAESEFYa9KjnHEidbuFn8KIVKR4&google_push=AYg5qPIltg-H-rBGexldh1XgwYFOHZ4JFzzbxlg0wClPC83H_kjvhFM82mM0zh0pY30TcOwPe5hnR4B4t8mV0nkX5n5Hk4VMiwIZ HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YYn_SUCgsvsSfCCgq-TDfQAABHMAAAIB&google_cver=1&google_gid=CAESEFYa9KjnHEidbuFn8KIVKR4&google_push=AYg5qPIltg-H-rBGexldh1XgwYFOHZ4JFzzbxlg0wClPC83H_kjvhFM82mM0zh0pY30TcOwPe5hnR4B4t8mV0nkX5n5Hk4VMiwIZ HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YYn_SUCgsvsSfCCgq-TDfQAABHMAAAIB&google_cver=1&google_gid=CAESEFYa9KjnHEidbuFn8KIVKR4&google_push=AYg5qPIltg-H-rBGexldh1XgwYFOHZ4JFzzbxlg0wClPC83H_kjvhFM82mM0zh0pY30TcOwPe5hnR4B4t8mV0nkX5n5Hk4VMiwIZ
Request Chain 586
  • https://googlecm.hit.gemius.pl/googleredir?rid=tknhntsqez&id=ndBK6L_fzwx7rssCbe8.iLes3yi8eMbF6r2JE6Xu.b7.N7&google_gid=CAESEO-8hw7Io0cmYeSAOT4svPc&google_cver=1&google_push=AYg5qPLrLsTeC03PBT3ebJWxISxqPpTsQ7M3Udfz84spDhugFkTAIyQaHv2d724UbA_pux_MwXekQ6G4AqzxGVYmRAZJ8OnF5MTpJg HTTP 301
  • https://cm.g.doubleclick.net/pixel?google_nid=gemius_adh&google_push=AYg5qPLrLsTeC03PBT3ebJWxISxqPpTsQ7M3Udfz84spDhugFkTAIyQaHv2d724UbA_pux_MwXekQ6G4AqzxGVYmRAZJ8OnF5MTpJg&google_hm=
Request Chain 656
  • https://ad.turn.com/r/cs?pid=65 HTTP 302
  • https://cs.lkqd.net/cs?partnerId=94&partnerUserId=2910766924132551182
Request Chain 696
  • https://cm.g.doubleclick.net/pixel?google_nid=spotxchange_dbm&google_cm&google_dbm HTTP 302
  • https://sync.search.spotxchange.com/partner?adv_id=7025&uid=CAESENTXF4PlFyxw1FG880LdqX8&google_cver=1
Request Chain 697
  • https://sync.search.spotxchange.com/partner?adv_id=7025&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dspotxchange_dbm%26google_hm%3D%24SPOTX_BASE64_USER_ID HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=spotxchange_dbm&google_hm=NDc0YzYyN2EtNDExOS0xMWVjLWI0OTYtMTNiODBkODYwMDA2
Request Chain 701
  • https://pixel.everesttech.net/1/m?url=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Deverest%26google_hm%3D__EFGSURFER_USB64__%26google_push%3DAYg5qPLUERD8qMHjs9zDaU70QUmKvNBYNf4HGhKo16b4G2xp6b6fKLxuDiBqZiZmet-kWnW8jZ_iy9eVfCc23jIjdP6X2uBbuIU&google_gid=CAESEEahh3-PCgPecJeAWiXvFhM&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=everest&google_hm=WVluLVNnQURMTXJqbUFBeg&google_push=AYg5qPLUERD8qMHjs9zDaU70QUmKvNBYNf4HGhKo16b4G2xp6b6fKLxuDiBqZiZmet-kWnW8jZ_iy9eVfCc23jIjdP6X2uBbuIU
Request Chain 702
  • https://e.dlx.addthis.com/e/a-1189/s-3614?redirect_provider_id=3614&ru=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Ddatalogix_dmp%26google_hm%3D%3CNA_ID%3E%26google_push%3DAYg5qPJXT7BpFp9dzAfLbm6ZoXUyi-j612SfZ7aRdO-XFhyoVV058YhFh8rN4tGOehQVVLDRFSFEcq3mql21OD_u3l-T3wumSA&google_gid=CAESEIaHlb5INziY6ouD_mNzQt8&google_cver=1 HTTP 302
  • https://e.dlx.addthis.com/e/a-1189/s-3614?redirect_provider_id=3614&ru=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Ddatalogix_dmp%26google_hm%3D%3CNA_ID%3E%26google_push%3DAYg5qPJXT7BpFp9dzAfLbm6ZoXUyi-j612SfZ7aRdO-XFhyoVV058YhFh8rN4tGOehQVVLDRFSFEcq3mql21OD_u3l-T3wumSA&google_gid=CAESEIaHlb5INziY6ouD_mNzQt8&google_cver=1&rd=Y HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=datalogix_dmp&google_hm=MjAyMTExMDkwNDU1NTIwMDAxODQ0MjYxNjkyMQ%3D%3D&google_push=AYg5qPJXT7BpFp9dzAfLbm6ZoXUyi-j612SfZ7aRdO-XFhyoVV058YhFh8rN4tGOehQVVLDRFSFEcq3mql21OD_u3l-T3wumSA
Request Chain 704
  • https://us-u.openx.net/w/1.0/pd?ph=bbb82fae-1d27-4d90-bb10-e24164ecd7bc&google_gid=CAESEN2v0BCUBvuZRM46eS73ot0&google_cver=1&google_push=AYg5qPJSQsOQ0FPtOt2HS0l4blSooECFPCHMPtNX2NUInGXXIKr41NsIUmoaz9EAkdaMl2XMK2bmIn3ueDSmq3BfdIgE-J-UMI4 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEJlwi3G6gXXEvKSIbluWBsg&google_cver=1
Request Chain 705
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESENC7BGISqiLWA0LWvAUqlIc&google_cver=1&google_push=AYg5qPImXSwOywoIKxz7big3t2EAJ7magxx20Fimk59zVifVgHr_vD4GY3CkIgi99GGxVOlfTsccZJa5XtfQ-iVhNRrmQJDGUUc HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=qv20G-isSp-kIiJBC84r0Q%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AYg5qPImXSwOywoIKxz7big3t2EAJ7magxx20Fimk59zVifVgHr_vD4GY3CkIgi99GGxVOlfTsccZJa5XtfQ-iVhNRrmQJDGUUc
Request Chain 707
  • https://ag.innovid.com/trk?tid=11711&google_gid=CAESEAUyav0hX-3BNLN6CBTLY80&google_cver=1&google_push=AYg5qPKsBtPo2d_389WSgg_h0RFHbNaPnxMVgB7EY5nTlF5i66cfjQiTrfAb4PpX0p8fbGse9YPgtK8MEB3XD1v-j8G0z9amrk0 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=innovid_ddp&google_push=AYg5qPKsBtPo2d_389WSgg_h0RFHbNaPnxMVgB7EY5nTlF5i66cfjQiTrfAb4PpX0p8fbGse9YPgtK8MEB3XD1v-j8G0z9amrk0&google_hm=5cFof4AmT--uQKcEAuLObQ
Request Chain 727
  • https://pixel.everesttech.net/1/m?url=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Deverest%26google_hm%3D__EFGSURFER_USB64__%26google_push%3DAYg5qPIPNIbemAFgXdksIQId-vD1Xo1K25jXfAXU6uS1OH8Y4NbakFbRLJNhFaSftOcQ2NwUVDhx22XBs029tCfATdEkoPvC6H6wxg&google_gid=CAESEEahh3-PCgPecJeAWiXvFhM&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=everest&google_hm=WVluLVNnQURMTXJqbUFBeg&google_push=AYg5qPIPNIbemAFgXdksIQId-vD1Xo1K25jXfAXU6uS1OH8Y4NbakFbRLJNhFaSftOcQ2NwUVDhx22XBs029tCfATdEkoPvC6H6wxg
Request Chain 728
  • https://d.agkn.com/pixel/2175/?google_gid=CAESEBDT4sM0-rlC61pEL_n8zk0&google_cver=1&google_push=AYg5qPLsTRilRxZfiLnOVZpeysLmUblAkM9XQLnKNqE5_2C7UfwAFewF3NZPvVLSug8JHZ14gNU-Z8s0DLpFA9zZnQ9MLMBObs4xbg HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=ak_dmp&google_push=AYg5qPLsTRilRxZfiLnOVZpeysLmUblAkM9XQLnKNqE5_2C7UfwAFewF3NZPvVLSug8JHZ14gNU-Z8s0DLpFA9zZnQ9MLMBObs4xbg&google_hm=Q0FFU0VCRFQ0c00wLXJsQzYxcEVMX244emsw
Request Chain 730
  • https://e.dlx.addthis.com/e/a-1189/s-3614?redirect_provider_id=3614&ru=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Ddatalogix_dmp%26google_hm%3D%3CNA_ID%3E%26google_push%3DAYg5qPLd0LP7h5LiAKTfERqFTXpH3bnFjUdXIMSVjBM3FBrmIM5BY4t1MF2lgeEBR24WTiFor06UWHC0ch_wB4owwiyYJLFlaJt6&google_gid=CAESEIaHlb5INziY6ouD_mNzQt8&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=datalogix_dmp&google_hm=MjAyMTExMDkwNDU1NTIwMDAxODQ0MjYxNjkyMQ%3D%3D&google_push=AYg5qPLd0LP7h5LiAKTfERqFTXpH3bnFjUdXIMSVjBM3FBrmIM5BY4t1MF2lgeEBR24WTiFor06UWHC0ch_wB4owwiyYJLFlaJt6
Request Chain 732
  • https://ag.innovid.com/trk?tid=11711&google_gid=CAESEAUyav0hX-3BNLN6CBTLY80&google_cver=1&google_push=AYg5qPJsB3rYUdXyeafqglMBL-AAn1vEuSYCEV24drw-ahuiYbIuxMuZozvqau8nGTn2pG1bYdBuxZM_i-B-cboTXoYMDTdwbi1iaA HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=innovid_ddp&google_push=AYg5qPJsB3rYUdXyeafqglMBL-AAn1vEuSYCEV24drw-ahuiYbIuxMuZozvqau8nGTn2pG1bYdBuxZM_i-B-cboTXoYMDTdwbi1iaA&google_hm=5cFof4AmT--uQKcEAuLObQ
Request Chain 756
  • https://pv.medialead.de/trck/epv/e99aace94e6e5873881d3400993e1e7e?subid=33506400014560200710612011773019&t=htlp HTTP 301
  • https://pb.media01.eu/view.aspx?trackid=529D4F146E3238B0FD87AE72E1190AD4&dt_subid1=52180&dt_subid2=33506400014560200710612011773019&actionid=879111&produktid=ratenkredit&dt_url=
Request Chain 757
  • https://8019191.fls.doubleclick.net/activityi;src=8019191;type=invmedia;cat=1up4h04i;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=7111219509845.03 HTTP 302
  • https://8019191.fls.doubleclick.net/activityi;dc_pre=CNr77-S-ivQCFRME4AodtSwFMw;src=8019191;type=invmedia;cat=1up4h04i;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=7111219509845.03
Request Chain 759
  • https://medialead.de/trck/eview/e99aace94e6e5873881d3400993e1e7e?subid=33506400014560200710612011773019 HTTP 302
  • https://pv.medialead.de/trck/eview/e99aace94e6e5873881d3400993e1e7e?subid=33506400014560200710612011773019 HTTP 301
  • https://ad-server.eu/wm/pb/native.png
Request Chain 771
  • https://pixel.everesttech.net/1/m?url=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Deverest%26google_hm%3D__EFGSURFER_USB64__%26google_push%3DAYg5qPKJeg7AdQFTgfPvtTv8nZGjGz3ANJoYzf8MYDC3WBD3A6U5-GPp6dCS0o3Fi9mU2dUazLu6V6fePsXUUZUo-pj0Nm3zWk0WAw&google_gid=CAESEEahh3-PCgPecJeAWiXvFhM&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=everest&google_hm=WVluLVNnQURMTXJqbUFBeg&google_push=AYg5qPKJeg7AdQFTgfPvtTv8nZGjGz3ANJoYzf8MYDC3WBD3A6U5-GPp6dCS0o3Fi9mU2dUazLu6V6fePsXUUZUo-pj0Nm3zWk0WAw
Request Chain 773
  • https://e.dlx.addthis.com/e/a-1189/s-3614?redirect_provider_id=3614&ru=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Ddatalogix_dmp%26google_hm%3D%3CNA_ID%3E%26google_push%3DAYg5qPJplXJDqfjpo37lV45FC2O19p5MmfGjwXlaH9paw0PxEeDzFbum-TiUj_1DchEF2Q_LpKS7Vr38b48HZBtYxfLbivlnEW3V&google_gid=CAESEIaHlb5INziY6ouD_mNzQt8&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=datalogix_dmp&google_hm=MjAyMTExMDkwNDU1NTIwMDAxODQ0MjYxNjkyMQ%3D%3D&google_push=AYg5qPJplXJDqfjpo37lV45FC2O19p5MmfGjwXlaH9paw0PxEeDzFbum-TiUj_1DchEF2Q_LpKS7Vr38b48HZBtYxfLbivlnEW3V
Request Chain 774
  • https://us-u.openx.net/w/1.0/pd?ph=bbb82fae-1d27-4d90-bb10-e24164ecd7bc&google_gid=CAESEN2v0BCUBvuZRM46eS73ot0&google_cver=1&google_push=AYg5qPJkE55ELUDIJSfIU-AfiOhsC0_9t0zSRhhm9_5crPsJLL0-9lsOE3QP4eMSLcZWqOpQRL6ERV-yyH3LyWdx0KHT0zuB0zJH1A HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=MGNmMThhNmItYjU0Yi0yMmUzLWYzYzUtNzQxYjEyNmI1YmVh
Request Chain 775
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESENC7BGISqiLWA0LWvAUqlIc&google_cver=1&google_push=AYg5qPL4NWkD3oqebNDaNJLjEi56QzUtrTZ78ZY8Twfh0__jL4ovOCAxhzGEZy_tNOWZHGDfm1cJa7ei0vIt1MRJxCAtnFugIUOoLQ HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=qv20G-isSp-kIiJBC84r0Q%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AYg5qPL4NWkD3oqebNDaNJLjEi56QzUtrTZ78ZY8Twfh0__jL4ovOCAxhzGEZy_tNOWZHGDfm1cJa7ei0vIt1MRJxCAtnFugIUOoLQ
Request Chain 776
  • https://token.rubiconproject.com/token?pid=2249&pt=n&google_gid=CAESEJzLms53leo2ZB2HTLKSe78&google_cver=1&google_push=AYg5qPJYEkebS1gjEWm2XXNpYHH2pccjQEAsZrAH9ap8tk1_YqxMXEOSYIQ-mI_O9YrsNHM4oRdNc2049oU7SXQU_uLf98vna9zUBw HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=
Request Chain 811
  • https://ad.turn.com/r/cs?pid=65 HTTP 302
  • https://cs.lkqd.net/cs?partnerId=94&partnerUserId=2910766924132551182
Request Chain 843
  • https://sb.scorecardresearch.com/p?C1=1&C2=23229166&C3=platform&C5=01&C7=https://www.nyasatimes.com/ HTTP 302
  • https://sb.scorecardresearch.com/p2?C1=1&C2=23229166&C3=platform&C5=01&C7=https%3A%2F%2Fwww.nyasatimes.com%2F
Request Chain 844
  • https://sb.scorecardresearch.com/p?c1=2&c2=23229166&c3=platform&ns_ap_sv=2.1511.10&ns_type=hidden&ns_st_it=a&ns_st_sv=4.0.0&ns_st_ad=1&ns_st_sq=1&ns_st_id=1636433756&ns_st_ec=1&ns_st_cn=1&ns_st_ev=play&ns_st_ct=va&ns_st_cl=15000&ns_st_pt=0&ns_ts=1636433756 HTTP 302
  • https://sb.scorecardresearch.com/p2?c1=2&c2=23229166&c3=platform&ns_ap_sv=2.1511.10&ns_type=hidden&ns_st_it=a&ns_st_sv=4.0.0&ns_st_ad=1&ns_st_sq=1&ns_st_id=1636433756&ns_st_ec=1&ns_st_cn=1&ns_st_ev=play&ns_st_ct=va&ns_st_cl=15000&ns_st_pt=0&ns_ts=1636433756

857 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
www.nyasatimes.com/
Redirect Chain
  • http://nyasatimes.com/
  • http://www.nyasatimes.com/
  • https://www.nyasatimes.com/
270 KB
27 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.nyasatimes.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4681 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / WP Engine
Resource Hash
c5cd690c34dc291f07ea7788f0843ea73171c8bd1518906114c2f510e913c560

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

date
Tue, 09 Nov 2021 04:55:32 GMT
content-type
text/html; charset=UTF-8
vary
Accept-Encoding Accept-Encoding Accept-Encoding,Cookie
expires
Wed, 11 Jan 1984 05:00:00 GMT
pragma
no-cache
link
<https://www.nyasatimes.com/wp-json/>; rel="https://api.w.org/"
x-powered-by
WP Engine
x-cacheable
SHORT
cache-control
max-age=600, must-revalidate
x-cache
HIT: 41
x-cache-group
normal
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gtWPaONA21gOa0NpuuXx6qe08coOFKHH%2BlIUXZYqwYP2p4Sc7o7x5o3Odrc33Mb83equiZSzHLNnw2491RZL5qofbyQ%2FP3pH83GejknQZlyElGXFs5s0IyNhS3Asf4CuNYs4Yzg2NCSR67s5FLfSog%3D%3D"}],"group":"cf-nel","max_age":604800}
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
cf-ray
6ab4730aeff305e9-FRA
content-encoding
br

Redirect headers

Date
Tue, 09 Nov 2021 04:55:32 GMT
Content-Type
text/html
Transfer-Encoding
chunked
Connection
keep-alive
Location
https://www.nyasatimes.com/
CF-Cache-Status
DYNAMIC
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=881CJVSfttfhBHPRD8B%2F0a%2BEvm6%2FkpQEBP1iCtfkJ9bjmsMp4kAM95sgkqLJtFXN5vg6gBwJK2KljD6wVnYAwsPBrdDpobeTRT2JCauCRlb1LTM9A1he5pFZUCW4mCRR%2FrEeyIrNNXw0a7l3AuvNrw%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server
cloudflare
CF-RAY
6ab4730a8cb74e9e-FRA
M3fjeLyk7JJhMLomVwSKQ53ZBAg.js
www.nyasatimes.com/cdn-cgi/apps/head/ 		6 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.nyasatimes.com/cdn-cgi/apps/head/M3fjeLyk7JJhMLomVwSKQ53ZBAg.js
Requested by
Host: www.nyasatimes.com
URL: https://www.nyasatimes.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4681 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
34141e57b1afc6233de17f6fc96ef59921c1c2b4b4a22abb5b2abb8471903078

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.nyasatimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 09 Nov 2021 04:55:32 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2513815
x-amz-request-id
B3P5WKCPE0NMQSJ1
x-amz-id-2
I36QH84rEW1FOsAG5aWb2yxV7PT20gEtesZe3mWHqsu9Lm24CFvCFuOEUQrLpPecpSZ3ZOwA8yI=
last-modified
Mon, 24 Jul 2017 16:32:42 GMT
server
cloudflare
etag
W/"b1d0773f46e4295122cb158c4e70b960"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lYaeAR46AZai6fEFDJi4ZVDkHjFO8fFJwCP%2FQWzVp5%2BcZzLAcYecmcOVOvINo6HWWZ6nu8B4ZrpudfcKZV%2FygLcVi%2FrAd3FXVLAyE58DdPrvf%2ByWJkEq8YFXyjLSRMgXVR%2F6vUzZdKfj5ze%2Bas24IQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
cache-control
public, max-age=31536000
x-amz-version-id
SiHF84emP6.sTBB16lj.gFOIUL7jYyUk
cf-ray
6ab4730b988905e9-FRA
autoptimize_9741faa89bbcaddc05d3615db42ad3e0.css
3e58xg3iuaa84csjh2769ipd-wpengine.netdna-ssl.com/wp-content/cache/autoptimize/css/ 		386 KB
54 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://3e58xg3iuaa84csjh2769ipd-wpengine.netdna-ssl.com/wp-content/cache/autoptimize/css/autoptimize_9741faa89bbcaddc05d3615db42ad3e0.css
Requested by
Host: www.nyasatimes.com
URL: https://www.nyasatimes.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
94.31.29.96 , United Kingdom, ASN33438 (HIGHWINDS2, US),
Reverse DNS
94.31.29.96.IPYX-077437-ZYO.above.net
Software
NetDNA-cache/2.2 /
Resource Hash
996741ec4a987b31627a2015017ffe1b02146067d03e0578e48975d3aea1f196

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.nyasatimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 09 Nov 2021 04:55:32 GMT
content-encoding
gzip
last-modified
Fri, 15 Oct 2021 19:21:40 GMT
server
NetDNA-cache/2.2
etag
W/"6169d4c4-60963"
vary
Accept-Encoding, Accept-Encoding
x-cache
HIT
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=31536000
style-frontend-pro.1.19.1.css
www.nyasatimes.com/wp-content/plugins/social-pug/assets/dist/ 		99 KB
10 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.nyasatimes.com/wp-content/plugins/social-pug/assets/dist/style-frontend-pro.1.19.1.css?ver=1.19.1
Requested by
Host: www.nyasatimes.com
URL: https://www.nyasatimes.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4681 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
934f312b17cb31382e8b4579ba27ae58936e6521abfa1b68779f145adb68b586

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.nyasatimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 09 Nov 2021 04:55:32 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
4931938
cf-polished
origSize=101626
last-modified
Wed, 28 Jul 2021 20:41:30 GMT
server
cloudflare
etag
W/"6101c0fa-18cfa"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nCE2hKCAk2TuK9jWjczkadtbtt%2BSz0Pb4xcNYucM7eFIKiOT6pZufTUxkQSb%2FHE279Iv7CDi7mCJyoYa7myto0LVLDCoghNaZCWzbDSBjpcYs4ExfOK8ZCmkM8M56Ls9Z9vdFFJbFIWxN3Z4%2BnP5Yw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=31536000
cf-ray
6ab4730b988e05e9-FRA
cf-bgj
minify
dashicons.min.css
3e58xg3iuaa84csjh2769ipd-wpengine.netdna-ssl.com/wp-includes/css/ 		58 KB
35 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://3e58xg3iuaa84csjh2769ipd-wpengine.netdna-ssl.com/wp-includes/css/dashicons.min.css?ver=5.8.1
Requested by
Host: www.nyasatimes.com
URL: https://www.nyasatimes.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
94.31.29.96 , United Kingdom, ASN33438 (HIGHWINDS2, US),
Reverse DNS
94.31.29.96.IPYX-077437-ZYO.above.net
Software
NetDNA-cache/2.2 /
Resource Hash
c21e5a2b32c47bc5f9d9efc97bc0e29fd081946d1d3ebffc5621cfafb1d3960e

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.nyasatimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 09 Nov 2021 04:55:32 GMT
content-encoding
gzip
last-modified
Wed, 21 Apr 2021 00:18:19 GMT
server
NetDNA-cache/2.2
etag
W/"607f6f4b-e688"
vary
Accept-Encoding, Accept-Encoding
x-cache
HIT
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=31536000
all.css
use.fontawesome.com/releases/v5.15.4/css/ 		58 KB
13 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://use.fontawesome.com/releases/v5.15.4/css/all.css?ver=2.0.1
Requested by
Host: www.nyasatimes.com
URL: https://www.nyasatimes.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3031::ac43:d645 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
99464ceb71bc9bbdcc72275faefe44f98eb5cbb6b5d8ee665b87b35376f1a96e

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.nyasatimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 09 Nov 2021 04:55:32 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
8253645
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-amz-request-id
NQYGG2Q8GPVZ4G0M
x-amz-id-2
BTviEvFfKEBOiswACTgB98u54x9UWLAwi/vNAf0xKZcKRpuA/QtdAIXfXtdUjxVpUjixdF6UBKg=
last-modified
Wed, 04 Aug 2021 20:43:22 GMT
server
cloudflare
etag
W/"ecd507b3125edc4d2a03aa6ae5d07da9"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BleV2kzWIBO1zmMIkXt%2BKxYEboHcOtuv07PDgfvSdHsisJgliExXmWq3mjqdj8ZjbkTg3Hzj5FrPdX9lu9wXtkwEhpo254mUrEq4IhimOFT4bw0mBEuVCeNpSB0r8m99%2F0ksAILBIZoHbfSKgz0V9jV2"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=31556926
cf-ray
6ab4730bb8e7c2d6-FRA
v4-shims.css
use.fontawesome.com/releases/v5.15.4/css/ 		26 KB
5 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://use.fontawesome.com/releases/v5.15.4/css/v4-shims.css?ver=2.0.1
Requested by
Host: www.nyasatimes.com
URL: https://www.nyasatimes.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3031::ac43:d645 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8fe2f1cb7bc41c640ad3ea24449cfa1ba5291e16dbbbab0ef61bfe43f3212910

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.nyasatimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 09 Nov 2021 04:55:32 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
8253645
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-amz-request-id
NQYP7H77G46TVG8W
x-amz-id-2
WfxaRbXjJWEqe+GwlIGqeKS2sVRlsolASaZBeKnhvYVq/nVaZyNlIoyP5MH1THpP6NRSYpSVLxw=
last-modified
Wed, 04 Aug 2021 20:43:22 GMT
server
cloudflare
etag
W/"a034d3c71bee546f625877d7932917f8"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sKM%2BXAZ0qCC9VKF0f6FZx41Qy1l%2BwKKf4K289pIDG%2BYSAqq2wRThRcF2oax4fqUXv53c5FbA87ZEQwy8bTruDcF%2FxvbOxkCC04Vc67VDb42S%2Ba4ROShMYHkc%2FKuCyY3vQ4DbGMhEKwx8Cwh%2FEitPTC%2Bp"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=31556926
cf-ray
6ab4730bb8e9c2d6-FRA
css
fonts.googleapis.com/ 		2 KB
641 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=EB+Garamond:700
Requested by
Host: www.nyasatimes.com
URL: https://www.nyasatimes.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
c0e4badd8ff89f4b5bcee03a203fbfa3a60d8d79451062d08ce9b058bcd2cba0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.nyasatimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Tue, 09 Nov 2021 04:55:32 GMT
server
ESF
date
Tue, 09 Nov 2021 04:55:32 GMT
x-frame-options
SAMEORIGIN
report-to
{"group":"AXrpQdfmR0fDhCOPhF1MuC4lh4qBOg6Nc66MCVJYeKk","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/encsid_AXrpQdfmR0fDhCOPhF1MuC4lh4qBOg6Nc66MCVJYeKk"}]}
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
cross-origin-opener-policy-report-only
same-origin; report-to="AXrpQdfmR0fDhCOPhF1MuC4lh4qBOg6Nc66MCVJYeKk"
expires
Tue, 09 Nov 2021 04:55:32 GMT
css
fonts.googleapis.com/ 		2 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Roboto
Requested by
Host: www.nyasatimes.com
URL: https://www.nyasatimes.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
7888a75eac5f8b9dc4c448f10e8dc9030fcae612cb236f1a9e9700d56ae6ef34
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.nyasatimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Tue, 09 Nov 2021 04:54:47 GMT
server
ESF
date
Tue, 09 Nov 2021 04:55:32 GMT
x-frame-options
SAMEORIGIN
report-to
{"group":"AXrpQdfmR0fDhCOPhF1MuC4lh4qBOg6Nc66MCVJYeKk","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/encsid_AXrpQdfmR0fDhCOPhF1MuC4lh4qBOg6Nc66MCVJYeKk"}]}
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
cross-origin-opener-policy-report-only
same-origin; report-to="AXrpQdfmR0fDhCOPhF1MuC4lh4qBOg6Nc66MCVJYeKk"
expires
Tue, 09 Nov 2021 04:55:32 GMT
bootstrap.min.css
maxcdn.bootstrapcdn.com/bootstrap/4.1.1/css/ 		138 KB
22 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://maxcdn.bootstrapcdn.com/bootstrap/4.1.1/css/bootstrap.min.css
Requested by
Host: www.nyasatimes.com
URL: https://www.nyasatimes.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:bcf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
31df1e69ea3aece8a8bae5c08bcb7f5e977cb76f886897b301355359b66a48ec
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.nyasatimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 09 Nov 2021 04:55:32 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
cdn-edgestorageid
601, 617, 617
age
17862326
cdn-cachedat
2021-04-13 18:29:17
cdn-pullzone
252412
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
timing-allow-origin
*
access-control-allow-origin
*
last-modified
Mon, 25 Jan 2021 22:04:05 GMT
server
cloudflare
cdn-requestpullcode
200
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/css; charset=utf-8
cdn-cache
HIT
vary
Accept-Encoding
cache-control
public, max-age=31919000
cdn-uid
b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestid
fef57b8c6271a4555cbb7abd9794e969
cf-ray
6ab4730bbb364a9e-FRA
cdn-requestcountrycode
DE
cdn-requestpullsuccess
True
all.css
use.fontawesome.com/releases/v5.6.3/css/ 		52 KB
12 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://use.fontawesome.com/releases/v5.6.3/css/all.css
Requested by
Host: www.nyasatimes.com
URL: https://www.nyasatimes.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3031::ac43:d645 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
481a0574246e281316ffa0e15399bf5388bb81ae550ce0401a0353b6bb2d1e5a

Request headers

Referer
https://www.nyasatimes.com/
Origin
https://www.nyasatimes.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 09 Nov 2021 04:55:32 GMT
content-encoding
br
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2514920
access-control-allow-methods
GET
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-amz-request-id
6G8FHTC4SYEWJ0PJ
x-amz-id-2
NtL1wf4H/4RA8nWaYWcTjza31zsqEHlxIJFvhT9vCTg3Dr8JXuxJHeBQk1mWMBTj+58R4owRZuA=
last-modified
Wed, 30 Jun 2021 15:44:33 GMT
server
cloudflare
etag
W/"dc93d584e41f8417f6b7163320d34329"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age
3000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VrM%2FWkXeMq%2Fy7ShL89eYS6rThfuoW5a06v5zzUeEMspCzUMhe1o5%2BCn9FTCL%2FhQ5JrL7E0bQh8xzfUtbRrJSSjn4DnS6oVjF78rBmidv0dJtCe2SJ5O3iS4Or2MEftlgpaI9M7fBENJnn1IYU1XV%2B25Q"}],"group":"cf-nel","max_age":604800}
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=31556926
cf-ray
6ab4730bbeb02c32-FRA
rocket-loader.min.js
www.nyasatimes.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/ 		12 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.nyasatimes.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Requested by
Host: www.nyasatimes.com
URL: https://www.nyasatimes.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4681 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.nyasatimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 09 Nov 2021 04:55:32 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Fri, 05 Nov 2021 13:28:28 GMT
server
cloudflare
etag
W/"6185317c-302c"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options
DENY
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=r7mn3HMHPsQ8NHC2vWavc0z7%2F4MMSf9KZXweieubHoz5w7HYoIAfzsjfiWycV4BovacHY3seRfOZldzcsyvhclKPx2SKKZy7XZyozk6CO2Klb2mXokUKq93OYYfb2v4R8d1YDKcodEe89m%2BEdGQKLA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=172800, public
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
6ab4730bb8a905e9-FRA
vary
Accept-Encoding
expires
Thu, 11 Nov 2021 04:55:32 GMT
analytics.js
www.google-analytics.com/ 		49 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.nyasatimes.com
URL: https://www.nyasatimes.com/cdn-cgi/apps/head/M3fjeLyk7JJhMLomVwSKQ53ZBAg.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.nyasatimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 02 Nov 2021 17:39:06 GMT
server
Golfe2
age
3267
date
Tue, 09 Nov 2021 04:01:06 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20006
expires
Tue, 09 Nov 2021 06:01:06 GMT
truncated
/ 		68 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
a7ae4f4e313e150000175511c29ca19ae2948eb663987253d19a9372cc20e3fe

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Content-Type
image/svg+xml
10826cbc2c4de2a2e27d2883929c5805.js
scripts.cleverwebserver.com/ 		131 KB
52 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://scripts.cleverwebserver.com/10826cbc2c4de2a2e27d2883929c5805.js
Requested by
Host: www.nyasatimes.com
URL: https://www.nyasatimes.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:4d5b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f1d988860ae8336d6f7e4ad07b3c11e038a6c6c01a445029ef4ca55cbfea77ed

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.nyasatimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 09 Nov 2021 04:55:33 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Fri, 05 Nov 2021 07:50:11 GMT
server
cloudflare
age
921
etag
W/"f3d6a14da4016c9639c9ee09127f2a73"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
x-amz-version-id
m_onWqnK1LFQHgFgzRXoGPcieRNZIYeO
content-type
application/javascript
cache-control
max-age=1800
cf-ray
6ab47313ae764db2-FRA
x-amz-request-id
7HT233PS3GZ2DQAE
x-amz-id-2
HiV2svLEKlxu3jhhmAMX/8WSG0d8KzepxGpxcmnodvuZAUSMl1rph8RvVkF3jzB5eLY90WrSNvQ=
autoptimize_f0988770e39ebff4fa40ecd7cdf4b7a9.js
3e58xg3iuaa84csjh2769ipd-wpengine.netdna-ssl.com/wp-content/cache/autoptimize/js/ 		258 KB
74 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://3e58xg3iuaa84csjh2769ipd-wpengine.netdna-ssl.com/wp-content/cache/autoptimize/js/autoptimize_f0988770e39ebff4fa40ecd7cdf4b7a9.js
Requested by
Host: www.nyasatimes.com
URL: https://www.nyasatimes.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
94.31.29.96 , United Kingdom, ASN33438 (HIGHWINDS2, US),
Reverse DNS
94.31.29.96.IPYX-077437-ZYO.above.net
Software
NetDNA-cache/2.2 /
Resource Hash
5f0e66691f615622835fa31b03f6a5bcb578c4725d7b8ecf9c1b2b2bef329ffc

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.nyasatimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 09 Nov 2021 04:55:33 GMT
content-encoding
gzip
last-modified
Fri, 15 Oct 2021 19:21:40 GMT
server
NetDNA-cache/2.2
etag
W/"6169d4c4-40621"
vary
Accept-Encoding, Accept-Encoding
x-cache
HIT
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
query_renderer.js
www.google.com/cse/ 		0
0
webfont.js
ajax.googleapis.com/ajax/libs/webfont/1.6.26/ 		13 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ajax.googleapis.com/ajax/libs/webfont/1.6.26/webfont.js?ver=1.2.40.1
Requested by
Host: www.nyasatimes.com
URL: https://www.nyasatimes.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
81016ac6be850b72df5d4faa0c3cec8e2c1b0ba0045712144a6766adfad40bee
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.nyasatimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Mon, 08 Nov 2021 01:06:02 GMT
x-content-type-options
nosniff
age
100172
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13188
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 19:15:00 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="hosted-libraries-pushers"
expires
Tue, 08 Nov 2022 01:06:02 GMT
lazysizes.min.js
3e58xg3iuaa84csjh2769ipd-wpengine.netdna-ssl.com/wp-content/plugins/autoptimize/classes/external/js/ 		10 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://3e58xg3iuaa84csjh2769ipd-wpengine.netdna-ssl.com/wp-content/plugins/autoptimize/classes/external/js/lazysizes.min.js?ao_version=2.9.2
Requested by
Host: www.nyasatimes.com
URL: https://www.nyasatimes.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
94.31.29.96 , United Kingdom, ASN33438 (HIGHWINDS2, US),
Reverse DNS
94.31.29.96.IPYX-077437-ZYO.above.net
Software
NetDNA-cache/2.2 /
Resource Hash
c4fada4accfa24704b54248bc5ce84acac50b6a059828b7714fe3006786c80c1

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.nyasatimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 09 Nov 2021 04:55:33 GMT
content-encoding
gzip
last-modified
Sat, 11 Sep 2021 14:08:54 GMT
server
NetDNA-cache/2.2
etag
W/"613cb876-2655"
vary
Accept-Encoding, Accept-Encoding
x-cache
HIT
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
bootstrap.min.js
maxcdn.bootstrapcdn.com/bootstrap/4.1.1/js/ 		50 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://maxcdn.bootstrapcdn.com/bootstrap/4.1.1/js/bootstrap.min.js
Requested by
Host: www.nyasatimes.com
URL: https://www.nyasatimes.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:bcf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c5a17d46976d471cf060c5a0e25749a323d6ab20cf0910f40afed81047ba21ef
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.nyasatimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 09 Nov 2021 04:55:33 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
cdn-edgestorageid
601, 617, 617
age
17891892
cdn-cachedat
2021-04-07 13:37:16
cdn-pullzone
252412
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
timing-allow-origin
*
access-control-allow-origin
*
last-modified
Mon, 25 Jan 2021 22:04:05 GMT
server
cloudflare
cdn-requestpullcode
200
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
application/javascript; charset=utf-8
cdn-cache
HIT
vary
Accept-Encoding
cache-control
public, max-age=31919000
cdn-uid
b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestid
8cdea5f77801349ce7627f699a623d1a
cf-ray
6ab473137af64a9e-FRA
cdn-requestcountrycode
DE
cdn-requestpullsuccess
True
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/3.4.0/ 		86 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ajax.googleapis.com/ajax/libs/jquery/3.4.0/jquery.min.js
Requested by
Host: www.nyasatimes.com
URL: https://www.nyasatimes.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0497a8d2a9bde7db8c0466fae73e347a3258192811ed1108e3e096d5f34ac0e8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.nyasatimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Fri, 05 Nov 2021 00:10:27 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
362707
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
30768
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 19:15:00 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="hosted-libraries-pushers"
expires
Sat, 05 Nov 2022 00:10:27 GMT
nyasatimes_18120.js
ads.vidoomy.com/ 		5 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ads.vidoomy.com/nyasatimes_18120.js
Requested by
Host: www.nyasatimes.com
URL: https://www.nyasatimes.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
3.129.250.65 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-129-250-65.us-east-2.compute.amazonaws.com
Software
Apache/2.4.46 (Amazon) OpenSSL/1.0.2k-fips PHP/7.0.33 / PHP/7.0.33
Resource Hash
82b43e02283b76764dedb64db39f51a20c8432659eb367835ecd16e7fcc8a1ed

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.nyasatimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 09 Nov 2021 04:55:33 GMT
Server
Apache/2.4.46 (Amazon) OpenSSL/1.0.2k-fips PHP/7.0.33
X-Powered-By
PHP/7.0.33
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
Connection
Keep-Alive
Keep-Alive
timeout=2, max=300
Content-Length
5342
api.js
www.google.com/recaptcha/ 		850 B
970 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api.js?hl=en
Requested by
Host: www.nyasatimes.com
URL: https://www.nyasatimes.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
7efcab275e51aa6e9cc922e21ee3b718623130d872ba4a8275737752def952e4
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.nyasatimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 09 Nov 2021 04:55:35 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
GSE
x-frame-options
SAMEORIGIN
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=300
cross-origin-resource-policy
cross-origin
content-security-policy
frame-ancestors 'self'
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
557
x-xss-protection
1; mode=block
expires
Tue, 09 Nov 2021 04:55:35 GMT
gpt.js
securepubads.g.doubleclick.net/tag/js/ 		79 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: www.nyasatimes.com
URL: https://www.nyasatimes.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
sffe /
Resource Hash
400d415e25e3c2b6d990376f5b1b73e91a4ada0f82098f11b71b644773528907
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.nyasatimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 09 Nov 2021 04:55:33 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1038 / 587 of 1000 / last-modified: 1636412720"
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
27059
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Tue, 09 Nov 2021 04:55:33 GMT
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ 		144 KB
51 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Requested by
Host: www.nyasatimes.com
URL: https://www.nyasatimes.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
cafe /
Resource Hash
5e6b349b7db53d0428848d070b899d5d77af153abb8217d24d6e1966d5557d0b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.nyasatimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 09 Nov 2021 04:55:34 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
51294
x-xss-protection
0
server
cafe
etag
2857379175990649354
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Tue, 09 Nov 2021 04:55:34 GMT
dmedianet.js
contextual.media.net/ 		138 KB
46 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://contextual.media.net/dmedianet.js?cid=8CUR7UQX1
Requested by
Host: www.nyasatimes.com
URL: https://www.nyasatimes.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.18.235.93 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-235-93.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
172d1c6efeb1b1a92c0dbb2f09f3f36d6a71295c62c6f644fa383eb0c9add23d
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.nyasatimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-mnt-h
10-7
content-encoding
gzip
server
Apache
p3p
CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
etag
"0ecc356831bac56224102ae20b46ff92"
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
cache-control
max-age=300
date
Tue, 09 Nov 2021 04:55:33 GMT
strict-transport-security
max-age=604800
x-mnt-w
8-10
expires
Tue, 09 Nov 2021 05:00:33 GMT
jquery.min.js
3e58xg3iuaa84csjh2769ipd-wpengine.netdna-ssl.com/wp-includes/js/jquery/ 		87 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://3e58xg3iuaa84csjh2769ipd-wpengine.netdna-ssl.com/wp-includes/js/jquery/jquery.min.js?ver=3.6.0
Requested by
Host: www.nyasatimes.com
URL: https://www.nyasatimes.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
94.31.29.96 , United Kingdom, ASN33438 (HIGHWINDS2, US),
Reverse DNS
94.31.29.96.IPYX-077437-ZYO.above.net
Software
NetDNA-cache/2.2 /
Resource Hash
bd4de6a3fc0fb68d6f76ba7b93514b96a92e585c295b5351c31ad92a4b0777ea

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.nyasatimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 09 Nov 2021 04:55:33 GMT
content-encoding
gzip
last-modified
Thu, 22 Jul 2021 19:36:29 GMT
server
NetDNA-cache/2.2
etag
W/"60f9c8bd-15db1"
vary
Accept-Encoding, Accept-Encoding
x-cache
HIT
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
truncated
/ 		137 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
b307c4ae27381c0bc19983833f7bc324bb100468b4f22bdd7594b179c836aa4a

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Content-Type
image/svg+xml;charset=utf8
truncated
/ 		137 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
b3bc188ffa450c649d95d661372fddb6bbdf17e7d63578d499ab98b984da8381

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Content-Type
image/svg+xml;charset=utf8
fa-brands-400.woff2
use.fontawesome.com/releases/v5.6.3/webfonts/ 		73 KB
73 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://use.fontawesome.com/releases/v5.6.3/webfonts/fa-brands-400.woff2
Requested by
Host: use.fontawesome.com
URL: https://use.fontawesome.com/releases/v5.6.3/css/all.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::ac43:d645 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
eed474a49bdbf745c19e463f070e67977c1ab27835603eb749d9e5c249cf81f8

Request headers

Referer
https://use.fontawesome.com/releases/v5.6.3/css/all.css
Origin
https://www.nyasatimes.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 09 Nov 2021 04:55:33 GMT
access-control-allow-methods
GET
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
10831512
cf-ray
6ab47313bee1699f-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
74288
x-amz-id-2
Z9Sinl88b4kp6p8W5POkGSTr9WQKu7ShSScehnxVDssBjo68LzwF32aT6FSbT3caThnp9HDx6no=
last-modified
Wed, 30 Jun 2021 15:44:54 GMT
server
cloudflare
etag
"eac60e8a656781e13d2a674b4d9051c0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age
3000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MExwedZamEjVJkwO7AM64w%2F%2B%2FIl9xAzHDu2MY%2FNPfbsqJXId%2BaC6BXLjTKE%2FkIufI9L%2FV4bn%2FQnrxFyBYUyVOXs3CyQYdRDEZyrc7qnSgYlKFG3uvdpYRTLaOm9zz3hsZ8R9JApmqG8oyIvzlVVs%2F1KB"}],"group":"cf-nel","max_age":604800}
x-amz-request-id
DS5SWABR3Z4T5BQ2
access-control-allow-origin
*
cache-control
max-age=31556926
accept-ranges
bytes
content-type
font/woff2
fa-solid-900.woff2
use.fontawesome.com/releases/v5.6.3/webfonts/ 		77 KB
78 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://use.fontawesome.com/releases/v5.6.3/webfonts/fa-solid-900.woff2
Requested by
Host: use.fontawesome.com
URL: https://use.fontawesome.com/releases/v5.6.3/css/all.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::ac43:d645 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f419ad7a4477f36ce73c74a23dce784150ca38fa5075a8e06109709cbb716903

Request headers

Referer
https://use.fontawesome.com/releases/v5.6.3/css/all.css
Origin
https://www.nyasatimes.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 09 Nov 2021 04:55:33 GMT
access-control-allow-methods
GET
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
10831591
cf-ray
6ab47313bee2699f-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
79100
x-amz-id-2
ZVsbIOuSEsHM6gu4JU9EZQnXHcYJbRCVmeLtkahcSGbeTbsw7dS4+WtQNrlbzar196MA4Y+HQuQ=
last-modified
Wed, 30 Jun 2021 15:44:54 GMT
server
cloudflare
etag
"5dc01cfcd5336f696cb85da7ce53fa9b"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age
3000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zeR9vzvNfYLUu4ks8XXQ1HicBgH1WsKJM2gmknakPu4OvsD8KehpaK5E%2BvlJSr9IT4p2vCkRkiIcO2DwRS%2FNZNPrROc6vXD5bOWmn0sfczgBY8Nmi%2FupeNUWQAYZDSIRhPHv8klZ%2Feio%2BGsraqejZq%2Fc"}],"group":"cf-nel","max_age":604800}
x-amz-request-id
3QTC835R4VCEX0NP
access-control-allow-origin
*
cache-control
max-age=31556926
accept-ranges
bytes
content-type
font/woff2
SlGDmQSNjdsmc35JDF1K5E55YMjF_7DPuGi-DPNkBI9_.woff2
fonts.gstatic.com/s/ebgaramond/v15/ 		30 KB
30 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/ebgaramond/v15/SlGDmQSNjdsmc35JDF1K5E55YMjF_7DPuGi-DPNkBI9_.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=EB+Garamond:700
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ab2393b8736c6628c492115497ffce0397645a473a6de15e541ea23946ed45aa
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.nyasatimes.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Thu, 04 Nov 2021 01:07:50 GMT
x-content-type-options
nosniff
age
445664
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
30408
x-xss-protection
0
last-modified
Thu, 28 Jan 2021 20:50:55 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Fri, 04 Nov 2022 01:07:50 GMT
fa-regular-400.woff2
use.fontawesome.com/releases/v5.6.3/webfonts/ 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://use.fontawesome.com/releases/v5.6.3/webfonts/fa-regular-400.woff2
Requested by
Host: use.fontawesome.com
URL: https://use.fontawesome.com/releases/v5.6.3/css/all.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::ac43:d645 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0ecdc6188a4b2ec48e2ebf84a2a6584e78473f1216d7119832b5dc109bec7492

Request headers

Referer
https://use.fontawesome.com/releases/v5.6.3/css/all.css
Origin
https://www.nyasatimes.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 09 Nov 2021 04:55:33 GMT
access-control-allow-methods
GET
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
961413
cf-ray
6ab47313bedd699f-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
14872
x-amz-id-2
g/k48zLM+I5ZWhuanzoJM8xhwHpzH7HsKkDBgj9oZH5t35DppzSZ8yGz4QlkFdT0/hTjDlCLFHM=
last-modified
Wed, 30 Jun 2021 15:44:54 GMT
server
cloudflare
etag
"4b218302f9057d02864d4909661831e9"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age
3000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gIJ0unDhIwV6oX9TT%2F4S6A62SkuqT55MQ7B4xuichXDnyAkLqItFMC6cR%2BjSb2UKKA%2B3do%2BIPRkQPfM1Smi%2Frkj9bPzK7ciAcGb3CPyE4VcnM8Cox%2FSyc04hlL%2Bugzi6zcJgW2fZcgemV4of41rOWb%2FZ"}],"group":"cf-nel","max_age":604800}
x-amz-request-id
YKX69TX2BE8WAZYH
access-control-allow-origin
*
cache-control
max-age=31556926
accept-ranges
bytes
content-type
font/woff2
/
ui.cleverwebserver.com/3fb71065e38842a2b8e766d4ad87d4d5/ 		161 B
251 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ui.cleverwebserver.com/3fb71065e38842a2b8e766d4ad87d4d5/
Requested by
Host: www.nyasatimes.com
URL: https://www.nyasatimes.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:4d5b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/7.4.19
Resource Hash
ae8fc06de3bf41915d227c897a89b47a0f32a3a75c09dde8d39ea1dc27d95318

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.nyasatimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 09 Nov 2021 04:55:34 GMT
content-encoding
br
cf-cache-status
DYNAMIC
server
cloudflare
x-powered-by
PHP/7.4.19
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type
text/javascript;charset=UTF-8
cf-ray
6ab473147f1d4db2-FRA
34090.php
sender.clevernt.com/transporter/ 		43 B
354 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sender.clevernt.com/transporter/34090.php?ppuc=0&ppu=0&id=0&ref=aHR0cHM6Ly93d3cubnlhc2F0aW1lcy5jb20v&ruri=&r=457473929&tok=33419711310201791433&op=called&wn=null&res=1600x1200&ts=0.005&cc=1&iv=-1
Requested by
Host: www.nyasatimes.com
URL: https://www.nyasatimes.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
148.69.64.76 Porto, Portugal, ASN12353 (VODAFONE-PT Vodafone Portugal, PT),
Reverse DNS
are.clevernt.com
Software
nginx /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.nyasatimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 09 Nov 2021 04:55:33 GMT
server
nginx
content-type
image/gif
/
lp.cleverwebserver.com/22bet/aa/sports/grp1/ Frame 405A
Redirect Chain
  • https://sender.clevernt.com/transporter/34090.php?ppuc=1&ppu=0&id=366535&ref=aHR0cHM6Ly93d3cubnlhc2F0aW1lcy5jb20v&ruri=&r=758568840&tok=33419711310201791433&cc=1&iv=-1&ctr=DE&sz=1200&landing=1&hei=...
  • https://lp.cleverwebserver.com/22bet/aa/sports/grp1/?id=366535&group=34090&tracker=aHR0cHM6Ly9yZWZwYXNyYXN3LndvcmxkL0w%2FdGFnPWRfMzQ2NDk3bV83NjY5Y19HVEFBRldCVFBMREFBV1cmc2l0ZT0zNDY0OTcmYWQ9NzY2OSZy...
1 KB
700 B 		Document
General
Check archive.org
Download Go to
Full URL
https://lp.cleverwebserver.com/22bet/aa/sports/grp1/?id=366535&group=34090&tracker=aHR0cHM6Ly9yZWZwYXNyYXN3LndvcmxkL0w%2FdGFnPWRfMzQ2NDk3bV83NjY5Y19HVEFBRldCVFBMREFBV1cmc2l0ZT0zNDY0OTcmYWQ9NzY2OSZyPXJlZ2lzdHJhdGlvbi8%3D&ref=aHR0cHM6Ly93d3cubnlhc2F0aW1lcy5jb20v&r=758568840
Requested by
Host: www.nyasatimes.com
URL: https://www.nyasatimes.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:4d5b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2967b69b0c5f3bf0717742cb2d1c420c7fec6b1dba9081ca4787a8103fa04f94

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
about:blank

Response headers

date
Tue, 09 Nov 2021 04:55:34 GMT
content-type
text/html
x-amz-id-2
zFnqRUuirr2TWJs1bg0nACRCiHXkyuNn8T4hCTo7faEV5WxhKKGmmEhs1Qer36BiNIYtvqzkthM=
x-amz-request-id
EEKC2PKTPS2RRMQR
last-modified
Mon, 08 Nov 2021 21:29:25 GMT
cache-control
max-age=1800
cf-cache-status
MISS
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
server
cloudflare
cf-ray
6ab473185b3e4db2-FRA
content-encoding
br

Redirect headers

server
nginx
date
Tue, 09 Nov 2021 04:55:34 GMT
content-type
text/html; charset=UTF-8
location
https://lp.cleverwebserver.com/22bet/aa/sports/grp1/?id=366535&group=34090&tracker=aHR0cHM6Ly9yZWZwYXNyYXN3LndvcmxkL0w%2FdGFnPWRfMzQ2NDk3bV83NjY5Y19HVEFBRldCVFBMREFBV1cmc2l0ZT0zNDY0OTcmYWQ9NzY2OSZyPXJlZ2lzdHJhdGlvbi8%3D&ref=aHR0cHM6Ly93d3cubnlhc2F0aW1lcy5jb20v&r=758568840
expires
Fri, 27 Jun 1986 23:00:00 GMT
last-modified
Tue, 09 Nov 2021 04:55:34 GMT
cache-control
no-store, no-cache, must-revalidate, max-age=0 post-check=0, pre-check=0
pragma
no-cache
truncated
/ 		655 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
9f312aead73c7059dc22bbff1a38210eaacd5e2d7beaaec586a32575c54bc35a

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Content-Type
image/png
style.css
lp.cleverwebserver.com/22bet/aa/sports/grp1/ Frame 405A 		17 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://lp.cleverwebserver.com/22bet/aa/sports/grp1/style.css?v=2
Requested by
Host: lp.cleverwebserver.com
URL: https://lp.cleverwebserver.com/22bet/aa/sports/grp1/?id=366535&group=34090&tracker=aHR0cHM6Ly9yZWZwYXNyYXN3LndvcmxkL0w%2FdGFnPWRfMzQ2NDk3bV83NjY5Y19HVEFBRldCVFBMREFBV1cmc2l0ZT0zNDY0OTcmYWQ9NzY2OSZyPXJlZ2lzdHJhdGlvbi8%3D&ref=aHR0cHM6Ly93d3cubnlhc2F0aW1lcy5jb20v&r=758568840
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:4d5b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
958245880c3e5c2a4b1267e2fca012beb3a31bdb3a27d0f0e319d051312da7ea

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://lp.cleverwebserver.com/22bet/aa/sports/grp1/?id=366535&group=34090&tracker=aHR0cHM6Ly9yZWZwYXNyYXN3LndvcmxkL0w%2FdGFnPWRfMzQ2NDk3bV83NjY5Y19HVEFBRldCVFBMREFBV1cmc2l0ZT0zNDY0OTcmYWQ9NzY2OSZyPXJlZ2lzdHJhdGlvbi8%3D&ref=aHR0cHM6Ly93d3cubnlhc2F0aW1lcy5jb20v&r=758568840
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 09 Nov 2021 04:55:34 GMT
content-encoding
br
cf-cache-status
HIT
age
1612
cf-polished
origSize=17439
x-amz-request-id
Z7PX2630EYP2RK9P
x-amz-id-2
SiTqZoZ+07m3n0nSOieNfOQNjJQRC40QaAE3k/Tkayt1x0evFSCEqTy9fAAonYqKIJWMn3U68wM=
last-modified
Wed, 27 Oct 2021 09:56:15 GMT
server
cloudflare
etag
W/"26c76aba0a459d46217e63893df3d600"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/css
cache-control
max-age=1800
cf-ray
6ab47318ebbc4db2-FRA
cf-bgj
minify
ad.svg
lp.cleverwebserver.com/22bet/aa/sports/grp1/imgs/ Frame 405A 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://lp.cleverwebserver.com/22bet/aa/sports/grp1/imgs/ad.svg?v=2
Requested by
Host: lp.cleverwebserver.com
URL: https://lp.cleverwebserver.com/22bet/aa/sports/grp1/?id=366535&group=34090&tracker=aHR0cHM6Ly9yZWZwYXNyYXN3LndvcmxkL0w%2FdGFnPWRfMzQ2NDk3bV83NjY5Y19HVEFBRldCVFBMREFBV1cmc2l0ZT0zNDY0OTcmYWQ9NzY2OSZyPXJlZ2lzdHJhdGlvbi8%3D&ref=aHR0cHM6Ly93d3cubnlhc2F0aW1lcy5jb20v&r=758568840
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:4d5b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e751e48f4e7ea27901a50cce0a3e5b695ede7cab50058c4cc51c4a7435d02b7d

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://lp.cleverwebserver.com/22bet/aa/sports/grp1/?id=366535&group=34090&tracker=aHR0cHM6Ly9yZWZwYXNyYXN3LndvcmxkL0w%2FdGFnPWRfMzQ2NDk3bV83NjY5Y19HVEFBRldCVFBMREFBV1cmc2l0ZT0zNDY0OTcmYWQ9NzY2OSZyPXJlZ2lzdHJhdGlvbi8%3D&ref=aHR0cHM6Ly93d3cubnlhc2F0aW1lcy5jb20v&r=758568840
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 09 Nov 2021 04:55:34 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Mon, 20 Sep 2021 16:43:31 GMT
server
cloudflare
age
1229
etag
W/"479e7dbe9215ddc11cd4defff4f3eb85"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/svg+xml
cache-control
max-age=1800
cf-ray
6ab47318ebbd4db2-FRA
x-amz-request-id
2R4KXGTHBX7VQNCR
x-amz-id-2
o4QTGkBdD724WwYwYd4Bq4G1pTPfd7xh03TF2c+FDl/qTL7XM3XYivkOGTyPXsL5jjNzuKyP5Xk=
logo.svg
lp.cleverwebserver.com/22bet/aa/sports/grp1/imgs/ Frame 405A 		5 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://lp.cleverwebserver.com/22bet/aa/sports/grp1/imgs/logo.svg?v=2
Requested by
Host: lp.cleverwebserver.com
URL: https://lp.cleverwebserver.com/22bet/aa/sports/grp1/?id=366535&group=34090&tracker=aHR0cHM6Ly9yZWZwYXNyYXN3LndvcmxkL0w%2FdGFnPWRfMzQ2NDk3bV83NjY5Y19HVEFBRldCVFBMREFBV1cmc2l0ZT0zNDY0OTcmYWQ9NzY2OSZyPXJlZ2lzdHJhdGlvbi8%3D&ref=aHR0cHM6Ly93d3cubnlhc2F0aW1lcy5jb20v&r=758568840
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:4d5b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4492dbb85aac3d9fa10fab609cb334d52fa62ee89fc1d252109ad580e565c5a8

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://lp.cleverwebserver.com/22bet/aa/sports/grp1/?id=366535&group=34090&tracker=aHR0cHM6Ly9yZWZwYXNyYXN3LndvcmxkL0w%2FdGFnPWRfMzQ2NDk3bV83NjY5Y19HVEFBRldCVFBMREFBV1cmc2l0ZT0zNDY0OTcmYWQ9NzY2OSZyPXJlZ2lzdHJhdGlvbi8%3D&ref=aHR0cHM6Ly93d3cubnlhc2F0aW1lcy5jb20v&r=758568840
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 09 Nov 2021 04:55:34 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Mon, 20 Sep 2021 16:43:31 GMT
server
cloudflare
age
1229
etag
W/"3d2cdabb81821187f27ea81d8d974b6e"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/svg+xml
cache-control
max-age=1800
cf-ray
6ab47318ebc04db2-FRA
x-amz-request-id
2R4SFHC97ZSRWMKP
x-amz-id-2
PGgZgYW6d0xWSY5RVvrcAvjGOWsstg2Ly2XMAMZhgxvriZm95Iq3dRnKeMkDGCD78IVABEmF0lE=
copy1.svg
lp.cleverwebserver.com/22bet/aa/sports/grp1/imgs/ Frame 405A 		4 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://lp.cleverwebserver.com/22bet/aa/sports/grp1/imgs/copy1.svg?v=2
Requested by
Host: lp.cleverwebserver.com
URL: https://lp.cleverwebserver.com/22bet/aa/sports/grp1/?id=366535&group=34090&tracker=aHR0cHM6Ly9yZWZwYXNyYXN3LndvcmxkL0w%2FdGFnPWRfMzQ2NDk3bV83NjY5Y19HVEFBRldCVFBMREFBV1cmc2l0ZT0zNDY0OTcmYWQ9NzY2OSZyPXJlZ2lzdHJhdGlvbi8%3D&ref=aHR0cHM6Ly93d3cubnlhc2F0aW1lcy5jb20v&r=758568840
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:4d5b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3b1186c5d0eb667f54a8a52c0c4083cd1191fae972356a4b74af7302f88d6227

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://lp.cleverwebserver.com/22bet/aa/sports/grp1/?id=366535&group=34090&tracker=aHR0cHM6Ly9yZWZwYXNyYXN3LndvcmxkL0w%2FdGFnPWRfMzQ2NDk3bV83NjY5Y19HVEFBRldCVFBMREFBV1cmc2l0ZT0zNDY0OTcmYWQ9NzY2OSZyPXJlZ2lzdHJhdGlvbi8%3D&ref=aHR0cHM6Ly93d3cubnlhc2F0aW1lcy5jb20v&r=758568840
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 09 Nov 2021 04:55:34 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Mon, 20 Sep 2021 16:43:31 GMT
server
cloudflare
age
1229
etag
W/"3cc8184429bd4dafff8ce02ea25a4569"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/svg+xml
cache-control
max-age=1800
cf-ray
6ab47318ebc24db2-FRA
x-amz-request-id
2R4GEEHTX59JADV8
x-amz-id-2
L3LbUTGJyM6TH1gylGiz190bgRMFpSU3G5YqIN0aSQcsGXrunHeHkZMvr/cfR0sAmcIj01lLefg=
cta.png
lp.cleverwebserver.com/22bet/aa/sports/grp1/imgs/ Frame 405A 		32 KB
32 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://lp.cleverwebserver.com/22bet/aa/sports/grp1/imgs/cta.png?v=2
Requested by
Host: lp.cleverwebserver.com
URL: https://lp.cleverwebserver.com/22bet/aa/sports/grp1/?id=366535&group=34090&tracker=aHR0cHM6Ly9yZWZwYXNyYXN3LndvcmxkL0w%2FdGFnPWRfMzQ2NDk3bV83NjY5Y19HVEFBRldCVFBMREFBV1cmc2l0ZT0zNDY0OTcmYWQ9NzY2OSZyPXJlZ2lzdHJhdGlvbi8%3D&ref=aHR0cHM6Ly93d3cubnlhc2F0aW1lcy5jb20v&r=758568840
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:4d5b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
47266e1987dae930dd3396fba6ed7cadd69b708cd8eee635d4bc291c9bb58679

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://lp.cleverwebserver.com/22bet/aa/sports/grp1/?id=366535&group=34090&tracker=aHR0cHM6Ly9yZWZwYXNyYXN3LndvcmxkL0w%2FdGFnPWRfMzQ2NDk3bV83NjY5Y19HVEFBRldCVFBMREFBV1cmc2l0ZT0zNDY0OTcmYWQ9NzY2OSZyPXJlZ2lzdHJhdGlvbi8%3D&ref=aHR0cHM6Ly93d3cubnlhc2F0aW1lcy5jb20v&r=758568840
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 09 Nov 2021 04:55:34 GMT
cf-cache-status
HIT
age
1229
cf-polished
origFmt=png, origSize=52237
cf-ray
6ab47318ebc34db2-FRA
content-disposition
inline; filename="cta.webp"
content-length
32672
x-amz-id-2
wYGvd4haMjOtetk0RuLC+SOCCeJLjJjPmAKn/jVnm937NUUWwAYBxb0L7loekyhUbdbNzhurK3Y=
last-modified
Mon, 08 Nov 2021 16:48:14 GMT
server
cloudflare
etag
"26a579e733f319b02b0aa07ea3d5be3f"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept
x-amz-request-id
963J5TNR4FVX0GMJ
cache-control
max-age=1800
accept-ranges
bytes
content-type
image/webp
cf-bgj
imgq:100,h2pri
copy2.svg
lp.cleverwebserver.com/22bet/aa/sports/grp1/imgs/ Frame 405A 		6 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://lp.cleverwebserver.com/22bet/aa/sports/grp1/imgs/copy2.svg?v=2
Requested by
Host: lp.cleverwebserver.com
URL: https://lp.cleverwebserver.com/22bet/aa/sports/grp1/?id=366535&group=34090&tracker=aHR0cHM6Ly9yZWZwYXNyYXN3LndvcmxkL0w%2FdGFnPWRfMzQ2NDk3bV83NjY5Y19HVEFBRldCVFBMREFBV1cmc2l0ZT0zNDY0OTcmYWQ9NzY2OSZyPXJlZ2lzdHJhdGlvbi8%3D&ref=aHR0cHM6Ly93d3cubnlhc2F0aW1lcy5jb20v&r=758568840
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:4d5b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
650f0d2335d42d32ea27c7ab432d665bea3e73f3461ee6ea58096237cd97d11c

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://lp.cleverwebserver.com/22bet/aa/sports/grp1/?id=366535&group=34090&tracker=aHR0cHM6Ly9yZWZwYXNyYXN3LndvcmxkL0w%2FdGFnPWRfMzQ2NDk3bV83NjY5Y19HVEFBRldCVFBMREFBV1cmc2l0ZT0zNDY0OTcmYWQ9NzY2OSZyPXJlZ2lzdHJhdGlvbi8%3D&ref=aHR0cHM6Ly93d3cubnlhc2F0aW1lcy5jb20v&r=758568840
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 09 Nov 2021 04:55:34 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 27 Oct 2021 09:56:15 GMT
server
cloudflare
age
1229
etag
W/"13376069d8930d1742dab37f52396211"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/svg+xml
cache-control
max-age=1800
cf-ray
6ab47318ebc44db2-FRA
x-amz-request-id
SRAS1DV93MSE3F3C
x-amz-id-2
sCcJEcsyO5fC6TMj2HYHmcjIbDie8bONNNu18feTHFRVq3cP76h1B+SSCqjeAFd+zlaaTXigwQQ=
rocket-loader.min.js
lp.cleverwebserver.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/ Frame 405A 		12 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://lp.cleverwebserver.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Requested by
Host: lp.cleverwebserver.com
URL: https://lp.cleverwebserver.com/22bet/aa/sports/grp1/?id=366535&group=34090&tracker=aHR0cHM6Ly9yZWZwYXNyYXN3LndvcmxkL0w%2FdGFnPWRfMzQ2NDk3bV83NjY5Y19HVEFBRldCVFBMREFBV1cmc2l0ZT0zNDY0OTcmYWQ9NzY2OSZyPXJlZ2lzdHJhdGlvbi8%3D&ref=aHR0cHM6Ly93d3cubnlhc2F0aW1lcy5jb20v&r=758568840
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:4d5b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://lp.cleverwebserver.com/22bet/aa/sports/grp1/?id=366535&group=34090&tracker=aHR0cHM6Ly9yZWZwYXNyYXN3LndvcmxkL0w%2FdGFnPWRfMzQ2NDk3bV83NjY5Y19HVEFBRldCVFBMREFBV1cmc2l0ZT0zNDY0OTcmYWQ9NzY2OSZyPXJlZ2lzdHJhdGlvbi8%3D&ref=aHR0cHM6Ly93d3cubnlhc2F0aW1lcy5jb20v&r=758568840
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 09 Nov 2021 04:55:34 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Fri, 05 Nov 2021 13:28:28 GMT
server
cloudflare
etag
W/"6185317c-302c"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options
DENY
content-type
application/javascript
cache-control
max-age=172800, public
cf-ray
6ab473190bcc4db2-FRA
vary
Accept-Encoding
expires
Thu, 11 Nov 2021 04:55:34 GMT
css
fonts.googleapis.com/ Frame 405A 		8 KB
820 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Open+Sans:400,600,800&display=swap
Requested by
Host: lp.cleverwebserver.com
URL: https://lp.cleverwebserver.com/22bet/aa/sports/grp1/style.css?v=2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
af3e5cfbec7a3ad4f4f5ae7f38bd6e857fb46b79a4851ed6084f32adcd327363
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://lp.cleverwebserver.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Tue, 09 Nov 2021 03:12:23 GMT
server
ESF
date
Tue, 09 Nov 2021 04:55:34 GMT
x-frame-options
SAMEORIGIN
report-to
{"group":"AXrpQdfmR0fDhCOPhF1MuC4lh4qBOg6Nc66MCVJYeKk","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/encsid_AXrpQdfmR0fDhCOPhF1MuC4lh4qBOg6Nc66MCVJYeKk"}]}
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
cross-origin-opener-policy-report-only
same-origin; report-to="AXrpQdfmR0fDhCOPhF1MuC4lh4qBOg6Nc66MCVJYeKk"
expires
Tue, 09 Nov 2021 04:55:34 GMT
clever-core-other.js
lp.cleverwebserver.com/ Frame 405A 		1 KB
915 B 		Script
General
Check archive.org
Download Go to
Full URL
https://lp.cleverwebserver.com/clever-core-other.js
Requested by
Host: lp.cleverwebserver.com
URL: https://lp.cleverwebserver.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:4d5b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5755144f0dce959dc794da1dfdc2acaebcf06d9b48532cb75dc972c33600f26d

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://lp.cleverwebserver.com/22bet/aa/sports/grp1/?id=366535&group=34090&tracker=aHR0cHM6Ly9yZWZwYXNyYXN3LndvcmxkL0w%2FdGFnPWRfMzQ2NDk3bV83NjY5Y19HVEFBRldCVFBMREFBV1cmc2l0ZT0zNDY0OTcmYWQ9NzY2OSZyPXJlZ2lzdHJhdGlvbi8%3D&ref=aHR0cHM6Ly93d3cubnlhc2F0aW1lcy5jb20v&r=758568840
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 09 Nov 2021 04:55:34 GMT
content-encoding
br
cf-cache-status
HIT
age
1537
cf-polished
origSize=1782
x-amz-request-id
JC6JNW53X5JVFNAW
x-amz-id-2
F9FEvAU7UsM3qwUpC9SQeh8D8fO+3vPbw9AVJiyyl6XNO16jV46ODROcWAE0Pm0e/dBywblkQak=
last-modified
Mon, 08 Nov 2021 21:29:37 GMT
server
cloudflare
etag
W/"471cfd4668aa76384941e518bd3e63f9"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=1800
cf-ray
6ab473191bdf4db2-FRA
cf-bgj
minify
collect
www.google-analytics.com/j/ 		2 B
209 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j96&a=803458727&t=pageview&_s=1&dl=https%3A%2F%2Fwww.nyasatimes.com%2F&ul=en-us&de=UTF-8&dt=Malawi%20Nyasa%20Times%20-%20News%20from%20Malawi%20about%20Malawi&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAEABAAAAAC~&jid=1176808091&gjid=1344601715&cid=1514767491.1636433735&tid=UA-2751252-2&_gid=645207223.1636433735&_r=1&_slc=1&z=570575497
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
a048e640908046be06e00eab37742b5d5ff80964af58cfd22f7cb2de4dfe375f
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.nyasatimes.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 09 Nov 2021 04:55:35 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.nyasatimes.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2
expires
Fri, 01 Jan 1990 00:00:00 GMT
bg-push.jpg
lp.cleverwebserver.com/22bet/aa/sports/grp1/imgs/ Frame 405A 		109 KB
110 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://lp.cleverwebserver.com/22bet/aa/sports/grp1/imgs/bg-push.jpg?v=2
Requested by
Host: lp.cleverwebserver.com
URL: https://lp.cleverwebserver.com/22bet/aa/sports/grp1/style.css?v=2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:4d5b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
59ca76951ded049f3b6f7b6cd5b91f99d1294ad46af9b465b5d401c072fa1562

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://lp.cleverwebserver.com/22bet/aa/sports/grp1/style.css?v=2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 09 Nov 2021 04:55:35 GMT
cf-cache-status
HIT
age
1180
cf-polished
origSize=119601, status=webp_bigger
cf-ray
6ab4731f69a34db2-FRA
content-length
111802
x-amz-id-2
DYVheCfwsJrsI4RTzTKecsch7xekt4HuZnBY3aaQnqvSsXaYx/P9zE24Wb0NQ59cN+bKIj4uMK0=
last-modified
Mon, 20 Sep 2021 16:43:31 GMT
server
cloudflare
etag
"0af7e9fd54abebd2664bd330eb4a3832"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
x-amz-request-id
8YDJ8JY1QFYS2MMM
cache-control
max-age=1800
accept-ranges
bytes
content-type
image/jpeg
cf-bgj
imgq:100,h2pri
memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v27/ Frame 405A 		44 KB
44 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/opensans/v27/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:400,600,800&display=swap
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
88915cdc03fc5b9a20aec966fe93ee38aa3fd76bfef296e41d305271b3541c96
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://lp.cleverwebserver.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Mon, 08 Nov 2021 21:11:57 GMT
x-content-type-options
nosniff
age
27818
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
44656
x-xss-protection
0
last-modified
Thu, 28 Oct 2021 00:30:43 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Tue, 08 Nov 2022 21:11:57 GMT
wp-emoji-release.min.js
www.nyasatimes.com/wp-includes/js/ 		18 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.nyasatimes.com/wp-includes/js/wp-emoji-release.min.js?ver=5.8.1
Requested by
Host: www.nyasatimes.com
URL: https://www.nyasatimes.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4681 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
def5de6254be138b8b35d680d1fdd8b07827d03b8626daebfeeb4157ec330ea7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.nyasatimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 09 Nov 2021 04:55:35 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Thu, 22 Jul 2021 19:36:29 GMT
server
cloudflare
age
5063459
etag
W/"60f9c8bd-4705"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=AjtfRHNlgCGYDSahMulFPZ9NaifrCAYjH1HISFN7TKsm0DF1TYeup62kLyRDltXD0NdWLvM6xM8o4k5k3uVZLRIVkQQtUhvgHUXvyDUmvrwAia3WG7g7vIZw2Ewng0U70A4JnycwjelqbWf13yqlUg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
6ab4731f9c3405e9-FRA
otbsIu5B1ADm6WfVcR8Zc-iCydrinBppxVUROdXidoTBwND7orK255k9qWkc4OMCrnAaQRGw2U_34risbp8QI6bKAjw1UZplpM-c2QtQovHZdOw4ENyP1ir3Lxy71qmrlzdvynk_Q
steadfastsystem.com/v2/0/ 		104 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://steadfastsystem.com/v2/0/otbsIu5B1ADm6WfVcR8Zc-iCydrinBppxVUROdXidoTBwND7orK255k9qWkc4OMCrnAaQRGw2U_34risbp8QI6bKAjw1UZplpM-c2QtQovHZdOw4ENyP1ir3Lxy71qmrlzdvynk_Q
Requested by
Host: www.nyasatimes.com
URL: https://www.nyasatimes.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.190.90.202 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
202.90.190.35.bc.googleusercontent.com
Software
/
Resource Hash
fb480801f1b09a821681a2b2258c5cbd44157ff75d3fb4f70aaacee9033cf93b
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; preload

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.nyasatimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

strict-transport-security
max-age=15724800; preload
content-encoding
br
x-datacenter
gce-europe-west1
etag
"ea444c2dd027a419ff9c8f1acba4f054b0a3db376fd042657c0980332a38d5be"
vary
Accept-Encoding, Accept-Language
x-hostname
e00eae1c
content-type
text/javascript; charset=utf-8
cache-control
private, must-revalidate, max-age=21600
date
Tue, 09 Nov 2021 04:55:35 GMT
timing-allow-origin
*
collect
www.google-analytics.com/ 		35 B
55 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j96&a=803458727&t=pageview&_s=2&dl=https%3A%2F%2Fwww.nyasatimes.com%2F&ul=en-us&de=UTF-8&dt=Malawi%20Nyasa%20Times%20-%20News%20from%20Malawi%20about%20Malawi&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=KEBAAEABAAAAAC~&jid=&gjid=&cid=1514767491.1636433735&tid=UA-2751252-2&_gid=645207223.1636433735&z=928119777
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.nyasatimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 08 Nov 2021 18:37:37 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
37078
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
/
22bet.com/de/registration/ Frame 618B
Redirect Chain
  • https://refpasrasw.world/L?tag=d_346497m_7669c_GTAAFWBTPLDAAWW&site=346497&ad=7669&r=registration/
  • https://links22.com/registration/?tag=d_346497m_7669c_GTAAFWBTPLDAAWW
  • https://22bet.com/registration/?tag=d_346497m_7669c_GTAAFWBTPLDAAWW
  • https://22bet.com/de/registration/?tag=d_346497m_7669c_GTAAFWBTPLDAAWW
0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://22bet.com/de/registration/?tag=d_346497m_7669c_GTAAFWBTPLDAAWW
Requested by
Host: lp.cleverwebserver.com
URL: https://lp.cleverwebserver.com/clever-core-other.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.135.122.42 Amsterdam, Netherlands, ASN56630 (MELBICOM-EU-AS Melbikomas UAB, LT),
Reverse DNS
Software
nginx /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Frame-Options SAMEORIGIN

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://lp.cleverwebserver.com/

Response headers

server
nginx
date
Tue, 09 Nov 2021 04:55:36 GMT
content-type
text/html; charset=utf-8
x-frame-options
SAMEORIGIN
vary
User-Agent,Accept-Encoding
content-encoding
gzip
strict-transport-security
max-age=63072000; includeSubDomains; preload

Redirect headers

server
nginx
date
Tue, 09 Nov 2021 04:55:35 GMT
content-type
text/html; charset=utf-8
content-length
526
location
https://22bet.com/de/registration/?tag=d_346497m_7669c_GTAAFWBTPLDAAWW
x-frame-options
SAMEORIGIN
x-reason
1015
cache-control
no-cache, private
strict-transport-security
max-age=63072000; includeSubDomains; preload
loader.js
cdn.taboola.com/libtrc/nyasatimes/ 		383 KB
32 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/nyasatimes/loader.js
Requested by
Host: www.nyasatimes.com
URL: https://www.nyasatimes.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
f8b20328615335252d0a3d19d57f2ae87a4325694c247a864a1f90d52559bb35

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.nyasatimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-amz-version-id
.biDBidH2tcNKeFtar_omF5NHJBRevjg
content-encoding
gzip
etag
"37d8ec88dd82f20acb4c34b6fdab5801"
age
0
x-cache
HIT
content-length
32542
x-amz-id-2
oiEzLeCaN3qLGiiZGyS44k3LbjQ4YZIUQoIy9UgyxSZZ+fFB7rx2MZ/g0JOGOqtRpJ2HnzB/nzI=
x-served-by
cache-hhn4069-HHN
last-modified
Mon, 08 Nov 2021 10:19:25 GMT
server
AmazonS3
x-timer
S1636433736.647147,VS0,VE104
date
Tue, 09 Nov 2021 04:55:35 GMT
vary
Accept-Encoding
x-amz-request-id
BED1ZKGETK1Z224E
via
1.1 varnish
cache-control
private,max-age=14401
accept-ranges
bytes
content-type
application/javascript; charset=utf-8
abp
26
x-cache-hits
1
show_ads_impl_with_ama_fy2019.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202111080101/ 		267 KB
96 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202111080101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-6272874513322487&plah=www.nyasatimes.com&bust=31063682
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8934ab02c09dd3393787c8ebd631f1a57367e3406dd174afb7e83dbfc7aee662
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.nyasatimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 09 Nov 2021 04:55:35 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
98311
x-xss-protection
0
server
cafe
etag
1593900999498639795
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
expires
Tue, 09 Nov 2021 04:55:35 GMT
zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20211103/r20190131/ Frame FF09 		11 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20211103/r20190131/zrt_lookup.html
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f2.1e100.net
Software
cafe /
Resource Hash
097ee9cf7679385b826098b24be6ed2e5c6b660342513932a8018203cc0497bc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://www.nyasatimes.com/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
vary
Accept-Encoding
date
Mon, 08 Nov 2021 18:38:54 GMT
expires
Mon, 22 Nov 2021 18:38:54 GMT
content-type
text/html; charset=UTF-8
etag
2948287274155451234
x-content-type-options
nosniff
content-encoding
gzip
server
cafe
content-length
4905
x-xss-protection
0
age
37002
cache-control
public, max-age=1209600
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
pubads_impl_2021110401.js
securepubads.g.doubleclick.net/gpt/ 		346 KB
116 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021110401.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
sffe /
Resource Hash
ecafecffa0db9b7f76734f0bcab9c4646954668aebd3e86dc38cdbe162d3f250
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.nyasatimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 09 Nov 2021 04:55:35 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
119010
x-xss-protection
0
last-modified
Thu, 04 Nov 2021 08:34:50 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
private, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Tue, 09 Nov 2021 04:55:35 GMT
ppub_config
securepubads.g.doubleclick.net/pagead/ 		72 B
99 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=www.nyasatimes.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
cafe /
Resource Hash
b0fcd4baa7c4597d8c207f5e0253ea6252c5b11f57ea271a0e2bafd98bb842aa
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.nyasatimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 09 Nov 2021 04:55:35 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
74
x-xss-protection
0
expires
Tue, 09 Nov 2021 04:55:35 GMT
formats.js
ad.lkqd.net/vpaid/ Frame 239D 		118 KB
35 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ad.lkqd.net/vpaid/formats.js
Requested by
Host: www.nyasatimes.com
URL: https://www.nyasatimes.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
/
Resource Hash
7cfe458faed6fe5c3094bd51f1f10174604be983739ade9d828b0aad190043e5

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 09 Nov 2021 04:55:35 GMT
content-encoding
gzip
last-modified
Fri, 11 Dec 2020 00:09:23 GMT
etag
"286704660baa2c113268f28385080796"
x-hw
1636433735.cds125.am5.hn,1636433735.cds292.am5.c
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=1209600
accept-ranges
bytes
content-length
35765
formats.js
ad.lkqd.net/vpaid/ Frame 2121 		118 KB
35 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ad.lkqd.net/vpaid/formats.js
Requested by
Host: www.nyasatimes.com
URL: https://www.nyasatimes.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
/
Resource Hash
7cfe458faed6fe5c3094bd51f1f10174604be983739ade9d828b0aad190043e5

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 09 Nov 2021 04:55:35 GMT
content-encoding
gzip
last-modified
Fri, 11 Dec 2020 00:09:23 GMT
etag
"286704660baa2c113268f28385080796"
x-hw
1636433735.cds125.am5.hn,1636433735.cds292.am5.c
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=1209600
accept-ranges
bytes
content-length
35765
auto-user-sync
ads.stickyadstv.com/ 		43 B
599 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.stickyadstv.com/auto-user-sync
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.233 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-233.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.nyasatimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 09 Nov 2021 04:55:35 GMT
Server
nginx
Content-Type
image/gif
Access-Control-Allow-Origin
*
Cache-Control
max-age=0, no-cache, no-store
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
43
x-sticky-vk
1636433735305099-551
Expires
Tue, 09 Nov 2021 04:55:35 GMT
popper.min.js
cdnjs.cloudflare.com/ajax/libs/popper.js/1.11.0/umd/ 		19 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/popper.js/1.11.0/umd/popper.min.js
Requested by
Host: www.nyasatimes.com
URL: https://www.nyasatimes.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:135e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5292e677fe712c80863414e9e73f3678d86d409f751392b6803b70a949fc1017
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

Referer
https://www.nyasatimes.com/
Origin
https://www.nyasatimes.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 09 Nov 2021 04:55:35 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
5897576
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
6098
timing-allow-origin
*
last-modified
Mon, 04 May 2020 16:15:37 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03fa9-4a59"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15780000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1F2LiSmA2XhE1Ss7CSDiqMk%2B9m8V3PNHU%2FDL8WkJJTKkKzvhKY8FmKsgQ5V9vqrWch0mkT4XK0oyZVm8UbgSpRjQdWpk5nDjM0DqajfQcwvmVUdZwezN9txfleLcC7MOZyP8XPuupRWEs7BKa34u2mAI"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=30672000
accept-ranges
bytes
cf-ray
6ab473205f4d68e6-FRA
expires
Sun, 30 Oct 2022 04:55:35 GMT
sdk.js
connect.facebook.net/en_US/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/sdk.js
Requested by
Host: www.nyasatimes.com
URL: https://www.nyasatimes.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
bddc2f1ed7e3c0d5dcf460ee3fd0d7f4445a3e7840e40483e005a109ded7afe5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.nyasatimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
content-md5
hT8bMk/y7mjJM3iPyvH3XA==
cross-origin-resource-policy
cross-origin
expires
Tue, 09 Nov 2021 05:12:39 GMT
alt-svc
h3=":443"; ma=3600,h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
1687
x-fb-rlafr
0
x-fb-debug
0b7oea3WlZAy8VL4ytCFxJecWBIn6SeaOLtshDC/+j03KHdgRa6jUW09R51vCVBUkwU5NmEOL72zJ1t6F1o9JQ==
x-fb-trip-id
686109401
x-fb-content-md5
230d27d77b276435e61ef7d3e2259dd5
cross-origin-opener-policy
same-origin-allow-popups
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
date
Tue, 09 Nov 2021 04:55:35 GMT
x-frame-options
DENY
report-to
{"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public,max-age=1200,stale-while-revalidate=3600
etag
"4bb6abcade70d330c10cd4a76171eee8"
timing-allow-origin
*
priority
u=3,i
access-control-expose-headers
X-FB-Content-MD5
cse.js
cse.google.com/ 		7 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cse.google.com/cse.js?cx=partner-pub-6272874513322487:3507483757
Requested by
Host: www.nyasatimes.com
URL: https://www.nyasatimes.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.142 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f14.1e100.net
Software
gws /
Resource Hash
b4d84fb440d969558097fb06b14316f727e502d6659d98baaad89273fe763586
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.nyasatimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

bfcache-opt-in
unload
date
Tue, 09 Nov 2021 04:55:36 GMT
content-encoding
br
server
gws
x-frame-options
SAMEORIGIN
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control
private
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2931
x-xss-protection
0
expires
Tue, 09 Nov 2021 04:55:36 GMT
query_renderer.js
www.google.com/cse/ 		0
0
nyasa_logo.png
www.nyasatimes.com/wp-content/themes/nyasa2019/img/ 		28 KB
28 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.nyasatimes.com/wp-content/themes/nyasa2019/img/nyasa_logo.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4681 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c72041f82ca5e57e8cded65e46305bd7fd2606d53d9d280db0c20a09048fba0c

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.nyasatimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 09 Nov 2021 04:55:35 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
947566
cf-polished
origSize=50019
content-length
28623
last-modified
Wed, 22 Apr 2020 23:28:35 GMT
server
cloudflare
etag
"5ea0d323-c363"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2gSCTDYDm2jN%2BekH9h1qqaX7ycBpJj7vZDIrHMwFRdgnCb2TD7O4bMOMuE5XqlTDtHTNXD4sA8UMk3YqUEu7h40RyqteI22tdeC75vcmoTDdUxWmxVpAa0KUAovdljrFVpRXOpNJIWUy0x%2BAsb0Eeg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
cf-ray
6ab473209d3f05e9-FRA
cf-bgj
imgq:85,h2pri
1x1.trans.gif
www.nyasatimes.com/wp-content/plugins/lazy-load/images/ 		42 B
550 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.nyasatimes.com/wp-content/plugins/lazy-load/images/1x1.trans.gif
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4681 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.nyasatimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 09 Nov 2021 04:55:35 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
34190
cf-polished
status=not_needed
content-length
42
last-modified
Thu, 13 Apr 2017 10:28:12 GMT
server
cloudflare
etag
"58ef52bc-2a"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mJDIwjyBoQl0gOoi%2B1rEHwUMe2hNpmuV0O30%2FgZHv7McKhf9vOGxh91UfPoBSdvTSf659Q%2FG2ejt4xrE4%2FyAVOGFLIrqgr6oeSWmbVOs1Znanos5AMe4PULd0JNjPKZ5Sz1LK9r4J3l%2Fc8U8iPtIWQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/gif
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
cf-ray
6ab473209d4005e9-FRA
cf-bgj
imgq:85,h2pri
impl.20211108-3-RELEASE.js
cdn.taboola.com/libtrc/ 		600 KB
123 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/impl.20211108-3-RELEASE.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/nyasatimes/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3-br /
Resource Hash
93cf91407923a2c77bdf11879b36b1c7507ae277f5538fd727b4114b15948c70

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.nyasatimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-amz-version-id
pSs4V5wwwBslTAiAmtyDyStpXBHERge3
content-encoding
br
etag
"c7eaca2685fe1eb52effc747a47c638a"
age
11225
x-cache
HIT
content-length
125310
x-amz-id-2
gCypjvKbkfSUCuG19wcm8aidZrlciBxkQeqfDa8TbsZzX++Pa6Zb5BcrvXo8DnibnNZ8kseIW10=
x-served-by
cache-hhn4069-HHN
last-modified
Mon, 08 Nov 2021 09:47:33 GMT
server
AmazonS3-br
x-timer
S1636433736.790680,VS0,VE0
date
Tue, 09 Nov 2021 04:55:35 GMT
vary
Accept-Encoding
x-amz-request-id
S4F4EAEAGHP6PN16
via
1.1 varnish
cache-control
private,max-age=31536000
accept-ranges
bytes
content-type
application/javascript
abp
3
x-cache-hits
2072
smush-lazyloader-1.gif
3e58xg3iuaa84csjh2769ipd-wpengine.netdna-ssl.com/wp-content/plugins/wp-smushit/app/assets/images/ 		62 KB
63 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://3e58xg3iuaa84csjh2769ipd-wpengine.netdna-ssl.com/wp-content/plugins/wp-smushit/app/assets/images/smush-lazyloader-1.gif
Requested by
Host: 3e58xg3iuaa84csjh2769ipd-wpengine.netdna-ssl.com
URL: https://3e58xg3iuaa84csjh2769ipd-wpengine.netdna-ssl.com/wp-content/cache/autoptimize/css/autoptimize_9741faa89bbcaddc05d3615db42ad3e0.css
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
94.31.29.96 , United Kingdom, ASN33438 (HIGHWINDS2, US),
Reverse DNS
94.31.29.96.IPYX-077437-ZYO.above.net
Software
NetDNA-cache/2.2 /
Resource Hash
3ab859f6883b80f0d98aa4c62bf0cb98c696efe3a3858fdb92c0bda3db2c57f5

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://3e58xg3iuaa84csjh2769ipd-wpengine.netdna-ssl.com/wp-content/cache/autoptimize/css/autoptimize_9741faa89bbcaddc05d3615db42ad3e0.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 09 Nov 2021 04:55:35 GMT
last-modified
Tue, 29 Jun 2021 19:22:35 GMT
server
NetDNA-cache/2.2
etag
"60db72fb-f967"
vary
Accept-Encoding
x-cache
HIT
content-type
image/gif
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
content-length
63847
cookie
a.vidoomy.com/api/rtbserver/ Frame 6807
Redirect Chain
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=120&redir=https%3A%2F%2Fa.vidoomy.com%2Fapi%2Frtbserver%2Fcookie%3Fi%3DCEN%26uid%3D%7BuserId%7D
  • https://a.vidoomy.com/api/rtbserver/cookie?i=CEN&uid=no-consent
43 B
290 B 		Document
General
Check archive.org
Download Go to
Full URL
https://a.vidoomy.com/api/rtbserver/cookie?i=CEN&uid=no-consent
Requested by
Host: www.nyasatimes.com
URL: https://www.nyasatimes.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.158.22.228 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-158-22-228.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://www.nyasatimes.com/

Response headers

date
Tue, 09 Nov 2021 04:55:35 GMT
content-type
image/gif
content-length
43
content-encoding
none
vary
Origin

Redirect headers

cache-control
max-age=0,no-cache,no-store
pragma
no-cache
expires
Tue, 11 Oct 1977 12:34:56 GMT
p3p
CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
location
https://a.vidoomy.com/api/rtbserver/cookie?i=CEN&uid=no-consent
content-length
0
date
Tue, 09 Nov 2021 04:55:35 GMT
server
AC1.1
cookie
a.vidoomy.com/api/rtbserver/
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=vidoomy&user_id=723762174.64314511657569340.6030751
  • https://x.bidswitch.net/ul_cb/sync?ssp=vidoomy&user_id=723762174.64314511657569340.6030751
  • https://sonata-notifications.taptapnetworks.com/web/cookie/bidswitch/sync?bidswitch_ssp_id=vidoomy&bsw_custom_parameter=db823f7b-313a-4551-a5a4-d28b8d688688&gdpr=&gdpr_consent=&gdpr_pd=
  • https://x.bidswitch.net/sync?dsp_id=413&ssp=vidoomy&user_id=csonata_f31f1a10-01cc-42ca-acc1-2e503e6d082f&bsw_param=db823f7b-313a-4551-a5a4-d28b8d688688&expires=10
  • https://a.vidoomy.com/api/rtbserver/cookie?i=BS&uid=db823f7b-313a-4551-a5a4-d28b8d688688
43 B
369 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://a.vidoomy.com/api/rtbserver/cookie?i=BS&uid=db823f7b-313a-4551-a5a4-d28b8d688688
Protocol
H2
Server
18.158.22.228 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-158-22-228.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.nyasatimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 09 Nov 2021 04:55:36 GMT
content-encoding
none
content-length
43
vary
Origin
content-type
image/gif

Redirect headers

Location
//a.vidoomy.com/api/rtbserver/cookie?i=BS&uid=db823f7b-313a-4551-a5a4-d28b8d688688
Date
Tue, 09 Nov 2021 04:55:36 GMT
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Content-Length
0
wilson-banda-1-600x300.jpg
www.nyasatimes.com/wp-content/uploads/ 		33 KB
33 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.nyasatimes.com/wp-content/uploads/wilson-banda-1-600x300.jpg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4681 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
87a14face76ffb6903e0a1783236a8492347748e7a122dc16e375bed078a8ac4

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.nyasatimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 09 Nov 2021 04:55:35 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
14592
cf-polished
degrade=85, origSize=40861
content-length
33341
last-modified
Tue, 09 Nov 2021 00:49:20 GMT
server
cloudflare
etag
"6189c590-9f9d"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1qEz%2BP7U8WD1xSnkRuw%2Boc4p3GbwWmhu6eHzJnSbZZ1KZ8imtt4%2B9Vk3UWq1fCaPDVKnSd8606lbRWgx0CquPN5wsmwPwyAF8it0vs%2B8f7bpPfjGK02t8fJ3zdOcI2jjKopjA6kY1beJynvNBky0Pg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
cf-ray
6ab47320fd9c05e9-FRA
cf-bgj
imgq:85,h2pri
a-Nyasa-Times-pic-3804.jpg
www.nyasatimes.com/wp-content/uploads/ 		60 KB
60 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.nyasatimes.com/wp-content/uploads/a-Nyasa-Times-pic-3804.jpg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4681 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1bd00b2681ba5cf15016290fb3c65a7d1868a7b890a4c544847ee207999d5e80

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.nyasatimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 09 Nov 2021 04:55:35 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
15017
cf-polished
degrade=85, origSize=112592
content-length
61307
last-modified
Fri, 01 Mar 2019 14:57:39 GMT
server
cloudflare
etag
"5c794863-1b7d0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0P1A%2FfHBjaAod5Qn7rF3aoRGGXWv4Wj3AvHZXgV5j0RS5MVVJuHGofA9b0Sz2W3lUIMhYkDWX1lSwOo0JhKDPLf7mL8zau%2F9mMAfEaWiv2j1KC%2F%2Fb0n%2BixEl6uOUPKPsRc1wf5au3mRW3sh0InmJvg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
cf-ray
6ab47320fda005e9-FRA
cf-bgj
imgq:85,h2pri
Dr-Martha-Phiri-600x300.jpeg
www.nyasatimes.com/wp-content/uploads/ 		17 KB
17 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.nyasatimes.com/wp-content/uploads/Dr-Martha-Phiri-600x300.jpeg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4681 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
53ae14fc5dcb8260cf6b52e08f41218f774301005574bf7526bb7d09d2441776

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.nyasatimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 09 Nov 2021 04:55:35 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
14592
cf-polished
origSize=17906
content-length
17471
last-modified
Tue, 09 Nov 2021 00:06:53 GMT
server
cloudflare
etag
"6189bb9d-45f2"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Oc6xyngSB3J70RChl6z8FcRKvs3czP7gTDS7Ytzpk7Fjdfn%2BHOqb6IFP6PUkLKAvKSi4pwERFL0h%2BayHJNhN6y2cdsSmcOOzGOth2a1IiDkv%2FrYWciRJLvhiMFuQEVDFtRaF%2FoWELcex6QOHU%2Bi1WA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
cf-ray
6ab47320fda205e9-FRA
cf-bgj
imgq:85,h2pri
His-Excellency-the-Presidents-addresses-the-nation-on-2063-Malawi-Implimentation-Plan-pic-by-Carol-Mkandawire-600x300.jpg
www.nyasatimes.com/wp-content/uploads/ 		21 KB
22 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.nyasatimes.com/wp-content/uploads/His-Excellency-the-Presidents-addresses-the-nation-on-2063-Malawi-Implimentation-Plan-pic-by-Carol-Mkandawire-600x300.jpg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4681 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e2d85b58e10843eb579127a6827ab12a184ef95517c31d89c27386a9a490eb49

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.nyasatimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 09 Nov 2021 04:55:35 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
14592
cf-polished
origSize=22196
content-length
21956
last-modified
Mon, 08 Nov 2021 22:04:00 GMT
server
cloudflare
etag
"61899ed0-56b4"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MhSqKEMUaCQTPKzRELl08%2BVy5r5K3x1Tj1pp7ZhIVSwXo6PgYA05Y4EzLeVWUKknPlqBPZYibsiVFrxH06CEs41G7uaa7vuyHSipg5pNOiwKvJncqTQ7psO%2FmIhkxGYX1xMg7ZXz4prYV6%2FA9Ifk0w%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
cf-ray
6ab47320fda305e9-FRA
cf-bgj
imgq:85,h2pri
a-Nyasa-Times-pic-3804-240x200.jpg
www.nyasatimes.com/wp-content/uploads/ 		11 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.nyasatimes.com/wp-content/uploads/a-Nyasa-Times-pic-3804-240x200.jpg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4681 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
96f11db0e8e9a6853db4be032b404295ede3b41430a3c291ad48086960880f5a

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.nyasatimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 09 Nov 2021 04:55:35 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
14568
cf-polished
degrade=85, origSize=11479
content-length
10962
last-modified
Fri, 01 Mar 2019 14:57:42 GMT
server
cloudflare
etag
"5c794866-2cd7"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TaxUOPC7fdqfDdi8%2Fc8W2sny9Dxoxx3F3%2FmgRfSTaHf4TG6OgFu9ZUDBz70oXqYFgL3KmnpaT4XvVtwo48hJWCucAQ0z3Q453vn9L%2FZHhwWz9s9ZDY8FCtRjDBqS1rhX2D8cIoghaFVSr081ZxQVoA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
cf-ray
6ab473210da705e9-FRA
cf-bgj
imgq:85,h2pri
Dr-Martha-Phiri-240x200.jpeg
www.nyasatimes.com/wp-content/uploads/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.nyasatimes.com/wp-content/uploads/Dr-Martha-Phiri-240x200.jpeg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4681 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9e2e8b21291e43020488ce60525106da68a40a2983a768cee99f40651b9f81bc

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.nyasatimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 09 Nov 2021 04:55:35 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
14568
cf-polished
degrade=85, origSize=7063
content-length
6831
last-modified
Tue, 09 Nov 2021 00:06:50 GMT
server
cloudflare
etag
"6189bb9a-1b97"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=w2t6jks6FZzjpCTyxTdwLMC1iHKOUojxTTTfz9pAflUBCpcSy0Cvi9SAG8lIR4pGzc8sX%2BbRZgAxvXu6P0xdwikUelIG9KyOIWAQeKX9uxeFunb74LjJ6RLjzV%2B54oTLJcHd2cNvIAraXbBQp5FnOQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
cf-ray
6ab473210da805e9-FRA
cf-bgj
imgq:85,h2pri
His-Excellency-the-Presidents-addresses-the-nation-on-2063-Malawi-Implimentation-Plan-pic-by-Carol-Mkandawire-240x200.jpg
www.nyasatimes.com/wp-content/uploads/ 		9 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.nyasatimes.com/wp-content/uploads/His-Excellency-the-Presidents-addresses-the-nation-on-2063-Malawi-Implimentation-Plan-pic-by-Carol-Mkandawire-240x200.jpg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4681 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8f74be2d5bc8fec5bce07f8532723baaaaf957677894aa39eabd3238019cae68

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.nyasatimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 09 Nov 2021 04:55:35 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
14568
cf-polished
degrade=85, origSize=9829
content-length
9620
last-modified
Mon, 08 Nov 2021 22:04:01 GMT
server
cloudflare
etag
"61899ed1-2665"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BSyh6m5gB4NtAxJ6Kt97sCh531BeAimpHXgOvCbeurggQoIX3yoGBohvJ7kJS5bezcQc4mahZfDLLEjqVjzONB52%2BtCM6tOZZko5%2B6juc4CXFgaquVPAEMZH9pP65croYYlUrkKm%2Bb6gIVCCwSwbXA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
cf-ray
6ab473210da905e9-FRA
cf-bgj
imgq:85,h2pri
usync.html
ad.lkqd.net/cookie-sync/ Frame D190 		5 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ad.lkqd.net/cookie-sync/usync.html
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/formats.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
/
Resource Hash
b6ff02c733394664dbb2178c88a0d8ab1292602aaad412e44ee83c3ab7943faf

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

date
Tue, 09 Nov 2021 04:55:35 GMT
content-encoding
gzip
content-length
1909
content-type
text/html
last-modified
Tue, 26 Oct 2021 15:08:45 GMT
accept-ranges
bytes
etag
"10c6626c1705141142b0302e29b3bd0e"
cache-control
public, max-age=1209600
x-hw
1636433735.cds125.am5.hn,1636433735.cds257.am5.c
access-control-allow-origin
*
ad
v.lkqd.net/ Frame 239D 		2 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://v.lkqd.net/ad?pid=430&sid=1151941&formats=true&output=vastvpaid&support=html5&execution=outstream&placement=slider&playinit=auto&volume=0&width=400&height=225&gdpr=0&gdprcs=&pageurl=https%3A%2F%2Fwww.nyasatimes.com%2F&dnt=0&c1=&c2=0&c3=1.0%2C1!vidoomy.com%2C62144%2C1%2C&c5=&c6=62144&rnd=39500132&m=
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/formats.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.128.151 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
bef7de7b0ce6240de4bab1fb4b9b6d800eb7d8fd1b1c2c31cc8c98dd9d1bcdbf

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 09 Nov 2021 04:55:36 GMT
content-encoding
gzip
server
nginx
content-type
application/xml; charset=UTF-8
access-control-allow-origin
https://www.nyasatimes.com
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-length
1354
sdk.js
connect.facebook.net/en_US/ 		266 KB
75 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/sdk.js?hash=b6c9ff2ef436b5fb93712a3767683d5d
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
dfb1fa3ea344a2eed9ba9dc4c1317bae4ce5630e8e09d0d59c002286554d55e1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
https://www.nyasatimes.com/
Origin
https://www.nyasatimes.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
content-md5
Snb2DXB8bhsklgnYqs4dDg==
cross-origin-resource-policy
cross-origin
expires
Wed, 09 Nov 2022 04:29:52 GMT
alt-svc
h3=":443"; ma=3600,h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
76642
x-fb-rlafr
0
x-fb-debug
4FXpQ/g9HWNAYJhNbDdctU9eZVjRQiitxv1XpVeJAsPNO5TUY9B89KSrrO+fPxiPYoShDCbuC2eY270mbtZ6uA==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
x-fb-content-md5
6c4c2e922b12a1aeafb30bb74588f588
cross-origin-opener-policy
same-origin-allow-popups
date
Tue, 09 Nov 2021 04:55:35 GMT
x-frame-options
DENY
report-to
{"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public,max-age=31536000,stale-while-revalidate=3600,immutable
etag
"c0a168f2185bb081544a22644b4d5a80"
timing-allow-origin
*
priority
u=3,i
access-control-expose-headers
X-FB-Content-MD5
usync.html
ad.lkqd.net/cookie-sync/ Frame 29FB 		5 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ad.lkqd.net/cookie-sync/usync.html
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/formats.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
/
Resource Hash
b6ff02c733394664dbb2178c88a0d8ab1292602aaad412e44ee83c3ab7943faf

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

date
Tue, 09 Nov 2021 04:55:35 GMT
content-encoding
gzip
content-length
1909
content-type
text/html
last-modified
Tue, 26 Oct 2021 15:08:45 GMT
accept-ranges
bytes
etag
"10c6626c1705141142b0302e29b3bd0e"
cache-control
public, max-age=1209600
x-hw
1636433735.cds125.am5.hn,1636433735.cds257.am5.c
access-control-allow-origin
*
ad
v.lkqd.net/ Frame 2121 		180 B
357 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://v.lkqd.net/ad?pid=430&sid=1151942&formats=true&output=vastvpaid&support=html5&execution=outstream&placement=slider&playinit=auto&volume=0&width=400&height=225&gdpr=0&gdprcs=&pageurl=https%3A%2F%2Fwww.nyasatimes.com%2F&dnt=0&c1=&c2=0&c3=1.0%2C1!vidoomy.com%2C62144%2C1%2C&c5=&c6=62144&rnd=81672765&m=
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/formats.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.128.151 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
45fa735c6df15f15a1293a9cb3125033408874bf284280e8bcac23f95ad8feac

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 09 Nov 2021 04:55:36 GMT
content-encoding
gzip
server
nginx
content-type
application/xml; charset=UTF-8
access-control-allow-origin
https://www.nyasatimes.com
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-length
150
json
trc.taboola.com/nyasatimes/trc/3/ 		5 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://trc.taboola.com/nyasatimes/trc/3/json?tim=04%3A55%3A35.891&lti=deflated&data=%7B%22id%22%3A486%2C%22ii%22%3A%22_homepage_%22%2C%22it%22%3A%22home%22%2C%22sd%22%3Anull%2C%22ui%22%3Anull%2C%22uifp%22%3Anull%2C%22lbt%22%3A1636366726868%2C%22vi%22%3A1636433735889%2C%22cv%22%3A%2220211108-3-RELEASE%22%2C%22uiv%22%3A%22default%22%2C%22u%22%3A%22https%3A%2F%2Fwww.nyasatimes.com%2F%22%2C%22bv%22%3A%220%22%2C%22ul%22%3A%5B%22en-US%22%2C%22en%22%5D%2C%22btv%22%3A%220%22%2C%22cos%22%3A%224g%22%2C%22bu%22%3A%22https%3A%2F%2Fwww.nyasatimes.com%2F%22%2C%22bad%22%3A-1%2C%22sw%22%3A1600%2C%22sh%22%3A1200%2C%22bw%22%3A1600%2C%22sde%22%3A%221.000%22%2C%22bh%22%3A1200%2C%22dw%22%3A1600%2C%22dh%22%3A11523%2C%22r%22%3A%5B%7B%22li%22%3A%22rbox-h2m%22%2C%22s%22%3A4%2C%22uim%22%3A%22organic-thumbnails-a%3Aabp%3D0%22%2C%22uip%22%3A%22Sidebar%20Thumbnails%22%2C%22orig_uip%22%3A%22Sidebar%20Thumbnails%22%2C%22cd%22%3A2676.0625%2C%22mw%22%3A0%7D%5D%2C%22cacheKey%22%3A%22home%3D_homepage_%2CSidebar%20Thumbnails%3Dorganic-thumbnails-a%3Aabp%3D0%22%2C%22cb%22%3A%22TRC.callbacks.recommendations_1%22%2C%22lt%22%3A%22deflated%22%7D&llvl=2
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20211108-3-RELEASE.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
340e679e8d5c6044e58c372406f4ac3be7cd3479c0adf7b0ac7586db37e0ebda

Request headers

Referer
https://www.nyasatimes.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
text/plain

Response headers

x-vcl-time-ms
71
date
Tue, 09 Nov 2021 04:55:35 GMT
content-encoding
gzip
server
nginx
x-timer
S1636433736.912543,VS0,VE71
x-served-by
cache-hhn4069-HHN
vary
Accept-Encoding
x-cache
MISS
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin
https://www.nyasatimes.com
access-control-allow-credentials
true
accept-ranges
bytes
content-type
application/javascript; charset=utf-8
via
1.1 varnish
x-cache-hits
0
integrator.js
adservice.google.de/adsid/ 		107 B
792 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=www.nyasatimes.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021110401.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.nyasatimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 09 Nov 2021 04:55:38 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
549 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=www.nyasatimes.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021110401.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f2.1e100.net
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.nyasatimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 09 Nov 2021 04:55:36 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ 		593 KB
69 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=2168745486402461&correlator=3813580483969266&output=ldjh&impl=fifs&eid=31063135%2C31063213&vrg=2021110401&ptt=17&sc=1&sfv=1-0-38&ecs=20211109&iu_parts=4176794%2CNyasa_Article_sidebar_block%2CNyasa_Category_Header_Block%2CNyasa_Category_Sidebar_Block%2CNyasa_Common_Header_position1%2CNyasa_Common_Header_position2%2CMiddle_Above_tabool_Below_National_block%2CNyasa_common_sidebar_position1%2CNyasa_common_sidebar_position2%2CNyasa_common_sidebar_position3%2CNyasa_common_sidebar_position4%2CNyasa_Common_Top_Below_Menu%2CNyasa_Home_Slider_Main_Block%2CNyasa_Home_TV_National_Block%2CNyasa_Home_TV_Politics_Block%2Csidebar_near_sports%2Cbelow_sports_block%2Cabove-politics-banner-block%2Cnyasa-above-national-block%2Cnyasa_home_page_taboola_ads%2Chomepage_below_national_taboola_spot%2Cnyasa-sidebar-position5&enc_prev_ius=%2F0%2F1%2C%2F0%2F2%2C%2F0%2F3%2C%2F0%2F4%2C%2F0%2F5%2C%2F0%2F6%2C%2F0%2F7%2C%2F0%2F8%2C%2F0%2F9%2C%2F0%2F10%2C%2F0%2F11%2C%2F0%2F12%2C%2F0%2F13%2C%2F0%2F14%2C%2F0%2F15%2C%2F0%2F16%2C%2F0%2F17%2C%2F0%2F18%2C%2F0%2F19%2C%2F0%2F20%2C%2F0%2F21&prev_iu_szs=300x600%7C300x250%2C728x90%2C300x250%2C728x90%2C960x90%2C960x90%2C300x250%2C300x250%2C300x250%2C300x250%2C960x90%2C300x600%7C300x250%2C300x600%2C300x600%2C300x600%2C728x90%2C300x600%2C728x90%2C320x480%2C300x250%2C300x250&cookie_enabled=1&bc=31&abxe=1&lmt=1636433735&dt=1636433735967&dlt=1636433732392&idt=3534&frm=20&biw=1600&bih=1200&oid=2&adxs=-9%2C-9%2C-9%2C578%2C-9%2C105%2C1140%2C1140%2C1140%2C1140%2C320%2C653%2C105%2C1145%2C-9%2C105%2C120%2C436%2C543%2C-9%2C1140&adys=-9%2C-9%2C-9%2C395%2C-9%2C1770%2C2676%2C4879%2C8432%2C8734%2C528%2C554%2C1226%2C1785%2C-9%2C4322%2C1770%2C1168%2C1770%2C-9%2C9036&adks=1801456199%2C1950623358%2C3010452982%2C1568645639%2C4017240066%2C374385371%2C1466105136%2C177676931%2C3789237611%2C2364952587%2C116743872%2C3840145581%2C4173879494%2C4066301068%2C2082777274%2C1780114845%2C158462088%2C174435938%2C2104184255%2C2444207991%2C1461351461&ucis=1%7C2%7C3%7C4%7C5%7C6%7C7%7C8%7C9%7Ca%7Cb%7Cc%7Cd%7Ce%7Cf%7Cg%7Ch%7Ci%7Cj%7Ck%7Cl&ifi=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwww.nyasatimes.com%2F&vis=1&dmc=8&scr_x=0&scr_y=0&psz=0x-1%7C0x-1%7C0x-1%7C946x90%7C0x-1%7C960x0%7C300x250%7C300x250%7C300x250%7C300x250%7C1600x0%7C300x0%7C417x500%7C320x520%7C0x-1%7C1014x0%7C422x600%7C1390x0%7C591x600%7C0x-1%7C300x250&msz=0x-1%7C0x-1%7C0x-1%7C916x0%7C0x-1%7C960x0%7C300x-1%7C300x-1%7C300x-1%7C300x-1%7C1600x0%7C300x0%7C300x-1%7C300x-1%7C0x-1%7C728x0%7C300x-1%7C728x0%7C561x480%7C0x-1%7C300x-1&ga_vid=1514767491.1636433735&ga_sid=1636433736&ga_hid=803458727&ga_fc=true&fws=2%2C2%2C2%2C0%2C2%2C4%2C4%2C4%2C4%2C4%2C4%2C4%2C4%2C4%2C2%2C4%2C4%2C4%2C4%2C2%2C4&ohw=0%2C0%2C0%2C0%2C0%2C1420%2C1420%2C1420%2C1420%2C1420%2C1600%2C1420%2C1420%2C1420%2C0%2C1420%2C1420%2C1420%2C1420%2C0%2C1420&btvi=-1%7C-1%7C-1%7C0%7C-1%7C1%7C2%7C3%7C4%7C5%7C0%7C0%7C6%7C7%7C-1%7C8%7C9%7C0%7C10%7C-1%7C11&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&nvt=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021110401.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
cafe /
Resource Hash
da863df7f387c13d9498c3e7136bd464f2d179de2f11548a7a6d80b4ed882095
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.nyasatimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 09 Nov 2021 04:55:36 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2,-2,-2,-2,-2,-2,-2,-2,-2,-2,-2,-2,-2,-2,-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
70497
x-xss-protection
0
google-lineitem-id
5357273925,-1,-1,5358029740,-2,-2,5589419441,5363301596,5363667757,5362943934,-1,-1,5459392222,5458501353,5615302451,5415498952,5469068552,5494488932,5741893627,-1,-1
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138309785928,-1,-1,138309786090,-2,-2,138309786117,138344636309,138316198794,138316230606,-1,-1,138357069982,138357070210,138340583679,138316231137,138337252482,138326575827,138361382298,-1,-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.nyasatimes.com
access-control-expose-headers
x-google-amp-ad-validated-version
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
sodar
pagead2.googlesyndication.com/getconfig/ 		12 KB
9 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2021110401&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021110401.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
07975904915c3b0c84a5c7accac1f5613fa6f047781872c0ce1ac068212c6324
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.nyasatimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 09 Nov 2021 04:55:36 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9340
x-xss-protection
0
container.html
40c08bcac5bf885dbd447c370f4f6d6d.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 9E7A 		6 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://40c08bcac5bf885dbd447c370f4f6d6d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021110401.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.161 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f1.1e100.net
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://www.nyasatimes.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin
*
content-length
3108
date
Tue, 09 Nov 2021 04:55:36 GMT
expires
Wed, 09 Nov 2022 04:55:36 GMT
cache-control
public, immutable, max-age=31536000
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cta-branding.js
cdn.taboola.com/demand-formats/cta-branding/ 		19 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/demand-formats/cta-branding/cta-branding.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20211108-3-RELEASE.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
b69967c0d0795c59adbf5770fb6891760d3b8e2d0934aa54a165ae44de87447b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.nyasatimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-amz-version-id
Z9vEYl_N8SSxpCpJAub2PIMzfFITjGTm
content-encoding
gzip
etag
"32f01c4091f73eabe019005d909e2e44"
age
8207
x-cache
HIT
x-amz-replication-status
PENDING
content-length
6020
x-amz-id-2
aurejYjY70YFFkforrvHbtOdP1odO2chDqtl154vTknARDuyeV8Pl8zpMKEC5WI62ELOaz3BllE=
x-served-by
cache-hhn4069-HHN
last-modified
Wed, 03 Nov 2021 10:38:29 GMT
server
AmazonS3
x-timer
S1636433736.024687,VS0,VE0
date
Tue, 09 Nov 2021 04:55:36 GMT
vary
Accept-Encoding
x-amz-request-id
3ZVEGQ0Y2AM0NG7J
via
1.1 varnish
cache-control
private,max-age=14400
accept-ranges
bytes
content-type
application/javascript
abp
3
x-cache-hits
2527
cta-branding.css
cdn.taboola.com/demand-formats/cta-branding/ 		2 KB
936 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/demand-formats/cta-branding/cta-branding.css
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20211108-3-RELEASE.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
241155907faff3ddf6df02126069a4fc7f05f77454acef7e1cbd49d8395ea556

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.nyasatimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-amz-version-id
SaZoTsX4ny11TP1YZbP8i3tjs4BdrMLw
content-encoding
gzip
etag
"978cfe7fd9cd031786ca00806b338a40"
age
8211
x-cache
HIT
x-amz-replication-status
PENDING
content-length
714
x-amz-id-2
XUBScFPIhILAYL5pQllSSSOE+oK4RR/dEu5uD9H2ojw/BkReqUyrC64GnbemxgrgrYxMAB5NJr8=
x-served-by
cache-hhn4069-HHN
last-modified
Wed, 03 Nov 2021 10:38:29 GMT
server
AmazonS3
x-timer
S1636433736.024775,VS0,VE0
date
Tue, 09 Nov 2021 04:55:36 GMT
vary
Accept-Encoding
x-amz-request-id
KV2H6R30M11Y2H7M
via
1.1 varnish
cache-control
private,max-age=14400
accept-ranges
bytes
content-type
text/css
abp
3
x-cache-hits
2513
tfa-eid.20211108-3-RELEASE.es6.js
cdn.taboola.com/libtrc/ 		14 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/tfa-eid.20211108-3-RELEASE.es6.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/nyasatimes/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
40e0abb4ea1c6939f435018be2ed0eb094e125d72897af16e089acf3602f8f88

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.nyasatimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-amz-version-id
_Tt9nj1GIoSWYaG9h_sfnxxVOpLFsl9a
content-encoding
gzip
etag
"de36c5c5fc790bdef06cac680d46c451"
age
37
x-cache
HIT
x-amz-replication-status
PENDING
content-length
5062
x-amz-id-2
VclfAsvWhMd7b87hSKTa86LVVv56uqBLvHOacmZGWdYBjnEKGoelEfnUo8WVO249k9V4QYz7LH4=
x-served-by
cache-hhn4069-HHN
last-modified
Mon, 08 Nov 2021 10:00:04 GMT
server
AmazonS3
x-timer
S1636433736.025368,VS0,VE0
date
Tue, 09 Nov 2021 04:55:36 GMT
vary
Accept-Encoding
x-amz-request-id
D2PZFSENC05Z71BY
via
1.1 varnish
cache-control
private,max-age=14400
accept-ranges
bytes
content-type
application/javascript; charset=utf-8
abp
3
x-cache-hits
18
sha256.20211108-3-RELEASE.es6.js
cdn.taboola.com/libtrc/ 		6 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/sha256.20211108-3-RELEASE.es6.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/nyasatimes/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
f987277481bdb5e15f013fbb0e7036478e6f820c0a6220f68e4726779ca883dd

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.nyasatimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-amz-version-id
y1PfUnpCYMfaLFA79hjS.56e470yGuUH
content-encoding
gzip
etag
"9186894661e1e99912204506b13cfade"
age
98
x-cache
HIT
x-amz-replication-status
PENDING
content-length
2589
x-amz-id-2
+e1bScf0xkp/A/thYfFb4n3ImfKJ8ahtVqO658gdbcW08gg7qMnjZJIa2JLU9rmrmXB82y5J5TA=
x-served-by
cache-hhn4069-HHN
last-modified
Mon, 08 Nov 2021 10:00:47 GMT
server
AmazonS3
x-timer
S1636433736.026250,VS0,VE0
date
Tue, 09 Nov 2021 04:55:36 GMT
vary
Accept-Encoding
x-amz-request-id
2TH7BDTJW2SFDFC0
via
1.1 varnish
cache-control
private,max-age=14400
accept-ranges
bytes
content-type
application/javascript; charset=utf-8
abp
3
x-cache-hits
48
userx.20211108-3-RELEASE.es6.js
cdn.taboola.com/libtrc/ 		17 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/userx.20211108-3-RELEASE.es6.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/nyasatimes/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
f8ce0d868b04686994caae0a66bb97f3975040018ea07d497fe89cca2f88d366

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.nyasatimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-amz-version-id
LGsWgRuBElpi4dY4gt6xU1WYmfd02X0S
content-encoding
gzip
etag
"0e0ad38d58a360f990b5cffa09948900"
age
33
x-cache
HIT
x-amz-replication-status
PENDING
content-length
5340
x-amz-id-2
OIHhV67ZqEujs7RMr8LAG5yrTZbCK6yfeHLFH4vtAfO46AhDNtOHYRVB4/J8N26581kYMakqEsc=
x-served-by
cache-hhn4069-HHN
last-modified
Mon, 08 Nov 2021 09:59:49 GMT
server
AmazonS3
x-timer
S1636433736.046355,VS0,VE0
date
Tue, 09 Nov 2021 04:55:36 GMT
vary
Accept-Encoding
x-amz-request-id
ZTM4WJNDY00SGBX8
via
1.1 varnish
cache-control
private,max-age=14400
accept-ranges
bytes
content-type
application/javascript; charset=utf-8
abp
3
x-cache-hits
6
skeleton.gif
static.adsafeprotected.com/ 		43 B
482 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.adsafeprotected.com/skeleton.gif
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2156:7800:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
42b976597a2d977d0e300f6d06bc903db389e5c112d33c1c8c249690a522d9f2

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.nyasatimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Fri, 06 Aug 2021 16:14:35 GMT
via
1.1 ea2e21f6a5c3ec2f96b0dac1b769e00e.cloudfront.net (CloudFront)
age
8167262
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
content-length
43
last-modified
Mon, 17 Aug 2020 23:55:15 GMT
server
AmazonS3
etag
"45cf913e5d9d3c9b2058033056d3dd23"
x-amz-version-id
iiN8XkcmZQdDIQeKkzAiegPwcD.5WPja
cache-control
max-age=315360000
x-amz-cf-pop
FRA50-C1
accept-ranges
bytes
content-type
image/gif
x-amz-cf-id
LbGTqHLm-YoJfXj_XXybf1LV3o1cn0GyoREEYQCJXZUNfXHBZjUT5g==
a-Nyasa-Times-pic-6112.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_200%2Cw_400%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//www.nyasatimes.com/wp-content/uploads/ 		7 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_200%2Cw_400%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//www.nyasatimes.com/wp-content/uploads/a-Nyasa-Times-pic-6112.jpg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
62070f46392f3179495c0878266b57a419ff3a1e9c58f4a140c78ad9501dec51

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.nyasatimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-vcl-time-ms
1
date
Tue, 09 Nov 2021 04:55:36 GMT
via
1.1 varnish, 1.1 varnish
age
5162565
edge-cache-tag
504433630856495486203655505176975426258,359431552109552129216311106837314910334,29ecf9b93bbf306179626feeda1fab70
x-ratelimit-remaining
99
x-envoy-upstream-service-time
34
expiration
expiry-date="Sat, 25 Sep 2021 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
x-cache
HIT, HIT, HIT
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_200%2Cw_400%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//www.nyasatimes.com/wp-content/uploads/a-Nyasa-Times-pic-6112.jpg
content-length
7534
x-backend-name
CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb803
last-modified
Wed, 25 Aug 2021 23:07:26 GMT
server
nginx
x-timer
S1636433736.090342,VS0,VE1
etag
"bc8423aa779e249fde3df5fb173546cc"
x-served-by
cache-wdc5553-WDC, cache-dca17769-DCA, cache-hhn4069-HHN
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
1, 1, 1
a-Nyasa-Times-pic-8846-433x600.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_200%2Cw_400%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//www.nyasatimes.com/wp-content/uploads/ 		5 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_200%2Cw_400%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//www.nyasatimes.com/wp-content/uploads/a-Nyasa-Times-pic-8846-433x600.jpg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
5ed4c20498ac853bf62cc34c3eb6c9ef0ad4235375846a158ba66a23f90f7c9c

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.nyasatimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-vcl-time-ms
1
date
Tue, 09 Nov 2021 04:55:36 GMT
via
1.1 varnish, 1.1 varnish
age
4042375
edge-cache-tag
478771477851942152707830282756227774051,359431552109552129216311106837314910334,29ecf9b93bbf306179626feeda1fab70
x-ratelimit-remaining
100
x-envoy-upstream-service-time
54
expiration
expiry-date="Sun, 26 Sep 2021 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
x-cache
HIT, HIT, HIT
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_200%2Cw_400%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//www.nyasatimes.com/wp-content/uploads/a-Nyasa-Times-pic-8846-433x600.jpg
content-length
5092
x-backend-name
CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb803
last-modified
Thu, 26 Aug 2021 07:08:14 GMT
server
nginx
x-timer
S1636433736.090384,VS0,VE1
etag
"306605ee795c416678b92b20cd5686b9"
x-served-by
cache-wdc5558-WDC, cache-dca17775-DCA, cache-hhn4069-HHN
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
1, 1, 1
a-Nyasa-Times-pic-674-600x452.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_200%2Cw_400%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//www.nyasatimes.com/wp-content/uploads/ 		15 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_200%2Cw_400%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//www.nyasatimes.com/wp-content/uploads/a-Nyasa-Times-pic-674-600x452.jpg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
96aa2acbfb9ec3b71048be25528935f8d9508d8498e67e545ff0e7690d2313ae

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.nyasatimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-vcl-time-ms
1
date
Tue, 09 Nov 2021 04:55:36 GMT
via
1.1 varnish, 1.1 varnish
age
1624125
edge-cache-tag
369497750055273688724048068011575364940,359431552109552129216311106837314910334,29ecf9b93bbf306179626feeda1fab70
x-ratelimit-remaining
99
x-envoy-upstream-service-time
98
expiration
expiry-date="Wed, 10 Nov 2021 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
x-cache
MISS, HIT, HIT
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_200%2Cw_400%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//www.nyasatimes.com/wp-content/uploads/a-Nyasa-Times-pic-674-600x452.jpg
content-length
15162
x-backend-name
CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb802
last-modified
Sun, 10 Oct 2021 13:25:55 GMT
server
nginx
x-timer
S1636433736.090292,VS0,VE1
etag
"184524e4f86b3aa3f8afa8e0213bdf55"
x-served-by
cache-wdc5541-WDC, cache-dca17748-DCA, cache-hhn4069-HHN
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 1, 1
chakwera-walks-down-aisle.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_200%2Cw_400%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//www.nyasatimes.com/wp-content/uploads/ 		8 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_200%2Cw_400%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//www.nyasatimes.com/wp-content/uploads/chakwera-walks-down-aisle.jpg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
346e4da8750273e0fb681009166c52e197d2b79bc26f72cdd86dd64d3980c2bf

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.nyasatimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-vcl-time-ms
1
date
Tue, 09 Nov 2021 04:55:36 GMT
via
1.1 varnish, 1.1 varnish
age
2848468
edge-cache-tag
616705552187753092117069784286501964199,359431552109552129216311106837314910334,29ecf9b93bbf306179626feeda1fab70
x-ratelimit-remaining
99
x-envoy-upstream-service-time
55
expiration
expiry-date="Sun, 10 Oct 2021 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
x-cache
HIT, HIT, HIT
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_200%2Cw_400%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//www.nyasatimes.com/wp-content/uploads/chakwera-walks-down-aisle.jpg
content-length
8270
x-backend-name
CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb802
last-modified
Thu, 09 Sep 2021 12:37:14 GMT
server
nginx
x-timer
S1636433736.090194,VS0,VE1
etag
"0d7d02eca9815bf7db1bded634d5c882"
x-served-by
cache-wdc5523-WDC, cache-dca17727-DCA, cache-hhn4069-HHN
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
1, 1, 1
cs
cs.lkqd.net/ Frame D190 		43 B
309 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.lkqd.net/cs?partnerId=55&redirect=https%3A%2F%2Fidsync.rlcdn.com%2F464986.gif%3Fpartner_uid%3D%24%24rawlkqduserid%24%24&r=if
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/cookie-sync/usync.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.132.196 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ad.lkqd.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 09 Nov 2021 04:55:36 GMT
server
nginx
access-control-max-age
0
access-control-allow-methods
GET
content-type
image/gif
access-control-allow-origin
*
access-control-expose-headers
Content-Type, Content-Disposition
cache-control
max-age=0
access-control-allow-credentials
true
access-control-allow-headers
Content-Type
content-length
43
cs
cs.lkqd.net/ Frame D190 		43 B
308 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.lkqd.net/cs?partnerId=103&redirect=https%3A%2F%2Fevent.clientgear.com%2Fcookie%2Flkqd%3Fpartner%3Dlkqd%26cookieid%3D%24%24rawlkqduserid%24%24&r=if
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/cookie-sync/usync.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.132.196 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ad.lkqd.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 09 Nov 2021 04:55:36 GMT
server
nginx
access-control-max-age
0
access-control-allow-methods
GET
content-type
image/gif
access-control-allow-origin
*
access-control-expose-headers
Content-Type, Content-Disposition
cache-control
max-age=0
access-control-allow-credentials
true
access-control-allow-headers
Content-Type
content-length
43
cs
cs.lkqd.net/ Frame D190 		43 B
308 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.lkqd.net/cs?partnerId=102&redirect=https%3A%2F%2Fcs.krushmedia.com%2Fcd607442bfdf172cfcec45014a5f4ece.gif%3Fpuid%3D%24%24rawlkqduserid%24%24%26redir%3Dhttps%253A%252F%252Fcs.lkqd.net%252Fcs%253FpartnerId%253D102%2526partnerUserId%253D%255BUID%255D&r=if
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/cookie-sync/usync.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.132.196 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ad.lkqd.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 09 Nov 2021 04:55:36 GMT
server
nginx
access-control-max-age
0
access-control-allow-methods
GET
content-type
image/gif
access-control-allow-origin
*
access-control-expose-headers
Content-Type, Content-Disposition
cache-control
max-age=0
access-control-allow-credentials
true
access-control-allow-headers
Content-Type
content-length
43
cs
cs.lkqd.net/ Frame D190 		43 B
308 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.lkqd.net/cs?partnerId=99&redirect=https%3A%2F%2Fc.deployads.com%2Fcs%2FNXST%3Fb%3D%24%24rawlkqduserid%24%24&r=if
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/cookie-sync/usync.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.132.196 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ad.lkqd.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 09 Nov 2021 04:55:36 GMT
server
nginx
access-control-max-age
0
access-control-allow-methods
GET
content-type
image/gif
access-control-allow-origin
*
access-control-expose-headers
Content-Type, Content-Disposition
cache-control
max-age=0
access-control-allow-credentials
true
access-control-allow-headers
Content-Type
content-length
43
cs
cs.lkqd.net/ Frame D190
Redirect Chain
  • https://ad.turn.com/r/cs?pid=65
  • https://cs.lkqd.net/cs?partnerId=94&partnerUserId=3126939706246334990
43 B
308 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.lkqd.net/cs?partnerId=94&partnerUserId=3126939706246334990
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/cookie-sync/usync.html
Protocol
H2
Server
146.20.132.196 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ad.lkqd.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 09 Nov 2021 04:55:36 GMT
server
nginx
access-control-max-age
0
access-control-allow-methods
GET
content-type
image/gif
access-control-allow-origin
*
access-control-expose-headers
Content-Type, Content-Disposition
cache-control
max-age=0
access-control-allow-credentials
true
access-control-allow-headers
Content-Type
content-length
43

Redirect headers

location
https://cs.lkqd.net/cs?partnerId=94&partnerUserId=3126939706246334990
pragma
no-cache
date
Tue, 09 Nov 2021 04:55:36 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
0
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"
/
www.facebook.com/login/ Frame 04DE
Redirect Chain
  • https://www.facebook.com/v2.5/plugins/page.php?adapt_container_width=false&app_id=&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df41688f3e11088%26d...
  • https://www.facebook.com/login/?next=https%3A%2F%2Fwww.facebook.com%2Fplugins%2Fpage.php%3Fadapt_container_width%3Dfalse%26app_id%26channel%3Dhttps%253A%252F%252Fstaticxx.facebook.com%252Fx%252Fcon...
0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://www.facebook.com/login/?next=https%3A%2F%2Fwww.facebook.com%2Fplugins%2Fpage.php%3Fadapt_container_width%3Dfalse%26app_id%26channel%3Dhttps%253A%252F%252Fstaticxx.facebook.com%252Fx%252Fconnect%252Fxd_arbiter%252F%253Fversion%253D46%2523cb%253Df41688f3e11088%2526domain%253Dwww.nyasatimes.com%2526is_canvas%253Dfalse%2526origin%253Dhttps%25253A%25252F%25252Fwww.nyasatimes.com%25252Ff21e489ef8f323%2526relation%253Dparent.parent%26container_width%3D284%26height%3D300%26hide_cover%3Dfalse%26href%3Dhttps%253A%252F%252Fwww.facebook.com%252FANCCLeeds%26locale%3Den_US%26sdk%3Djoey%26show_facepile%3Dfalse%26small_header%3Dtrue%26tabs%3Dtimeline%26width%3D300
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js?hash=b6c9ff2ef436b5fb93712a3767683d5d
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Content-Security-Policy default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* attachment.fbsbx.com blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster:;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
about:blank

Response headers

vary
Accept-Encoding
content-encoding
br
x-fb-rlafr
0
cross-origin-opener-policy
unsafe-none
pragma
no-cache
cache-control
private, no-cache, no-store, must-revalidate
expires
Sat, 01 Jan 2000 00:00:00 GMT
x-content-type-options
nosniff
x-xss-protection
0
content-security-policy-report-only
default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* attachment.fbsbx.com blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster:;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net;worker-src blob: *.facebook.com data:;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-security-policy
default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* attachment.fbsbx.com blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster:;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
x-frame-options
DENY
strict-transport-security
max-age=15552000; preload
content-type
text/html; charset="utf-8"
x-fb-debug
SZuqpyayxkJvu3TJ8QkssvbsW0a11If2MqFhrY2VXlRt6sTwGoNtGJA2MIIbHY4KkOqP6mjwIN90QjF0moLNEw==
date
Tue, 09 Nov 2021 04:55:36 GMT
alt-svc
h3=":443"; ma=3600, h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
priority
u=3,i

Redirect headers

location
https://www.facebook.com/login/?next=https%3A%2F%2Fwww.facebook.com%2Fplugins%2Fpage.php%3Fadapt_container_width%3Dfalse%26app_id%26channel%3Dhttps%253A%252F%252Fstaticxx.facebook.com%252Fx%252Fconnect%252Fxd_arbiter%252F%253Fversion%253D46%2523cb%253Df41688f3e11088%2526domain%253Dwww.nyasatimes.com%2526is_canvas%253Dfalse%2526origin%253Dhttps%25253A%25252F%25252Fwww.nyasatimes.com%25252Ff21e489ef8f323%2526relation%253Dparent.parent%26container_width%3D284%26height%3D300%26hide_cover%3Dfalse%26href%3Dhttps%253A%252F%252Fwww.facebook.com%252FANCCLeeds%26locale%3Den_US%26sdk%3Djoey%26show_facepile%3Dfalse%26small_header%3Dtrue%26tabs%3Dtimeline%26width%3D300
x-fb-rlafr
0
cross-origin-opener-policy
unsafe-none
pragma
no-cache
cache-control
private, no-cache, no-store, must-revalidate
expires
Sat, 01 Jan 2000 00:00:00 GMT
x-content-type-options
nosniff
x-xss-protection
0
content-security-policy-report-only
default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net cx.atdmt.com www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com ad.atdmt.com data: www.instagram.com *.vrich619.com *.fbcdn.net;worker-src blob: *.facebook.com data:;report-uri https://www.facebook.com/csp/reporting/?minimize=0;
content-security-policy
default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net cx.atdmt.com www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com ad.atdmt.com data: www.instagram.com *.vrich619.com *.fbcdn.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
facebook-api-version
v5.0
strict-transport-security
max-age=15552000; preload
content-type
text/html; charset="utf-8"
x-fb-debug
6fL6A1bQRqTn7mSgr5cP0EAbXY4hs/GSyh43NPcz5cqRqwZCARwM4NpqrP4ayvC2J6cv9aYJPoMkqNdM1ydY4g==
content-length
0
date
Tue, 09 Nov 2021 04:55:36 GMT
priority
u=3,i
alt-svc
h3=":443"; ma=3600, h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
cs
cs.lkqd.net/ Frame 29FB 		43 B
308 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.lkqd.net/cs?partnerId=55&redirect=https%3A%2F%2Fidsync.rlcdn.com%2F464986.gif%3Fpartner_uid%3D%24%24rawlkqduserid%24%24&r=if
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/cookie-sync/usync.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.132.196 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ad.lkqd.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 09 Nov 2021 04:55:36 GMT
server
nginx
access-control-max-age
0
access-control-allow-methods
GET
content-type
image/gif
access-control-allow-origin
*
access-control-expose-headers
Content-Type, Content-Disposition
cache-control
max-age=0
access-control-allow-credentials
true
access-control-allow-headers
Content-Type
content-length
43
cs
cs.lkqd.net/ Frame 29FB 		43 B
308 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.lkqd.net/cs?partnerId=103&redirect=https%3A%2F%2Fevent.clientgear.com%2Fcookie%2Flkqd%3Fpartner%3Dlkqd%26cookieid%3D%24%24rawlkqduserid%24%24&r=if
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/cookie-sync/usync.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.132.196 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ad.lkqd.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 09 Nov 2021 04:55:36 GMT
server
nginx
access-control-max-age
0
access-control-allow-methods
GET
content-type
image/gif
access-control-allow-origin
*
access-control-expose-headers
Content-Type, Content-Disposition
cache-control
max-age=0
access-control-allow-credentials
true
access-control-allow-headers
Content-Type
content-length
43
cs
cs.lkqd.net/ Frame 29FB 		43 B
308 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.lkqd.net/cs?partnerId=102&redirect=https%3A%2F%2Fcs.krushmedia.com%2Fcd607442bfdf172cfcec45014a5f4ece.gif%3Fpuid%3D%24%24rawlkqduserid%24%24%26redir%3Dhttps%253A%252F%252Fcs.lkqd.net%252Fcs%253FpartnerId%253D102%2526partnerUserId%253D%255BUID%255D&r=if
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/cookie-sync/usync.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.132.196 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ad.lkqd.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 09 Nov 2021 04:55:36 GMT
server
nginx
access-control-max-age
0
access-control-allow-methods
GET
content-type
image/gif
access-control-allow-origin
*
access-control-expose-headers
Content-Type, Content-Disposition
cache-control
max-age=0
access-control-allow-credentials
true
access-control-allow-headers
Content-Type
content-length
43
cs
cs.lkqd.net/ Frame 29FB 		43 B
308 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.lkqd.net/cs?partnerId=99&redirect=https%3A%2F%2Fc.deployads.com%2Fcs%2FNXST%3Fb%3D%24%24rawlkqduserid%24%24&r=if
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/cookie-sync/usync.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.132.196 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ad.lkqd.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 09 Nov 2021 04:55:36 GMT
server
nginx
access-control-max-age
0
access-control-allow-methods
GET
content-type
image/gif
access-control-allow-origin
*
access-control-expose-headers
Content-Type, Content-Disposition
cache-control
max-age=0
access-control-allow-credentials
true
access-control-allow-headers
Content-Type
content-length
43
cs
cs.lkqd.net/ Frame 29FB
Redirect Chain
  • https://ad.turn.com/r/cs?pid=65
  • https://cs.lkqd.net/cs?partnerId=94&partnerUserId=2910766924132551182
43 B
308 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.lkqd.net/cs?partnerId=94&partnerUserId=2910766924132551182
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/cookie-sync/usync.html
Protocol
H2
Server
146.20.132.196 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ad.lkqd.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 09 Nov 2021 04:55:36 GMT
server
nginx
access-control-max-age
0
access-control-allow-methods
GET
content-type
image/gif
access-control-allow-origin
*
access-control-expose-headers
Content-Type, Content-Disposition
cache-control
max-age=0
access-control-allow-credentials
true
access-control-allow-headers
Content-Type
content-length
43

Redirect headers

location
https://cs.lkqd.net/cs?partnerId=94&partnerUserId=2910766924132551182
pragma
no-cache
date
Tue, 09 Nov 2021 04:55:36 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
0
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"
a-Nyasa-Times-pic-6112.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_200%2Cw_400%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//www.nyasatimes.com/wp-content/uploads/ 		7 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_200%2Cw_400%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//www.nyasatimes.com/wp-content/uploads/a-Nyasa-Times-pic-6112.jpg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
62070f46392f3179495c0878266b57a419ff3a1e9c58f4a140c78ad9501dec51

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.nyasatimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-vcl-time-ms
0
date
Tue, 09 Nov 2021 04:55:36 GMT
via
1.1 varnish, 1.1 varnish
age
5162565
edge-cache-tag
504433630856495486203655505176975426258,359431552109552129216311106837314910334,29ecf9b93bbf306179626feeda1fab70
x-ratelimit-remaining
99
x-envoy-upstream-service-time
34
expiration
expiry-date="Sat, 25 Sep 2021 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
x-cache
HIT, HIT, HIT
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_200%2Cw_400%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//www.nyasatimes.com/wp-content/uploads/a-Nyasa-Times-pic-6112.jpg
content-length
7534
x-backend-name
CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb803
last-modified
Wed, 25 Aug 2021 23:07:26 GMT
server
nginx
x-timer
S1636433736.146001,VS0,VE0
etag
"bc8423aa779e249fde3df5fb173546cc"
x-served-by
cache-wdc5553-WDC, cache-dca17769-DCA, cache-hhn4069-HHN
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
1, 1, 2
a-Nyasa-Times-pic-8846-433x600.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_200%2Cw_400%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//www.nyasatimes.com/wp-content/uploads/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_200%2Cw_400%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//www.nyasatimes.com/wp-content/uploads/a-Nyasa-Times-pic-8846-433x600.jpg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
5ed4c20498ac853bf62cc34c3eb6c9ef0ad4235375846a158ba66a23f90f7c9c

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.nyasatimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-vcl-time-ms
0
date
Tue, 09 Nov 2021 04:55:36 GMT
via
1.1 varnish, 1.1 varnish
age
4042375
edge-cache-tag
478771477851942152707830282756227774051,359431552109552129216311106837314910334,29ecf9b93bbf306179626feeda1fab70
x-ratelimit-remaining
100
x-envoy-upstream-service-time
54
expiration
expiry-date="Sun, 26 Sep 2021 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
x-cache
HIT, HIT, HIT
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_200%2Cw_400%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//www.nyasatimes.com/wp-content/uploads/a-Nyasa-Times-pic-8846-433x600.jpg
content-length
5092
x-backend-name
CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb803
last-modified
Thu, 26 Aug 2021 07:08:14 GMT
server
nginx
x-timer
S1636433736.146271,VS0,VE0
etag
"306605ee795c416678b92b20cd5686b9"
x-served-by
cache-wdc5558-WDC, cache-dca17775-DCA, cache-hhn4069-HHN
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
1, 1, 2
a-Nyasa-Times-pic-674-600x452.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_200%2Cw_400%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//www.nyasatimes.com/wp-content/uploads/ 		15 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_200%2Cw_400%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//www.nyasatimes.com/wp-content/uploads/a-Nyasa-Times-pic-674-600x452.jpg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
96aa2acbfb9ec3b71048be25528935f8d9508d8498e67e545ff0e7690d2313ae

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.nyasatimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-vcl-time-ms
0
date
Tue, 09 Nov 2021 04:55:36 GMT
via
1.1 varnish, 1.1 varnish
age
1624125
edge-cache-tag
369497750055273688724048068011575364940,359431552109552129216311106837314910334,29ecf9b93bbf306179626feeda1fab70
x-ratelimit-remaining
99
x-envoy-upstream-service-time
98
expiration
expiry-date="Wed, 10 Nov 2021 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
x-cache
MISS, HIT, HIT
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_200%2Cw_400%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//www.nyasatimes.com/wp-content/uploads/a-Nyasa-Times-pic-674-600x452.jpg
content-length
15162
x-backend-name
CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb802
last-modified
Sun, 10 Oct 2021 13:25:55 GMT
server
nginx
x-timer
S1636433736.146458,VS0,VE0
etag
"184524e4f86b3aa3f8afa8e0213bdf55"
x-served-by
cache-wdc5541-WDC, cache-dca17748-DCA, cache-hhn4069-HHN
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 1, 2
chakwera-walks-down-aisle.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_200%2Cw_400%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//www.nyasatimes.com/wp-content/uploads/ 		8 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_200%2Cw_400%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//www.nyasatimes.com/wp-content/uploads/chakwera-walks-down-aisle.jpg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
346e4da8750273e0fb681009166c52e197d2b79bc26f72cdd86dd64d3980c2bf

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.nyasatimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-vcl-time-ms
0
date
Tue, 09 Nov 2021 04:55:36 GMT
via
1.1 varnish, 1.1 varnish
age
2848468
edge-cache-tag
616705552187753092117069784286501964199,359431552109552129216311106837314910334,29ecf9b93bbf306179626feeda1fab70
x-ratelimit-remaining
99
x-envoy-upstream-service-time
55
expiration
expiry-date="Sun, 10 Oct 2021 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
x-cache
HIT, HIT, HIT
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_200%2Cw_400%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//www.nyasatimes.com/wp-content/uploads/chakwera-walks-down-aisle.jpg
content-length
8270
x-backend-name
CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb802
last-modified
Thu, 09 Sep 2021 12:37:14 GMT
server
nginx
x-timer
S1636433736.146542,VS0,VE0
etag
"0d7d02eca9815bf7db1bded634d5c882"
x-served-by
cache-wdc5523-WDC, cache-dca17727-DCA, cache-hhn4069-HHN
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
1, 1, 2
t
t.lkqd.net/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://t.lkqd.net/t
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.128.190 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type
Origin
https://www.nyasatimes.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

server
nginx
date
Tue, 09 Nov 2021 04:55:36 GMT
content-type
text/plain; charset=UTF-8
content-length
0
access-control-allow-credentials
true
access-control-expose-headers
Content-Type, Content-Disposition
access-control-allow-headers
Content-Type
access-control-allow-methods
GET, OPTIONS, POST
cache-control
max-age=300
access-control-max-age
300
access-control-allow-origin
https://www.nyasatimes.com
t
t.lkqd.net/ Frame B456 		0
0
t
t.lkqd.net/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://t.lkqd.net/t
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.128.190 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type
Origin
https://www.nyasatimes.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

server
nginx
date
Tue, 09 Nov 2021 04:55:36 GMT
content-type
text/plain; charset=UTF-8
content-length
0
access-control-allow-credentials
true
access-control-expose-headers
Content-Type, Content-Disposition
access-control-allow-headers
Content-Type
access-control-allow-methods
GET, OPTIONS, POST
cache-control
max-age=300
access-control-max-age
300
access-control-allow-origin
https://www.nyasatimes.com
t
t.lkqd.net/ Frame 4CD2 		0
166 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://t.lkqd.net/t
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/formats.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.128.190 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
application/json

Response headers

access-control-allow-origin
https://www.nyasatimes.com
date
Tue, 09 Nov 2021 04:55:36 GMT
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
server
nginx
content-length
0
content-type
text/plain; charset=UTF-8
vpaid.js
ad.lkqd.net/vpaid/ Frame C2AF 		230 KB
61 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/formats.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
/
Resource Hash
36ae762191d24727fbba21272ea14872bb7824188961282001d50e67f7b1881c

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 09 Nov 2021 04:55:36 GMT
content-encoding
gzip
last-modified
Tue, 02 Nov 2021 21:06:56 GMT
etag
"cca1f428155a1f13b17a4684f2c8ef1c"
x-hw
1636433736.cds125.am5.hn,1636433736.cds300.am5.c
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=1209600
accept-ranges
bytes
content-length
62015
usync.html
ad.lkqd.net/cookie-sync/ Frame 147F 		5 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ad.lkqd.net/cookie-sync/usync.html
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
/
Resource Hash
b6ff02c733394664dbb2178c88a0d8ab1292602aaad412e44ee83c3ab7943faf

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

date
Tue, 09 Nov 2021 04:55:36 GMT
content-encoding
gzip
content-length
1909
content-type
text/html
last-modified
Tue, 26 Oct 2021 15:08:45 GMT
accept-ranges
bytes
etag
"10c6626c1705141142b0302e29b3bd0e"
cache-control
public, max-age=1209600
x-hw
1636433736.cds125.am5.hn,1636433736.cds257.am5.c
access-control-allow-origin
*
ad
v.lkqd.net/ Frame C2AF 		105 KB
7 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://v.lkqd.net/ad?pid=430&sid=1151941&formats=true&output=json2&support=html5&execution=outstream&placement=slider&playinit=auto&volume=0&width=400&height=225&gdpr=0&gdprcs=&pageurl=https%3A%2F%2Fwww.nyasatimes.com%2F&dnt=0&c1=&c2=0&c3=1.0%2C1!vidoomy.com%2C62144%2C1%2C&c5=&c6=62144&rnd=39500132&m=&rtv=1&thost=www.nyasatimes.com
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.128.151 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
92d168e4d70f1f23515b66007b28a6c63ff88baf3c57acea6c7867def3b3565f

Request headers

Referer
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
application/json

Response headers

date
Tue, 09 Nov 2021 04:55:36 GMT
content-encoding
gzip
server
nginx
content-type
application/json
access-control-allow-origin
https://www.nyasatimes.com
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-length
6899
ad
v.lkqd.net/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://v.lkqd.net/ad?pid=430&sid=1151941&formats=true&output=json2&support=html5&execution=outstream&placement=slider&playinit=auto&volume=0&width=400&height=225&gdpr=0&gdprcs=&pageurl=https%3A%2F%2Fwww.nyasatimes.com%2F&dnt=0&c1=&c2=0&c3=1.0%2C1!vidoomy.com%2C62144%2C1%2C&c5=&c6=62144&rnd=39500132&m=&rtv=1&thost=www.nyasatimes.com
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.128.151 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type
Origin
https://www.nyasatimes.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

server
nginx
date
Tue, 09 Nov 2021 04:55:36 GMT
content-length
0
access-control-allow-origin
https://www.nyasatimes.com
access-control-max-age
300
cache-control
max-age=300
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-headers
Content-Type
access-control-expose-headers
Content-Type, Content-Disposition
access-control-allow-credentials
true
truncated
/ 		5 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
65cb5cd5882c666a22bf188d80f04fe01f56fbb3428e29d74aa24e3d9b1c783b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Content-Type
image/png
cse_element__en.js
www.google.com/cse/static/element/cc267ab8871224bd/ 		121 KB
0 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google.com/cse/static/element/cc267ab8871224bd/cse_element__en.js?usqp=CAI%3D
Requested by
Host: cse.google.com
URL: https://cse.google.com/cse.js?cx=partner-pub-6272874513322487:3507483757
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.nyasatimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Wed, 03 Nov 2021 21:27:03 GMT
x-content-type-options
nosniff
age
458913
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/prose-team
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
296486
x-xss-protection
0
last-modified
Mon, 13 Sep 2021 21:05:40 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"prose-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/prose-team"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="prose-team"
expires
Thu, 03 Nov 2022 21:27:03 GMT
default+en.css
www.google.com/cse/static/element/cc267ab8871224bd/ 		41 KB
41 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.google.com/cse/static/element/cc267ab8871224bd/default+en.css
Requested by
Host: cse.google.com
URL: https://cse.google.com/cse.js?cx=partner-pub-6272874513322487:3507483757
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4c1355d27b14881a055e00a4a2afa4608b452c9780ac5c61e1b8f9fd55fa3e1e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.nyasatimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Wed, 03 Nov 2021 21:27:03 GMT
x-content-type-options
nosniff
age
458913
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/prose-team
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
41474
x-xss-protection
0
last-modified
Mon, 13 Sep 2021 21:05:40 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"prose-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/prose-team"}]}
content-type
text/css
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="prose-team"
expires
Thu, 03 Nov 2022 21:27:03 GMT
espresso.css
www.google.com/cse/static/style/look/v4/ 		5 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.google.com/cse/static/style/look/v4/espresso.css
Requested by
Host: cse.google.com
URL: https://cse.google.com/cse.js?cx=partner-pub-6272874513322487:3507483757
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
79079035ef85018e365005353caff57c4797c437cb07f6460e77bf6477cd3805
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.nyasatimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 09 Nov 2021 04:54:32 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
64
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/prose-team
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1538
x-xss-protection
0
last-modified
Mon, 25 May 2020 08:30:00 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"prose-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/prose-team"}]}
content-type
text/css
cache-control
public, max-age=3000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="prose-team"
expires
Tue, 09 Nov 2021 05:44:32 GMT
cs
cs.lkqd.net/ Frame 147F 		43 B
308 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.lkqd.net/cs?partnerId=55&redirect=https%3A%2F%2Fidsync.rlcdn.com%2F464986.gif%3Fpartner_uid%3D%24%24rawlkqduserid%24%24&r=if
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/cookie-sync/usync.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.132.196 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ad.lkqd.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 09 Nov 2021 04:55:36 GMT
server
nginx
access-control-max-age
0
access-control-allow-methods
GET
content-type
image/gif
access-control-allow-origin
*
access-control-expose-headers
Content-Type, Content-Disposition
cache-control
max-age=0
access-control-allow-credentials
true
access-control-allow-headers
Content-Type
content-length
43
cs
cs.lkqd.net/ Frame 147F 		43 B
308 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.lkqd.net/cs?partnerId=103&redirect=https%3A%2F%2Fevent.clientgear.com%2Fcookie%2Flkqd%3Fpartner%3Dlkqd%26cookieid%3D%24%24rawlkqduserid%24%24&r=if
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/cookie-sync/usync.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.132.196 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ad.lkqd.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 09 Nov 2021 04:55:36 GMT
server
nginx
access-control-max-age
0
access-control-allow-methods
GET
content-type
image/gif
access-control-allow-origin
*
access-control-expose-headers
Content-Type, Content-Disposition
cache-control
max-age=0
access-control-allow-credentials
true
access-control-allow-headers
Content-Type
content-length
43
cs
cs.lkqd.net/ Frame 147F 		43 B
308 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.lkqd.net/cs?partnerId=102&redirect=https%3A%2F%2Fcs.krushmedia.com%2Fcd607442bfdf172cfcec45014a5f4ece.gif%3Fpuid%3D%24%24rawlkqduserid%24%24%26redir%3Dhttps%253A%252F%252Fcs.lkqd.net%252Fcs%253FpartnerId%253D102%2526partnerUserId%253D%255BUID%255D&r=if
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/cookie-sync/usync.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.132.196 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ad.lkqd.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 09 Nov 2021 04:55:36 GMT
server
nginx
access-control-max-age
0
access-control-allow-methods
GET
content-type
image/gif
access-control-allow-origin
*
access-control-expose-headers
Content-Type, Content-Disposition
cache-control
max-age=0
access-control-allow-credentials
true
access-control-allow-headers
Content-Type
content-length
43
cs
cs.lkqd.net/ Frame 147F 		43 B
308 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.lkqd.net/cs?partnerId=99&redirect=https%3A%2F%2Fc.deployads.com%2Fcs%2FNXST%3Fb%3D%24%24rawlkqduserid%24%24&r=if
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/cookie-sync/usync.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.132.196 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ad.lkqd.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 09 Nov 2021 04:55:36 GMT
server
nginx
access-control-max-age
0
access-control-allow-methods
GET
content-type
image/gif
access-control-allow-origin
*
access-control-expose-headers
Content-Type, Content-Disposition
cache-control
max-age=0
access-control-allow-credentials
true
access-control-allow-headers
Content-Type
content-length
43
cs
cs.lkqd.net/ Frame 147F
Redirect Chain
  • https://ad.turn.com/r/cs?pid=65
  • https://cs.lkqd.net/cs?partnerId=94&partnerUserId=2910766924132551182
43 B
308 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.lkqd.net/cs?partnerId=94&partnerUserId=2910766924132551182
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/cookie-sync/usync.html
Protocol
H2
Server
146.20.132.196 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ad.lkqd.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 09 Nov 2021 04:55:36 GMT
server
nginx
access-control-max-age
0
access-control-allow-methods
GET
content-type
image/gif
access-control-allow-origin
*
access-control-expose-headers
Content-Type, Content-Disposition
cache-control
max-age=0
access-control-allow-credentials
true
access-control-allow-headers
Content-Type
content-length
43

Redirect headers

location
https://cs.lkqd.net/cs?partnerId=94&partnerUserId=2910766924132551182
pragma
no-cache
date
Tue, 09 Nov 2021 04:55:36 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
0
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"
t
t.lkqd.net/ Frame 0558 		0
167 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://t.lkqd.net/t
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.128.190 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
application/json

Response headers

access-control-allow-origin
https://www.nyasatimes.com
date
Tue, 09 Nov 2021 04:55:36 GMT
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
server
nginx
content-length
0
content-type
text/plain; charset=UTF-8
t
t.lkqd.net/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://t.lkqd.net/t
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.128.190 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type
Origin
https://www.nyasatimes.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

server
nginx
date
Tue, 09 Nov 2021 04:55:36 GMT
content-type
text/plain; charset=UTF-8
content-length
0
access-control-allow-credentials
true
access-control-expose-headers
Content-Type, Content-Disposition
access-control-allow-headers
Content-Type
access-control-allow-methods
GET, OPTIONS, POST
cache-control
max-age=300
access-control-max-age
300
access-control-allow-origin
https://www.nyasatimes.com
v2dpr3s6w8XqBfiwmHOdLbax8-094EuAX4rUf2Cgx9Z73tvXfxWPKFOwR9cflGU0PtDEDGvO6Iri-kqYivOEh7_q-7tRcCnkxv2hu0cgfSMaRDqxzHge_iR3rmOznEyD4Uuxj0vQjDmnd9A
steadfastsystem.com/ 		216 B
614 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://steadfastsystem.com/v2dpr3s6w8XqBfiwmHOdLbax8-094EuAX4rUf2Cgx9Z73tvXfxWPKFOwR9cflGU0PtDEDGvO6Iri-kqYivOEh7_q-7tRcCnkxv2hu0cgfSMaRDqxzHge_iR3rmOznEyD4Uuxj0vQjDmnd9A
Requested by
Host: steadfastsystem.com
URL: https://steadfastsystem.com/v2/0/otbsIu5B1ADm6WfVcR8Zc-iCydrinBppxVUROdXidoTBwND7orK255k9qWkc4OMCrnAaQRGw2U_34risbp8QI6bKAjw1UZplpM-c2QtQovHZdOw4ENyP1ir3Lxy71qmrlzdvynk_Q
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.190.90.202 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
202.90.190.35.bc.googleusercontent.com
Software
/
Resource Hash
56a891645535c936ef835703d0683570f99c8fb1a33adf440b72a117656f929f
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; preload

Request headers

Referer
https://www.nyasatimes.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

strict-transport-security
max-age=15724800; preload
x-datacenter
gce-europe-west1
date
Tue, 09 Nov 2021 04:55:36 GMT
vary
Accept-Encoding, Origin
access-control-allow-methods
POST, OPTIONS
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.nyasatimes.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
x-hostname
e00eae1c
timing-allow-origin
*
access-control-allow-headers
DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Cookie
content-length
216
expires
Tue, 09 Nov 2021 04:55:35 GMT
v2dpr3s6w8XqBfiwmHOdLbax8-094EuAX4rUf2Cgx9Z73tvXfxWPKFOwR9cflGU0PtDEDGvO6Iri-kqYivOEh7_q-7tRcCnkxv2hu0cgfSMaRDqxzHge_iR3rmOznEyD4Uuxj0vQjDmnd9A
steadfastsystem.com/ 		216 B
249 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://steadfastsystem.com/v2dpr3s6w8XqBfiwmHOdLbax8-094EuAX4rUf2Cgx9Z73tvXfxWPKFOwR9cflGU0PtDEDGvO6Iri-kqYivOEh7_q-7tRcCnkxv2hu0cgfSMaRDqxzHge_iR3rmOznEyD4Uuxj0vQjDmnd9A
Requested by
Host: steadfastsystem.com
URL: https://steadfastsystem.com/v2/0/otbsIu5B1ADm6WfVcR8Zc-iCydrinBppxVUROdXidoTBwND7orK255k9qWkc4OMCrnAaQRGw2U_34risbp8QI6bKAjw1UZplpM-c2QtQovHZdOw4ENyP1ir3Lxy71qmrlzdvynk_Q
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.190.90.202 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
202.90.190.35.bc.googleusercontent.com
Software
/
Resource Hash
ce264c6adce1673d25264e01b96689bf38b0644db3818a2777196b1916fb3be1
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; preload

Request headers

Referer
https://www.nyasatimes.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

strict-transport-security
max-age=15724800; preload
x-datacenter
gce-europe-west1
date
Tue, 09 Nov 2021 04:55:36 GMT
vary
Accept-Encoding, Origin
access-control-allow-methods
POST, OPTIONS
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.nyasatimes.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
x-hostname
e00eae1c
timing-allow-origin
*
access-control-allow-headers
DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Cookie
content-length
216
expires
Tue, 09 Nov 2021 04:55:35 GMT
/
adx.adform.net/adx/ 		65 B
651 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://adx.adform.net/adx/?mid=970530&t=2&url=https%3A%2F%2Fwww.nyasatimes.com%2F
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.2.237 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
94e4cb19c22e935d07b372642b91d6ef04fa8a8c61aed1bc5b17a5e79cdb6a54
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.nyasatimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 09 Nov 2021 04:55:36 GMT
content-encoding
gzip
vary
Accept-Encoding
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
strict-transport-security
max-age=31536000; includeSubDomains
content-length
173
pragma
no-cache
server
nginx
access-control-max-age
86400
access-control-allow-methods
GET, POST
content-type
text/xml; charset=utf-8
access-control-allow-origin
https://www.nyasatimes.com
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
expires
-1
218945
search.spotxchange.com/vast/2.0/ 		67 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://search.spotxchange.com/vast/2.0/218945?VPAID=JS&content_page_url=https%3A%2F%2Fwww.nyasatimes.com%2F&cb=1220787203&player_width=400&player_height=225&regs[gdpr]=0&user[consent]=&device[geo][lat]=&device[geo][lon]=&schain=1.0%2C1%21vidoomy.com%2C62144%2C1%2C54283961372527544011617855328%2C%2C
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
185.94.180.123 Amsterdam, Netherlands, ASN35220 (SPOTX-AMS, US),
Reverse DNS
Software
nginx /
Resource Hash
78e958d620d6e40a19e424eee3a9b23932cd9bfa4d7f736442048777d203052d

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.nyasatimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date
Tue, 09 Nov 2021 04:55:36 GMT
Content-Encoding
gzip
X-SpotX-Timing-Transform
0.000284
X-SpotX-Timing-SpotMarket
0.007360
X-SpotX-Timing-Page-Mux
0.000236
X-SpotX-Timing-Page-Require
0.000374
X-fe
115
Connection
keep-alive
X-SpotX-Timing-Page-Cookie
0.000028
Content-Length
77
X-SpotX-Timing-Page
0.013758
Pragma
no-cache
X-SpotX-Timing-Page-Context
0.000306
Last-Modified
Tue, 09 Nov 2021 04:55:36 GMT
Server
nginx
Cache-Control
no-cache, must-revalidate, post-check=0, pre-check=0
Access-Control-Allow-Methods
POST, GET, PATCH, DELETE, OPTIONS
Vary
Accept-Encoding
X-SpotX-Timing-SpotMarket-Primary
0.007360
Content-Type
text/xml;charset=UTF-8
Access-Control-Allow-Origin
https://www.nyasatimes.com
X-SpotX-Timing-Page-Misc
0.005161
X-SpotX-Timing-Page-Exception
0.000000
X-SpotX-Timing-SpotMarket-Secondary
0.000000
X-SpotX-Timing-Page-URI
0.000009
Access-Control-Allow-Credentials
true
Access-Control-Allow-Headers
Expires
Thu, 01 Jan 1970 00:00:00 GMT
88k_nHSg_6XSp1263gyM+iSSVC+nZNMH
ads.adaptv.advertising.com/a/h/ 		249 B
548 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.adaptv.advertising.com/a/h/88k_nHSg_6XSp1263gyM+iSSVC+nZNMH?cb=117332751&gdpr=0&gdpr_consent=&pageUrl=https%3A%2F%2Fwww.nyasatimes.com%2F&eov=eov&pi.width=400&pi.height=225&pi.viewable=1&scpid=62144&hp=1
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.156.156.223 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-156-156-223.eu-central-1.compute.amazonaws.com
Software
adaptv/1.0 /
Resource Hash
6c138576e7381d3ab0aa7b511adc3a7cbb7fe3a3d33768bad05577f5dfc60cad
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.nyasatimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=31536000
content-encoding
gzip
server
adaptv/1.0
content-type
text/xml
access-control-allow-origin
https://www.nyasatimes.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
Connection
keep-alive
Content-Length
192
expires
0
88k_nHSg_6XSp1263gyM+iSSVC+nZNMH
ads.adaptv.advertising.com/a/h/ 		249 B
548 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.adaptv.advertising.com/a/h/88k_nHSg_6XSp1263gyM+iSSVC+nZNMH?cb=261733687&gdpr=0&gdpr_consent=&pageUrl=https%3A%2F%2Fwww.nyasatimes.com%2F&eov=eov&pi.width=400&pi.height=225&pi.viewable=1&scpid=62144&hp=1
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.156.156.223 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-156-156-223.eu-central-1.compute.amazonaws.com
Software
adaptv/1.0 /
Resource Hash
6c138576e7381d3ab0aa7b511adc3a7cbb7fe3a3d33768bad05577f5dfc60cad
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.nyasatimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=31536000
content-encoding
gzip
server
adaptv/1.0
content-type
text/xml
access-control-allow-origin
https://www.nyasatimes.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
Connection
keep-alive
Content-Length
192
expires
0
88k_nHSg_6XSp1263gyM+rBJnqbGxDqsAEHMK88FGSM=
ads.adaptv.advertising.com/a/h/ 		249 B
548 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.adaptv.advertising.com/a/h/88k_nHSg_6XSp1263gyM+rBJnqbGxDqsAEHMK88FGSM=?cb=2115138425&gdpr=0&gdpr_consent=&pet=preroll&pageUrl=https%3A%2F%2Fwww.nyasatimes.com%2F&eov=eov&pi.width=400&pi.height=225&pi.viewable=1&scpid=62144&hp=1
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.156.156.223 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-156-156-223.eu-central-1.compute.amazonaws.com
Software
adaptv/1.0 /
Resource Hash
6c138576e7381d3ab0aa7b511adc3a7cbb7fe3a3d33768bad05577f5dfc60cad
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.nyasatimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=31536000
content-encoding
gzip
server
adaptv/1.0
content-type
text/xml
access-control-allow-origin
https://www.nyasatimes.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
Connection
keep-alive
Content-Length
192
expires
0
/
adx.adform.net/adx/ 		65 B
650 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://adx.adform.net/adx/?mid=970530&url=https%3A%2F%2Fwww.nyasatimes.com%2F&t=2
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.2.237 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
94e4cb19c22e935d07b372642b91d6ef04fa8a8c61aed1bc5b17a5e79cdb6a54
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.nyasatimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 09 Nov 2021 04:55:36 GMT
content-encoding
gzip
vary
Accept-Encoding
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
strict-transport-security
max-age=31536000; includeSubDomains
content-length
173
pragma
no-cache
server
nginx
access-control-max-age
86400
access-control-allow-methods
GET, POST
content-type
text/xml; charset=utf-8
access-control-allow-origin
https://www.nyasatimes.com
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
expires
-1
swfIndex.php
ads.stickyadstv.com/www/delivery/ 		67 B
722 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.stickyadstv.com/www/delivery/swfIndex.php?reqType=AdsSetup&protocolVersion=2.0&zoneId=7439281&_fw_gdpr=0&_fw_gdpr_consent=&schain=1.0%2C1%21vidoomy.com%2C62144%2C1%2C54283961372527544011195556296,,
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.233 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-233.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
291437ea71e62b1c35d4ec5d3c5ad02cfa930343b41b1472fba70243089c8bbe

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.nyasatimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 09 Nov 2021 04:55:36 GMT
Server
nginx
Content-Type
application/xml;charset=UTF-8
Access-Control-Allow-Origin
https://www.nyasatimes.com
Cache-Control
max-age=0, no-cache, no-store
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
67
x-sticky-vk
1636433736643021-569
Expires
Tue, 09 Nov 2021 04:55:36 GMT
vadtag.html
vpaid.pubmatic.com/ads/video/ 		992 B
869 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://vpaid.pubmatic.com/ads/video/vadtag.html?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr=0&gdpr_consent=&kadpageurl=https%3A%2F%2Fwww.nyasatimes.com%2F&schain=1.0%2C1%21vidoomy.com%2C62144%2C1%2C54283961372527544011935234587%2C%2C
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-233-180.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
efacc9a3f56697c01f1ea5df01fb10f57339c266482602a7f72c6974b6facf34

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.nyasatimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 09 Nov 2021 04:55:36 GMT
content-encoding
gzip
server
Apache/2.2.15 (CentOS)
etag
"461ced-23ca-5c92d699e808f"
vary
Origin, Accept-Encoding
content-type
application/xml
access-control-allow-origin
https://www.nyasatimes.com
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-length
610
expires
Tue, 09 Nov 2021 04:55:36 GMT
vadtag.html
vpaid.pubmatic.com/ads/video/ 		991 B
866 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://vpaid.pubmatic.com/ads/video/vadtag.html?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr=0&gdpr_consent=&kadpageurl=https%3A%2F%2Fwww.nyasatimes.com%2F&schain=1.0%2C1%21vidoomy.com%2C62144%2C1%2C6240666375428396137252754401%2C%2C
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-233-180.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
11926ef0ee1fb16028ad4290035a7c1ededeb5de6c81f4303f00200afd0a459a

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.nyasatimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 09 Nov 2021 04:55:36 GMT
content-encoding
gzip
server
Apache/2.2.15 (CentOS)
etag
"461ced-23ca-5c92d699e808f"
vary
Origin, Accept-Encoding
content-type
application/xml
access-control-allow-origin
https://www.nyasatimes.com
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-length
606
expires
Tue, 09 Nov 2021 04:55:36 GMT
vadtag.html
vpaid.pubmatic.com/ads/video/ 		991 B
868 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://vpaid.pubmatic.com/ads/video/vadtag.html?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr=0&gdpr_consent=&kadpageurl=https%3A%2F%2Fwww.nyasatimes.com%2F&schain=1.0%2C1%21vidoomy.com%2C62144%2C1%2C5428396137252754401925154198%2C%2C
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-233-180.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
9f172dd6356e55de434501a92869aa7fcef9628e7de6bb20adb931e1787ace3e

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.nyasatimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 09 Nov 2021 04:55:36 GMT
content-encoding
gzip
server
Apache/2.2.15 (CentOS)
etag
"461ced-23ca-5c92d699e808f"
vary
Origin, Accept-Encoding
content-type
application/xml
access-control-allow-origin
https://www.nyasatimes.com
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-length
608
expires
Tue, 09 Nov 2021 04:55:36 GMT
LyoDzRX0cOv8KcvlY2oOQnb1IeL0zelHZZQf70KjSEs=
ads.adaptv.advertising.com/a/h/ 		249 B
548 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.adaptv.advertising.com/a/h/LyoDzRX0cOv8KcvlY2oOQnb1IeL0zelHZZQf70KjSEs=?cb=101664817&gdpr=0&gdpr_consent=&pet=preroll&pageUrl=https%3A%2F%2Fwww.nyasatimes.com%2F&eov=eov&pi.width=400&pi.height=225&pi.viewable=1&scpid=62144&hp=1
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.156.156.223 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-156-156-223.eu-central-1.compute.amazonaws.com
Software
adaptv/1.0 /
Resource Hash
6c138576e7381d3ab0aa7b511adc3a7cbb7fe3a3d33768bad05577f5dfc60cad
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.nyasatimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=31536000
content-encoding
gzip
server
adaptv/1.0
content-type
text/xml
access-control-allow-origin
https://www.nyasatimes.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
Connection
keep-alive
Content-Length
192
expires
0
sodar2.js
tpc.googlesyndication.com/sodar/ 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021110401.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.65 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f1.1e100.net
Software
sffe /
Resource Hash
a5ead9037af4a0e749e217f63b25a25493a7705e17d98f04b336ab1370a353db
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.nyasatimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 09 Nov 2021 04:55:37 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1624308425655142"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6467
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="adspam-signals-scs"
expires
Tue, 09 Nov 2021 04:55:37 GMT
t
t.lkqd.net/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://t.lkqd.net/t
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.128.190 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type
Origin
https://www.nyasatimes.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

server
nginx
date
Tue, 09 Nov 2021 04:55:36 GMT
content-type
text/plain; charset=UTF-8
content-length
0
access-control-allow-credentials
true
access-control-expose-headers
Content-Type, Content-Disposition
access-control-allow-headers
Content-Type
access-control-allow-methods
GET, OPTIONS, POST
cache-control
max-age=300
access-control-max-age
300
access-control-allow-origin
https://www.nyasatimes.com
t
t.lkqd.net/ Frame 0558 		0
166 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://t.lkqd.net/t
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.128.190 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
application/json

Response headers

access-control-allow-origin
https://www.nyasatimes.com
date
Tue, 09 Nov 2021 04:55:37 GMT
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
server
nginx
content-length
0
content-type
text/plain; charset=UTF-8
vpaid_d700fabb.js
vpaid.springserve.com/production/ Frame 19B7 		494 KB
87 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://vpaid.springserve.com/production/vpaid_d700fabb.js
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2156:7a00:15:6f6c:b180:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
01f62119d738e56887c7298650396be3edc28f9bd4b64af4c496048183172630

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Fri, 29 Oct 2021 15:21:15 GMT
content-encoding
br
last-modified
Fri, 29 Oct 2021 15:00:52 GMT
server
AmazonS3
age
912862
etag
W/"00394b9cabf75acc9a4061ae555e3473"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 f7b7cf90592cf6a380fd34cc45e9c4b5.cloudfront.net (CloudFront)
cache-control
max-age=2678400
x-amz-cf-pop
FRA50-C1
x-amz-cf-id
a3otLk29K6oGxVM6Y9AMFosggMAgFYNnInEaUSmfUrh6eFV5wNvp8Q==
truncated
/ 		35 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
90252ef0aa9e3d36c861bbeaa1bd57b7f855333edf2957ab9473838a52e2dd7f

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Content-Type
image/gif
1x1.trans.gif
www.nyasatimes.com/wp-content/plugins/lazy-load/images/ 		42 B
422 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.nyasatimes.com/wp-content/plugins/lazy-load/images/1x1.trans.gif
Requested by
Host: 3e58xg3iuaa84csjh2769ipd-wpengine.netdna-ssl.com
URL: https://3e58xg3iuaa84csjh2769ipd-wpengine.netdna-ssl.com/wp-content/plugins/autoptimize/classes/external/js/lazysizes.min.js?ao_version=2.9.2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4681 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.nyasatimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 09 Nov 2021 04:55:36 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
34191
cf-polished
status=not_needed
content-length
42
last-modified
Thu, 13 Apr 2017 10:28:12 GMT
server
cloudflare
etag
"58ef52bc-2a"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QipEesGv1XJFBAS26ICNZ7Ce2Jp6dM5zmb7PHNnIhx2QZ%2Fgnf5wZnbwfoScNoPSeyfdfp0DCK%2FrTZin53UczrOFjnzZ%2FvmJEnyqGpHHPUiXU9ut0iGpMy8R0ZBz6yL84otARsm4yetIK%2BtD8L7FC0g%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/gif
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
cf-ray
6ab47327ccd305e9-FRA
cf-bgj
imgq:85,h2pri
view
securepubads.g.doubleclick.net/pcs/ Frame 150E 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssQk-3nWSbYkzthhvBMKpaeZ33mDKjHBMKtvtegnuXRYhjxwagshvx8PJ3rgagpkDI_Hvf_dQr13IH3FI_0EfVImmkpd2vfpb_9HmvRAY-q09DzX53yDu2u18-dJY2LmR14xGBcn4bqZtMqQbulIV8XYkjODJEbjlGYjbxaSNmk6NxDUtm2OgoqKaoC0BmLAIpanKmaw9IPTaM40dz1_qLmWUzj6FmtGhTsMcgBeNyIRzFDIHmBkJ02rCjfmZkcC23G6Nm9jHxtkyCMsAXat1MGy8sYmbNsL8pR9aUaqJYkpitCjdRyQ-WVcIHNFPJQM8Ne-UtPKLh9W3RCeg&sai=AMfl-YTdOiOwbetB-hF9xaqRe2pC11cA6HptQA0xBDhzs1Vee5M1szwMhIIVduo1nCuiIjFva3BfCShPDKtUUhAMCjEf4KeKMzSqYTKN6SlEZINMZufois0KBcOtnHQWE44&sig=Cg0ArKJSzGPjfkMoQo77EAE&uach_m=[UACH]&adurl=
Requested by
Host: www.nyasatimes.com
URL: https://www.nyasatimes.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.nyasatimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 09 Nov 2021 04:55:37 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
expires
Tue, 09 Nov 2021 04:55:37 GMT
abg_lite_fy2019.js
tpc.googlesyndication.com/pagead/js/r20211103/r20110914/ Frame 150E 		19 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20211103/r20110914/abg_lite_fy2019.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021110401.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.65 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f1.1e100.net
Software
cafe /
Resource Hash
4c9d68e6fcd7df4461d8628656db38b9b67c9f193e49fdd74e0ab213c56e3581
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.nyasatimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 09 Nov 2021 04:34:38 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1259
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7933
x-xss-protection
0
server
cafe
etag
7671872550847203596
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 23 Nov 2021 04:34:38 GMT
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20211103/r20110914/client/ Frame 150E 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20211103/r20110914/client/window_focus_fy2019.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021110401.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.65 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f1.1e100.net
Software
cafe /
Resource Hash
4af635698cb6488a8df86b99febedbc979c76e04f675f3a9cdc66f7b4d86aff6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.nyasatimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 09 Nov 2021 04:36:22 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1155
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1470
x-xss-protection
0
server
cafe
etag
9165589572046851897
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 23 Nov 2021 04:36:22 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 150E 		121 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021110401.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
sffe /
Resource Hash
eae50574ea0a56447a194b3b9b6f1c5b351bc2839e59a8faed20d1c93ca6e651
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.nyasatimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 09 Nov 2021 04:55:36 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
37743
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1636374859716629"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Tue, 09 Nov 2021 04:55:36 GMT
8170038213744221869
tpc.googlesyndication.com/simgad/ Frame 150E 		70 KB
70 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/8170038213744221869
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021110401.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.65 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f1.1e100.net
Software
sffe /
Resource Hash
184290078a24baa7e14ebe5b363ef81ee19438641c12f17128f3c8cc6a691c15
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.nyasatimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Thu, 04 Nov 2021 06:26:18 GMT
x-content-type-options
nosniff
age
426559
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
71807
x-xss-protection
0
last-modified
Sun, 26 Apr 2020 23:08:25 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Fri, 04 Nov 2022 06:26:18 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame 20BD 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuFGcIFftYa9m62mM_Thcks9TAU6rUYY7c9sbY0leTSwLlZqTPqB3PlnmmUe3ON8VTN-iEvByviytaksxBvc4ajMlW9v6GhsU4KA_tutdnGBske-8einNoVRQjnN1SBwd0MGGjGrLckv2HIZxmzhoQcfvp2iiq-4HRxOq7EBIZOhsj1T57MdJDnfJTmG97LhEfvrfuEJNepXqIYeT4nOEo-i4vHNm3pyCSPMdZcwJKC-8DdzoZzAwiouDyb9I1B0QFlrGh8wEMEOaaDbps0EI0g6rbrg-TwnGkCqDxi-VhpBWLe-KiyP2TYf7WXeuPNo7hKQcP1mSre-oE3ve4&sai=AMfl-YTSNI2lAWKetgTm8J96rYYQtGOaxsVRFy4XFnR8eaTWuXUY1kCpEnPCNUZZO52fRZhuX9DTkIH8hYBCIarwiEfG-OQdbM0KJCTgNMatc2i2LLmlDF-VIZ5Az60OUHs&sig=Cg0ArKJSzDSwDqL0sDeMEAE&uach_m=[UACH]&adurl=
Requested by
Host: www.nyasatimes.com
URL: https://www.nyasatimes.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.nyasatimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 09 Nov 2021 04:55:37 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
expires
Tue, 09 Nov 2021 04:55:37 GMT
abg_lite_fy2019.js
tpc.googlesyndication.com/pagead/js/r20211103/r20110914/ Frame 20BD 		19 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20211103/r20110914/abg_lite_fy2019.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021110401.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.65 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f1.1e100.net
Software
cafe /
Resource Hash
4c9d68e6fcd7df4461d8628656db38b9b67c9f193e49fdd74e0ab213c56e3581
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.nyasatimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 09 Nov 2021 04:34:38 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1259
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7933
x-xss-protection
0
server
cafe
etag
7671872550847203596
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 23 Nov 2021 04:34:38 GMT
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20211103/r20110914/client/ Frame 20BD 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20211103/r20110914/client/window_focus_fy2019.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021110401.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.65 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f1.1e100.net
Software
cafe /
Resource Hash
4af635698cb6488a8df86b99febedbc979c76e04f675f3a9cdc66f7b4d86aff6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.nyasatimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 09 Nov 2021 04:36:22 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1155
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1470
x-xss-protection
0
server
cafe
etag
9165589572046851897
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 23 Nov 2021 04:36:22 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 20BD 		121 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021110401.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
sffe /
Resource Hash
eae50574ea0a56447a194b3b9b6f1c5b351bc2839e59a8faed20d1c93ca6e651
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.nyasatimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 09 Nov 2021 04:55:37 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
37743
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1636374859716629"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Tue, 09 Nov 2021 04:55:37 GMT
3202367890885300938
tpc.googlesyndication.com/simgad/ Frame 20BD 		69 KB
69 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/3202367890885300938
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021110401.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.65 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f1.1e100.net
Software
sffe /
Resource Hash
a7e5500431c24168010ba54cbe85905df1e2e63b47f431f944e69675ea2b8d3c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.nyasatimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Thu, 04 Nov 2021 18:34:20 GMT
x-content-type-options
nosniff
age
382877
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
70841
x-xss-protection
0
last-modified
Sun, 26 Apr 2020 23:13:15 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Fri, 04 Nov 2022 18:34:20 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame 5938 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuV2xw636iG46y0EzWSxJ7beV5RDh2S7EmWZGuhfixn-eB50X50z9oYOEphNo60RCR6Jtep73FYfsPCsv1P6cVTiLOrJV6PuFiOPRK7PCBpf5zkx8C2fssUvs3jIBMjKDPzuLKBAeCcw4iJdqnP6FsSAv11mkPH2ZpBspa8TdjLfR-IfHu_A0539394n9FMDlGav46YVJxBlJ80Po-1CiAyQkEH9JTjo2fSjmSTNfxMXFDey2ot7AKl0-svfV_X4NCoQ7hri0TpOQ5UjgxZX6XWtD2W8Yn1Efy_XV3G99cacII0HXJLsvjcKb1xmO5t_4uufTsC6Rcf7Mj8eUA&sai=AMfl-YSjRXemHjd6M1vm7KlQqU-XWneEks7gKbIvKD46XWWaYa_L4nnN7COP4aJ5sKzpItmkyA-_kkTBer6iUa0TOcXaKck078NbAGV6pFtykzrpyMb5jouTuFrhrnu31YI&sig=Cg0ArKJSzP7WxA_mQsxsEAE&uach_m=[UACH]&adurl=
Requested by
Host: www.nyasatimes.com
URL: https://www.nyasatimes.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.nyasatimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 09 Nov 2021 04:55:37 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
expires
Tue, 09 Nov 2021 04:55:37 GMT
abg_lite_fy2019.js
tpc.googlesyndication.com/pagead/js/r20211103/r20110914/ Frame 5938 		19 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20211103/r20110914/abg_lite_fy2019.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021110401.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.65 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f1.1e100.net
Software
cafe /
Resource Hash
4c9d68e6fcd7df4461d8628656db38b9b67c9f193e49fdd74e0ab213c56e3581
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.nyasatimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 09 Nov 2021 04:34:38 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1259
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7933
x-xss-protection
0
server
cafe
etag
7671872550847203596
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 23 Nov 2021 04:34:38 GMT
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20211103/r20110914/client/ Frame 5938 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20211103/r20110914/client/window_focus_fy2019.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021110401.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.65 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f1.1e100.net
Software
cafe /
Resource Hash
4af635698cb6488a8df86b99febedbc979c76e04f675f3a9cdc66f7b4d86aff6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.nyasatimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 09 Nov 2021 04:36:22 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1155
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1470
x-xss-protection
0
server
cafe
etag
9165589572046851897
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 23 Nov 2021 04:36:22 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 5938 		121 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021110401.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
sffe /
Resource Hash
eae50574ea0a56447a194b3b9b6f1c5b351bc2839e59a8faed20d1c93ca6e651
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.nyasatimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 09 Nov 2021 04:55:37 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
37743
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1636374859716629"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Tue, 09 Nov 2021 04:55:37 GMT
l
www.google.com/ads/measurement/ Frame 5938 		0
0
7500669821671018884
tpc.googlesyndication.com/simgad/ Frame 5938 		61 KB
61 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/7500669821671018884
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021110401.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.65 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f1.1e100.net
Software
sffe /
Resource Hash
7ffe586addccf18e03d73707710f8447910a27fedef92caa3c624cbfbdc05202
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.nyasatimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Thu, 04 Nov 2021 12:14:30 GMT
x-content-type-options
nosniff
age
405667
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
62481
x-xss-protection
0
last-modified
Mon, 29 Mar 2021 23:21:17 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Fri, 04 Nov 2022 12:14:30 GMT
container.html
40c08bcac5bf885dbd447c370f4f6d6d.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame C2B1 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://40c08bcac5bf885dbd447c370f4f6d6d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021110401.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.161 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f1.1e100.net
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://www.nyasatimes.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin
*
content-length
3108
date
Tue, 09 Nov 2021 04:55:36 GMT
expires
Wed, 09 Nov 2022 04:55:36 GMT
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, immutable, max-age=31536000
age
1
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
container.html
40c08bcac5bf885dbd447c370f4f6d6d.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 6C8C 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://40c08bcac5bf885dbd447c370f4f6d6d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021110401.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.161 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f1.1e100.net
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://www.nyasatimes.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin
*
content-length
3108
date
Tue, 09 Nov 2021 04:55:36 GMT
expires
Wed, 09 Nov 2022 04:55:36 GMT
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, immutable, max-age=31536000
age
1
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
container.html
40c08bcac5bf885dbd447c370f4f6d6d.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 3C29 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://40c08bcac5bf885dbd447c370f4f6d6d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021110401.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.161 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f1.1e100.net
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://www.nyasatimes.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin
*
content-length
3108
date
Tue, 09 Nov 2021 04:55:36 GMT
expires
Wed, 09 Nov 2022 04:55:36 GMT
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, immutable, max-age=31536000
age
1
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
amp4ads-v0.mjs
cdn.ampproject.org/rtv/012110042008000/ Frame 3614 		190 KB
55 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012110042008000/amp4ads-v0.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021110401.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.97 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f1.1e100.net
Software
sffe /
Resource Hash
be32eb2045a4d0a5eeb1fbe7a87ec822ba313b1f8c5f3faf2f31ee8235dd3486
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.nyasatimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
46093
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
55667
x-xss-protection
0
server
sffe
date
Mon, 08 Nov 2021 16:07:24 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"11904075b70ba1a0"
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Tue, 08 Nov 2022 16:07:24 GMT
amp-ad-exit-0.1.mjs
cdn.ampproject.org/rtv/012110042008000/v0/ Frame 3614 		13 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012110042008000/v0/amp-ad-exit-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021110401.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.97 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f1.1e100.net
Software
sffe /
Resource Hash
ddd0010a6f9f8edd8b545aa47b63a3ace7f81621e62c8b2b9e5453e326946576
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.nyasatimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
46093
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4996
x-xss-protection
0
server
sffe
date
Mon, 08 Nov 2021 16:07:24 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"01e91d40c144b6bf"
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Tue, 08 Nov 2022 16:07:24 GMT
amp-analytics-0.1.mjs
cdn.ampproject.org/rtv/012110042008000/v0/ Frame 3614 		89 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012110042008000/v0/amp-analytics-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021110401.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.97 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f1.1e100.net
Software
sffe /
Resource Hash
77c0d53ad7a44dadf518e9960ec49dd00fa3859ecbaf646bb215d33e0b5f4658
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.nyasatimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
46093
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
28494
x-xss-protection
0
server
sffe
date
Mon, 08 Nov 2021 16:07:24 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"a5e24beaf7c9a504"
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Tue, 08 Nov 2022 16:07:24 GMT
amp-fit-text-0.1.mjs
cdn.ampproject.org/rtv/012110042008000/v0/ Frame 3614 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012110042008000/v0/amp-fit-text-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021110401.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.97 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f1.1e100.net
Software
sffe /
Resource Hash
b18e90729452c8796f604d2f022f8b1e259a28e648c8ce9b7e06dbab25ad3eb8
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.nyasatimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
46093
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1635
x-xss-protection
0
server
sffe
date
Mon, 08 Nov 2021 16:07:24 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"dff2522b082c9ee5"
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Tue, 08 Nov 2022 16:07:24 GMT
amp-form-0.1.mjs
cdn.ampproject.org/rtv/012110042008000/v0/ Frame 3614 		40 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012110042008000/v0/amp-form-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021110401.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.97 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f1.1e100.net
Software
sffe /
Resource Hash
06c0b9cd46f53c57c3ebc3531be56f50ca25c2bd7bb672eaa8b033c134957c6e
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.nyasatimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
46093
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
12816
x-xss-protection
0
server
sffe
date
Mon, 08 Nov 2021 16:07:24 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"6a05f1a8ea5ea134"
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Tue, 08 Nov 2022 16:07:24 GMT
truncated
/ Frame 3614 		220 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
f861e6867b352476bb1266770ca67d64e80c0dec0f860eb9c9dcc53c4df46b76

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Content-Type
image/png
view
securepubads.g.doubleclick.net/pcs/ Frame DEC4 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsstMiVupRG40vn9g8kZAkK94FFkPs1Kfe0D7vqJA2_f_EbtVMlgc8CGSSJa6xWU-n1si5e_ZA6SndTRNy09eSWm8wkKlg4HW0fyYNRWk2bBHB4totqWFLUZOTzRME2JO8mS1ILhhbSFl21qv4I1tzee8FnUgPMMUo2cC3FisicvLPmZw0L60rDxPvCDAT4q6nA34rdIb5Wue47u0_aVLY03vxUkBVZgNulhhC6FIvUHgS5JqHcWoaFGZni67_0HBNtWHbx2ZtlyIJkN57JzVR_mKGeGuRGG_T9J7R9qXD20YrOIG8TPa4W3N6r1TKDZXZTAIMsaZToF5BBO&sai=AMfl-YT9mjMhm0nMRI7WoIrSHs-tuqUnTc4ImXsQtxkuovgaaDSXq8v8cv5Gv4JZSfFPBjpqljcaNY9RBvhn-LlGmj7KRBgKpU_BhkA7IHNzwKKMBpSD84axDfIemqMyzcA&sig=Cg0ArKJSzNz126IrOw5YEAE&uach_m=[UACH]&adurl=
Requested by
Host: www.nyasatimes.com
URL: https://www.nyasatimes.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.nyasatimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 09 Nov 2021 04:55:37 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
expires
Tue, 09 Nov 2021 04:55:37 GMT
abg_lite_fy2019.js
tpc.googlesyndication.com/pagead/js/r20211103/r20110914/ Frame DEC4 		19 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20211103/r20110914/abg_lite_fy2019.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021110401.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.65 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f1.1e100.net
Software
cafe /
Resource Hash
4c9d68e6fcd7df4461d8628656db38b9b67c9f193e49fdd74e0ab213c56e3581
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.nyasatimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 09 Nov 2021 04:34:38 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1259
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7933
x-xss-protection
0
server
cafe
etag
7671872550847203596
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 23 Nov 2021 04:34:38 GMT
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20211103/r20110914/client/ Frame DEC4 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20211103/r20110914/client/window_focus_fy2019.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021110401.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.65 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f1.1e100.net
Software
cafe /
Resource Hash
4af635698cb6488a8df86b99febedbc979c76e04f675f3a9cdc66f7b4d86aff6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.nyasatimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 09 Nov 2021 04:36:22 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1155
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1470
x-xss-protection
0
server
cafe
etag
9165589572046851897
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 23 Nov 2021 04:36:22 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame DEC4 		121 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021110401.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
sffe /
Resource Hash
eae50574ea0a56447a194b3b9b6f1c5b351bc2839e59a8faed20d1c93ca6e651
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.nyasatimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 09 Nov 2021 04:55:37 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
37743
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1636374859716629"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Tue, 09 Nov 2021 04:55:37 GMT
l
www.google.com/ads/measurement/ Frame DEC4 		0
0
17061994938533516320
tpc.googlesyndication.com/simgad/ Frame DEC4 		290 KB
290 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/17061994938533516320
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021110401.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.65 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f1.1e100.net
Software
sffe /
Resource Hash
2c60b0d0f8276d4bc045cd7242d126a03d27a57ac4026c95448949c1fa61bcdb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.nyasatimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Sat, 06 Nov 2021 19:35:40 GMT
x-content-type-options
nosniff
age
206397
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
297065
x-xss-protection
0
last-modified
Mon, 19 Jul 2021 22:27:45 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Sun, 06 Nov 2022 19:35:40 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame AADE 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsu_u7As4OdmoNVyzXElZJoMXtDeJ7QpbzLpOlM55VDIf-oWCVbj_j_gfDBqItoKKBNFsAL4t1nThH7LYojfLD6gZuT2eZoK7ocCKja8XcRCLvTXfuJGEbLAwmgqwt_rbmixJQg38RgLN-1KEt_ZQ0u8jqsm15QwcYTYScOo_6tcckYFtd6kK9J-Ap89RIglxCPmYWj3TwsK5_G-pYquhuTvfzo-JNh9LtawVsBACsqarpsuE1BHWE9iNTg_CAcmZVv1X67-JTzIoUGtDI3RBZuYucpth2kgt4wgiXUOJc-_CTXYY17zsHtU-ydsTMcLdPIfHhDHwmhq8AvS&sai=AMfl-YSX1cvLUgTpSEhps0kwL6z7sb03AHBTm3D_03I1WuLkDC-w8n3LDAFZckJ83KRh6HnT0RswUNaZn_UZ30Ipw7B6_pNSE9JQKB0AGjriwGnxJjq3sK7vrGn9x5F7NFc&sig=Cg0ArKJSzLodwUHT2JqpEAE&uach_m=[UACH]&adurl=
Requested by
Host: www.nyasatimes.com
URL: https://www.nyasatimes.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.nyasatimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 09 Nov 2021 04:55:37 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
expires
Tue, 09 Nov 2021 04:55:37 GMT
abg_lite_fy2019.js
tpc.googlesyndication.com/pagead/js/r20211103/r20110914/ Frame AADE 		19 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20211103/r20110914/abg_lite_fy2019.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021110401.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.65 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f1.1e100.net
Software
cafe /
Resource Hash
4c9d68e6fcd7df4461d8628656db38b9b67c9f193e49fdd74e0ab213c56e3581
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.nyasatimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 09 Nov 2021 04:34:38 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1259
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7933
x-xss-protection
0
server
cafe
etag
7671872550847203596
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 23 Nov 2021 04:34:38 GMT
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20211103/r20110914/client/ Frame AADE 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20211103/r20110914/client/window_focus_fy2019.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021110401.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.65 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f1.1e100.net
Software
cafe /
Resource Hash
4af635698cb6488a8df86b99febedbc979c76e04f675f3a9cdc66f7b4d86aff6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.nyasatimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 09 Nov 2021 04:36:22 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1155
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1470
x-xss-protection
0
server
cafe
etag
9165589572046851897
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 23 Nov 2021 04:36:22 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame AADE 		121 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021110401.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
sffe /
Resource Hash
eae50574ea0a56447a194b3b9b6f1c5b351bc2839e59a8faed20d1c93ca6e651
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.nyasatimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 09 Nov 2021 04:55:37 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
37743
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1636374859716629"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Tue, 09 Nov 2021 04:55:37 GMT
l
www.google.com/ads/measurement/ Frame AADE 		0
0
4982466931251039870
tpc.googlesyndication.com/simgad/ Frame AADE 		202 KB
202 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/4982466931251039870
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021110401.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.65 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f1.1e100.net
Software
sffe /
Resource Hash
9f1b709da2be9a270c5d027fa0dc80ca552cea41f4f0308aad85c9158dd46fda
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.nyasatimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Thu, 04 Nov 2021 06:26:18 GMT
x-content-type-options
nosniff
age
426559
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
206672
x-xss-protection
0
last-modified
Mon, 19 Jul 2021 22:27:17 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Fri, 04 Nov 2022 06:26:18 GMT
container.html
40c08bcac5bf885dbd447c370f4f6d6d.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 40B1 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://40c08bcac5bf885dbd447c370f4f6d6d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021110401.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.161 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f1.1e100.net
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://www.nyasatimes.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin
*
content-length
3108
date
Tue, 09 Nov 2021 04:55:36 GMT
expires
Wed, 09 Nov 2022 04:55:36 GMT
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, immutable, max-age=31536000
age
1
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
view
securepubads.g.doubleclick.net/pcs/ Frame 3388 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuNvSUutw53x1fst7YKY_G3vHsR9OQUASVyPvtzjO4Tq5g6yv1qY3O9qfPHLN8lk69WtOW2CchhO_uZZSrSLWTWTR1h52UehdopZnWg70LVmRanymC_cY_NcFpwi31Pjo1YAalUnuuWuxysiP_EN48Nf--wLc6tKFqz0T3GRo78HBW0M3PVul1kjS_WWPOMtGKwRYGCN6Q5-VMZjFlesyl5nCfaGk_jGSEqq7DBKOvjnADD0I2_bz9gF4l7f4yLnGLrdddAPPxQd8uFKyYaWli_bnVOOn7eTGNDgMi8dBj9jLVHxr5yqyo60BYfMcxccJHsUy9jnGRr&sai=AMfl-YSb1fKIs56IGnKriVW2kneQmoJAa82WfaEHtuDxU1no3wNrAo-D7nWB1NoqVdEOeC9XR70CWY_trhmo6vSQ3u7t_SNqy-TkqMInUpKgoGtol0ZWgditiGoBZ3TTn8Q&sig=Cg0ArKJSzDDvyCFZbCVLEAE&uach_m=[UACH]&adurl=
Requested by
Host: www.nyasatimes.com
URL: https://www.nyasatimes.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.nyasatimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 09 Nov 2021 04:55:37 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
expires
Tue, 09 Nov 2021 04:55:37 GMT
abg_lite_fy2019.js
tpc.googlesyndication.com/pagead/js/r20211103/r20110914/ Frame 3388 		19 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20211103/r20110914/abg_lite_fy2019.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021110401.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.65 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f1.1e100.net
Software
cafe /
Resource Hash
4c9d68e6fcd7df4461d8628656db38b9b67c9f193e49fdd74e0ab213c56e3581
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.nyasatimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 09 Nov 2021 04:34:38 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1259
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7933
x-xss-protection
0
server
cafe
etag
7671872550847203596
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 23 Nov 2021 04:34:38 GMT
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20211103/r20110914/client/ Frame 3388 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20211103/r20110914/client/window_focus_fy2019.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021110401.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.65 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f1.1e100.net
Software
cafe /
Resource Hash
4af635698cb6488a8df86b99febedbc979c76e04f675f3a9cdc66f7b4d86aff6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.nyasatimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 09 Nov 2021 04:36:22 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1155
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1470
x-xss-protection
0
server
cafe
etag
9165589572046851897
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 23 Nov 2021 04:36:22 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 3388 		121 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021110401.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
sffe /
Resource Hash
eae50574ea0a56447a194b3b9b6f1c5b351bc2839e59a8faed20d1c93ca6e651
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.nyasatimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 09 Nov 2021 04:55:37 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
37743
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1636374859716629"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Tue, 09 Nov 2021 04:55:37 GMT
8401472893931236538
tpc.googlesyndication.com/simgad/ Frame 3388 		243 KB
244 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/8401472893931236538
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021110401.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.65 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f1.1e100.net
Software
sffe /
Resource Hash
d3e699b6f190e46ca23cee1bb2a76726329d04de23028d01e4a57bb56ad6e953
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.nyasatimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 09 Nov 2021 02:55:22 GMT
x-content-type-options
nosniff
age
7215
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
249148
x-xss-protection
0
last-modified
Wed, 20 Jan 2021 02:32:37 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Wed, 09 Nov 2022 02:55:22 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame 09AC 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjss4Wz8VbcYcLWwA88aQxTqe9y9UA4TKglq5EOhTmiurC46cPzSrIMBfpJDDaD-9yFsiKKmfUEAg82ZsQQAU2Yu5Ga3mI0cIkcVmkTeGpK7e5aiOr2xsjB_Xa2-A48AaR3moTNw9pQOPSQlsiSLijvGcGOeHTTDljmWj8V5A72Up53J9kGpwKCxlHooEYxH9vyUAlP3JRT1so5nC76VC2J8TniZffZ7ejwlA-r9gx1uSxb91ziPJ4fXYllgqUsQkAeJ2pEeVI-tKOSaB-C4S7H_CmGd7eWecp4_t94wJSta0da4EoAkWypHuqXdaalivUSQZwmxjaf1bQA&sai=AMfl-YTMyJ2PTyrW07qWDk5RRC9P4ikyd_Il1g6BfzEn5ypln8ZYg41rRR9SYnKyTOvXvljMB6wureDQZBTMyNBdCRe8W12Cs3qV2RZXu6svCgkZat-J_pfr1ViIZBaLa6k&sig=Cg0ArKJSzLdICM3Qz2_rEAE&uach_m=[UACH]&adurl=
Requested by
Host: www.nyasatimes.com
URL: https://www.nyasatimes.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.nyasatimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 09 Nov 2021 04:55:37 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
expires
Tue, 09 Nov 2021 04:55:37 GMT
abg_lite_fy2019.js
tpc.googlesyndication.com/pagead/js/r20211103/r20110914/ Frame 09AC 		19 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20211103/r20110914/abg_lite_fy2019.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021110401.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.65 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f1.1e100.net
Software
cafe /
Resource Hash
4c9d68e6fcd7df4461d8628656db38b9b67c9f193e49fdd74e0ab213c56e3581
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.nyasatimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 09 Nov 2021 04:34:38 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1259
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7933
x-xss-protection
0
server
cafe
etag
7671872550847203596
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 23 Nov 2021 04:34:38 GMT
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20211103/r20110914/client/ Frame 09AC 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20211103/r20110914/client/window_focus_fy2019.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021110401.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.65 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f1.1e100.net
Software
cafe /
Resource Hash
4af635698cb6488a8df86b99febedbc979c76e04f675f3a9cdc66f7b4d86aff6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.nyasatimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 09 Nov 2021 04:36:22 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1155
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1470
x-xss-protection
0
server
cafe
etag
9165589572046851897
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 23 Nov 2021 04:36:22 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 09AC 		121 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021110401.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
sffe /
Resource Hash
eae50574ea0a56447a194b3b9b6f1c5b351bc2839e59a8faed20d1c93ca6e651
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.nyasatimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 09 Nov 2021 04:55:37 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
37743
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1636374859716629"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Tue, 09 Nov 2021 04:55:37 GMT
l
www.google.com/ads/measurement/ Frame 09AC 		0
0
2033636757353694572
tpc.googlesyndication.com/simgad/ Frame 09AC 		17 KB
17 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/2033636757353694572
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021110401.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.65 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f1.1e100.net
Software
sffe /
Resource Hash
da1c6567cc193bc82d8712e9382afba88eaad8ed7721dcff7cfe09fdcccfa549
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.nyasatimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Sun, 07 Nov 2021 17:15:35 GMT
x-content-type-options
nosniff
age
128402
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
17359
x-xss-protection
0
last-modified
Wed, 14 Oct 2020 06:45:33 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/gif
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Mon, 07 Nov 2022 17:15:35 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame 9D4B 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvgq0WNRo-ZarYmWY1RBg0HQbXsWkHGXSVQ2EunCfsvP51at6pBo9Muluxb_zm7jin0MondU2x8P7FVcrbAJCPGKLwL4jxu1P-RYu3Xatw9j5lL5-CTgks4pqeoJSRU06ezDc1V1qYEv0c2xafMZyrBHnmaQ7sUUUqYAjWJOdzaZsN5J588Av07_d4lDYR5fcUYrM-1CLMtJdzvbACy41yYY4SMvEWq-Top3sFAmKoOknjRFw7QJBm4uM9U4l8Xx1GPD8nMMx2SjHq9i1ML7N6qsvoJCtl8WKZsR3Ri9WHxQ31tNp9tKgTZ6ec31slE_bQ3Rj248iYfAHY&sai=AMfl-YRKq8olFtZxT96MnlIv4sGqZCqcUrF7xLiVtDduYCeQHy12ebPqPlHOKjZ1FYB2bwLEy7-1_lzl4CSkWLnEiOrRm3wu2-e5oYWnQrMUH4U6G0rBzs0LYBoDByqMKPs&sig=Cg0ArKJSzNwMMGe5a2O_EAE&uach_m=[UACH]&adurl=
Requested by
Host: www.nyasatimes.com
URL: https://www.nyasatimes.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.nyasatimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 09 Nov 2021 04:55:37 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
expires
Tue, 09 Nov 2021 04:55:37 GMT
abg_lite_fy2019.js
tpc.googlesyndication.com/pagead/js/r20211103/r20110914/ Frame 9D4B 		19 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20211103/r20110914/abg_lite_fy2019.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021110401.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.65 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f1.1e100.net
Software
cafe /
Resource Hash
4c9d68e6fcd7df4461d8628656db38b9b67c9f193e49fdd74e0ab213c56e3581
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.nyasatimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 09 Nov 2021 04:34:38 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1259
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7933
x-xss-protection
0
server
cafe
etag
7671872550847203596
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 23 Nov 2021 04:34:38 GMT
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20211103/r20110914/client/ Frame 9D4B 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20211103/r20110914/client/window_focus_fy2019.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021110401.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.65 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f1.1e100.net
Software
cafe /
Resource Hash
4af635698cb6488a8df86b99febedbc979c76e04f675f3a9cdc66f7b4d86aff6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.nyasatimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 09 Nov 2021 04:36:22 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1155
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1470
x-xss-protection
0
server
cafe
etag
9165589572046851897
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 23 Nov 2021 04:36:22 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 9D4B 		121 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021110401.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
sffe /
Resource Hash
eae50574ea0a56447a194b3b9b6f1c5b351bc2839e59a8faed20d1c93ca6e651
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.nyasatimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 09 Nov 2021 04:55:37 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
37743
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1636374859716629"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Tue, 09 Nov 2021 04:55:37 GMT
l
www.google.com/ads/measurement/ Frame 9D4B 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaShkKeUhR7YiVvgFnaKMx6EtFtf4fcOsFfNyGhZ2r75JiFKDezUGJvbFXdv-q5DOjXEe_xWHsxw-9w-Fi57ZsMdZGFcEQ
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021110401.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.nyasatimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers
18285722981582764222
tpc.googlesyndication.com/simgad/ Frame 9D4B 		88 KB
88 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/18285722981582764222
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021110401.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.65 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f1.1e100.net
Software
sffe /
Resource Hash
1c0790065c5ca7fbbd2f08bb508e0f79bee3d0ce2e74a1d2213a1a18ab50d339
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.nyasatimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Fri, 05 Nov 2021 08:19:31 GMT
x-content-type-options
nosniff
age
333366
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
90297
x-xss-protection
0
last-modified
Tue, 31 Aug 2021 11:27:44 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Sat, 05 Nov 2022 08:19:31 GMT
container.html
40c08bcac5bf885dbd447c370f4f6d6d.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 560D 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://40c08bcac5bf885dbd447c370f4f6d6d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021110401.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.161 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f1.1e100.net
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://www.nyasatimes.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin
*
content-length
3108
date
Tue, 09 Nov 2021 04:55:36 GMT
expires
Wed, 09 Nov 2022 04:55:36 GMT
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, immutable, max-age=31536000
age
1
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
4766563120472053331
tpc.googlesyndication.com/daca_images/simgad/ Frame 3614 		74 KB
74 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/daca_images/simgad/4766563120472053331
Requested by
Host: www.nyasatimes.com
URL: https://www.nyasatimes.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.65 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f1.1e100.net
Software
sffe /
Resource Hash
cd985f03c9f87649112b373b06ac45d718c00afe0d4e40c3c6fded0c077190bb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.nyasatimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Thu, 04 Nov 2021 01:05:56 GMT
x-content-type-options
nosniff
age
445781
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
75706
x-xss-protection
0
last-modified
Mon, 13 Sep 2021 15:12:20 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Fri, 04 Nov 2022 01:05:56 GMT
en.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 3614 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/adchoices/en.png
Requested by
Host: www.nyasatimes.com
URL: https://www.nyasatimes.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.65 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f1.1e100.net
Software
cafe /
Resource Hash
36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.nyasatimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 08 Nov 2021 17:51:59 GMT
x-content-type-options
nosniff
server
cafe
age
39818
etag
14819457070020093239
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
content-type
image/png
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2502
x-xss-protection
0
expires
Tue, 09 Nov 2021 17:51:59 GMT
icon.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 3614 		295 B
423 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png
Requested by
Host: www.nyasatimes.com
URL: https://www.nyasatimes.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.65 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f1.1e100.net
Software
cafe /
Resource Hash
7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.nyasatimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 09 Nov 2021 02:57:40 GMT
x-content-type-options
nosniff
server
cafe
age
7077
etag
426692510519060060
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
content-type
image/png
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
295
x-xss-protection
0
expires
Wed, 10 Nov 2021 02:57:40 GMT
l
www.google.com/ads/measurement/ Frame 3614 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaTvWGYW5wfwOKvz2HyxtPqd91sZvMLwf-IlapkNAJxPpHvWHZ6RynEq4Vc79cCSUAEv9XZxy2ulC8-H9FffLwE1TIfCMg
Requested by
Host: www.nyasatimes.com
URL: https://www.nyasatimes.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.nyasatimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers
adview
securepubads.g.doubleclick.net/pagead/ Frame 3614 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=CH7m5SP-JYd6VBOSS7_UP3ZmQwAqyvpSZZsGQ5sf4DtvZHhABIL7_sQpgleKQgqAHoAGcr_uoAsgBAuACAKgDAcgDCKoEqQJP0EDct6aso06OUjJ4k9-BY4hCZc5SOCaHGiZIn-94_oHk4KCqLHkPbfCYrI7JTYys5_yk0euxb8-5TRNssZ7B2yuvK2rU6gXVuXdjXR97K1oIdHe4pfRl4Z98YeN_snYb2K2oVoLCrx0C_n5FdvCWFcjt7gslVGMY8GobfHA9GRbP5P66tcs__1VB2A1TOrNcx40V1FpoZ-hS-8RfyIx_d4jB8_Zc2Rb4Gq3EkWpUy8licj_8Uuwb8h_4GRu2OBSdcR1FLh05ZY6t1TzFzoIb6Gkf6KuAPEfjUooRZ7mB6f7j0llm5plzh6aAmUR4HZV491Q2FWxeImsP0_xYXT9UN5OWbvFefcN7scvyjuVTqTalOa485vw7ZEd1BBqFeR3nqccL-Dp55oHABO79qOncA-AEAZIFBAgEGAGSBQQIBRgEoAYCgAfM0ITXAagH8NkbqAfy2RuoB47OG6gHk9gbqAfulrECqAf-nrECqAfVyRuoB6a-G9gHAfIHBRDxucEB0ggJCIjhgBAQARgdgAoByAsB2BMN0BUBmBYBgBcBshceChwIABIUcHViLTYyNzI4NzQ1MTMzMjI0ODcYmoEP&sigh=yy6XWEezvlQ&uach_m=[UACH]&uap=UACH(platform)&uapv=UACH(platformVersion)&uaa=UACH(architecture)&uam=UACH(model)&uafv=UACH(uaFullVersion)&uab=UACH(bitness)
Requested by
Host: www.nyasatimes.com
URL: https://www.nyasatimes.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.nyasatimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers
t
t.lkqd.net/ Frame 0558 		0
166 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://t.lkqd.net/t
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.128.190 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
application/json

Response headers

access-control-allow-origin
https://www.nyasatimes.com
date
Tue, 09 Nov 2021 04:55:37 GMT
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
server
nginx
content-length
0
content-type
text/plain; charset=UTF-8
t
t.lkqd.net/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://t.lkqd.net/t
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.128.190 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type
Origin
https://www.nyasatimes.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

server
nginx
date
Tue, 09 Nov 2021 04:55:37 GMT
content-type
text/plain; charset=UTF-8
content-length
0
access-control-allow-credentials
true
access-control-expose-headers
Content-Type, Content-Disposition
access-control-allow-headers
Content-Type
access-control-allow-methods
GET, OPTIONS, POST
cache-control
max-age=300
access-control-max-age
300
access-control-allow-origin
https://www.nyasatimes.com
bulk
trc.taboola.com/nyasatimes/log/3/ 		0
301 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://trc.taboola.com/nyasatimes/log/3/bulk?route=AM%3AAM%3AV&lti=deflated&bulkSize=1
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20211108-3-RELEASE.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.nyasatimes.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

x-vcl-time-ms
8
pragma
no-cache
date
Tue, 09 Nov 2021 04:55:37 GMT
via
1.1 varnish
server
nginx
x-timer
S1636433737.076291,VS0,VE8
x-served-by
cache-hhn4069-HHN
x-cache
MISS
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin
https://www.nyasatimes.com
cache-control
no-cache
access-control-allow-credentials
true
accept-ranges
bytes
content-type
image/gif
x-cache-hits
0
vadtag.html
vpaid.pubmatic.com/ads/video/ Frame 19B7 		962 B
849 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://vpaid.pubmatic.com/ads/video/vadtag.html?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr==&gdpr_consent=&kadpageurl=https%3A%2F%2Fwww.nyasatimes.com%2F&schain=1.0,1!vidoomy.com,62144,1,1636433736609,,
Requested by
Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_d700fabb.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-233-180.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
5e6eccb66445643438a1cc22004f474446c8001bfd3ab2ac604b75d118d744df

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 09 Nov 2021 04:55:37 GMT
content-encoding
gzip
server
Apache/2.2.15 (CentOS)
etag
"461ced-23ca-5c92d699e808f"
vary
Origin, Accept-Encoding
content-type
application/xml
access-control-allow-origin
https://www.nyasatimes.com
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-length
589
expires
Tue, 09 Nov 2021 04:55:37 GMT
openrtb
ads.adaptv.advertising.com/rtb/ Frame 19B7 		0
219 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.adaptv.advertising.com/rtb/openrtb?ext_id=Vidoomy
Requested by
Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_d700fabb.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.156.156.223 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-156-156-223.eu-central-1.compute.amazonaws.com
Software
adaptv/1.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.nyasatimes.com
access-control-allow-credentials
true
server
adaptv/1.0
Connection
keep-alive
content-length
0
content-type
application/json
prebid
ib.adnxs.com/ut/v3/ Frame 19B7 		166 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_d700fabb.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.220.243 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
722.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
9eff6646bd5b958b49a066b9670a4a1c63e704294c5d0981ae7fb408387ded38
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Tue, 09 Nov 2021 04:55:37 GMT
X-Proxy-Origin
185.213.155.165; 185.213.155.165; 722.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid
a9a79662-8cde-48dc-a244-a1e71a3e8574
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://www.nyasatimes.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json; charset=utf-8
Content-Length
166
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
prebid
ib.adnxs.com/ut/v3/ Frame 19B7 		166 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_d700fabb.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.220.243 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
722.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
21c0ae20fc96494f08d1077e4459826f8dc837e64d700140f801530fbdb9b3b9
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Tue, 09 Nov 2021 04:55:37 GMT
X-Proxy-Origin
185.213.155.165; 185.213.155.165; 722.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid
53013b60-eae9-42ab-b471-f7725b1778e9
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://www.nyasatimes.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json; charset=utf-8
Content-Length
166
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
f539211219b796ffbb49949997c764f0.png
cdn.taboola.com/libtrc/static/thumbnails/ 		254 B
708 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.taboola.com/libtrc/static/thumbnails/f539211219b796ffbb49949997c764f0.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
f68019eb4b4e5933301d4ee75969e0cb94ed8333bf514630fa749eb9c3e483c9

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.nyasatimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-amz-version-id
hL.cyLD7Q4TL5ceY.7JQwF9m5IYI8mkC
via
1.1 varnish
etag
"dfa7b52c86e56bd67fa4002f6ed19854"
age
18539
x-cache
HIT
x-amz-replication-status
COMPLETED
content-length
254
x-amz-id-2
zqMTRpifsl7n57rrmbauTpy15dj75+/Yr9THvoBu2iu20NuAVBrIbTIB+OLFF3ceJPrHp0hsBJU=
x-served-by
cache-hhn4069-HHN
last-modified
Wed, 24 Jun 2015 07:14:11 GMT
server
AmazonS3
x-amz-meta-s3cmd-attrs
uid:0/gname:root/uname:root/gid:0/mode:33188/mtime:1377415166/atime:1435052450/md5:dfa7b52c86e56bd67fa4002f6ed19854/ctime:1422381567
x-timer
S1636433737.132405,VS0,VE0
date
Tue, 09 Nov 2021 04:55:37 GMT
x-amz-request-id
PDAX0NJ0ZCYB7FMQ
cache-control
private,max-age=31536000
accept-ranges
bytes
content-type
image/png
abp
3
x-cache-hits
825
PMAdMgr.js
vpaid.pubmatic.com/ads/video/ Frame 3D85 		152 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr==&gdpr_consent=&kadpageurl=https%3A%2F%2Fwww.nyasatimes.com%2F&schain=1.0,1!vidoomy.com,62144,1,1636433736609,,
Requested by
Host: blank
URL: about:blank
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-233-180.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
f0f6a8b6c19b0c4d1cab075ab2f4f755cfef747424837668e65f431410f816e8

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 09 Nov 2021 04:55:37 GMT
content-encoding
gzip
last-modified
Tue, 10 Aug 2021 05:02:46 GMT
server
Apache/2.2.15 (CentOS)
etag
"1408294-25f9a-5c92d699d3c58"
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=10800
accept-ranges
bytes
content-length
36260
showad.js
ads.pubmatic.com/AdServer/js/ Frame 3324 		38 KB
14 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/showad.js?
Requested by
Host: vpaid.pubmatic.com
URL: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr==&gdpr_consent=&kadpageurl=https%3A%2F%2Fwww.nyasatimes.com%2F&schain=1.0,1!vidoomy.com,62144,1,1636433736609,,
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-233-180.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
e2cdec10db9a0a224e9f5e49b6f004c5426564fb8d857ad3df480e9c916bafe6

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

last-modified
Tue, 19 Oct 2021 10:00:01 GMT
etag
"1302647-96ae-5ceb1b98ba7c4"
server
Apache/2.2.15 (CentOS)
accept-ranges
bytes
content-encoding
gzip
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
13882
content-type
text/html; charset=UTF-8
cache-control
public, max-age=87044
expires
Wed, 10 Nov 2021 05:06:21 GMT
date
Tue, 09 Nov 2021 04:55:37 GMT
vary
Accept-Encoding
showad.js
ads.pubmatic.com/AdServer/js/ Frame 3D85 		38 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/showad.js?
Requested by
Host: vpaid.pubmatic.com
URL: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr==&gdpr_consent=&kadpageurl=https%3A%2F%2Fwww.nyasatimes.com%2F&schain=1.0,1!vidoomy.com,62144,1,1636433736609,,
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-233-180.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
e2cdec10db9a0a224e9f5e49b6f004c5426564fb8d857ad3df480e9c916bafe6

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 09 Nov 2021 04:55:37 GMT
content-encoding
gzip
last-modified
Tue, 19 Oct 2021 10:00:01 GMT
server
Apache/2.2.15 (CentOS)
etag
"1302647-96ae-5ceb1b98ba7c4"
vary
Accept-Encoding
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
public, max-age=87044
accept-ranges
bytes
content-type
text/html; charset=UTF-8
content-length
13882
expires
Wed, 10 Nov 2021 05:06:21 GMT
PugMaster
image6.pubmatic.com/AdServer/ Frame 3324 		2 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=74146105&p=156498&s=399115&a=1801592&ptask=ALL&np=0&fp=0&rp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js?
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.78 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
54c576210d6bf2015a3956e456d0c1a3a79fa31d658a79fffd73dcf418e3c077

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 09 Nov 2021 04:55:36 GMT
content-type
text/html; charset=UTF-8
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
match
c1.adform.net/serving/cookie/ Frame CA18
Redirect Chain
  • https://c1.adform.net/serving/cookie/match?party=14&cid=AAFDB41B-E8AC-4A9F-A422-22410BCE2BD1
  • https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=AAFDB41B-E8AC-4A9F-A422-22410BCE2BD1
35 B
468 B 		Document
General
Check archive.org
Download Go to
Full URL
https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=AAFDB41B-E8AC-4A9F-A422-22410BCE2BD1
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js?
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.2.237 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/

Response headers

server
nginx
date
Tue, 09 Nov 2021 04:55:37 GMT
content-type
image/gif
cache-control
no-cache, no-store, must-revalidate, no-transform
pragma
no-cache
expires
-1
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods
GET
access-control-allow-origin
*
access-control-max-age
86400
strict-transport-security
max-age=31536000; includeSubDomains

Redirect headers

server
nginx
date
Tue, 09 Nov 2021 04:55:37 GMT
content-length
0
location
https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=AAFDB41B-E8AC-4A9F-A422-22410BCE2BD1
cache-control
no-cache, no-store, must-revalidate, no-transform
pragma
no-cache
expires
-1
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods
GET
access-control-allow-origin
*
access-control-max-age
86400
strict-transport-security
max-age=31536000; includeSubDomains
Pug
image2.pubmatic.com/AdServer/ Frame 2E17
Redirect Chain
  • https://d5p.de17a.com/getuid/pubmatic?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID
  • https://d5p.de17a.com/getuid/pubmatic;c?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=5649455818980043838
42 B
211 B 		Document
General
Check archive.org
Download Go to
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=5649455818980043838
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js?
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/

Response headers

server
nginx
date
Tue, 09 Nov 2021 04:55:37 GMT
content-type
image/gif; charset=utf-8
content-length
42
x-lat
lhrpug016:0:433
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
no-store, no-cache, private

Redirect headers

location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=5649455818980043838
content-length
0
p3p
CP=NON CURa ADMa DEVa TAIa OUR STP IND UNI COM NAV
usersync.aspx
dis.criteo.com/dis/ Frame F019 		43 B
334 B 		Document
General
Check archive.org
Download Go to
Full URL
https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js?
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.0.163 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/

Response headers

date
Tue, 09 Nov 2021 04:55:37 GMT
content-type
image/gif
server
Kestrel
cache-control
no-cache
pragma
no-cache
expires
Tue, 09 Nov 2021 00:00:00 GMT
x-errorlevel
0
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
482077
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 3324
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=qv20G-isSp-kIiJBC84r0Q%3D%3D
  • https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=
14 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js?
Protocol
H2
Server
2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-233-180.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 09 Nov 2021 04:55:37 GMT
content-encoding
gzip
last-modified
Tue, 15 Jun 2021 06:08:03 GMT
server
Apache/2.2.15 (CentOS)
etag
"1300708-3945-5c4c7cc02bd56"
vary
Accept-Encoding
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
max-age=89149
accept-ranges
bytes
content-type
text/html; charset=UTF-8
content-length
5054
expires
Wed, 10 Nov 2021 05:41:26 GMT

Redirect headers

pragma
no-cache
date
Tue, 09 Nov 2021 04:55:37 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
272
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
SPug
image4.pubmatic.com/AdServer/ Frame 3324
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=3&redir=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3FpartnerID%3D27%26partnerUID%3D%5BMM_UUID%5D
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=8e806189-ff49-4f00-818e-d1eaebf3619c
0
261 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=8e806189-ff49-4f00-818e-d1eaebf3619c
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js?
Protocol
H2
Server
198.47.127.20 , United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 09 Nov 2021 04:55:35 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Date
Tue, 09 Nov 2021 04:55:37 GMT
Server
MT3 4067 88cc6bf master cdg-pixel-x12 config:1.0.0
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=8e806189-ff49-4f00-818e-d1eaebf3619c
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Keep-Alive
timeout=360
Content-Length
0
Expires
Tue, 09 Nov 2021 04:55:36 GMT
/
pixel.onaudience.com/ Frame 3324
Redirect Chain
  • https://pixel.onaudience.com/?partner=214&mapped=AAFDB41B-E8AC-4A9F-A422-22410BCE2BD1
  • https://sync.crwdcntrl.net/map/c=8587/tp=CLOD?https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D104%26icm%26cver%26mapped%3D%24%7Bprofile_id%7D
  • https://sync.crwdcntrl.net/map/ct=y/c=8587/tp=CLOD?https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D104%26icm%26cver%26mapped%3D%24%7Bprofile_id%7D
  • https://pixel.onaudience.com/?partner=104&icm&cver&mapped=3ecc42ef4dd5082f9e07e941e157487f
0
0
Pug
image2.pubmatic.com/AdServer/ Frame 3324
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=QUFGREI0MUItRThBQy00QTlGLUE0MjItMjI0MTBCQ0UyQkQx&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
42 B
110 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js?
Protocol
H2
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 09 Nov 2021 04:55:37 GMT
cache-control
no-store, no-cache, private
x-lat
lhrpug009:0:382
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Tue, 09 Nov 2021 04:55:37 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
Pug
image2.pubmatic.com/AdServer/ Frame 3324
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESELU8enLxENvw5QujXWiAYE4&google_cver=1
42 B
284 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESELU8enLxENvw5QujXWiAYE4&google_cver=1
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js?
Protocol
H2
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 09 Nov 2021 04:55:37 GMT
cache-control
no-store, no-cache, private
x-lat
lhrpug019:0:390
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Tue, 09 Nov 2021 04:55:37 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESELU8enLxENvw5QujXWiAYE4&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
379
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pubmatic
um.simpli.fi/ Frame 3324 		43 B
616 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://um.simpli.fi/pubmatic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODA2JnRsPTUxODQwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js?
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
159.122.14.34 , United States, ASN36351 (SOFTLAYER, US),
Reverse DNS
22.0e.7a9f.ip4.static.sl-reverse.com
Software
nginx /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 09 Nov 2021 04:55:37 GMT
x-content-type-options
nosniff
last-modified
Mon, 28 Sep 1970 06:00:00 GMT
server
nginx
strict-transport-security
max-age=63072000; includeSubdomains; preload
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
43
expires
Mon, 08 Nov 2021 04:55:37 GMT
Pug
simage2.pubmatic.com/AdServer/ Frame 3324
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=3&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA%3D%3D%26piggybackCookie%3...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA==&piggybackCookie=uid:f2636189-ff49-4300-a8a8-3c29f45d21f7&gdpr=0&gdpr_consent=
42 B
499 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA==&piggybackCookie=uid:f2636189-ff49-4300-a8a8-3c29f45d21f7&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js?
Protocol
H2
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 09 Nov 2021 04:55:35 GMT
cache-control
no-store, no-cache, private
x-lat
amspug003:0:410
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Date
Tue, 09 Nov 2021 04:55:37 GMT
Server
MT3 4067 88cc6bf master cdg-pixel-x14 config:1.0.0
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA==&piggybackCookie=uid:f2636189-ff49-4300-a8a8-3c29f45d21f7&gdpr=0&gdpr_consent=
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Keep-Alive
timeout=360
Content-Length
0
Expires
Tue, 09 Nov 2021 04:55:36 GMT
Pug
simage2.pubmatic.com/AdServer/ Frame 3324
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent=
  • https://match.adsrvr.org/track/cmb/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=d698b73d-77bd-436e-abfb-366d9d32e243
42 B
453 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=d698b73d-77bd-436e-abfb-366d9d32e243
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js?
Protocol
H2
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 09 Nov 2021 04:55:37 GMT
cache-control
no-store, no-cache, private
x-lat
amspug014:0:332
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Tue, 09 Nov 2021 04:55:37 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=d698b73d-77bd-436e-abfb-366d9d32e243
cache-control
private,no-cache, must-revalidate
content-type
text/html
content-length
313
Pug
simage2.pubmatic.com/AdServer/ Frame 3324
Redirect Chain
  • https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COO...
  • https://c1.adform.net/serving/cookie/match?CC=1&party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=64795979698098495
42 B
543 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=64795979698098495
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js?
Protocol
H2
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 09 Nov 2021 04:55:36 GMT
cache-control
no-store, no-cache, private
x-lat
amspug007:0:325
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Tue, 09 Nov 2021 04:55:37 GMT
server
nginx
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=64795979698098495
access-control-max-age
86400
access-control-allow-methods
GET
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
Pug
image2.pubmatic.com/AdServer/ Frame 3324
Redirect Chain
  • https://ib.adnxs.com/getuid?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=6956644907051674345&gdpr=0&gdpr_consent=
42 B
521 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=6956644907051674345&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js?
Protocol
H2
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 09 Nov 2021 04:55:37 GMT
cache-control
no-store, no-cache, private
x-lat
lhrpug005:0:440
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Pragma
no-cache
Date
Tue, 09 Nov 2021 04:55:37 GMT
X-Proxy-Origin
185.213.155.165; 185.213.155.165; 722.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid
b176b29e-bbd3-43ed-9213-c3b645ba689c
Server
nginx/1.17.9
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=6956644907051674345&gdpr=0&gdpr_consent=
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
Pug
image2.pubmatic.com/AdServer/ Frame 3324
Redirect Chain
  • https://pixel.quantserve.com/pixel/p-5aWVS_roA1dVM.gif?idmatch=0&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=lC0ZNcR6FTWPKEM7lHkMOsN-FDSPKEU9kHnftxCo
42 B
273 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=lC0ZNcR6FTWPKEM7lHkMOsN-FDSPKEU9kHnftxCo
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js?
Protocol
H2
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 09 Nov 2021 04:55:37 GMT
cache-control
no-store, no-cache, private
x-lat
lhrpug002:0:434
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Tue, 09 Nov 2021 04:55:37 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
location
https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=lC0ZNcR6FTWPKEM7lHkMOsN-FDSPKEU9kHnftxCo
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
0
expires
Fri, 04 Aug 1978 12:00:00 GMT
ext.js
tpc.googlesyndication.com/safeframe/1-0-38/js/ Frame C2B1 		22 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/safeframe/1-0-38/js/ext.js
Requested by
Host: 40c08bcac5bf885dbd447c370f4f6d6d.safeframe.googlesyndication.com
URL: https://40c08bcac5bf885dbd447c370f4f6d6d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.65 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f1.1e100.net
Software
sffe /
Resource Hash
0bcac89d72d5f0b2bef20f815406384ff05489e4294acee57409060c2eccffc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://40c08bcac5bf885dbd447c370f4f6d6d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Mon, 08 Nov 2021 16:07:54 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
46063
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7022
x-xss-protection
0
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Tue, 08 Nov 2022 16:07:54 GMT
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ Frame C2B1 		144 KB
50 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Requested by
Host: 40c08bcac5bf885dbd447c370f4f6d6d.safeframe.googlesyndication.com
URL: https://40c08bcac5bf885dbd447c370f4f6d6d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
80d93d1c7646923d44963a0418715b693c6b7e0f9c71f851e7556f15095f6c95
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://40c08bcac5bf885dbd447c370f4f6d6d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 09 Nov 2021 04:55:38 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
51345
x-xss-protection
0
server
cafe
etag
16556017517243641232
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Tue, 09 Nov 2021 04:55:38 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame C2B1 		121 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: 40c08bcac5bf885dbd447c370f4f6d6d.safeframe.googlesyndication.com
URL: https://40c08bcac5bf885dbd447c370f4f6d6d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
sffe /
Resource Hash
eae50574ea0a56447a194b3b9b6f1c5b351bc2839e59a8faed20d1c93ca6e651
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://40c08bcac5bf885dbd447c370f4f6d6d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 09 Nov 2021 04:55:37 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
37743
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1636374859716629"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Tue, 09 Nov 2021 04:55:37 GMT
ext.js
tpc.googlesyndication.com/safeframe/1-0-38/js/ Frame 6C8C 		22 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/safeframe/1-0-38/js/ext.js
Requested by
Host: 40c08bcac5bf885dbd447c370f4f6d6d.safeframe.googlesyndication.com
URL: https://40c08bcac5bf885dbd447c370f4f6d6d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.65 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f1.1e100.net
Software
sffe /
Resource Hash
0bcac89d72d5f0b2bef20f815406384ff05489e4294acee57409060c2eccffc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://40c08bcac5bf885dbd447c370f4f6d6d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Mon, 08 Nov 2021 16:07:54 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
46063
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7022
x-xss-protection
0
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Tue, 08 Nov 2022 16:07:54 GMT
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ Frame 6C8C 		144 KB
50 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Requested by
Host: 40c08bcac5bf885dbd447c370f4f6d6d.safeframe.googlesyndication.com
URL: https://40c08bcac5bf885dbd447c370f4f6d6d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
80d93d1c7646923d44963a0418715b693c6b7e0f9c71f851e7556f15095f6c95
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://40c08bcac5bf885dbd447c370f4f6d6d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 09 Nov 2021 04:55:39 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
51345
x-xss-protection
0
server
cafe
etag
16556017517243641232
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Tue, 09 Nov 2021 04:55:39 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 6C8C 		121 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: 40c08bcac5bf885dbd447c370f4f6d6d.safeframe.googlesyndication.com
URL: https://40c08bcac5bf885dbd447c370f4f6d6d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
sffe /
Resource Hash
eae50574ea0a56447a194b3b9b6f1c5b351bc2839e59a8faed20d1c93ca6e651
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://40c08bcac5bf885dbd447c370f4f6d6d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 09 Nov 2021 04:55:37 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
37743
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1636374859716629"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Tue, 09 Nov 2021 04:55:37 GMT
pixel
googleads.g.doubleclick.net/xbbe/ Frame 602A 		624 B
350 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CIvVChDJgxMYqsOXuQEwAQ&v=APEucNXBPmOBgh5AkuHpuatjJRp12ycMfH-E52u5RwofqN0AiHYW2ApmBVQdQQ2qMxJpKawVjhw04NsjXnOrw4tTzYpL5Rv5ji9xKxh28cZVvOh2TOuUwPf8GJJTVzi8tqQc9Dj73WNRy-TuMKxyPfB5q13nOQfwxfkyl3UU3laKv4lpHmcEOT4
Requested by
Host: 40c08bcac5bf885dbd447c370f4f6d6d.safeframe.googlesyndication.com
URL: https://40c08bcac5bf885dbd447c370f4f6d6d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f2.1e100.net
Software
cafe /
Resource Hash
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://40c08bcac5bf885dbd447c370f4f6d6d.safeframe.googlesyndication.com/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
gzip
date
Tue, 09 Nov 2021 04:55:37 GMT
server
cafe
cache-control
private
content-length
276
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
ad
googleads.g.doubleclick.net/dbm/ Frame 3C29 		73 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-C659Uo6PhGOa1TdQmlgnPaN8IQWwEWXgqs-P0at0LR2BxOIsmPwiml2awl8ZsGukYm5sbvjnqi9iCogd6Cbh8S8elEN8teAYd3Lu6_X8i1Il_rZhJxJ2GKVUSL1pXbotmmg3edVKUiPlm_I_sNZvpoJSrW2g&dbm_d=AKAmf-BJJaLo8CqkmRm5Bck1ojmjNjmcweHRmuzjZk-KSgB3keSIqPg5iLrFOdVVbWkb2XkKIEQt-WvTiPgzFZFfbgpRlVIgrBuNkLYBTeMe-0jELwq2WtXCZOOB65nqA-nJzEgj-oLnzDaA6dP60dWBHQih2k5gfgcQIA8Dh27HSi7pPKUXXKOW_d4_CGBibL3UtWG3dtsjD-fTzaS6FAkYaDWTGBsv8adUdQr-uO4NLNKHLQItHL32N7jaXE0w8CuwrMqEwyH4asMfXQEhnt-Azg8EoQa4E8o3-pSpMO-tlaERVBQ1mG3oY67kDxKmN-1B_-PPt8WQChK8D3HCKV2L4BLLrQbinDAfSns_XW7c2yiwbMyUE1VXIbjc3TlxS-eIOcqAhqYVJJT0bq0vL4t6p8k3yGZlhRiKxKIROXNeeqsYZM9wRRkY0T1hlUm4ef-K3M5tvOEvq-cYmZwHr_JI1Ym4L2OC_D9hYL2invwFpIVpKJNQi5L6_VoFbcMF_5hRblyLWYtCMDdv05iZSiSw-Xgqi5Rv34Nw3dHmoRnwYG7egtSAMkR3eL1ReRvpXafQU6WIX_iQ6T3oXytdNBNw_pBxc_D0t75hfJxY_PyXW-v0gVaa4C67kdeVCBXF1_M2Q_IFDpBCHfDsHTSRH0v-vPdPgZbb6jRSFjZwaId91q8v8FG18qHBoGWPKTjnFlrlOPJiSU4QaLZcCwRhvMZFpp5MbFy2-SmFR1Jpu6xTivx082-lt4ZmFNDzkY8QRqcwHfwJj3LImoRhclM0NpBt35mlxFVf2tBQnv0h5ZoWFzHOrsWuy7iI1biDFnCW_mWS6R1i6LvD7min_dNhFyM1Zy8vjF3SEr7MAtsROwXW0TYc5OTZoQTGCM0qcYEgTSoMhA0JDp1FDtqEtKN-FxjytLGKzrdy2KXp3M6xL8Etr-9-DP7Eel4fUnVtfQ9xzXk3KW2iJX_AglgLE7n74uHJZQXSTO6bgxjCpTtkCgc4e0kTjf9T7cwx8GY6AwMlcp__KYJIdXD0snGPcb4_nE4mSVdVWF3R9u9tLG9UIRu3MtjQ2TPbaudl86vSPizAlDHvfQ6UPNV8hjkE_GUBCL6CVgl3RIfBL_I1k9oe6Mc3_mVLiiRq-KQ7sJlIVjhb8pdPe8HtA8OZZ0P-cFc0lMk6ekzeixAEHtO82DEgLQ5TnGbk6x4YbQ8q4ym28HLhtXFtQJcbhufXTAo5g3c18clSplBmEnQP2TVgS1VtAt9Ptrh0FqK0RJAO2u9QlYAWIGw2V9Q0HIZN69DftDdGhTfFl-kTOkeIMvrShygYWskSuLoqvjVbCZB-d31qhb2YdB9OXfenM8D_8Q1oj_7BvcmB57jlDSg9vj7bW4KFn8dDiOBNPBFkVubQjd0Jwt8hd9a9fnkItsdJ7ztfJYCMEeQtF7KJP-5rb4hPqZWawa5u9ze7jF2vpbtwOssYhJVc8o-VQNUVm8v9QhOlQA4z6P1FJsoOup_cImFxu9WIJFJWUqdzH2suIUFzxZt49wgKOVjsqEhw-Y_CqipcunKLWTKiLYbckQoWdjfX7Z9UqpbZH7L60CDsX160obKSbUjYplqYiHVWOIv5a_8kXbTkIdlKDFm_7j_FWZzV0NziQwbTwTalUUIgGXPBUcWZRCPN07zeS7PC5bPYQFhyQPAQvtAOEoQwMxWRiY-LYyuMk-d0c059xELq4-o6-Ky-LDs_XNMwgUUM6CdrrhHNKF1Dh1QNUnmj-lWDdX3DbzV3tqxgCasqGTqZNrLB-UDlKzFZcupyRg8cuKWxV8RrhjVZxv0YykhlXiDKA7DGQ3VgCC_TnqTa8I6ksMjhexkTMtAVSVhSUooUJpae3Kw60bTOFyPpBmQxWPErcbgMgVHB_OhHbwGe9-HqJGW_29aFy2p9fyPiMfFcUkAVGTh3JrR7xwgDFVni9Qws_5IhPn6VetZD3HBWi3RQt3PGZMH9M3bAM-uwdBBWpxCBSK0SdH9EquSIrTAb35ItTrjf_DKU3cYPVlEka1_OQTs9ZWx9gyjE05DJZ50I_XaYhFYTJ7wfz8w_3p4h1rml4ecAGB8aNNDLTmOtqUjSgfloKDRyuFAaUuTpNHllkI-e1cj1UhadpMJ0Ue00aMRsW9nacodcFlXIZnbeBigsK7ATC8t0w7ijGjnWuC3U14j6x1PwaCFgPar0fmnpAYY9-lmxoHO-QXfDmzqYRSNQKteJ7oPV2cvqqhyNgiWP4E4U0TMpUU89RryN6Kh4G6o4R5-dBq8L_kNbZ8jFMazj-ydRW2JfBpvvj-zuwAnpBu5FX-2HcvSQA7Zn2_5cCvKf7x9yJ1VnxAnNPB8HrHjimJpxJAbVt4ZDdIq90WCbdWEWoVkD17j3arKbLifvDZqM-F3CsqPoWbsKq44uYdwIJtau9SYHakZONA4icpI4Q1FRdEMztldHa0RxeB3nfiCMz4fVSAUu5umeFKgBmcOylC7i6k0x9nks8LAr9iDJM3iwjX9OH0jsU5LC6ZBh_6bM1whUJuoeqBsS36gJcb9DVJY7C5Oel9YZPaYJMukWegMou1T4KBjT3ie_LB1-dkdRFM4_1bOcncJGuBmLFhzz53Aq2qKQwqytmbgwzqWN0xvYDLW2sCVw46LtultrkntXDR8pLvlJGWihsUAOoRKxg1YvGENnwoAdnmRwwkSddURaxqU9eVKgE9YylQs-4kVF3x8_w4ME-Ymr92ZDLTMGMP8mQ5xMOSHL-tlGeIEe2Mi4cX9_PhHWy-zP6qexEQQIe5226N3-GEaDVMblsGS0S1Lcr9vTkRxmMOwS-IiWTb4rEwyJsiKakmKK6uTHvSyfJ2EwaN_Bvfj-cT6xYuZf3dh6j1SbSN4aR6yFU51SO8jyWMg_wpG2ig0_oLLpZCosCVQfe4qwjJzAPL6fT9z8TvIuKnJQ5vPDauZhiEo1KUdiXK4WZOpQRIqOezhx86VcJQx2iGZPWKLx0M2BxrbstLbgAZ02-7pmTBkY1eYepjltNBREaIalUELInK2aljb_IQbqU4Hz7atqom1lYBCxCkmVP3sQ_HHwIMYokDKhdOqmR7y4c0aTSbnxmI3_Tkdsqtz9Fa87xHd9-P03iRfgS9W_Xwxl8kLU0RH84Ra57GZYMIAQhwcoQgUVlj6--gJEzIy79cxdIwa28sOoZLWIRec&cid=CAASFeRoZtYQO9Lksh31CHQ8Skf30nfd1g&rfl=1%2Chttps%253A%252F%252Fwww.nyasatimes.com%252F%240
Requested by
Host: www.nyasatimes.com
URL: https://www.nyasatimes.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f2.1e100.net
Software
cafe /
Resource Hash
c2a05bda128bd86f40100b8588b3b3bf55275b8927a69fcc7536ed45da91b366
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://40c08bcac5bf885dbd447c370f4f6d6d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 09 Nov 2021 04:55:37 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
29841
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 3C29 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-Cl4353dn3B9Ql0sH7ZmBx7GCzXNC5-dE5XSf7G93MIy3lY-PqBQBU4AxNh_qxL9N1SCiH9789MoVG8bVNEIYD4bsQc_axMxrOVy8wi3NyVqX1Lw6k
Requested by
Host: 40c08bcac5bf885dbd447c370f4f6d6d.safeframe.googlesyndication.com
URL: https://40c08bcac5bf885dbd447c370f4f6d6d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://40c08bcac5bf885dbd447c370f4f6d6d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 09 Nov 2021 04:55:37 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20211103/r20110914/client/ Frame 3C29 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20211103/r20110914/client/window_focus_fy2019.js
Requested by
Host: 40c08bcac5bf885dbd447c370f4f6d6d.safeframe.googlesyndication.com
URL: https://40c08bcac5bf885dbd447c370f4f6d6d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.65 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f1.1e100.net
Software
cafe /
Resource Hash
4af635698cb6488a8df86b99febedbc979c76e04f675f3a9cdc66f7b4d86aff6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://40c08bcac5bf885dbd447c370f4f6d6d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 09 Nov 2021 04:36:22 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1155
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1470
x-xss-protection
0
server
cafe
etag
9165589572046851897
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 23 Nov 2021 04:36:22 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 3C29 		121 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: 40c08bcac5bf885dbd447c370f4f6d6d.safeframe.googlesyndication.com
URL: https://40c08bcac5bf885dbd447c370f4f6d6d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
sffe /
Resource Hash
eae50574ea0a56447a194b3b9b6f1c5b351bc2839e59a8faed20d1c93ca6e651
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://40c08bcac5bf885dbd447c370f4f6d6d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 09 Nov 2021 04:55:37 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
37743
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1636374859716629"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Tue, 09 Nov 2021 04:55:37 GMT
qs_click_protection_fy2019.js
tpc.googlesyndication.com/pagead/js/r20211103/r20110914/client/ Frame 3C29 		15 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20211103/r20110914/client/qs_click_protection_fy2019.js
Requested by
Host: 40c08bcac5bf885dbd447c370f4f6d6d.safeframe.googlesyndication.com
URL: https://40c08bcac5bf885dbd447c370f4f6d6d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.65 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f1.1e100.net
Software
cafe /
Resource Hash
69a051355ad02c286b388a0013340d02657eb3f463d628f7fc1069c40ab8a7e5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://40c08bcac5bf885dbd447c370f4f6d6d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 09 Nov 2021 03:58:42 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
3415
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6619
x-xss-protection
0
server
cafe
etag
4215814365075848680
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 23 Nov 2021 03:58:42 GMT
l
www.google.com/ads/measurement/ Frame 3C29 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaQEWS40hxQG4ClOeP-6N9dXmImsHSVIgUcXCOszE_LAdrQVKc-NapOyE3lXQrvRQVmxpn9NNc9PC6yEx43afOw37MmMAA
Requested by
Host: 40c08bcac5bf885dbd447c370f4f6d6d.safeframe.googlesyndication.com
URL: https://40c08bcac5bf885dbd447c370f4f6d6d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://40c08bcac5bf885dbd447c370f4f6d6d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers
ext.js
tpc.googlesyndication.com/safeframe/1-0-38/js/ Frame 40B1 		22 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/safeframe/1-0-38/js/ext.js
Requested by
Host: 40c08bcac5bf885dbd447c370f4f6d6d.safeframe.googlesyndication.com
URL: https://40c08bcac5bf885dbd447c370f4f6d6d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.65 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f1.1e100.net
Software
sffe /
Resource Hash
0bcac89d72d5f0b2bef20f815406384ff05489e4294acee57409060c2eccffc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://40c08bcac5bf885dbd447c370f4f6d6d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Mon, 08 Nov 2021 16:07:54 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
46063
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7022
x-xss-protection
0
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Tue, 08 Nov 2022 16:07:54 GMT
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ Frame 40B1 		144 KB
50 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Requested by
Host: 40c08bcac5bf885dbd447c370f4f6d6d.safeframe.googlesyndication.com
URL: https://40c08bcac5bf885dbd447c370f4f6d6d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
5499db61e4f6f271d822a1a8d5c85e5545fd47ecb2e4b143c36203b39275a5d5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://40c08bcac5bf885dbd447c370f4f6d6d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 09 Nov 2021 04:55:39 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
51350
x-xss-protection
0
server
cafe
etag
2313239273322989329
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Tue, 09 Nov 2021 04:55:39 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 40B1 		121 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: 40c08bcac5bf885dbd447c370f4f6d6d.safeframe.googlesyndication.com
URL: https://40c08bcac5bf885dbd447c370f4f6d6d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
sffe /
Resource Hash
eae50574ea0a56447a194b3b9b6f1c5b351bc2839e59a8faed20d1c93ca6e651
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://40c08bcac5bf885dbd447c370f4f6d6d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 09 Nov 2021 04:55:37 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
37743
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1636374859716629"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Tue, 09 Nov 2021 04:55:37 GMT
pixel
googleads.g.doubleclick.net/xbbe/ Frame 1D51 		640 B
363 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhCn9EsYj6_ClQEwAQ&v=APEucNUOSbLtzXC-pKJut9jFAh_Zux5dFZElZ39hawGzxiD45PSLaKReJUEZpEgElxrubCDvw7YI1NPdzPyKBIf9h2sOoNqLjcSGNbRNQ14FhS8hB1RjHT2tOOJAf_KsAbfmgkWStWS5q7QsRqL4_GH22hN6b0YjerbyaXRVCwOrVVBbvWjuj-M
Requested by
Host: 40c08bcac5bf885dbd447c370f4f6d6d.safeframe.googlesyndication.com
URL: https://40c08bcac5bf885dbd447c370f4f6d6d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f2.1e100.net
Software
cafe /
Resource Hash
d0e8821e889280c3b745b859e6b3971924723a4562bac65ba8aa0fe44bfc83b2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://40c08bcac5bf885dbd447c370f4f6d6d.safeframe.googlesyndication.com/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
gzip
date
Tue, 09 Nov 2021 04:55:37 GMT
server
cafe
cache-control
private
content-length
295
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
ad
googleads.g.doubleclick.net/dbm/ Frame 560D 		26 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-AeJUT7f7T82RRcDLfYge86MuN_IAf-p0gPJ83VvyOzBm0RYXpIiDn7XkZaIhI0fGrc5swWq_P0_FWfDX6kNQXRQO9dGTcuKrX1nq5xSNbOBgVMUUykbl-616249J1DaE9J4F3qSowj0N9RP3OPzqCl1qEKiA&cry=1&dbm_d=AKAmf-CzQAIn0BcNM4cLdgJYw3MlbJJxSwvmosJs60iph7leTgrcVhFg-BqWb9od5BwoYwbAulFtQWnZbjg_-ELN3Wmt_VdQj7NRFHC0xkLpLGgdh65Q-HjuM14V7CXe7QbhfoVj6eCiYSP5LVDNVg_O1fu5AETOq_StQ7FXVsWIAYzIdfLzHlZFGZOqSM5b9qgJ27liE-x1AnbQaatLY3PPO9BN9YTXn9pk4tiwq80zfy1nyMEcxGXwLTeKfdCrCo6bRgvXUSpMsM2VYe5pEnWIfkTQ9Dz-RMr1UH358QaGL8Rt7mR6JZqJljM9quoA-GTAyz4p1Jcl8FxiDLfck2zhnngKR_ry0J4nXJ5KcNNuiLJuL1Kozfc4YNA8-ASho5zk3eAjgI43ABrmVTXVs39Peij044BjZh4dB_mBB94To-TGiYWC2iQycBByBU27hopJq0LKqST4pVojyuiNDXT-SRyYSueEAOAaA2qVHTEsqJgKKB6BTEkpUsuwHzqS_T8zV1lMqXU0CrvYHe7j55aaK848jT6hEyMEeV5QKhmKFo78CiAgeonAVX0HQqoHlR92l9WM2K1j8huVOXtRdGK3IS1-gUmkBufCbPQpGQboVSu14wDm_Kd0Ys4G9nBSgQkzlG620lzN_mYLJ8RVoUNd6lxZZaGWSQq1iOAQ70S4L3myVZYnMOPgareI2V2U2Z2DBvGr6_FqWvVFFoqt11inwZMJlG92kOSpLnQbWDoH0ZeOlTLVl0uznLJPzHGF5cN_J--U8ZhFy-eGABYti3PL9aqUmF1rg_EGe1w9mt1DgVccuHnPxw0hcWZ3iCWIf5wC1cjJJQ8wiQ7TCKhBtYWHt3EdMoYXuZpw1IF0Q4Eu28GuBVFy_yzsrhdiJbV3uLvwb-IbZXyQMFSyfKlQENktnviO-e_TKHxNj-X_-G62SAZMMBerfUfK4Uimony-OtkI8qZN8-gUuL7imBe7p6IhxN-XW85Z_63wYCx8qHYk9nJyhjmLGvz7I7ydQ66HIWx7wXHPxvVSlUVk58kjIVQX7-2w3qqqRh0DI_ZTgLjsuTFKrY14ncpdAXMenfppSxAbyL59rK1eKkA1Q-xVDaddUx8tIZ1_rfL3oM-kI8nBicEO0z8rwhlGwnFgvgwSkH1lbZk2VCBLT-w-IZ8ZqxYgfsJSXHv847f-7BY4ByRe7h4Jyc-ZUvCSr8K8WwrFol8m3un1H4QwY7wFVmD1fR_ha5ceU8i4_-Gg3l86fEGEHjwn66CAItrw2nVCDTBuN3jh1i9hr04s2fEFrQYLYwnIPzutBzm4pPzbC_x7aKytcKtUfGn9MPFnHjMWiSlaWoCASyVO-8uojcZy2eYfAn-geIf-NxqZVefcvdWowC6MqY77r6b3ZJDG0yEvLtlNShLVc8QmIJR75nXdBlyfjQ2gIwfXOFB-kRGoFPEz47pXbix2omJP07eZNGWfWY54pp1TR8zYQhznXkz-MbdETogiGZjyR2vhnBOHPf1e8ge5bKyv4s_LpRd93a50EMhwCJO_NOBK45M16PThkrmYM6Zz4qfM6ZcZokIcnD_tkV2xX8E4iwUEuFeb6hfcQ-cQdXxQl8xn4XtD4WGlIEi8scXXyfAmetIuXYhfTyqaft7ylOUqHXM2LO16tIYcOJKpB9E3AetUpwX1SQNOlcQ7RNdjXqJFUi2Jbh-sDJWnfDWaJGUvPqoPickoA5IeDnVGdBmAJI2n7hlXSHstdw8AcyfsMKN9pOo6kMVnk1LDkn71icGlabeAa6Q-zPFVOyQwUS8-LELnfGEqoZKjzpZSZZIjaWO3OFQGddo9Ab2rl84JY2pq_OgBGRv3HzvPn6G4nXF9Y5jcx40_GBe3s14o0-YvWgTHBKm-SuToHpnZxxj2t9yRwrhhv8ekNIkSI9Fop9H6Y8g8QkH4ySa07VZPl_RDkDBQT9zIr26wUT7CPtEN9JCkeqE-LtwWk_0qTEJUTCuY-WEYqtknP1WsqDuipSWK8u8fNme62bLvWt75AyBQe-sMXBimlYbYIwb9DkGZwsp_8WPTOzbTwwbz6ujmE6OE1rKxN1xscdZtZYNGSdvhmjjRhw9LscQewoLmWhzPozKl_uY_9ij1DKAfgeOygF1wNgjeJm_HVdafrrhdoD_wAUeBdlB0EUFNtgbHdY2OHj0y_mEpah2X33VvJv7hMVtj1ovKBmZ8XyZdmJ4pU8iAe2G6fG0oNh83rj6r0RqPMxsPiIGlOI0i0RZMt45e6PuihJMSEDqMzyL2FsMwnLrEx9tP3UbwsReqmtUM7ysPv71amanHFJ_hANGoz2auSgQOvaopXSNlA1KTyZ0ft2PjZJLkWJ-L1gtiwXJeuUbcHisnP-RJyz0gd7ITiBMebClwHrYcrelFaIC2L3Syu0iuBhdprp6nV5ulWJchsTRxn6f3nEnukjRyWJZB_HcY_xVKeZ5sDaTXhoGHpWum3Qf5ik0lg4I1IFRXPZTY7BB7-tUu9hYiwhH4JQGPSISaaWpqOlgNyTAalXvhNX7gyAzOGXMXmNfAT4vonPbdAaC4IyTQpH4iLFfmA6rNPJmqWRMZ89Cjx59rCPhuvkAwJdkXq8QRXnNCHpH4dhyhqUMXmTGMx9xpsJnNHLFDd311g2bUDQUckuzQCLwZLdr-FHkVEut9ipEJCjGBxp3H6NBcyd6Q7EgOXi0gxHekqBoKL5jTGWhF351bNjRP0kBFSGwZtyErEjy6xkhyZ9Tx9j9-UHVEURHRuYrihNFxHlF6mbiNKf-0flFM8nkmBYLikENKnf3smgr0NZqQTs6B0N4-kYKv4f9YQmQfP5_gDopkMDcoHIFOKGZ7aJfkonfdofeeoq64adehx1LAHG1E6SPX0mh43hJq0G6yP7o3he2LKze1NApTNWIYAIM_lxxH6CVkCU1uyHLcyl8AWuuSLuKUZqxzyXDf6m-t2Sod-TlOjINABxvET3iw7y2Qfo3Pbm5ujYfsAF3mbwh95ynBthusF81h-qWlfc6BoBEQQG8a0aPmuxzIu2hIDKyTdgPSgoNMfS40930rDfJNlpLgyWWVushqqr_F1nqTqBnCVEOXFl8BKPuoLu-GfGnJVrBvmQRZUC-X1oYDkz9e_1YGo26khqkdkMGmO8SLkX_LHY6fP9uAuD43hXGiw2J4JxYYxneWqoqjUOUqvxqfp8mSCy48WkaviYtfHiNc&cid=CAASFeRoFOmyYbADMZzuC95bVCZ17soWUw&rfl=1%2Chttps%253A%252F%252Fwww.nyasatimes.com%252F%240
Requested by
Host: www.nyasatimes.com
URL: https://www.nyasatimes.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f2.1e100.net
Software
cafe /
Resource Hash
027239683299b958917a3fc724a39775affa54709b897edae6b0ba4b1a9428f0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://40c08bcac5bf885dbd447c370f4f6d6d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 09 Nov 2021 04:55:37 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13740
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 560D 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-B0zKWNA6y55rtVlg5kuIFdxZ1vPtQBI-j8TxFYGhnMJpMQDAhqalIJp6rMkFV10G3x5JbYjmmgyqrNDiUX_q4ZnnrgCzwdAamYCj0NVY9wvB4z7Bc
Requested by
Host: 40c08bcac5bf885dbd447c370f4f6d6d.safeframe.googlesyndication.com
URL: https://40c08bcac5bf885dbd447c370f4f6d6d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://40c08bcac5bf885dbd447c370f4f6d6d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 09 Nov 2021 04:55:37 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20211103/r20110914/client/ Frame 560D 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20211103/r20110914/client/window_focus_fy2019.js
Requested by
Host: 40c08bcac5bf885dbd447c370f4f6d6d.safeframe.googlesyndication.com
URL: https://40c08bcac5bf885dbd447c370f4f6d6d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.65 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f1.1e100.net
Software
cafe /
Resource Hash
4af635698cb6488a8df86b99febedbc979c76e04f675f3a9cdc66f7b4d86aff6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://40c08bcac5bf885dbd447c370f4f6d6d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 09 Nov 2021 04:36:22 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1155
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1470
x-xss-protection
0
server
cafe
etag
9165589572046851897
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 23 Nov 2021 04:36:22 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 560D 		121 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: 40c08bcac5bf885dbd447c370f4f6d6d.safeframe.googlesyndication.com
URL: https://40c08bcac5bf885dbd447c370f4f6d6d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
sffe /
Resource Hash
eae50574ea0a56447a194b3b9b6f1c5b351bc2839e59a8faed20d1c93ca6e651
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://40c08bcac5bf885dbd447c370f4f6d6d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 09 Nov 2021 04:55:37 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
37743
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1636374859716629"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Tue, 09 Nov 2021 04:55:37 GMT
qs_click_protection_fy2019.js
tpc.googlesyndication.com/pagead/js/r20211103/r20110914/client/ Frame 560D 		15 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20211103/r20110914/client/qs_click_protection_fy2019.js
Requested by
Host: 40c08bcac5bf885dbd447c370f4f6d6d.safeframe.googlesyndication.com
URL: https://40c08bcac5bf885dbd447c370f4f6d6d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.65 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f1.1e100.net
Software
cafe /
Resource Hash
69a051355ad02c286b388a0013340d02657eb3f463d628f7fc1069c40ab8a7e5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://40c08bcac5bf885dbd447c370f4f6d6d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 09 Nov 2021 03:58:42 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
3415
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6619
x-xss-protection
0
server
cafe
etag
4215814365075848680
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 23 Nov 2021 03:58:42 GMT
l
www.google.com/ads/measurement/ Frame 560D 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaRSK9M_Z3qnQ2X1QAMhTqrg2JiMsTkenzNfZpiGqRLBMP9n_ERhttedzLzGrNZhAkAj79oAgik5E6PVc69RHarlHmoaUQ
Requested by
Host: 40c08bcac5bf885dbd447c370f4f6d6d.safeframe.googlesyndication.com
URL: https://40c08bcac5bf885dbd447c370f4f6d6d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://40c08bcac5bf885dbd447c370f4f6d6d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers
truncated
/ Frame 150E 		219 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
e39be1ecc66a9b505fd72ff6e6dcffdc08c362c9c4c9e30db06f486043227e84

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ Frame 20BD 		217 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
cb3d98bb8f688da1e74ca59b2f4c8f10abdfeee40f67b2365f945f31b892498d

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ Frame 5938 		216 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
87c5f2e18cbbef40eeba16c0e6a15aaa697faabff8dbb9e7e8e2f0499fcc7fbd

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ Frame DEC4 		217 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
9f789f4e4c5ac64ca2066bee1563d7689159da96483df1206b61e2bfdeb5c085

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Content-Type
image/png
view
securepubads.g.doubleclick.net/pcs/ Frame 6C8C 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstfNG7q78hsmcJpcm6ktG3E_DWk-mU3-jwKAFc6kJgwY9HstId1NuTsbcR1fkdrsv6QsrhsWhRObhdUiysX8KCd6zEnJMBQ_pVH9_f89K7Fn0JJ5-rgxZJO2kZ9_D7Lln6Gd0grUMpq3NoAa66-IYMaUIFE35V39f3Ffs-YM_2mE5UzyO_Af5wRsU84YPiOpsMh2pA-UVDwM8Fly3Dmf5_WQUzfldxIg_RfasuBoBznoRN98Ah5o5E17NfSJCTYAmU9aa9nO4ZDRM4ldtIeXDd1qLhupfSRqTssQpEyN6GLmnXmquI2FUlkrGW6qPkKbQaairimSxPdS_zcGVY&sai=AMfl-YSs6BzcEJufBlKws3grrMWa1eIgpFG6Ss5hptwnEdhjtlEltrG2iKO4A3KXa5ZKs7y6gJ9xrXLtV3bRp1E4_gbr2vysRZcbtFSvYF-2GAj7f9so8nKNfnsfargYjeE&sig=Cg0ArKJSzO12VE2lKkmsEAE&uach_m=[UACH]&urlfix=1&adurl=
Requested by
Host: 40c08bcac5bf885dbd447c370f4f6d6d.safeframe.googlesyndication.com
URL: https://40c08bcac5bf885dbd447c370f4f6d6d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://40c08bcac5bf885dbd447c370f4f6d6d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 09 Nov 2021 04:55:37 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
truncated
/ Frame 09AC 		218 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
5e2065c627e8fd3c379338adc7c7786f5921c0ea1e4e0119d31baff60ddff3fe

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ Frame 6C8C 		211 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
808d2a3ff1668e29cc40f1b2c047b9d33752ec4e95c03ff1f4fb483877019d31

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ Frame 9D4B 		220 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
0caaba09f3ab99cc64db125b3fcb1b1cadf232b1d9ca47fbf0f40c6681dc6a6b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ Frame AADE 		215 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
57e8451654a9e4668a66491c8fed9b2df1c65c8441fb45de7017a40f38c9ef53

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ Frame 3388 		214 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
a2ffd1d025cd9ebe848e26777f7f72a90c636fbc775b34efa8e7021493a05acb

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Content-Type
image/png
view
securepubads.g.doubleclick.net/pcs/ Frame 09AC 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuWChamAw6wH5472rP7MuC0zfZjvKko1T7xkAmipJqmCwGuKWAUBifDm7zHw4P_BPtQBWlBfXieBfVDwKr-N6uBFIryw1Kttb4be9ZZzAA6xjAkd6W33D68udZ4ycThB4ZZIdchMqHl0wy4OIOQBypu-0yWyQcSvA5DkPC12_i4CWBkTC_WC1RvDLNmGlOoOFeJ0UiKAF8XOAKmJatlp1Wp4ai5vldFx7DtgNbSEfKL3yCRaD76hl9yPMI5Xk4-AcvnjdhFqIyN14dwlB1vZMt8ayblztd3v-q2VSKybAexpzhp4X-Kex7L3KY6ee5BU1GMbV4VlM0egVhW&sai=AMfl-YRKHJ7rWpotjVEhYmDAg_dxH2Mn4iOPQ6BrxGjOttsJKAEvqGyNLPuKfJyv0GM0pJch87LTBnF4Z_WD6Kxm0g2RBg8jsx-mLKUgzDcK0AtsQtTUMMk7gBhJJz9R7pY&sig=Cg0ArKJSzHH-ZDPiId_yEAE&uach_m=[UACH]&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0%3D&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.nyasatimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 09 Nov 2021 04:55:37 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
expires
Tue, 09 Nov 2021 04:55:37 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame 5938 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvPYdm77fHWQoDqZJHG3SuWfjy-U9peaDlNfWB50NnXX1vHBsNpvS8v4EJJPWPqWE9BwAhK6sHZ2z6OefCn8SOdi9SduPQTZJE5umO6WyAuzMP76FYCEh22grtxibXD19fkM13xcZabYhbwDvcO5l-IC-1VzAhyR_j7ybV8F0Wc30Ld1x1RgIYAMRyljGMVG8OWkFiwlOxvopMswyeluVRQN73VanNFaey8HKLDx3bqwoWD-Dhebo_vScS-IERLRiTR1T5-4f1iIVg6_Zl2vs-lse9s6aBV2X5iDatN5pdyywW7V2GvfoFCit4c7tdTGdu15ZfqVraEmv0OKXX3nQ&sai=AMfl-YSZt1oVQ285eCeNv5te9TQsrDl4QiTrw73aqjutvI2fO5NkYyxyYxmfbAnbAozVC8u35vH1Mp29673YOIIk43qL-bEzXvQSeR8_c92NDRpyqKWbIgDwoXIv30HRwXo&sig=Cg0ArKJSzLSRuB-O9Hl1EAE&uach_m=[UACH]&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0%3D&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.nyasatimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 09 Nov 2021 04:55:37 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
expires
Tue, 09 Nov 2021 04:55:37 GMT
AdServerServlet
vid.pubmatic.com/AdServer/ Frame 3D85 		27 B
0 		XHR
General
Check archive.org
Download Go to
Full URL
https://vid.pubmatic.com/AdServer/AdServerServlet?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+7+9+1+1+6&gdpr=0&gdpr_consent=&kadpageurl=https%3A%2F%2Fwww.nyasatimes.com%2F&schain=1.0,1!vidoomy.com,62144,1,1636433736609,,&us_privacy=&cb=1636433737157&SAVersion=2&inIframe=1&pageURL=https%253A%252F%252Fwww.nyasatimes.com%252F&screenResolution=1600x1200&kdntuid=1&vwndh=0&vwndw=0&vwndurl=https%253A%252F%252Fwww.nyasatimes.com%252F&vwndref=&vc=2&js=1&sec=1&kltstamp=2021-11-9%204:55:37&ranreq=0.5381863181938364&timezone=0&depth=0
Requested by
Host: vpaid.pubmatic.com
URL: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr==&gdpr_consent=&kadpageurl=https%3A%2F%2Fwww.nyasatimes.com%2F&schain=1.0,1!vidoomy.com,62144,1,1636433736609,,
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.111 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 09 Nov 2021 04:55:37 GMT
content-encoding
gzip
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
access-control-allow-origin
https://www.nyasatimes.com
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
x-vdbg
1:0/165:-1
content-type
application/xml; charset=utf-8
si
googleads.g.doubleclick.net/pagead/drt/ Frame 3614
Redirect Chain
  • https://www.google.com/pagead/drt/ui
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Requested by
Host: www.nyasatimes.com
URL: https://www.nyasatimes.com/
Protocol
H3
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Redirect headers

date
Tue, 09 Nov 2021 04:55:37 GMT
x-content-type-options
nosniff
server
cafe
content-type
text/html; charset=UTF-8
location
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
cache-control
private
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
view
securepubads.g.doubleclick.net/pcs/ Frame 150E 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsthqxxGQu958JnXvR1ITRsKUSVU4iXPpCks4LIvX_25pEMqj_ZiO5iMTp3XGwsDHkd37cWA0A5mqeVm9euGqGJfqG-D3x8-WPIk4DMsvAPb0UxG-CVG0f0Fec1OHVUukSYky2vmmVsLQZMvyk3nNIKCRPLk2R2rFrtt0-_VyGbbZFmnN_Pudjthr8LOkKFIXmeHcWq35GPvWIXvO1ab6NiZhhzZ2_kmapjxCC5FPBXghv6H7civeL0alNK7dswPEeYf7OqGT4ge1uSuJ2IQm1raMheBg9xvFQEsBt_1FKxKtxZeNmwdad9R89d8FA9i0bTSuzXftAXFfNVFsBi_&sai=AMfl-YRGNUZzM9CszsaZgiCXi7jwfdyQVSETchcVcB3fY3FZhUk9KIU95gg6n5k6qCQnF5E3Ra_fdi6lbmX9xWayHTNA3n6lM5CjnukeDMlZXOrxLtplM6x5w0af-UTXVeg&sig=Cg0ArKJSzAQJJBPaP5LsEAE&uach_m=[UACH]&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0%3D&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.nyasatimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 09 Nov 2021 04:55:37 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
expires
Tue, 09 Nov 2021 04:55:37 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame C2B1 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvt_-ZNTbRxzGCFvTINCQ2VLUtTP0o00kv_SRXzH2vsh2N0Y_AjZ8BO44s9GOdGE3rXF2imgWoHAy8dPewEFMEHbWToLIcyNlK8kSa9gJ_CmWAsEfGuuTZu7NiL_tLI6102ONc9Khc8KI0RoXp-qFAbIbl0epmNxwi3VKhSgIyX99Izp0hON3Oacx35K9egCjAR1RUX7lGhXYCi_OQ7VR205hT6ENVNn2Uq7IMjyhPsegBV1_P7oH7u30ZLaLEhhJ58EEH3vC1IhDJUmzYjwimXDvoW97wszQRj-E9TEOfbpRmQLKCFPxp6mDyrNTT0c3yvOTopjSnGpPQNYxo&sai=AMfl-YTy_xgwx2loJ6npabyfvDGm7Hx8Sv2WBMV6vtAg1OJOZPdhl8LSlHvIHhydcXWIkVEDGc5Cy72nEaaUGeCIYmo6kJUe11QHiWrmO3gb48XDd-YfAB0IfIownqJFBAw&sig=Cg0ArKJSzHSY738s8IfpEAE&uach_m=[UACH]&urlfix=1&adurl=
Requested by
Host: 40c08bcac5bf885dbd447c370f4f6d6d.safeframe.googlesyndication.com
URL: https://40c08bcac5bf885dbd447c370f4f6d6d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://40c08bcac5bf885dbd447c370f4f6d6d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 09 Nov 2021 04:55:37 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
truncated
/ Frame C2B1 		217 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
1e7cd2bde1c04e5a5db40673bdeb4c711a140792878ba1f1c967783f04793ba7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Content-Type
image/png
view
securepubads.g.doubleclick.net/pcs/ Frame 40B1 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsv-BNctzl0yxmmXWMdM6ACASRyT1v1jBmZRqhfMQpcAHVdyehfdsKT7pvYnb9olAREStFWMq15QTU9zAzgUyyf8l2-vQmbbsOtCpTdJEHMewcR2Fsff2dorp6VbZ8_EUMeoSeLkrDTcLpaKJVBPQ7uxtxx868gv4HJL6MCHZ0AdU9AbaklOnqZ3fb6IN81CpaG5ggc9Rp7iSoRp2RCYfwlcpxC_vrAln6abMuNpd5RqZP1KO-BH1WGyXzsje0XI4Zjh7dTraNDbLs6yjOK0KWoIMK5OJBmOYVEcvV5-upcyiErXxfjQufhRt6LU_iU&sai=AMfl-YRlMRoQTfyA98Gz071MSz-HMJ8xUJgo6-0WzuZ6-tih1-kMt6ewFbmNwFsV5_BQP3DldcdHQtVdnpOUGn5C_ePDDNu7qEun7tCs_XHt-Hhd-LVpD9qXhF2XOOCd9n8&sig=Cg0ArKJSzDng2lWlhrDfEAE&uach_m=[UACH]&urlfix=1&adurl=
Requested by
Host: 40c08bcac5bf885dbd447c370f4f6d6d.safeframe.googlesyndication.com
URL: https://40c08bcac5bf885dbd447c370f4f6d6d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://40c08bcac5bf885dbd447c370f4f6d6d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 09 Nov 2021 04:55:37 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
truncated
/ Frame 40B1 		216 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
d30819ce1c019dde9d9cb87b4a43a0cd31cfea58de21091758329dc5d88583dd

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Content-Type
image/png
recaptcha__en.js
www.gstatic.com/recaptcha/releases/kcXVPRWG7fMILHmzon0--fD3/ 		343 KB
135 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/recaptcha/releases/kcXVPRWG7fMILHmzon0--fD3/recaptcha__en.js
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api.js?hl=en
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.195 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f3.1e100.net
Software
sffe /
Resource Hash
88e03f37d35232ca4b0f97e30ff63132372cc2235dbb60bc1141fa97a112c64d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.nyasatimes.com/
Origin
https://www.nyasatimes.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 09 Nov 2021 04:01:07 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
3271
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
137623
x-xss-protection
0
last-modified
Mon, 01 Nov 2021 18:13:57 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin-allow-popups; report-to="recaptcha"
expires
Wed, 09 Nov 2022 04:01:07 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame 9D4B 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsu_KSCWAPzoBOfofc6lzHBnlc2OBwrNs_szybs_BzgEl_xU6t8X5WmxFPWR-mSLU4tpsX1ICDAl28Q-dJvWsbbfR87m28Tsr4XVe8IO38f2Ra-Dx0D4NDge5csTqGow6PkOr5RAjtAY0tWyrlzQi_M9DbCJUu8sNlHj8ehHxe31avt_2wheQQbvILos92GaoLi1Jkj1j8eUJFCCIT4Dl_NPaSYV6aRWv4y1t7kurMrfdgRKmHQ-3hsp6AaCdc_IPudDGn4irp-C30ZFHsDDDq_fU5IDt3wn2odhtXS2q-uuXAPEX0Y9JjcbtUa8YPzv-q7k0YPFGrb44hRrpw&sai=AMfl-YRDIaFNZak4W-qHfDPo9eb-BW-QLtmkvf-ERxwXnKOC6tGN-KgdaJoBs0q6UYUvq286dfUHNR9NZDe6_lNVb5FP8pZI2rilt6ZUNDNzykkydeY_xlnrXCu26MzyKXs&sig=Cg0ArKJSzFB1wKpzxESmEAE&uach_m=[UACH]&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0%3D&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.nyasatimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 09 Nov 2021 04:55:37 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
expires
Tue, 09 Nov 2021 04:55:37 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame 20BD 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssLZkKFkI2eayd5j6JmeG4m4yh8ta7iB-f1jcr3q8oUojzlWnkHG5a1GKeSsMyVl2P1TjhN2OZZhwUFMDVA-3-lCztMuDMGBdu8bQo0eMJEcaOkmm5elqPNRguza4ulFxBchM9_wXdGMrQfnfhvTo9Wi1PsTlG3ZG9Cgv05lQ_NXZnVJ6Mn12L2s45BXC_vxiOOnAa3eOAlJ6Qp94ctkJZnLwa51GZkiciIqaZH1ZHNsoPqQMDMU6S854_LEGt8GbweTtx5GNYJs-X9ARW5lq5nkaKEXq2pp3g8vm6yOOAzLM-YMFrWlZSMYJtw7FjL-4TdIpyXockSkM6ycX1noQ&sai=AMfl-YT3QRLelYZmEl1ZUBYigR4NUH5mkUD6J95THB5W22pDQxphFYCjGdT4IgYHm8AfcZmuyWp_CUjN1lCtjg1B2-6XAsspnGIAe18kNHI2krp4pvgUATfb0GCd5XUVMIg&sig=Cg0ArKJSzL5L2ZjYK33FEAE&uach_m=[UACH]&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0%3D&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.nyasatimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 09 Nov 2021 04:55:37 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
expires
Tue, 09 Nov 2021 04:55:37 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/224/ Frame 8030 		12 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.65 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f1.1e100.net
Software
sffe /
Resource Hash
4fa0156d693856f79289525c8e4db988a188d55ce0283351c96d811c7ce3e2c3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://www.nyasatimes.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy-report-only
same-origin; report-to="adspam-signals-scs"
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-length
5029
date
Mon, 08 Nov 2021 20:02:57 GMT
expires
Tue, 08 Nov 2022 20:02:57 GMT
last-modified
Wed, 02 Jun 2021 17:09:45 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, max-age=31536000
age
31961
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
aframe
www.google.com/recaptcha/api2/ Frame DBD8 		783 B
535 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
b8ff2d5c080028c4213654ba9d568ea66f26cbd6707ef56b9ec3de439a2a2ba0
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-8GdVZeCE0MzqkLpOPVACtw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://www.nyasatimes.com/

Response headers

cross-origin-resource-policy
cross-origin
cross-origin-embedder-policy
require-corp
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
expires
Tue, 09 Nov 2021 04:55:37 GMT
date
Tue, 09 Nov 2021 04:55:37 GMT
cache-control
private, max-age=300
content-type
text/html; charset=utf-8
content-security-policy
script-src 'report-sample' 'nonce-8GdVZeCE0MzqkLpOPVACtw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding
gzip
x-content-type-options
nosniff
x-xss-protection
1; mode=block
content-length
513
server
GSE
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
view
securepubads.g.doubleclick.net/pcs/ Frame DEC4 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvX4ly2a6lJPB8L5gnlWtPrLccZrSByWJG0C6jAqRyCGfL9BPWbIcdrBZDo_--dgHF9_I0HJaLy7ULiTDG136mTRqRNyCJMwdLnjRX9ruH6js5BWb6T6WO-6vwRBTuiw0Gje4Ug2oJqiAPlX8mzfsUEK2BAJ9YBVgqxFpbm_T_ulyY1uDypfBfSo0Hf-6QuZmP3t51TAMf-zk0lamFoR-DkM1EoQNSakZ8qVVHYnwB4JSg7ezdzjBxpJZl9GTmKoxLVuUR3yOM6DcfgBhOyexjC957t2i49AZqI_XO7tP2z2iORZic4eoxQCKNKEPmjax1uSfRYgw7nusFJ340&sai=AMfl-YR_OaB8sSCWGjBKuPrC8eOWhcTaVmoW73Ko88FwE0k2WksuDdWRajXJXqWtzl6NihLgJaAXbN860pSTNEnL58R_psHmTi-sgP7AmY-wZSO89uWtfeQEjUZRv_uafMg&sig=Cg0ArKJSzCcFge20R7F2EAE&uach_m=[UACH]&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0%3D&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.nyasatimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 09 Nov 2021 04:55:37 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
expires
Tue, 09 Nov 2021 04:55:37 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame AADE 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuWl23Ot7nzFpaj0aIGKmeDNX3kZkT_X8UJu5B9V7WWd2aNU3KV8EPhSXLGN03U3p7ZOLpbjgOdOG0y0rSN9AUFX653MffEhYIHLO_P30QQhMgrh0KDqVb3X2yk6jLyl-icxpdoDf4130Ej96uE7vIC1mssPeYf78IPRj1AZneFqrsu9P4L9k2hGmC9bOoLMRWtUFmnaaULIaRwZwZu9s836AL7olt6a4uTL_VmBvlk4u1A6o3kWoO0oEZl15RW1pfYjeSKBlBf_jQz0_FhUQILtRJUi3iLfrfSFRd-P5gH5JYGF9Pl0IPJbs-bujUKoQ7qpiyyJ2dW1yx4eqg&sai=AMfl-YT6tW_vEhJIsZfGRLgiGdglspj91IXJfs7m7GtTx39aVNxYOewcir1ddVSvb5i9A9SHookjAE9jItkvif_erVB7ihhsuM-8p7ADICuTPJq_VXSlJ6lSJV4F0d8gkyI&sig=Cg0ArKJSzCTeZM1VhTx-EAE&uach_m=[UACH]&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0%3D&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.nyasatimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 09 Nov 2021 04:55:37 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
expires
Tue, 09 Nov 2021 04:55:37 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame 3388 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssqNqthDodIdqjkheNqKpHq7yKZGKJZ6j6QXbx9z9bssPvWKlHkDULcS4_L1nWBtPQzx7M_uSNksiHEK-_CW51fqW--Gzx0l0YkpzWRPChgYWIQpFboE7F-_3LUi-OMulh6zFy1vq4XCenuFkT2xlubdpFZs_uZK_fLXVKVmOh_5K_jbLVoFtfzk2wjhb9dbDv_CSmIVrrNahtNu3y1089fScL7OAPWegfshMfpK_1i1ibUQoDXvVVaqw5BE2hE0ejvbJXx-U8aTMUidQ9h84ZHsC7ez_yRKXra45ZM_eNlXf-63jCujHX-cI3Q8Xt4eK08KgJDdi39LbE&sai=AMfl-YRWE46KONzFOTu-gfPmr6pD-iBLxByDyR9yDck3ej2Qp3HG9HWtqT3Qlp8K47zCULpUODq8RbLNS-CdYs-9M9NKO0jsN3frgdeK7uRj8-gYRDX8pK27-_R-M9uS5_Y&sig=Cg0ArKJSzBYCuiJdMzjuEAE&uach_m=[UACH]&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0%3D&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.nyasatimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 09 Nov 2021 04:55:37 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
expires
Tue, 09 Nov 2021 04:55:37 GMT
express_html_inpage_rendering_lib_200_275.js
s0.2mdn.net/879366/ Frame 3C29 		106 KB
38 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_275.js
Requested by
Host: www.nyasatimes.com
URL: https://www.nyasatimes.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a23e44d9d02a2a9641a9bd3b47693656054c00b71890aed2fa7fc90151750f73
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://40c08bcac5bf885dbd447c370f4f6d6d.safeframe.googlesyndication.com/
Origin
https://40c08bcac5bf885dbd447c370f4f6d6d.safeframe.googlesyndication.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Mon, 08 Nov 2021 16:55:51 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
43188
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
37892
x-xss-protection
0
last-modified
Mon, 27 Sep 2021 18:44:52 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 09 Nov 2021 16:55:51 GMT
omrhp.js
pagead2.googlesyndication.com/pagead/js/r20211103/r20110914/elements/html/ Frame 3C29 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20211103/r20110914/elements/html/omrhp.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-C659Uo6PhGOa1TdQmlgnPaN8IQWwEWXgqs-P0at0LR2BxOIsmPwiml2awl8ZsGukYm5sbvjnqi9iCogd6Cbh8S8elEN8teAYd3Lu6_X8i1Il_rZhJxJ2GKVUSL1pXbotmmg3edVKUiPlm_I_sNZvpoJSrW2g&dbm_d=AKAmf-BJJaLo8CqkmRm5Bck1ojmjNjmcweHRmuzjZk-KSgB3keSIqPg5iLrFOdVVbWkb2XkKIEQt-WvTiPgzFZFfbgpRlVIgrBuNkLYBTeMe-0jELwq2WtXCZOOB65nqA-nJzEgj-oLnzDaA6dP60dWBHQih2k5gfgcQIA8Dh27HSi7pPKUXXKOW_d4_CGBibL3UtWG3dtsjD-fTzaS6FAkYaDWTGBsv8adUdQr-uO4NLNKHLQItHL32N7jaXE0w8CuwrMqEwyH4asMfXQEhnt-Azg8EoQa4E8o3-pSpMO-tlaERVBQ1mG3oY67kDxKmN-1B_-PPt8WQChK8D3HCKV2L4BLLrQbinDAfSns_XW7c2yiwbMyUE1VXIbjc3TlxS-eIOcqAhqYVJJT0bq0vL4t6p8k3yGZlhRiKxKIROXNeeqsYZM9wRRkY0T1hlUm4ef-K3M5tvOEvq-cYmZwHr_JI1Ym4L2OC_D9hYL2invwFpIVpKJNQi5L6_VoFbcMF_5hRblyLWYtCMDdv05iZSiSw-Xgqi5Rv34Nw3dHmoRnwYG7egtSAMkR3eL1ReRvpXafQU6WIX_iQ6T3oXytdNBNw_pBxc_D0t75hfJxY_PyXW-v0gVaa4C67kdeVCBXF1_M2Q_IFDpBCHfDsHTSRH0v-vPdPgZbb6jRSFjZwaId91q8v8FG18qHBoGWPKTjnFlrlOPJiSU4QaLZcCwRhvMZFpp5MbFy2-SmFR1Jpu6xTivx082-lt4ZmFNDzkY8QRqcwHfwJj3LImoRhclM0NpBt35mlxFVf2tBQnv0h5ZoWFzHOrsWuy7iI1biDFnCW_mWS6R1i6LvD7min_dNhFyM1Zy8vjF3SEr7MAtsROwXW0TYc5OTZoQTGCM0qcYEgTSoMhA0JDp1FDtqEtKN-FxjytLGKzrdy2KXp3M6xL8Etr-9-DP7Eel4fUnVtfQ9xzXk3KW2iJX_AglgLE7n74uHJZQXSTO6bgxjCpTtkCgc4e0kTjf9T7cwx8GY6AwMlcp__KYJIdXD0snGPcb4_nE4mSVdVWF3R9u9tLG9UIRu3MtjQ2TPbaudl86vSPizAlDHvfQ6UPNV8hjkE_GUBCL6CVgl3RIfBL_I1k9oe6Mc3_mVLiiRq-KQ7sJlIVjhb8pdPe8HtA8OZZ0P-cFc0lMk6ekzeixAEHtO82DEgLQ5TnGbk6x4YbQ8q4ym28HLhtXFtQJcbhufXTAo5g3c18clSplBmEnQP2TVgS1VtAt9Ptrh0FqK0RJAO2u9QlYAWIGw2V9Q0HIZN69DftDdGhTfFl-kTOkeIMvrShygYWskSuLoqvjVbCZB-d31qhb2YdB9OXfenM8D_8Q1oj_7BvcmB57jlDSg9vj7bW4KFn8dDiOBNPBFkVubQjd0Jwt8hd9a9fnkItsdJ7ztfJYCMEeQtF7KJP-5rb4hPqZWawa5u9ze7jF2vpbtwOssYhJVc8o-VQNUVm8v9QhOlQA4z6P1FJsoOup_cImFxu9WIJFJWUqdzH2suIUFzxZt49wgKOVjsqEhw-Y_CqipcunKLWTKiLYbckQoWdjfX7Z9UqpbZH7L60CDsX160obKSbUjYplqYiHVWOIv5a_8kXbTkIdlKDFm_7j_FWZzV0NziQwbTwTalUUIgGXPBUcWZRCPN07zeS7PC5bPYQFhyQPAQvtAOEoQwMxWRiY-LYyuMk-d0c059xELq4-o6-Ky-LDs_XNMwgUUM6CdrrhHNKF1Dh1QNUnmj-lWDdX3DbzV3tqxgCasqGTqZNrLB-UDlKzFZcupyRg8cuKWxV8RrhjVZxv0YykhlXiDKA7DGQ3VgCC_TnqTa8I6ksMjhexkTMtAVSVhSUooUJpae3Kw60bTOFyPpBmQxWPErcbgMgVHB_OhHbwGe9-HqJGW_29aFy2p9fyPiMfFcUkAVGTh3JrR7xwgDFVni9Qws_5IhPn6VetZD3HBWi3RQt3PGZMH9M3bAM-uwdBBWpxCBSK0SdH9EquSIrTAb35ItTrjf_DKU3cYPVlEka1_OQTs9ZWx9gyjE05DJZ50I_XaYhFYTJ7wfz8w_3p4h1rml4ecAGB8aNNDLTmOtqUjSgfloKDRyuFAaUuTpNHllkI-e1cj1UhadpMJ0Ue00aMRsW9nacodcFlXIZnbeBigsK7ATC8t0w7ijGjnWuC3U14j6x1PwaCFgPar0fmnpAYY9-lmxoHO-QXfDmzqYRSNQKteJ7oPV2cvqqhyNgiWP4E4U0TMpUU89RryN6Kh4G6o4R5-dBq8L_kNbZ8jFMazj-ydRW2JfBpvvj-zuwAnpBu5FX-2HcvSQA7Zn2_5cCvKf7x9yJ1VnxAnNPB8HrHjimJpxJAbVt4ZDdIq90WCbdWEWoVkD17j3arKbLifvDZqM-F3CsqPoWbsKq44uYdwIJtau9SYHakZONA4icpI4Q1FRdEMztldHa0RxeB3nfiCMz4fVSAUu5umeFKgBmcOylC7i6k0x9nks8LAr9iDJM3iwjX9OH0jsU5LC6ZBh_6bM1whUJuoeqBsS36gJcb9DVJY7C5Oel9YZPaYJMukWegMou1T4KBjT3ie_LB1-dkdRFM4_1bOcncJGuBmLFhzz53Aq2qKQwqytmbgwzqWN0xvYDLW2sCVw46LtultrkntXDR8pLvlJGWihsUAOoRKxg1YvGENnwoAdnmRwwkSddURaxqU9eVKgE9YylQs-4kVF3x8_w4ME-Ymr92ZDLTMGMP8mQ5xMOSHL-tlGeIEe2Mi4cX9_PhHWy-zP6qexEQQIe5226N3-GEaDVMblsGS0S1Lcr9vTkRxmMOwS-IiWTb4rEwyJsiKakmKK6uTHvSyfJ2EwaN_Bvfj-cT6xYuZf3dh6j1SbSN4aR6yFU51SO8jyWMg_wpG2ig0_oLLpZCosCVQfe4qwjJzAPL6fT9z8TvIuKnJQ5vPDauZhiEo1KUdiXK4WZOpQRIqOezhx86VcJQx2iGZPWKLx0M2BxrbstLbgAZ02-7pmTBkY1eYepjltNBREaIalUELInK2aljb_IQbqU4Hz7atqom1lYBCxCkmVP3sQ_HHwIMYokDKhdOqmR7y4c0aTSbnxmI3_Tkdsqtz9Fa87xHd9-P03iRfgS9W_Xwxl8kLU0RH84Ra57GZYMIAQhwcoQgUVlj6--gJEzIy79cxdIwa28sOoZLWIRec&cid=CAASFeRoZtYQO9Lksh31CHQ8Skf30nfd1g&rfl=1%2Chttps%253A%252F%252Fwww.nyasatimes.com%252F%240
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9db8a678d1681c1c4a3f15e1769c3f54d96f126db4a7b00cea65127c820a7763
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://40c08bcac5bf885dbd447c370f4f6d6d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 09 Nov 2021 04:41:41 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
836
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3140
x-xss-protection
0
server
cafe
etag
17163059639670574047
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 23 Nov 2021 04:41:41 GMT
abg_lite.js
pagead2.googlesyndication.com/pagead/js/r20211103/r20110914/ Frame 3C29 		24 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20211103/r20110914/abg_lite.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-C659Uo6PhGOa1TdQmlgnPaN8IQWwEWXgqs-P0at0LR2BxOIsmPwiml2awl8ZsGukYm5sbvjnqi9iCogd6Cbh8S8elEN8teAYd3Lu6_X8i1Il_rZhJxJ2GKVUSL1pXbotmmg3edVKUiPlm_I_sNZvpoJSrW2g&dbm_d=AKAmf-BJJaLo8CqkmRm5Bck1ojmjNjmcweHRmuzjZk-KSgB3keSIqPg5iLrFOdVVbWkb2XkKIEQt-WvTiPgzFZFfbgpRlVIgrBuNkLYBTeMe-0jELwq2WtXCZOOB65nqA-nJzEgj-oLnzDaA6dP60dWBHQih2k5gfgcQIA8Dh27HSi7pPKUXXKOW_d4_CGBibL3UtWG3dtsjD-fTzaS6FAkYaDWTGBsv8adUdQr-uO4NLNKHLQItHL32N7jaXE0w8CuwrMqEwyH4asMfXQEhnt-Azg8EoQa4E8o3-pSpMO-tlaERVBQ1mG3oY67kDxKmN-1B_-PPt8WQChK8D3HCKV2L4BLLrQbinDAfSns_XW7c2yiwbMyUE1VXIbjc3TlxS-eIOcqAhqYVJJT0bq0vL4t6p8k3yGZlhRiKxKIROXNeeqsYZM9wRRkY0T1hlUm4ef-K3M5tvOEvq-cYmZwHr_JI1Ym4L2OC_D9hYL2invwFpIVpKJNQi5L6_VoFbcMF_5hRblyLWYtCMDdv05iZSiSw-Xgqi5Rv34Nw3dHmoRnwYG7egtSAMkR3eL1ReRvpXafQU6WIX_iQ6T3oXytdNBNw_pBxc_D0t75hfJxY_PyXW-v0gVaa4C67kdeVCBXF1_M2Q_IFDpBCHfDsHTSRH0v-vPdPgZbb6jRSFjZwaId91q8v8FG18qHBoGWPKTjnFlrlOPJiSU4QaLZcCwRhvMZFpp5MbFy2-SmFR1Jpu6xTivx082-lt4ZmFNDzkY8QRqcwHfwJj3LImoRhclM0NpBt35mlxFVf2tBQnv0h5ZoWFzHOrsWuy7iI1biDFnCW_mWS6R1i6LvD7min_dNhFyM1Zy8vjF3SEr7MAtsROwXW0TYc5OTZoQTGCM0qcYEgTSoMhA0JDp1FDtqEtKN-FxjytLGKzrdy2KXp3M6xL8Etr-9-DP7Eel4fUnVtfQ9xzXk3KW2iJX_AglgLE7n74uHJZQXSTO6bgxjCpTtkCgc4e0kTjf9T7cwx8GY6AwMlcp__KYJIdXD0snGPcb4_nE4mSVdVWF3R9u9tLG9UIRu3MtjQ2TPbaudl86vSPizAlDHvfQ6UPNV8hjkE_GUBCL6CVgl3RIfBL_I1k9oe6Mc3_mVLiiRq-KQ7sJlIVjhb8pdPe8HtA8OZZ0P-cFc0lMk6ekzeixAEHtO82DEgLQ5TnGbk6x4YbQ8q4ym28HLhtXFtQJcbhufXTAo5g3c18clSplBmEnQP2TVgS1VtAt9Ptrh0FqK0RJAO2u9QlYAWIGw2V9Q0HIZN69DftDdGhTfFl-kTOkeIMvrShygYWskSuLoqvjVbCZB-d31qhb2YdB9OXfenM8D_8Q1oj_7BvcmB57jlDSg9vj7bW4KFn8dDiOBNPBFkVubQjd0Jwt8hd9a9fnkItsdJ7ztfJYCMEeQtF7KJP-5rb4hPqZWawa5u9ze7jF2vpbtwOssYhJVc8o-VQNUVm8v9QhOlQA4z6P1FJsoOup_cImFxu9WIJFJWUqdzH2suIUFzxZt49wgKOVjsqEhw-Y_CqipcunKLWTKiLYbckQoWdjfX7Z9UqpbZH7L60CDsX160obKSbUjYplqYiHVWOIv5a_8kXbTkIdlKDFm_7j_FWZzV0NziQwbTwTalUUIgGXPBUcWZRCPN07zeS7PC5bPYQFhyQPAQvtAOEoQwMxWRiY-LYyuMk-d0c059xELq4-o6-Ky-LDs_XNMwgUUM6CdrrhHNKF1Dh1QNUnmj-lWDdX3DbzV3tqxgCasqGTqZNrLB-UDlKzFZcupyRg8cuKWxV8RrhjVZxv0YykhlXiDKA7DGQ3VgCC_TnqTa8I6ksMjhexkTMtAVSVhSUooUJpae3Kw60bTOFyPpBmQxWPErcbgMgVHB_OhHbwGe9-HqJGW_29aFy2p9fyPiMfFcUkAVGTh3JrR7xwgDFVni9Qws_5IhPn6VetZD3HBWi3RQt3PGZMH9M3bAM-uwdBBWpxCBSK0SdH9EquSIrTAb35ItTrjf_DKU3cYPVlEka1_OQTs9ZWx9gyjE05DJZ50I_XaYhFYTJ7wfz8w_3p4h1rml4ecAGB8aNNDLTmOtqUjSgfloKDRyuFAaUuTpNHllkI-e1cj1UhadpMJ0Ue00aMRsW9nacodcFlXIZnbeBigsK7ATC8t0w7ijGjnWuC3U14j6x1PwaCFgPar0fmnpAYY9-lmxoHO-QXfDmzqYRSNQKteJ7oPV2cvqqhyNgiWP4E4U0TMpUU89RryN6Kh4G6o4R5-dBq8L_kNbZ8jFMazj-ydRW2JfBpvvj-zuwAnpBu5FX-2HcvSQA7Zn2_5cCvKf7x9yJ1VnxAnNPB8HrHjimJpxJAbVt4ZDdIq90WCbdWEWoVkD17j3arKbLifvDZqM-F3CsqPoWbsKq44uYdwIJtau9SYHakZONA4icpI4Q1FRdEMztldHa0RxeB3nfiCMz4fVSAUu5umeFKgBmcOylC7i6k0x9nks8LAr9iDJM3iwjX9OH0jsU5LC6ZBh_6bM1whUJuoeqBsS36gJcb9DVJY7C5Oel9YZPaYJMukWegMou1T4KBjT3ie_LB1-dkdRFM4_1bOcncJGuBmLFhzz53Aq2qKQwqytmbgwzqWN0xvYDLW2sCVw46LtultrkntXDR8pLvlJGWihsUAOoRKxg1YvGENnwoAdnmRwwkSddURaxqU9eVKgE9YylQs-4kVF3x8_w4ME-Ymr92ZDLTMGMP8mQ5xMOSHL-tlGeIEe2Mi4cX9_PhHWy-zP6qexEQQIe5226N3-GEaDVMblsGS0S1Lcr9vTkRxmMOwS-IiWTb4rEwyJsiKakmKK6uTHvSyfJ2EwaN_Bvfj-cT6xYuZf3dh6j1SbSN4aR6yFU51SO8jyWMg_wpG2ig0_oLLpZCosCVQfe4qwjJzAPL6fT9z8TvIuKnJQ5vPDauZhiEo1KUdiXK4WZOpQRIqOezhx86VcJQx2iGZPWKLx0M2BxrbstLbgAZ02-7pmTBkY1eYepjltNBREaIalUELInK2aljb_IQbqU4Hz7atqom1lYBCxCkmVP3sQ_HHwIMYokDKhdOqmR7y4c0aTSbnxmI3_Tkdsqtz9Fa87xHd9-P03iRfgS9W_Xwxl8kLU0RH84Ra57GZYMIAQhwcoQgUVlj6--gJEzIy79cxdIwa28sOoZLWIRec&cid=CAASFeRoZtYQO9Lksh31CHQ8Skf30nfd1g&rfl=1%2Chttps%253A%252F%252Fwww.nyasatimes.com%252F%240
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
f8957910f9a887e298f5c082685e139255d095ec819e8b8cc6469b0006ef204b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://40c08bcac5bf885dbd447c370f4f6d6d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 09 Nov 2021 04:51:10 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
267
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9560
x-xss-protection
0
server
cafe
etag
378257483732583304
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 23 Nov 2021 04:51:10 GMT
rum
dsum-sec.casalemedia.com/ Frame 602A
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEBRQ_HcAipZ3skpVH4jRWEo&google_cver=1
43 B
894 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEBRQ_HcAipZ3skpVH4jRWEo&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CIvVChDJgxMYqsOXuQEwAQ&v=APEucNXBPmOBgh5AkuHpuatjJRp12ycMfH-E52u5RwofqN0AiHYW2ApmBVQdQQ2qMxJpKawVjhw04NsjXnOrw4tTzYpL5Rv5ji9xKxh28cZVvOh2TOuUwPf8GJJTVzi8tqQc9Dj73WNRy-TuMKxyPfB5q13nOQfwxfkyl3UU3laKv4lpHmcEOT4
Protocol
HTTP/1.1
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 09 Nov 2021 04:55:37 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Tue, 09 Nov 2021 04:55:37 GMT

Redirect headers

pragma
no-cache
date
Tue, 09 Nov 2021 04:55:37 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEBRQ_HcAipZ3skpVH4jRWEo&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
rum
dsum-sec.casalemedia.com/ Frame 602A
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
  • https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YYn-SUCgsvsSfCCgq.TDfQAA
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEBRQ_HcAipZ3skpVH4jRWEo&google_cver=1&google_hm=2
43 B
894 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEBRQ_HcAipZ3skpVH4jRWEo&google_cver=1&google_hm=2
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CIvVChDJgxMYqsOXuQEwAQ&v=APEucNXBPmOBgh5AkuHpuatjJRp12ycMfH-E52u5RwofqN0AiHYW2ApmBVQdQQ2qMxJpKawVjhw04NsjXnOrw4tTzYpL5Rv5ji9xKxh28cZVvOh2TOuUwPf8GJJTVzi8tqQc9Dj73WNRy-TuMKxyPfB5q13nOQfwxfkyl3UU3laKv4lpHmcEOT4
Protocol
HTTP/1.1
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 09 Nov 2021 04:55:37 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Tue, 09 Nov 2021 04:55:37 GMT

Redirect headers

pragma
no-cache
date
Tue, 09 Nov 2021 04:55:37 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEBRQ_HcAipZ3skpVH4jRWEo&google_cver=1&google_hm=2
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
329
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
setuid
ib.adnxs.com/ Frame 602A
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
  • https://ib.adnxs.com/setuid?entity=101&code=CAESEK3-qFZ2fv4b8bLwr4N3B7o&google_cver=1
43 B
1008 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/setuid?entity=101&code=CAESEK3-qFZ2fv4b8bLwr4N3B7o&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CIvVChDJgxMYqsOXuQEwAQ&v=APEucNXBPmOBgh5AkuHpuatjJRp12ycMfH-E52u5RwofqN0AiHYW2ApmBVQdQQ2qMxJpKawVjhw04NsjXnOrw4tTzYpL5Rv5ji9xKxh28cZVvOh2TOuUwPf8GJJTVzi8tqQc9Dj73WNRy-TuMKxyPfB5q13nOQfwxfkyl3UU3laKv4lpHmcEOT4
Protocol
HTTP/1.1
Server
185.33.220.243 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
722.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 09 Nov 2021 04:55:37 GMT
X-Proxy-Origin
185.213.155.165; 185.213.155.165; 722.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid
be4e70ec-fc53-424a-ad7e-9aa26f360e15
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma
no-cache
date
Tue, 09 Nov 2021 04:55:37 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://ib.adnxs.com/setuid?entity=101&code=CAESEK3-qFZ2fv4b8bLwr4N3B7o&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
290
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 602A
Redirect Chain
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=Njk1NjY0NDkwNzA1MTY3NDM0NQ%3D%3D
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=Njk1NjY0NDkwNzA1MTY3NDM0NQ%3D%3D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CIvVChDJgxMYqsOXuQEwAQ&v=APEucNXBPmOBgh5AkuHpuatjJRp12ycMfH-E52u5RwofqN0AiHYW2ApmBVQdQQ2qMxJpKawVjhw04NsjXnOrw4tTzYpL5Rv5ji9xKxh28cZVvOh2TOuUwPf8GJJTVzi8tqQc9Dj73WNRy-TuMKxyPfB5q13nOQfwxfkyl3UU3laKv4lpHmcEOT4
Protocol
H3
Server
172.217.16.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra15s46-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 09 Nov 2021 04:55:37 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Tue, 09 Nov 2021 04:55:37 GMT
X-Proxy-Origin
185.213.155.165; 185.213.155.165; 722.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid
cc58aee2-ad5d-4ce2-8271-37c869e2b5e5
Server
nginx/1.17.9
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=Njk1NjY0NDkwNzA1MTY3NDM0NQ%3D%3D
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
sd
us-u.openx.net/w/1.0/ Frame 1D51
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_dbm
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEJlwi3G6gXXEvKSIbluWBsg&google_cver=1
43 B
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEJlwi3G6gXXEvKSIbluWBsg&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhCn9EsYj6_ClQEwAQ&v=APEucNUOSbLtzXC-pKJut9jFAh_Zux5dFZElZ39hawGzxiD45PSLaKReJUEZpEgElxrubCDvw7YI1NPdzPyKBIf9h2sOoNqLjcSGNbRNQ14FhS8hB1RjHT2tOOJAf_KsAbfmgkWStWS5q7QsRqL4_GH22hN6b0YjerbyaXRVCwOrVVBbvWjuj-M
Protocol
H3
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/16.218.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 09 Nov 2021 04:55:37 GMT
via
1.1 google
server
OXGW/16.218.0
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Tue, 09 Nov 2021 04:55:37 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEJlwi3G6gXXEvKSIbluWBsg&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
295
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 1D51
Redirect Chain
  • https://us-u.openx.net/w/1.0/cm?id=9ca165a9-d9fe-2ff6-d83d-d145a80b0d37&r=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dopenx%26google_hm%3D%7Bopenx_uuid_base64%7D
  • https://us-u.openx.net/w/1.0/cm?cc=1&id=9ca165a9-d9fe-2ff6-d83d-d145a80b0d37&r=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dopenx%26google_hm%3D%7Bopenx_uuid_base64%7D
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=MGNmMThhNmItYjU0Yi0yMmUzLWYzYzUtNzQxYjEyNmI1YmVh
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=MGNmMThhNmItYjU0Yi0yMmUzLWYzYzUtNzQxYjEyNmI1YmVh
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhCn9EsYj6_ClQEwAQ&v=APEucNUOSbLtzXC-pKJut9jFAh_Zux5dFZElZ39hawGzxiD45PSLaKReJUEZpEgElxrubCDvw7YI1NPdzPyKBIf9h2sOoNqLjcSGNbRNQ14FhS8hB1RjHT2tOOJAf_KsAbfmgkWStWS5q7QsRqL4_GH22hN6b0YjerbyaXRVCwOrVVBbvWjuj-M
Protocol
H3
Server
172.217.16.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra15s46-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 09 Nov 2021 04:55:37 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Tue, 09 Nov 2021 04:55:37 GMT
content-encoding
gzip
server
OXGW/16.218.0
vary
Accept, Accept-Encoding
p3p
CP="CUR ADM OUR NOR STA NID"
location
https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=MGNmMThhNmItYjU0Yi0yMmUzLWYzYzUtNzQxYjEyNmI1YmVh
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
via
1.1 google
um
sync.teads.tv/ Frame 1D51
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_cm&google_dbm
  • https://sync.teads.tv/um?eid=3&uid=CAESEGX7LHC2Nk2oJPtKuQ4UIkQ&google_cver=1
23 B
172 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.teads.tv/um?eid=3&uid=CAESEGX7LHC2Nk2oJPtKuQ4UIkQ&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhCn9EsYj6_ClQEwAQ&v=APEucNUOSbLtzXC-pKJut9jFAh_Zux5dFZElZ39hawGzxiD45PSLaKReJUEZpEgElxrubCDvw7YI1NPdzPyKBIf9h2sOoNqLjcSGNbRNQ14FhS8hB1RjHT2tOOJAf_KsAbfmgkWStWS5q7QsRqL4_GH22hN6b0YjerbyaXRVCwOrVVBbvWjuj-M
Protocol
H2
Server
104.111.242.245 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-242-245.deploy.static.akamaitechnologies.com
Software
akka-http/10.2.6 /
Resource Hash
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 09 Nov 2021 04:55:37 GMT
cache-control
max-age=0, no-cache, no-store
expires
Tue, 09 Nov 2021 04:55:37 GMT
server
akka-http/10.2.6
content-length
23
content-type
image/gif

Redirect headers

pragma
no-cache
date
Tue, 09 Nov 2021 04:55:37 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://sync.teads.tv/um?eid=3&uid=CAESEGX7LHC2Nk2oJPtKuQ4UIkQ&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
281
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
um
sync.teads.tv/ Frame 1D51 		23 B
172 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.teads.tv/um?eid=3&uid=&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_dbm%26google_hm%3D%5BVID_B64%5D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhCn9EsYj6_ClQEwAQ&v=APEucNUOSbLtzXC-pKJut9jFAh_Zux5dFZElZ39hawGzxiD45PSLaKReJUEZpEgElxrubCDvw7YI1NPdzPyKBIf9h2sOoNqLjcSGNbRNQ14FhS8hB1RjHT2tOOJAf_KsAbfmgkWStWS5q7QsRqL4_GH22hN6b0YjerbyaXRVCwOrVVBbvWjuj-M
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.111.242.245 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-242-245.deploy.static.akamaitechnologies.com
Software
akka-http/10.2.6 /
Resource Hash
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 09 Nov 2021 04:55:37 GMT
cache-control
max-age=0, no-cache, no-store
expires
Tue, 09 Nov 2021 04:55:37 GMT
server
akka-http/10.2.6
content-length
23
content-type
image/gif
abg_lite.js
pagead2.googlesyndication.com/pagead/js/r20211103/r20110914/ Frame 560D 		24 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20211103/r20110914/abg_lite.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-AeJUT7f7T82RRcDLfYge86MuN_IAf-p0gPJ83VvyOzBm0RYXpIiDn7XkZaIhI0fGrc5swWq_P0_FWfDX6kNQXRQO9dGTcuKrX1nq5xSNbOBgVMUUykbl-616249J1DaE9J4F3qSowj0N9RP3OPzqCl1qEKiA&cry=1&dbm_d=AKAmf-CzQAIn0BcNM4cLdgJYw3MlbJJxSwvmosJs60iph7leTgrcVhFg-BqWb9od5BwoYwbAulFtQWnZbjg_-ELN3Wmt_VdQj7NRFHC0xkLpLGgdh65Q-HjuM14V7CXe7QbhfoVj6eCiYSP5LVDNVg_O1fu5AETOq_StQ7FXVsWIAYzIdfLzHlZFGZOqSM5b9qgJ27liE-x1AnbQaatLY3PPO9BN9YTXn9pk4tiwq80zfy1nyMEcxGXwLTeKfdCrCo6bRgvXUSpMsM2VYe5pEnWIfkTQ9Dz-RMr1UH358QaGL8Rt7mR6JZqJljM9quoA-GTAyz4p1Jcl8FxiDLfck2zhnngKR_ry0J4nXJ5KcNNuiLJuL1Kozfc4YNA8-ASho5zk3eAjgI43ABrmVTXVs39Peij044BjZh4dB_mBB94To-TGiYWC2iQycBByBU27hopJq0LKqST4pVojyuiNDXT-SRyYSueEAOAaA2qVHTEsqJgKKB6BTEkpUsuwHzqS_T8zV1lMqXU0CrvYHe7j55aaK848jT6hEyMEeV5QKhmKFo78CiAgeonAVX0HQqoHlR92l9WM2K1j8huVOXtRdGK3IS1-gUmkBufCbPQpGQboVSu14wDm_Kd0Ys4G9nBSgQkzlG620lzN_mYLJ8RVoUNd6lxZZaGWSQq1iOAQ70S4L3myVZYnMOPgareI2V2U2Z2DBvGr6_FqWvVFFoqt11inwZMJlG92kOSpLnQbWDoH0ZeOlTLVl0uznLJPzHGF5cN_J--U8ZhFy-eGABYti3PL9aqUmF1rg_EGe1w9mt1DgVccuHnPxw0hcWZ3iCWIf5wC1cjJJQ8wiQ7TCKhBtYWHt3EdMoYXuZpw1IF0Q4Eu28GuBVFy_yzsrhdiJbV3uLvwb-IbZXyQMFSyfKlQENktnviO-e_TKHxNj-X_-G62SAZMMBerfUfK4Uimony-OtkI8qZN8-gUuL7imBe7p6IhxN-XW85Z_63wYCx8qHYk9nJyhjmLGvz7I7ydQ66HIWx7wXHPxvVSlUVk58kjIVQX7-2w3qqqRh0DI_ZTgLjsuTFKrY14ncpdAXMenfppSxAbyL59rK1eKkA1Q-xVDaddUx8tIZ1_rfL3oM-kI8nBicEO0z8rwhlGwnFgvgwSkH1lbZk2VCBLT-w-IZ8ZqxYgfsJSXHv847f-7BY4ByRe7h4Jyc-ZUvCSr8K8WwrFol8m3un1H4QwY7wFVmD1fR_ha5ceU8i4_-Gg3l86fEGEHjwn66CAItrw2nVCDTBuN3jh1i9hr04s2fEFrQYLYwnIPzutBzm4pPzbC_x7aKytcKtUfGn9MPFnHjMWiSlaWoCASyVO-8uojcZy2eYfAn-geIf-NxqZVefcvdWowC6MqY77r6b3ZJDG0yEvLtlNShLVc8QmIJR75nXdBlyfjQ2gIwfXOFB-kRGoFPEz47pXbix2omJP07eZNGWfWY54pp1TR8zYQhznXkz-MbdETogiGZjyR2vhnBOHPf1e8ge5bKyv4s_LpRd93a50EMhwCJO_NOBK45M16PThkrmYM6Zz4qfM6ZcZokIcnD_tkV2xX8E4iwUEuFeb6hfcQ-cQdXxQl8xn4XtD4WGlIEi8scXXyfAmetIuXYhfTyqaft7ylOUqHXM2LO16tIYcOJKpB9E3AetUpwX1SQNOlcQ7RNdjXqJFUi2Jbh-sDJWnfDWaJGUvPqoPickoA5IeDnVGdBmAJI2n7hlXSHstdw8AcyfsMKN9pOo6kMVnk1LDkn71icGlabeAa6Q-zPFVOyQwUS8-LELnfGEqoZKjzpZSZZIjaWO3OFQGddo9Ab2rl84JY2pq_OgBGRv3HzvPn6G4nXF9Y5jcx40_GBe3s14o0-YvWgTHBKm-SuToHpnZxxj2t9yRwrhhv8ekNIkSI9Fop9H6Y8g8QkH4ySa07VZPl_RDkDBQT9zIr26wUT7CPtEN9JCkeqE-LtwWk_0qTEJUTCuY-WEYqtknP1WsqDuipSWK8u8fNme62bLvWt75AyBQe-sMXBimlYbYIwb9DkGZwsp_8WPTOzbTwwbz6ujmE6OE1rKxN1xscdZtZYNGSdvhmjjRhw9LscQewoLmWhzPozKl_uY_9ij1DKAfgeOygF1wNgjeJm_HVdafrrhdoD_wAUeBdlB0EUFNtgbHdY2OHj0y_mEpah2X33VvJv7hMVtj1ovKBmZ8XyZdmJ4pU8iAe2G6fG0oNh83rj6r0RqPMxsPiIGlOI0i0RZMt45e6PuihJMSEDqMzyL2FsMwnLrEx9tP3UbwsReqmtUM7ysPv71amanHFJ_hANGoz2auSgQOvaopXSNlA1KTyZ0ft2PjZJLkWJ-L1gtiwXJeuUbcHisnP-RJyz0gd7ITiBMebClwHrYcrelFaIC2L3Syu0iuBhdprp6nV5ulWJchsTRxn6f3nEnukjRyWJZB_HcY_xVKeZ5sDaTXhoGHpWum3Qf5ik0lg4I1IFRXPZTY7BB7-tUu9hYiwhH4JQGPSISaaWpqOlgNyTAalXvhNX7gyAzOGXMXmNfAT4vonPbdAaC4IyTQpH4iLFfmA6rNPJmqWRMZ89Cjx59rCPhuvkAwJdkXq8QRXnNCHpH4dhyhqUMXmTGMx9xpsJnNHLFDd311g2bUDQUckuzQCLwZLdr-FHkVEut9ipEJCjGBxp3H6NBcyd6Q7EgOXi0gxHekqBoKL5jTGWhF351bNjRP0kBFSGwZtyErEjy6xkhyZ9Tx9j9-UHVEURHRuYrihNFxHlF6mbiNKf-0flFM8nkmBYLikENKnf3smgr0NZqQTs6B0N4-kYKv4f9YQmQfP5_gDopkMDcoHIFOKGZ7aJfkonfdofeeoq64adehx1LAHG1E6SPX0mh43hJq0G6yP7o3he2LKze1NApTNWIYAIM_lxxH6CVkCU1uyHLcyl8AWuuSLuKUZqxzyXDf6m-t2Sod-TlOjINABxvET3iw7y2Qfo3Pbm5ujYfsAF3mbwh95ynBthusF81h-qWlfc6BoBEQQG8a0aPmuxzIu2hIDKyTdgPSgoNMfS40930rDfJNlpLgyWWVushqqr_F1nqTqBnCVEOXFl8BKPuoLu-GfGnJVrBvmQRZUC-X1oYDkz9e_1YGo26khqkdkMGmO8SLkX_LHY6fP9uAuD43hXGiw2J4JxYYxneWqoqjUOUqvxqfp8mSCy48WkaviYtfHiNc&cid=CAASFeRoFOmyYbADMZzuC95bVCZ17soWUw&rfl=1%2Chttps%253A%252F%252Fwww.nyasatimes.com%252F%240
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
f8957910f9a887e298f5c082685e139255d095ec819e8b8cc6469b0006ef204b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://40c08bcac5bf885dbd447c370f4f6d6d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 09 Nov 2021 04:51:10 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
267
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9560
x-xss-protection
0
server
cafe
etag
378257483732583304
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 23 Nov 2021 04:51:10 GMT
UFYwWwmt.js
tpc.googlesyndication.com/sodar/ Frame 560D 		41 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-AeJUT7f7T82RRcDLfYge86MuN_IAf-p0gPJ83VvyOzBm0RYXpIiDn7XkZaIhI0fGrc5swWq_P0_FWfDX6kNQXRQO9dGTcuKrX1nq5xSNbOBgVMUUykbl-616249J1DaE9J4F3qSowj0N9RP3OPzqCl1qEKiA&cry=1&dbm_d=AKAmf-CzQAIn0BcNM4cLdgJYw3MlbJJxSwvmosJs60iph7leTgrcVhFg-BqWb9od5BwoYwbAulFtQWnZbjg_-ELN3Wmt_VdQj7NRFHC0xkLpLGgdh65Q-HjuM14V7CXe7QbhfoVj6eCiYSP5LVDNVg_O1fu5AETOq_StQ7FXVsWIAYzIdfLzHlZFGZOqSM5b9qgJ27liE-x1AnbQaatLY3PPO9BN9YTXn9pk4tiwq80zfy1nyMEcxGXwLTeKfdCrCo6bRgvXUSpMsM2VYe5pEnWIfkTQ9Dz-RMr1UH358QaGL8Rt7mR6JZqJljM9quoA-GTAyz4p1Jcl8FxiDLfck2zhnngKR_ry0J4nXJ5KcNNuiLJuL1Kozfc4YNA8-ASho5zk3eAjgI43ABrmVTXVs39Peij044BjZh4dB_mBB94To-TGiYWC2iQycBByBU27hopJq0LKqST4pVojyuiNDXT-SRyYSueEAOAaA2qVHTEsqJgKKB6BTEkpUsuwHzqS_T8zV1lMqXU0CrvYHe7j55aaK848jT6hEyMEeV5QKhmKFo78CiAgeonAVX0HQqoHlR92l9WM2K1j8huVOXtRdGK3IS1-gUmkBufCbPQpGQboVSu14wDm_Kd0Ys4G9nBSgQkzlG620lzN_mYLJ8RVoUNd6lxZZaGWSQq1iOAQ70S4L3myVZYnMOPgareI2V2U2Z2DBvGr6_FqWvVFFoqt11inwZMJlG92kOSpLnQbWDoH0ZeOlTLVl0uznLJPzHGF5cN_J--U8ZhFy-eGABYti3PL9aqUmF1rg_EGe1w9mt1DgVccuHnPxw0hcWZ3iCWIf5wC1cjJJQ8wiQ7TCKhBtYWHt3EdMoYXuZpw1IF0Q4Eu28GuBVFy_yzsrhdiJbV3uLvwb-IbZXyQMFSyfKlQENktnviO-e_TKHxNj-X_-G62SAZMMBerfUfK4Uimony-OtkI8qZN8-gUuL7imBe7p6IhxN-XW85Z_63wYCx8qHYk9nJyhjmLGvz7I7ydQ66HIWx7wXHPxvVSlUVk58kjIVQX7-2w3qqqRh0DI_ZTgLjsuTFKrY14ncpdAXMenfppSxAbyL59rK1eKkA1Q-xVDaddUx8tIZ1_rfL3oM-kI8nBicEO0z8rwhlGwnFgvgwSkH1lbZk2VCBLT-w-IZ8ZqxYgfsJSXHv847f-7BY4ByRe7h4Jyc-ZUvCSr8K8WwrFol8m3un1H4QwY7wFVmD1fR_ha5ceU8i4_-Gg3l86fEGEHjwn66CAItrw2nVCDTBuN3jh1i9hr04s2fEFrQYLYwnIPzutBzm4pPzbC_x7aKytcKtUfGn9MPFnHjMWiSlaWoCASyVO-8uojcZy2eYfAn-geIf-NxqZVefcvdWowC6MqY77r6b3ZJDG0yEvLtlNShLVc8QmIJR75nXdBlyfjQ2gIwfXOFB-kRGoFPEz47pXbix2omJP07eZNGWfWY54pp1TR8zYQhznXkz-MbdETogiGZjyR2vhnBOHPf1e8ge5bKyv4s_LpRd93a50EMhwCJO_NOBK45M16PThkrmYM6Zz4qfM6ZcZokIcnD_tkV2xX8E4iwUEuFeb6hfcQ-cQdXxQl8xn4XtD4WGlIEi8scXXyfAmetIuXYhfTyqaft7ylOUqHXM2LO16tIYcOJKpB9E3AetUpwX1SQNOlcQ7RNdjXqJFUi2Jbh-sDJWnfDWaJGUvPqoPickoA5IeDnVGdBmAJI2n7hlXSHstdw8AcyfsMKN9pOo6kMVnk1LDkn71icGlabeAa6Q-zPFVOyQwUS8-LELnfGEqoZKjzpZSZZIjaWO3OFQGddo9Ab2rl84JY2pq_OgBGRv3HzvPn6G4nXF9Y5jcx40_GBe3s14o0-YvWgTHBKm-SuToHpnZxxj2t9yRwrhhv8ekNIkSI9Fop9H6Y8g8QkH4ySa07VZPl_RDkDBQT9zIr26wUT7CPtEN9JCkeqE-LtwWk_0qTEJUTCuY-WEYqtknP1WsqDuipSWK8u8fNme62bLvWt75AyBQe-sMXBimlYbYIwb9DkGZwsp_8WPTOzbTwwbz6ujmE6OE1rKxN1xscdZtZYNGSdvhmjjRhw9LscQewoLmWhzPozKl_uY_9ij1DKAfgeOygF1wNgjeJm_HVdafrrhdoD_wAUeBdlB0EUFNtgbHdY2OHj0y_mEpah2X33VvJv7hMVtj1ovKBmZ8XyZdmJ4pU8iAe2G6fG0oNh83rj6r0RqPMxsPiIGlOI0i0RZMt45e6PuihJMSEDqMzyL2FsMwnLrEx9tP3UbwsReqmtUM7ysPv71amanHFJ_hANGoz2auSgQOvaopXSNlA1KTyZ0ft2PjZJLkWJ-L1gtiwXJeuUbcHisnP-RJyz0gd7ITiBMebClwHrYcrelFaIC2L3Syu0iuBhdprp6nV5ulWJchsTRxn6f3nEnukjRyWJZB_HcY_xVKeZ5sDaTXhoGHpWum3Qf5ik0lg4I1IFRXPZTY7BB7-tUu9hYiwhH4JQGPSISaaWpqOlgNyTAalXvhNX7gyAzOGXMXmNfAT4vonPbdAaC4IyTQpH4iLFfmA6rNPJmqWRMZ89Cjx59rCPhuvkAwJdkXq8QRXnNCHpH4dhyhqUMXmTGMx9xpsJnNHLFDd311g2bUDQUckuzQCLwZLdr-FHkVEut9ipEJCjGBxp3H6NBcyd6Q7EgOXi0gxHekqBoKL5jTGWhF351bNjRP0kBFSGwZtyErEjy6xkhyZ9Tx9j9-UHVEURHRuYrihNFxHlF6mbiNKf-0flFM8nkmBYLikENKnf3smgr0NZqQTs6B0N4-kYKv4f9YQmQfP5_gDopkMDcoHIFOKGZ7aJfkonfdofeeoq64adehx1LAHG1E6SPX0mh43hJq0G6yP7o3he2LKze1NApTNWIYAIM_lxxH6CVkCU1uyHLcyl8AWuuSLuKUZqxzyXDf6m-t2Sod-TlOjINABxvET3iw7y2Qfo3Pbm5ujYfsAF3mbwh95ynBthusF81h-qWlfc6BoBEQQG8a0aPmuxzIu2hIDKyTdgPSgoNMfS40930rDfJNlpLgyWWVushqqr_F1nqTqBnCVEOXFl8BKPuoLu-GfGnJVrBvmQRZUC-X1oYDkz9e_1YGo26khqkdkMGmO8SLkX_LHY6fP9uAuD43hXGiw2J4JxYYxneWqoqjUOUqvxqfp8mSCy48WkaviYtfHiNc&cid=CAASFeRoFOmyYbADMZzuC95bVCZ17soWUw&rfl=1%2Chttps%253A%252F%252Fwww.nyasatimes.com%252F%240
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.65 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f1.1e100.net
Software
sffe /
Resource Hash
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://40c08bcac5bf885dbd447c370f4f6d6d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Wed, 03 Nov 2021 08:37:30 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
505088
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15207
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="adspam-signals-scs"
expires
Thu, 03 Nov 2022 08:37:30 GMT
i
vid-io-cle.springserve.com/vd/ Frame 19B7 		0
119 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://vid-io-cle.springserve.com/vd/i?suuid=3fad47cf&ps_id=357265&batch=1
Requested by
Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_d700fabb.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.139.192.142 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-139-192-142.us-east-2.compute.amazonaws.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.nyasatimes.com
date
Tue, 09 Nov 2021 04:55:38 GMT
access-control-allow-credentials
true
server
nginx
content-length
0
track
aktrack.pubmatic.com/ Frame 19B7 		0
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aktrack.pubmatic.com/track?operId=7&p=156498&s=399115&a=1801592&ts=1636433737&wa=0&e=96&ier=901
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-233-180.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 09 Nov 2021 04:55:37 GMT
content-length
0
content-type
text/html
sodar
pagead2.googlesyndication.com/pagead/ Frame DBD8 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=224&li=gpt_2021110401&jk=2168745486402461&rc=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers
cds-pips.js
cdn.taboola.com/scripts/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/scripts/cds-pips.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20211108-3-RELEASE.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
7faef21187e15aefd3d8a5a585ca32c66358f597a97f5abd276517eaea1057d3

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.nyasatimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-amz-version-id
iYtYacMlAb7PnD4NbVgysKvLj2fov4iK
content-encoding
gzip
etag
"3aa74dbf5cd656dbb65deda2d238ddbd"
age
1577
x-cache
HIT
x-amz-replication-status
COMPLETED
content-length
911
x-amz-id-2
qLA+ntpX0xsn1M4H/vpvkV0o8w6UGkVVXckTk0W0F2Kr9YHvQvZKGJImLauo/YXexJMT5LeMdnk=
x-served-by
cache-hhn4069-HHN
last-modified
Wed, 14 Jul 2021 05:06:01 GMT
server
AmazonS3
x-timer
S1636433738.432052,VS0,VE0
date
Tue, 09 Nov 2021 04:55:38 GMT
vary
Accept-Encoding
x-amz-request-id
4KMJJDXMWM2DB40W
via
1.1 varnish
cache-control
private, max-age=3600
accept-ranges
bytes
content-type
application/javascript
abp
3
x-cache-hits
1311
Enqz_20U.html
tpc.googlesyndication.com/sodar/ Frame 6AD6 		22 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://40c08bcac5bf885dbd447c370f4f6d6d.safeframe.googlesyndication.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy-report-only
same-origin; report-to="adspam-signals-scs"
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
timing-allow-origin
*
content-length
8395
date
Mon, 08 Nov 2021 11:10:41 GMT
expires
Tue, 08 Nov 2022 11:10:41 GMT
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
age
63897
cache-control
public, max-age=31536000
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
/
pips.taboola.com/ 		64 B
242 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pips.taboola.com/
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/scripts/cds-pips.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42::300 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Varnish /
Resource Hash
dec0ca17089aa84805576b6f139762d3c808b2d086326fc4f44a99c03e1b2379

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.nyasatimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 09 Nov 2021 04:55:38 GMT
via
1.1 varnish
server
Varnish
x-served-by
cache-hhn4058-HHN
access-control-allow-methods
GET
access-control-allow-origin
https://www.nyasatimes.com
cache-control
no-store
x-cache
HIT
accept-ranges
bytes
content-length
64
retry-after
0
x-cache-hits
0
zcxQrsBjZtkA-sIi55aDcbNRce-W4yNq16DL4AdK1J0.js
pagead2.googlesyndication.com/bg/ Frame 8030 		35 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/zcxQrsBjZtkA-sIi55aDcbNRce-W4yNq16DL4AdK1J0.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
cdcc50aec06366d900fac222e7968371b35171ef96e3236ad7a0cbe0074ad49d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Mon, 08 Nov 2021 20:02:57 GMT
content-encoding
br
x-content-type-options
nosniff
age
31961
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13399
x-xss-protection
0
last-modified
Fri, 29 Oct 2021 13:38:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Tue, 08 Nov 2022 20:02:57 GMT
/
cds.taboola.com/ 		0
155 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://cds.taboola.com/?uid=b9ea6933-2c9e-4db0-b8a1-d6409e449de9-tuct88384c7&uad=b2e3fc362f86c882c8655f7d26cc8dde4c201cd22be17745cbff4357b2b8677d
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/scripts/cds-pips.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.224.32 , United States, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.nyasatimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Date
Tue, 09 Nov 2021 04:55:38 GMT
Cache-Control
no-store
Server
nginx
Connection
close
truncated
/ Frame C2AF 		35 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
90252ef0aa9e3d36c861bbeaa1bd57b7f855333edf2957ab9473838a52e2dd7f

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Content-Type
image/gif
vpaid_d700fabb.js
vpaid.springserve.com/production/ Frame 34D2 		494 KB
87 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://vpaid.springserve.com/production/vpaid_d700fabb.js
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2156:7a00:15:6f6c:b180:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
01f62119d738e56887c7298650396be3edc28f9bd4b64af4c496048183172630

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Fri, 29 Oct 2021 15:21:15 GMT
content-encoding
br
last-modified
Fri, 29 Oct 2021 15:00:52 GMT
server
AmazonS3
age
912864
etag
W/"00394b9cabf75acc9a4061ae555e3473"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 f7b7cf90592cf6a380fd34cc45e9c4b5.cloudfront.net (CloudFront)
cache-control
max-age=2678400
x-amz-cf-pop
FRA50-C1
x-amz-cf-id
F6wGhLOA_IgQeF2XqaTWF1Cmg7gJ1pw8ZVMJGzJIDBM4lCngLpflsA==
vadtag.html
vpaid.pubmatic.com/ads/video/ Frame 34D2 		962 B
849 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://vpaid.pubmatic.com/ads/video/vadtag.html?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr==&gdpr_consent=&kadpageurl=https%3A%2F%2Fwww.nyasatimes.com%2F&schain=1.0,1!vidoomy.com,62144,1,1636433736608,,
Requested by
Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_d700fabb.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-233-180.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
59b3f6cd77bbd2411b6d0eff2c593dbee8ea40152bdf25d8c745ee6e3d828d27

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 09 Nov 2021 04:55:38 GMT
content-encoding
gzip
server
Apache/2.2.15 (CentOS)
etag
"461ced-23ca-5c92d699e808f"
vary
Origin, Accept-Encoding
content-type
application/xml
access-control-allow-origin
https://www.nyasatimes.com
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-length
589
expires
Tue, 09 Nov 2021 04:55:38 GMT
openrtb
ads.adaptv.advertising.com/rtb/ Frame 34D2 		0
219 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.adaptv.advertising.com/rtb/openrtb?ext_id=Vidoomy
Requested by
Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_d700fabb.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.156.156.223 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-156-156-223.eu-central-1.compute.amazonaws.com
Software
adaptv/1.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.nyasatimes.com
access-control-allow-credentials
true
server
adaptv/1.0
Connection
keep-alive
content-length
0
content-type
application/json
prebid
ib.adnxs.com/ut/v3/ Frame 34D2 		166 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_d700fabb.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.220.243 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
722.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
4a9b502470b6793cbf3c545a1a68d76828bfc03ce252c727ac6b5b167b79d22d
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Tue, 09 Nov 2021 04:55:38 GMT
X-Proxy-Origin
185.213.155.165; 185.213.155.165; 722.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid
403d1a5d-7db0-4812-8aa5-e717a9a5c42b
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://www.nyasatimes.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json; charset=utf-8
Content-Length
166
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
prebid
ib.adnxs.com/ut/v3/ Frame 34D2 		166 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_d700fabb.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.220.243 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
722.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
4d714d19b1d25c8b52ee9c9a28ef664bee70840ae7fdf529c99991639048045a
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Tue, 09 Nov 2021 04:55:38 GMT
X-Proxy-Origin
185.213.155.165; 185.213.155.165; 722.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid
7c0d8daa-2e13-4b2d-9f1e-15a6163bdda7
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://www.nyasatimes.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json; charset=utf-8
Content-Length
166
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
PMAdMgr.js
vpaid.pubmatic.com/ads/video/ Frame CD8A 		152 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr==&gdpr_consent=&kadpageurl=https%3A%2F%2Fwww.nyasatimes.com%2F&schain=1.0,1!vidoomy.com,62144,1,1636433736608,,
Requested by
Host: blank
URL: about:blank
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-233-180.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
f0f6a8b6c19b0c4d1cab075ab2f4f755cfef747424837668e65f431410f816e8

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 09 Nov 2021 04:55:38 GMT
content-encoding
gzip
last-modified
Tue, 10 Aug 2021 05:02:46 GMT
server
Apache/2.2.15 (CentOS)
etag
"1408294-25f9a-5c92d699d3c58"
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=10800
accept-ranges
bytes
content-length
36260
showad.js
ads.pubmatic.com/AdServer/js/ Frame 010B 		38 KB
14 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/showad.js?
Requested by
Host: vpaid.pubmatic.com
URL: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr==&gdpr_consent=&kadpageurl=https%3A%2F%2Fwww.nyasatimes.com%2F&schain=1.0,1!vidoomy.com,62144,1,1636433736608,,
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-233-180.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
e2cdec10db9a0a224e9f5e49b6f004c5426564fb8d857ad3df480e9c916bafe6

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

last-modified
Tue, 19 Oct 2021 10:00:01 GMT
etag
"1302647-96ae-5ceb1b98ba7c4"
server
Apache/2.2.15 (CentOS)
accept-ranges
bytes
content-encoding
gzip
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
13882
content-type
text/html; charset=UTF-8
cache-control
public, max-age=87043
expires
Wed, 10 Nov 2021 05:06:21 GMT
date
Tue, 09 Nov 2021 04:55:38 GMT
vary
Accept-Encoding
showad.js
ads.pubmatic.com/AdServer/js/ Frame CD8A 		38 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/showad.js?
Requested by
Host: vpaid.pubmatic.com
URL: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr==&gdpr_consent=&kadpageurl=https%3A%2F%2Fwww.nyasatimes.com%2F&schain=1.0,1!vidoomy.com,62144,1,1636433736608,,
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-233-180.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
e2cdec10db9a0a224e9f5e49b6f004c5426564fb8d857ad3df480e9c916bafe6

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 09 Nov 2021 04:55:38 GMT
content-encoding
gzip
last-modified
Tue, 19 Oct 2021 10:00:01 GMT
server
Apache/2.2.15 (CentOS)
etag
"1302647-96ae-5ceb1b98ba7c4"
vary
Accept-Encoding
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
public, max-age=87043
accept-ranges
bytes
content-type
text/html; charset=UTF-8
content-length
13882
expires
Wed, 10 Nov 2021 05:06:21 GMT
t
t.lkqd.net/ Frame 0558 		0
166 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://t.lkqd.net/t
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.128.190 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
application/json

Response headers

access-control-allow-origin
https://www.nyasatimes.com
date
Tue, 09 Nov 2021 04:55:38 GMT
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
server
nginx
content-length
0
content-type
text/plain; charset=UTF-8
t
t.lkqd.net/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://t.lkqd.net/t
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.128.190 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type
Origin
https://www.nyasatimes.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

server
nginx
date
Tue, 09 Nov 2021 04:55:38 GMT
content-type
text/plain; charset=UTF-8
content-length
0
access-control-allow-credentials
true
access-control-expose-headers
Content-Type, Content-Disposition
access-control-allow-headers
Content-Type
access-control-allow-methods
GET, OPTIONS, POST
cache-control
max-age=300
access-control-max-age
300
access-control-allow-origin
https://www.nyasatimes.com
PugMaster
image6.pubmatic.com/AdServer/ Frame 010B 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=24436598&p=156498&s=399115&a=1801592&ptask=ALL&np=0&fp=0&rp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js?
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.78 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
14d0ad63d02d3bd3fea8c8c317e4ee3387f7849aff8c8b9a4b9628cf11e9e53b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 09 Nov 2021 04:55:38 GMT
content-type
text/html; charset=UTF-8
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
UFYwWwmt.js
tpc.googlesyndication.com/sodar/ Frame 3C29 		41 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Requested by
Host: 40c08bcac5bf885dbd447c370f4f6d6d.safeframe.googlesyndication.com
URL: https://40c08bcac5bf885dbd447c370f4f6d6d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://40c08bcac5bf885dbd447c370f4f6d6d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Mon, 08 Nov 2021 11:10:41 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
63897
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15207
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="adspam-signals-scs"
expires
Tue, 08 Nov 2022 11:10:41 GMT
truncated
/ Frame 3C29 		215 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
18d214ae6b0494252c90f14f9823fc13effe5464e02bb1ef33474147ede9c70c

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Content-Type
image/png
Pug
simage2.pubmatic.com/AdServer/ Frame 3FCA
Redirect Chain
  • https://dsp.adfarm1.adition.com/cookie/?ssp=9
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA=&piggybackCookie=7028429386789025937
42 B
368 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA=&piggybackCookie=7028429386789025937
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js?
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/

Response headers

server
nginx
date
Tue, 09 Nov 2021 04:55:38 GMT
content-type
image/gif; charset=utf-8
content-length
42
x-lat
amspug012:0:408
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
no-store, no-cache, private

Redirect headers

Server
nginx
Date
Tue, 09 Nov 2021 04:55:38 GMT
Transfer-Encoding
chunked
Connection
keep-alive
p3p
policyref="http://imagesrv.adition.com/w3c/p3p.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"
Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA=&piggybackCookie=7028429386789025937
Pug
simage2.pubmatic.com/AdServer/ Frame 9A4A
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%7D%...
  • https://sync-tm.everesttech.net/ct/upi/pid/b9pj45k4?redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=YYn-SgADLMrjmAAz&gdpr=0&gdpr_consent=&_test=YYn-SgADLMrjmAAz
1 B
392 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=YYn-SgADLMrjmAAz&gdpr=0&gdpr_consent=&_test=YYn-SgADLMrjmAAz
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js?
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
36a9e7f1c95b82ffb99743e0c5c4ce95d83c9a430aac59f84ef3cbfab6145068

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/

Response headers

server
nginx
date
Tue, 09 Nov 2021 04:22:42 GMT
content-type
text/html; charset=utf-8
content-length
1
x-lat
amspug0021:0:383
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
no-store, no-cache, private

Redirect headers

server
Varnish
retry-after
0
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=YYn-SgADLMrjmAAz&gdpr=0&gdpr_consent=&_test=YYn-SgADLMrjmAAz
accept-ranges
bytes
date
Tue, 09 Nov 2021 04:55:38 GMT
via
1.1 varnish
x-served-by
cache-hhn4068-HHN
x-cache
HIT
x-cache-hits
0
x-timer
S1636433739.809455,VS0,VE0
cache-control
no-cache
pragma
no-cache
content-length
0
rtset
bh.contextweb.com/bh/ Frame B8B6
Redirect Chain
  • https://match.prod.bidr.io/cookie-sync/pm&gdpr=0&gdpr_consent=
  • https://match.prod.bidr.io/cookie-sync/pm&gdpr=0&gdpr_consent=?_bee_ppp=1
  • https://cm.g.doubleclick.net/pixel?google_nid=beeswaxio&google_sc=&google_hm=QUFId1dFN0RFXzhBQUJQNmVzQU5Qdw&bee_sync_partners=pp%2Csas%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sy...
  • https://match.prod.bidr.io/cookie-sync/adx?bee_sync_partners=pp%2Csas%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1
  • https://bh.contextweb.com/bh/rtset?do=add&pid=558502&ev=AAHwWE7DE_8AABP6esANPw&rurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fbee_sync_partners%3Dsas%252Cpm%26bee_sync_current_partner%3Dpp%2...
0
0
Artemis
aud.pubmatic.com/AdServer/ Frame 010B
Redirect Chain
  • https://visitor.fiftyt.com/p.gif?ev=sync&p=pm&pm_uid=AAFDB41B-E8AC-4A9F-A422-22410BCE2BD1&gdpr=
  • https://visitor.fiftyt.com/p.gif?ev=sync&p=pm&pm_uid=AAFDB41B-E8AC-4A9F-A422-22410BCE2BD1&gdpr=&fbounce=1
  • https://aud.pubmatic.com/AdServer/Artemis?dpid=431&userid=AAFDB41B-E8AC-4A9F-A422-22410BCE2BD1&addseg=19,36,42
43 B
43 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aud.pubmatic.com/AdServer/Artemis?dpid=431&userid=AAFDB41B-E8AC-4A9F-A422-22410BCE2BD1&addseg=19,36,42
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js?
Protocol
H2
Server
185.64.189.229 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 09 Nov 2021 04:55:38 GMT
content-length
43
content-type
text/plain; charset=utf-8

Redirect headers

date
Tue, 09 Nov 2021 04:55:38 GMT
via
1.1 google
p3p
CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
location
https://aud.pubmatic.com/AdServer/Artemis?dpid=431&userid=AAFDB41B-E8AC-4A9F-A422-22410BCE2BD1&addseg=19,36,42
cache-control
private, no-cache, no-cache=Set-Cookie, proxy-revalidate
content-type
text/html; charset=utf-8
alt-svc
clear
content-length
141
info2
uipglob.semasio.net/pubmatic/1/ Frame 010B
Redirect Chain
  • https://uipglob.semasio.net/pubmatic/1/info?sType=sync&sExtCookieId=AAFDB41B-E8AC-4A9F-A422-22410BCE2BD1&sInitiator=external&gdpr=0&gdpr_consent=
  • https://uipglob.semasio.net/pubmatic/1/info2?sType=sync&sExtCookieId=AAFDB41B-E8AC-4A9F-A422-22410BCE2BD1&sInitiator=external&gdpr=0&gdpr_consent=
42 B
602 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://uipglob.semasio.net/pubmatic/1/info2?sType=sync&sExtCookieId=AAFDB41B-E8AC-4A9F-A422-22410BCE2BD1&sInitiator=external&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js?
Protocol
HTTP/1.1
Server
77.243.60.138 Aalborg, Denmark, ASN42697 (NETIC-AS, DK),
Reverse DNS
Software
/
Resource Hash
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 09 Nov 2021 04:55:38 GMT
frontend-id
0
p3p
policyref="http://uip.semasio.net/w3c/p3p.xml", CP="NOI PSAa PSDa OUR IND UNI CNT"
access-control-allow-origin
*
uip-response-status
Ok
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-type
image/gif
content-length
42
routing-server-id
-1
expires
Sat, 01 Jan 2011 12:00:00 GMT

Redirect headers

pragma
no-cache
date
Tue, 09 Nov 2021 04:55:38 GMT
frontend-id
8
location
/pubmatic/1/info2?sType=sync&sExtCookieId=AAFDB41B-E8AC-4A9F-A422-22410BCE2BD1&sInitiator=external&gdpr=0&gdpr_consent=
p3p
policyref="http://uip.semasio.net/w3c/p3p.xml", CP="NOI PSAa PSDa OUR IND UNI CNT"
access-control-allow-origin
*
uip-response-status
Ok
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-length
0
routing-server-id
-1
expires
Sat, 01 Jan 2011 12:00:00 GMT
mw
mwzeom.zeotap.com/ Frame 010B 		95 B
456 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?zpartnerid=1384&env=mWeb&gdpr=0&gdpr_consent=&cid=AAFDB41B-E8AC-4A9F-A422-22410BCE2BD1
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js?
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:1857 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 09 Nov 2021 04:55:38 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin
content-type
image/png
access-control-allow-origin
https://ads.pubmatic.com
access-control-allow-credentials
true
cf-ray
6ab47332edf6dfff-FRA
access-control-allow-headers
*
content-length
95
p
a.audrte.com/ Frame 010B
Redirect Chain
  • https://a.audrte.com/match?gdpr=0&gdpr_consent=&p=M1717054901&uid=AAFDB41B-E8AC-4A9F-A422-22410BCE2BD1
  • https://a.audrte.com/p
68 B
617 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://a.audrte.com/p
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js?
Protocol
HTTP/1.1
Server
34.192.120.237 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-192-120-237.compute-1.amazonaws.com
Software
nginx/1.18.0 /
Resource Hash
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date
Tue, 09 Nov 2021 04:55:39 GMT
Server
nginx/1.18.0
Vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods
POST, GET, OPTIONS
Content-Type
image/png
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
68

Redirect headers

Date
Tue, 09 Nov 2021 04:55:39 GMT
Server
nginx/1.18.0
Access-Control-Allow-Origin
*
Vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods
POST, GET, OPTIONS
Location
https://a.audrte.com:443/p
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
0
SPug
image4.pubmatic.com/AdServer/ Frame 010B
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=AAFDB41B-E8AC-4A9F-A422-22410BCE2BD1&redir=true&gdpr=0&gdpr_consent=
  • https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=AAFDB41B-E8AC-4A9F-A422-22410BCE2BD1&redir=true&gdpr=0&gdpr_consent=&verify=true
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-VrXR7NdE2uXcMagZ36z3yYCqSFsb7mQ-~A&gdpr=0&gdpr_consent=
0
129 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-VrXR7NdE2uXcMagZ36z3yYCqSFsb7mQ-~A&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js?
Protocol
H2
Server
198.47.127.20 , United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 09 Nov 2021 04:55:37 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

location
https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-VrXR7NdE2uXcMagZ36z3yYCqSFsb7mQ-~A&gdpr=0&gdpr_consent=
date
Tue, 09 Nov 2021 04:55:38 GMT
server
ATS/9.1.0.33
age
0
content-length
0
strict-transport-security
max-age=31536000
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
AAFDB41B-E8AC-4A9F-A422-22410BCE2BD1
pr-bh.ybp.yahoo.com/sync/pubmatic/ Frame 010B 		43 B
875 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/pubmatic/AAFDB41B-E8AC-4A9F-A422-22410BCE2BD1?gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js?
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a05:d018:d29:3602:583a:9407:39a3:79c8 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 09 Nov 2021 04:55:38 GMT
referrer-policy
strict-origin-when-cross-origin
server
ATS
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security
max-age=31536000
content-type
image/gif
x-xss-protection
1; mode=block
content-length
43
x-content-type-options
nosniff
Pug
simage2.pubmatic.com/AdServer/ Frame 010B
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=pubmatic&gdpr=0&gdpr_consent=
  • https://ws.rqtrk.eu/pull?redirect=https%3A%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D193%26user_id%3D%24BROWSER_ID%26expires%3D1%26ssp%3D%24bidswitch_ssp_id&return-unstable=true&eb=&bidswitch_ssp_id=p...
  • https://x.bidswitch.net/sync?dsp_id=193&user_id=&expires=1&ssp=pubmatic
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=db823f7b-313a-4551-a5a4-d28b8d688688&gdpr=&gdpr_consent=&gdpr_pd=
1 B
181 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=db823f7b-313a-4551-a5a4-d28b8d688688&gdpr=&gdpr_consent=&gdpr_pd=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js?
Protocol
H2
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 09 Nov 2021 04:55:38 GMT
cache-control
no-store, no-cache, private
x-lat
amspug010:0:371
server
nginx
content-type
text/html; charset=utf-8
content-length
1
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Location
//simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=db823f7b-313a-4551-a5a4-d28b8d688688&gdpr=&gdpr_consent=&gdpr_pd=
Date
Tue, 09 Nov 2021 04:55:38 GMT
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Content-Length
0
current
pubmatic-match.dotomi.com/match/bounce/ Frame 010B 		0
104 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pubmatic-match.dotomi.com/match/bounce/current?networkId=17100&version=1&nuid=AAFDB41B-E8AC-4A9F-A422-22410BCE2BD1&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js?
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a02:fa8:8806:12::1370 , Singapore, ASN41041 (VCLK-EU-SE, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 09 Nov 2021 04:55:38 GMT
cache-control
no-cache, private, max-age=0, no-store
server
nginx
expires
0
Pug
simage2.pubmatic.com/AdServer/ Frame 010B
Redirect Chain
  • https://ad.turn.com/r/cs?pid=1&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=2910766924132551182&gdpr=0&gdpr_consent=&us_privacy=
1 B
186 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=2910766924132551182&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js?
Protocol
H2
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 09 Nov 2021 04:55:37 GMT
cache-control
no-store, no-cache, private
x-lat
amspug005:0:354
server
nginx
content-type
text/html; charset=utf-8
content-length
1
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=2910766924132551182&gdpr=0&gdpr_consent=&us_privacy=
pragma
no-cache
date
Tue, 09 Nov 2021 04:55:38 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
0
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"
Pug
image2.pubmatic.com/AdServer/ Frame 010B
Redirect Chain
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=3&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5NjkmdGw9MjU5MjAw=&piggybackCookie=no-consent&gdpr=1&gdpr_consent=
42 B
360 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5NjkmdGw9MjU5MjAw=&piggybackCookie=no-consent&gdpr=1&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js?
Protocol
H2
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 09 Nov 2021 04:55:38 GMT
cache-control
no-store, no-cache, private
x-lat
lhrpug001:0:435
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Tue, 09 Nov 2021 04:55:38 GMT
server
AC1.1
p3p
CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5NjkmdGw9MjU5MjAw=&piggybackCookie=no-consent&gdpr=1&gdpr_consent=
cache-control
max-age=0,no-cache,no-store
content-length
0
expires
Tue, 11 Oct 1977 12:34:56 GMT
pubmaticmatch
match.adsby.bidtheatre.com/ Frame 010B 		0
0
activeview
pagead2.googlesyndication.com/pcs/ Frame 150E 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssctA5-KlF8j6o012talA0a9JqCpmqYk5p2M_uIDidL2hSXns_8lAKXr-Yr_Y6tR99_JAad_jcAAla17w6-sLTjUKLt35OM6gkpQrpgyJIbgTBq5dua&sig=Cg0ArKJSzDuAx3kAzWyKEAE&id=lidar2&mcvt=1010&p=395,578,485,1346&mtos=1010,1010,1010,1010,1010&tos=1010,0,0,0,0&v=20211108&bin=7&avms=nio&bs=1600,1200&mc=1&app=0&itpl=3&adk=1568645639&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0%3D&vs=4&r=v&rst=1636433736976&rpt=723&isd=0&lsd=0&met=mue&wmsd=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.nyasatimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 09 Nov 2021 04:55:38 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
hjtkt1t9m63l
hal9000.redintelligence.net/zone/ Frame 560D 		11 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hal9000.redintelligence.net/zone/hjtkt1t9m63l?subid=&gdpr=-1&gdpr_consent=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DChbq2SP-JYeCVBOSS7_UP3ZmQwAqP4PiGU_Woi6TKDPAuEAEgvv-xCmCV4pCCoAfIAQmpAuQaiiddcbM-qAMBqgSVAk_Q2VRLL4b23HUIMqaCovOlKJRwBpcmLHIhvbe2pVzZyc59e69eBUtj8j7UFgsdZ4iX4OyHABIBcsL4-nVrWk0E0OatSeFkIgT_ADvia-ek6BuRdmvnr7YwGhTgVLzWCvZv-MKn7hN5ay7ZrXCiaUkuDQOE7pYHqpOr3oa4Hn_u_7NF6INzsbm1pU2biK2bizBbD__qS1GQlnbp69BSE6wQyASQXpiXVNmkA-trFNlKqhI2-icEW36_Erl8axSXCcTN9CPNL9Fv7c-z64Xq13NjYWo9tlUU6LyXs91SU9kx4lwYODTvnbz0Nq_KuPN7i9Cn8yOvPSIzrGzqWNsia0UkIqYK5X_2wxUKHby6Rf75DloAsX3ABLvxqMDPAeAEA5AGAaAGTYAH6-foXqgH8NkbqAfy2RuoB47OG6gHk9gbqAfulrECqAf-nrECqAfVyRuoB6a-G6gH89EbqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAkIiOGAEBABGB2ACgGYCwHICwGADAGwE8Ka2grQEwDYEwPYFAHQFQGAFwE%26ae%3D1%26num%3D1%26cid%3DCAASFeRoFOmyYbADMZzuC95bVCZ17soWUw%26sig%3DAOD64_3WSO6kAtWku3Q9HPWUjcfLnX9ktg%26client%3Dca-pub-6272874513322487%26dbm_c%3DAKAmf-Cc3DNCyIF-ZFuNDbHzW8AqM34S7JKrRER-_8g0UWNKyf8W-wU7z0647-KX3IOOSEcdNKUNEtQu0kVKwbMO9SJ6P4zr88iS0d23iKcqzg4GT8TaZFJ9g6_XuQ0RZnS5eddx4PtJYyYJUA95cOGXLMW4Fdq2bw%26cry%3D1%26dbm_d%3DAKAmf-BddLsz3GMqVdSPagvyGql4KrztP7hJ7Oc67f4b9q8vK9NnehZY0__jPhTXsySASRHRIQ4xOLGabdb49kykLq_ms1VoPriPH05CqndI-JIJ-vw1q4UmS6qeIki2fkBDRP1m870Yhf7SboM3oVCcGGcYmaxKSbUfgjyra85ZGy6QkOZ5FGMxJhhss-Lx_-A60kRf6QEb9PRi7_0jrYySQNM2WNxVfrRQkTN-WIDL2WrbWhiV8jKhIMQe2Pwb5yZ9iCpqbjNT6rkbEWJuiYBYK2wU1FC_npn3yD_UNrDVmXxK_LP9Q7V7srankgNwnVSLIwzlKv9mjT6soH9wR_mJfG8cnvueuTaOenIg5YLtH5uJ_lDiriEggb3hY7ufcwWGblwYeXFqVXQBcbuEZTThSOqwXn7D5X4cY-behCdMzSjuAQGdvNSKMlVbBEgZrGrCEe8-VCa5%26adurl%3D
Requested by
Host: 40c08bcac5bf885dbd447c370f4f6d6d.safeframe.googlesyndication.com
URL: https://40c08bcac5bf885dbd447c370f4f6d6d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
138.201.135.164 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.164.135.201.138.clients.your-server.de
Software
Apache /
Resource Hash
bcead286ac01e0fdf1298573ad010dd6b548659d041ca44101a71bcf26061ebe

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://40c08bcac5bf885dbd447c370f4f6d6d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date
Tue, 09 Nov 2021 04:55:38 GMT
Content-Encoding
gzip
Server
Apache
Connection
close
Content-Length
3959
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
request.php
hal900022.redintelligence.net/ Frame 560D
Redirect Chain
  • https://hal900022.redintelligence.net/request.php?zone=hjtkt1t9m63l&nw=20&renderingType=javascript&namespace=467bbd7e13&subid=&uid=158b04a774540a91&screenSize=1600x1200&screenSizeAvail=1600x1200&cl...
  • https://hal900022.redintelligence.net/request.php?zone=hjtkt1t9m63l&nw=20&renderingType=javascript&namespace=467bbd7e13&subid=&uid=158b04a774540a91&screenSize=1600x1200&screenSizeAvail=1600x1200&cl...
3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hal900022.redintelligence.net/request.php?zone=hjtkt1t9m63l&nw=20&renderingType=javascript&namespace=467bbd7e13&subid=&uid=158b04a774540a91&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=300x250&scrollPos=0x0&extData[]=&envData=&gdpr=-1&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DChbq2SP-JYeCVBOSS7_UP3ZmQwAqP4PiGU_Woi6TKDPAuEAEgvv-xCmCV4pCCoAfIAQmpAuQaiiddcbM-qAMBqgSVAk_Q2VRLL4b23HUIMqaCovOlKJRwBpcmLHIhvbe2pVzZyc59e69eBUtj8j7UFgsdZ4iX4OyHABIBcsL4-nVrWk0E0OatSeFkIgT_ADvia-ek6BuRdmvnr7YwGhTgVLzWCvZv-MKn7hN5ay7ZrXCiaUkuDQOE7pYHqpOr3oa4Hn_u_7NF6INzsbm1pU2biK2bizBbD__qS1GQlnbp69BSE6wQyASQXpiXVNmkA-trFNlKqhI2-icEW36_Erl8axSXCcTN9CPNL9Fv7c-z64Xq13NjYWo9tlUU6LyXs91SU9kx4lwYODTvnbz0Nq_KuPN7i9Cn8yOvPSIzrGzqWNsia0UkIqYK5X_2wxUKHby6Rf75DloAsX3ABLvxqMDPAeAEA5AGAaAGTYAH6-foXqgH8NkbqAfy2RuoB47OG6gHk9gbqAfulrECqAf-nrECqAfVyRuoB6a-G6gH89EbqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAkIiOGAEBABGB2ACgGYCwHICwGADAGwE8Ka2grQEwDYEwPYFAHQFQGAFwE%26ae%3D1%26num%3D1%26cid%3DCAASFeRoFOmyYbADMZzuC95bVCZ17soWUw%26sig%3DAOD64_3WSO6kAtWku3Q9HPWUjcfLnX9ktg%26client%3Dca-pub-6272874513322487%26dbm_c%3DAKAmf-Cc3DNCyIF-ZFuNDbHzW8AqM34S7JKrRER-_8g0UWNKyf8W-wU7z0647-KX3IOOSEcdNKUNEtQu0kVKwbMO9SJ6P4zr88iS0d23iKcqzg4GT8TaZFJ9g6_XuQ0RZnS5eddx4PtJYyYJUA95cOGXLMW4Fdq2bw%26cry%3D1%26dbm_d%3DAKAmf-BddLsz3GMqVdSPagvyGql4KrztP7hJ7Oc67f4b9q8vK9NnehZY0__jPhTXsySASRHRIQ4xOLGabdb49kykLq_ms1VoPriPH05CqndI-JIJ-vw1q4UmS6qeIki2fkBDRP1m870Yhf7SboM3oVCcGGcYmaxKSbUfgjyra85ZGy6QkOZ5FGMxJhhss-Lx_-A60kRf6QEb9PRi7_0jrYySQNM2WNxVfrRQkTN-WIDL2WrbWhiV8jKhIMQe2Pwb5yZ9iCpqbjNT6rkbEWJuiYBYK2wU1FC_npn3yD_UNrDVmXxK_LP9Q7V7srankgNwnVSLIwzlKv9mjT6soH9wR_mJfG8cnvueuTaOenIg5YLtH5uJ_lDiriEggb3hY7ufcwWGblwYeXFqVXQBcbuEZTThSOqwXn7D5X4cY-behCdMzSjuAQGdvNSKMlVbBEgZrGrCEe8-VCa5%26adurl%3D&documentReferer=https%3A%2F%2Fwww.nyasatimes.com%2F&ancestorOrigins=https%3A%2F%2Fwww.nyasatimes.com&random=5648909947885&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0&uidRedirect=1
Requested by
Host: 40c08bcac5bf885dbd447c370f4f6d6d.safeframe.googlesyndication.com
URL: https://40c08bcac5bf885dbd447c370f4f6d6d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
HTTP/1.1
Server
144.76.104.53 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.53.104.76.144.clients.your-server.de
Software
Apache /
Resource Hash
b89b553ceaa23e0fd2f6766d52859a7344ebb76f535d3f941acdcded5ea86e85

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://40c08bcac5bf885dbd447c370f4f6d6d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 09 Nov 2021 04:55:38 GMT
Content-Encoding
gzip
Server
Apache
Vary
Accept-Encoding
P3P
CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Cache-Control
no-store, no-cache, must-revalidate, max-age=0
X-NEORY-SubId
19350300013651700710584011773022
Connection
close
Content-Type
application/x-javascript; charset=utf-8
Content-Length
1048
Expires
Tue, 09 Nov 2021 04:55:38 +0100

Redirect headers

Pragma
no-cache
Date
Tue, 09 Nov 2021 04:55:38 GMT
Server
Apache
P3P
CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Location
request.php?zone=hjtkt1t9m63l&nw=20&renderingType=javascript&namespace=467bbd7e13&subid=&uid=158b04a774540a91&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=300x250&scrollPos=0x0&extData[]=&envData=&gdpr=-1&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DChbq2SP-JYeCVBOSS7_UP3ZmQwAqP4PiGU_Woi6TKDPAuEAEgvv-xCmCV4pCCoAfIAQmpAuQaiiddcbM-qAMBqgSVAk_Q2VRLL4b23HUIMqaCovOlKJRwBpcmLHIhvbe2pVzZyc59e69eBUtj8j7UFgsdZ4iX4OyHABIBcsL4-nVrWk0E0OatSeFkIgT_ADvia-ek6BuRdmvnr7YwGhTgVLzWCvZv-MKn7hN5ay7ZrXCiaUkuDQOE7pYHqpOr3oa4Hn_u_7NF6INzsbm1pU2biK2bizBbD__qS1GQlnbp69BSE6wQyASQXpiXVNmkA-trFNlKqhI2-icEW36_Erl8axSXCcTN9CPNL9Fv7c-z64Xq13NjYWo9tlUU6LyXs91SU9kx4lwYODTvnbz0Nq_KuPN7i9Cn8yOvPSIzrGzqWNsia0UkIqYK5X_2wxUKHby6Rf75DloAsX3ABLvxqMDPAeAEA5AGAaAGTYAH6-foXqgH8NkbqAfy2RuoB47OG6gHk9gbqAfulrECqAf-nrECqAfVyRuoB6a-G6gH89EbqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAkIiOGAEBABGB2ACgGYCwHICwGADAGwE8Ka2grQEwDYEwPYFAHQFQGAFwE%26ae%3D1%26num%3D1%26cid%3DCAASFeRoFOmyYbADMZzuC95bVCZ17soWUw%26sig%3DAOD64_3WSO6kAtWku3Q9HPWUjcfLnX9ktg%26client%3Dca-pub-6272874513322487%26dbm_c%3DAKAmf-Cc3DNCyIF-ZFuNDbHzW8AqM34S7JKrRER-_8g0UWNKyf8W-wU7z0647-KX3IOOSEcdNKUNEtQu0kVKwbMO9SJ6P4zr88iS0d23iKcqzg4GT8TaZFJ9g6_XuQ0RZnS5eddx4PtJYyYJUA95cOGXLMW4Fdq2bw%26cry%3D1%26dbm_d%3DAKAmf-BddLsz3GMqVdSPagvyGql4KrztP7hJ7Oc67f4b9q8vK9NnehZY0__jPhTXsySASRHRIQ4xOLGabdb49kykLq_ms1VoPriPH05CqndI-JIJ-vw1q4UmS6qeIki2fkBDRP1m870Yhf7SboM3oVCcGGcYmaxKSbUfgjyra85ZGy6QkOZ5FGMxJhhss-Lx_-A60kRf6QEb9PRi7_0jrYySQNM2WNxVfrRQkTN-WIDL2WrbWhiV8jKhIMQe2Pwb5yZ9iCpqbjNT6rkbEWJuiYBYK2wU1FC_npn3yD_UNrDVmXxK_LP9Q7V7srankgNwnVSLIwzlKv9mjT6soH9wR_mJfG8cnvueuTaOenIg5YLtH5uJ_lDiriEggb3hY7ufcwWGblwYeXFqVXQBcbuEZTThSOqwXn7D5X4cY-behCdMzSjuAQGdvNSKMlVbBEgZrGrCEe8-VCa5%26adurl%3D&documentReferer=https%3A%2F%2Fwww.nyasatimes.com%2F&ancestorOrigins=https%3A%2F%2Fwww.nyasatimes.com&random=5648909947885&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0&uidRedirect=1
Cache-Control
no-store, no-cache, must-revalidate, max-age=0
Connection
close
Content-Type
text/html; charset=UTF-8
Content-Length
0
Expires
Tue, 09 Nov 2021 04:55:38 +0100
activeview
pagead2.googlesyndication.com/pcs/ Frame 3614 		42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstQCzmOUjSVqafohdtK6D8WqurgzsDpRv2jZYGxXBMXGYHuhsyvaAmF0OcAGnKtt7Hj3Eyc1Nyj1nSnj9ySxrsIUwZD2E6z_9WwrKus_o6Z8yw_ID6fqA&sai=AMfl-YT_2LtOou1LQN00xCEbRP-oge0RhNrkLl2JLz0X3EpInUy-nXgMqa6h0AO37uKhPkz5ES5GE7HHFJAoK69yfTYtx2brsOqq1SAP-aY8AmoBFD66YmVi96zmqM3b6rk&sig=Cg0ArKJSzG8Nf1O9w3rBEAE&id=ampim&o=653,644&d=300,600&ss=1600,1200&bs=1600,1200&mcvt=1005&mtos=0,0,1005,1005,1005&tos=0,0,1005,0,0&tfs=183&tls=1188&g=92.66666769981384&h=92.66666769981384&tt=1188&r=v&avms=ampa&uap=&uapv=&uaa=&uam=&uafv=&uab=&adk=3840145581
Requested by
Host: www.nyasatimes.com
URL: https://www.nyasatimes.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.nyasatimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 09 Nov 2021 04:55:38 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
view.aspx
pb.media01.eu/ Frame 566B
Redirect Chain
  • https://pv.medialead.de/trck/epv/e99aace94e6e5873881d3400993e1e7e?subid=19350300013651700710584011773022&t=htlp
  • https://pb.media01.eu/view.aspx?trackid=529D4F146E3238B0FD87AE72E1190AD4&dt_subid1=52180&dt_subid2=19350300013651700710584011773022&actionid=879111&produktid=ratenkredit&dt_url=
0
629 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pb.media01.eu/view.aspx?trackid=529D4F146E3238B0FD87AE72E1190AD4&dt_subid1=52180&dt_subid2=19350300013651700710584011773022&actionid=879111&produktid=ratenkredit&dt_url=
Requested by
Host: hal900022.redintelligence.net
URL: https://hal900022.redintelligence.net/request.php?zone=hjtkt1t9m63l&nw=20&renderingType=javascript&namespace=467bbd7e13&subid=&uid=158b04a774540a91&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=300x250&scrollPos=0x0&extData[]=&envData=&gdpr=-1&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DChbq2SP-JYeCVBOSS7_UP3ZmQwAqP4PiGU_Woi6TKDPAuEAEgvv-xCmCV4pCCoAfIAQmpAuQaiiddcbM-qAMBqgSVAk_Q2VRLL4b23HUIMqaCovOlKJRwBpcmLHIhvbe2pVzZyc59e69eBUtj8j7UFgsdZ4iX4OyHABIBcsL4-nVrWk0E0OatSeFkIgT_ADvia-ek6BuRdmvnr7YwGhTgVLzWCvZv-MKn7hN5ay7ZrXCiaUkuDQOE7pYHqpOr3oa4Hn_u_7NF6INzsbm1pU2biK2bizBbD__qS1GQlnbp69BSE6wQyASQXpiXVNmkA-trFNlKqhI2-icEW36_Erl8axSXCcTN9CPNL9Fv7c-z64Xq13NjYWo9tlUU6LyXs91SU9kx4lwYODTvnbz0Nq_KuPN7i9Cn8yOvPSIzrGzqWNsia0UkIqYK5X_2wxUKHby6Rf75DloAsX3ABLvxqMDPAeAEA5AGAaAGTYAH6-foXqgH8NkbqAfy2RuoB47OG6gHk9gbqAfulrECqAf-nrECqAfVyRuoB6a-G6gH89EbqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAkIiOGAEBABGB2ACgGYCwHICwGADAGwE8Ka2grQEwDYEwPYFAHQFQGAFwE%26ae%3D1%26num%3D1%26cid%3DCAASFeRoFOmyYbADMZzuC95bVCZ17soWUw%26sig%3DAOD64_3WSO6kAtWku3Q9HPWUjcfLnX9ktg%26client%3Dca-pub-6272874513322487%26dbm_c%3DAKAmf-Cc3DNCyIF-ZFuNDbHzW8AqM34S7JKrRER-_8g0UWNKyf8W-wU7z0647-KX3IOOSEcdNKUNEtQu0kVKwbMO9SJ6P4zr88iS0d23iKcqzg4GT8TaZFJ9g6_XuQ0RZnS5eddx4PtJYyYJUA95cOGXLMW4Fdq2bw%26cry%3D1%26dbm_d%3DAKAmf-BddLsz3GMqVdSPagvyGql4KrztP7hJ7Oc67f4b9q8vK9NnehZY0__jPhTXsySASRHRIQ4xOLGabdb49kykLq_ms1VoPriPH05CqndI-JIJ-vw1q4UmS6qeIki2fkBDRP1m870Yhf7SboM3oVCcGGcYmaxKSbUfgjyra85ZGy6QkOZ5FGMxJhhss-Lx_-A60kRf6QEb9PRi7_0jrYySQNM2WNxVfrRQkTN-WIDL2WrbWhiV8jKhIMQe2Pwb5yZ9iCpqbjNT6rkbEWJuiYBYK2wU1FC_npn3yD_UNrDVmXxK_LP9Q7V7srankgNwnVSLIwzlKv9mjT6soH9wR_mJfG8cnvueuTaOenIg5YLtH5uJ_lDiriEggb3hY7ufcwWGblwYeXFqVXQBcbuEZTThSOqwXn7D5X4cY-behCdMzSjuAQGdvNSKMlVbBEgZrGrCEe8-VCa5%26adurl%3D&documentReferer=https%3A%2F%2Fwww.nyasatimes.com%2F&ancestorOrigins=https%3A%2F%2Fwww.nyasatimes.com&random=5648909947885&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
88.198.250.30 Schwaig, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.88-198-250-30.clients.your-server.de
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://40c08bcac5bf885dbd447c370f4f6d6d.safeframe.googlesyndication.com/

Response headers

cache-control
no-cache, must-revalidate
pragma
no-cache
content-type
text/html; charset=UTF-8
expires
Mon, 26 Jul 1997 05:00:00 GMT
last-modified
Tue, 09 Nov 2021 05:55:39 GMT
server
Microsoft-IIS/10.0
p3p
policyref="https://pb.media01.eu/pb.media01.eu/p3p.xml", CP="NOI NID PSA OUR BUS NAV STA"
access-control-allow-origin
*
access-control-allow-credentials
true
x-xss-protection
1; mode=block
access-control-allow-methods
GET,POST
access-control-allow-headers
Content-Type, Content-Range, Content-Disposition, Content-Description, X-XSRF-TOKEN, X-Location
x-aspnet-version
4.0.30319
x-powered-by
ASP.NET
date
Tue, 09 Nov 2021 04:55:38 GMT
content-length
0

Redirect headers

Server
nginx/1.17.5
Date
Tue, 09 Nov 2021 04:55:39 GMT
Content-Type
text/html; charset=UTF-8
Transfer-Encoding
chunked
Keep-Alive
timeout=20
X-Powered-By
PHP/7.2.21
Access-Control-Allow-Origin
*
Access-Control-Allow-Methods
GET,PUT,POST,DELETE,OPTIONS
Access-Control-Allow-Headers
Origin, X-Requested-With, Content-Range, Content-Disposition, Content-Type, Authorization
Access-Control-Allow-Credentials
true
Location
https://pb.media01.eu/view.aspx?trackid=529D4F146E3238B0FD87AE72E1190AD4&dt_subid1=52180&dt_subid2=19350300013651700710584011773022&actionid=879111&produktid=ratenkredit&dt_url=
Strict-Transport-Security
max-age=63072000;includeSubdomains;preload max-age=15768000
X-IPLB-Request-ID
B9D59BA5:C164_91EFC182:01BB_6189FF4B_6F380BF:2A265
X-IPLB-Instance
40028
Cache-control
private
index2.html
singles.parship.de/lp/v00/6/U/htlp/ Frame 42B1
Redirect Chain
  • https://www.awin1.com/cshow.php?s=2661283&v=11524&q=391598&r=296283&pref1=19350300013651700710584011773022&pv=1
  • https://trf.greatviews.de/cl?m315=c&q=nyVlHJ2acuRY7q9fsD728kyQ
  • https://singles.parship.de/lp/v00/6/U/htlp/index2.html?pscode=01_100_60078_1026_0001_0001_empty_AF00ID_GV1636433739.5503284.48ab17ac-4119-11ec-82f1-00155d255900ID
735 B
1022 B 		Document
General
Check archive.org
Download Go to
Full URL
https://singles.parship.de/lp/v00/6/U/htlp/index2.html?pscode=01_100_60078_1026_0001_0001_empty_AF00ID_GV1636433739.5503284.48ab17ac-4119-11ec-82f1-00155d255900ID
Requested by
Host: hal900022.redintelligence.net
URL: https://hal900022.redintelligence.net/request.php?zone=hjtkt1t9m63l&nw=20&renderingType=javascript&namespace=467bbd7e13&subid=&uid=158b04a774540a91&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=300x250&scrollPos=0x0&extData[]=&envData=&gdpr=-1&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DChbq2SP-JYeCVBOSS7_UP3ZmQwAqP4PiGU_Woi6TKDPAuEAEgvv-xCmCV4pCCoAfIAQmpAuQaiiddcbM-qAMBqgSVAk_Q2VRLL4b23HUIMqaCovOlKJRwBpcmLHIhvbe2pVzZyc59e69eBUtj8j7UFgsdZ4iX4OyHABIBcsL4-nVrWk0E0OatSeFkIgT_ADvia-ek6BuRdmvnr7YwGhTgVLzWCvZv-MKn7hN5ay7ZrXCiaUkuDQOE7pYHqpOr3oa4Hn_u_7NF6INzsbm1pU2biK2bizBbD__qS1GQlnbp69BSE6wQyASQXpiXVNmkA-trFNlKqhI2-icEW36_Erl8axSXCcTN9CPNL9Fv7c-z64Xq13NjYWo9tlUU6LyXs91SU9kx4lwYODTvnbz0Nq_KuPN7i9Cn8yOvPSIzrGzqWNsia0UkIqYK5X_2wxUKHby6Rf75DloAsX3ABLvxqMDPAeAEA5AGAaAGTYAH6-foXqgH8NkbqAfy2RuoB47OG6gHk9gbqAfulrECqAf-nrECqAfVyRuoB6a-G6gH89EbqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAkIiOGAEBABGB2ACgGYCwHICwGADAGwE8Ka2grQEwDYEwPYFAHQFQGAFwE%26ae%3D1%26num%3D1%26cid%3DCAASFeRoFOmyYbADMZzuC95bVCZ17soWUw%26sig%3DAOD64_3WSO6kAtWku3Q9HPWUjcfLnX9ktg%26client%3Dca-pub-6272874513322487%26dbm_c%3DAKAmf-Cc3DNCyIF-ZFuNDbHzW8AqM34S7JKrRER-_8g0UWNKyf8W-wU7z0647-KX3IOOSEcdNKUNEtQu0kVKwbMO9SJ6P4zr88iS0d23iKcqzg4GT8TaZFJ9g6_XuQ0RZnS5eddx4PtJYyYJUA95cOGXLMW4Fdq2bw%26cry%3D1%26dbm_d%3DAKAmf-BddLsz3GMqVdSPagvyGql4KrztP7hJ7Oc67f4b9q8vK9NnehZY0__jPhTXsySASRHRIQ4xOLGabdb49kykLq_ms1VoPriPH05CqndI-JIJ-vw1q4UmS6qeIki2fkBDRP1m870Yhf7SboM3oVCcGGcYmaxKSbUfgjyra85ZGy6QkOZ5FGMxJhhss-Lx_-A60kRf6QEb9PRi7_0jrYySQNM2WNxVfrRQkTN-WIDL2WrbWhiV8jKhIMQe2Pwb5yZ9iCpqbjNT6rkbEWJuiYBYK2wU1FC_npn3yD_UNrDVmXxK_LP9Q7V7srankgNwnVSLIwzlKv9mjT6soH9wR_mJfG8cnvueuTaOenIg5YLtH5uJ_lDiriEggb3hY7ufcwWGblwYeXFqVXQBcbuEZTThSOqwXn7D5X4cY-behCdMzSjuAQGdvNSKMlVbBEgZrGrCEe8-VCa5%26adurl%3D&documentReferer=https%3A%2F%2Fwww.nyasatimes.com%2F&ancestorOrigins=https%3A%2F%2Fwww.nyasatimes.com&random=5648909947885&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6813:ba79 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c44ca7391f96d8aa150adda160f75da94e3310fdac055df6d43afc32a94fcff5
Security Headers
Name Value
Strict-Transport-Security max-age=15552000
X-Content-Type-Options nosniff

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://40c08bcac5bf885dbd447c370f4f6d6d.safeframe.googlesyndication.com/

Response headers

date
Tue, 09 Nov 2021 04:55:39 GMT
content-type
text/html
last-modified
Mon, 08 Nov 2021 05:01:20 GMT
vary
Accept-Encoding,User-Agent
p3p
CP="ALL CUR OUR STP UNI PUR"
referrer-policy
no-referrer-when-downgrade
strict-transport-security
max-age=15552000
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-content-type-options
nosniff
server
cloudflare
cf-ray
6ab473358c483260-FRA
content-encoding
br

Redirect headers

server
nginx
date
Tue, 09 Nov 2021 04:55:39 GMT
content-type
text/html; charset=UTF-8
location
https://singles.parship.de/lp/v00/6/U/htlp/index2.html?pscode=01_100_60078_1026_0001_0001_empty_AF00ID_GV1636433739.5503284.48ab17ac-4119-11ec-82f1-00155d255900ID
p3p
policyref="/w3c/p3p.xml", CP="DSP COR NID OUR IND COM NAV INT"
server-id
12
x-robots-tag
noindex, nofollow
access-control-allow-origin
*
link.html
track.webgains.com/ Frame 560D 		1 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://track.webgains.com/link.html?wglinkid=3432265&wgcampaignid=99582&js=1&nw=1&viewref=19350300013651700710584011773022
Requested by
Host: www.nyasatimes.com
URL: https://www.nyasatimes.com/
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_CBC
Server
46.236.13.147 , United Kingdom, ASN12703 (PULSANT-AS, GB),
Reverse DNS
46-236-13-147.servers.dedipower.net
Software
Apache /
Resource Hash
88b91cc699d3f46b6b354cdb6a2c4f35b73ed27b2d935354d7f3efb93a9ef987

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://40c08bcac5bf885dbd447c370f4f6d6d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 09 Nov 2021 04:55:39 GMT
Last-Modified
Tue, 09 Nov 2021 04:55:39 GMT
Server
Apache
P3P
policyref="http://www.webgains.com/w3c/p3p.xml", CP="NON DSP COR NID ADM DEV CURi OUR NOR COM NAV"
X-WG-cache
hit
Cache-Control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection
close
Content-Type
text/html;charset=utf-8
Content-Length
1239
Expires
Mon, 26 Jul 1997 05:00:00 GMT
request_content.php
hal900022.redintelligence.net/ Frame 0B76 		7 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://hal900022.redintelligence.net/request_content.php?s=19350300013651700710584011773022&a=007198d4
Requested by
Host: hal900022.redintelligence.net
URL: https://hal900022.redintelligence.net/request.php?zone=hjtkt1t9m63l&nw=20&renderingType=javascript&namespace=467bbd7e13&subid=&uid=158b04a774540a91&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=300x250&scrollPos=0x0&extData[]=&envData=&gdpr=-1&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DChbq2SP-JYeCVBOSS7_UP3ZmQwAqP4PiGU_Woi6TKDPAuEAEgvv-xCmCV4pCCoAfIAQmpAuQaiiddcbM-qAMBqgSVAk_Q2VRLL4b23HUIMqaCovOlKJRwBpcmLHIhvbe2pVzZyc59e69eBUtj8j7UFgsdZ4iX4OyHABIBcsL4-nVrWk0E0OatSeFkIgT_ADvia-ek6BuRdmvnr7YwGhTgVLzWCvZv-MKn7hN5ay7ZrXCiaUkuDQOE7pYHqpOr3oa4Hn_u_7NF6INzsbm1pU2biK2bizBbD__qS1GQlnbp69BSE6wQyASQXpiXVNmkA-trFNlKqhI2-icEW36_Erl8axSXCcTN9CPNL9Fv7c-z64Xq13NjYWo9tlUU6LyXs91SU9kx4lwYODTvnbz0Nq_KuPN7i9Cn8yOvPSIzrGzqWNsia0UkIqYK5X_2wxUKHby6Rf75DloAsX3ABLvxqMDPAeAEA5AGAaAGTYAH6-foXqgH8NkbqAfy2RuoB47OG6gHk9gbqAfulrECqAf-nrECqAfVyRuoB6a-G6gH89EbqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAkIiOGAEBABGB2ACgGYCwHICwGADAGwE8Ka2grQEwDYEwPYFAHQFQGAFwE%26ae%3D1%26num%3D1%26cid%3DCAASFeRoFOmyYbADMZzuC95bVCZ17soWUw%26sig%3DAOD64_3WSO6kAtWku3Q9HPWUjcfLnX9ktg%26client%3Dca-pub-6272874513322487%26dbm_c%3DAKAmf-Cc3DNCyIF-ZFuNDbHzW8AqM34S7JKrRER-_8g0UWNKyf8W-wU7z0647-KX3IOOSEcdNKUNEtQu0kVKwbMO9SJ6P4zr88iS0d23iKcqzg4GT8TaZFJ9g6_XuQ0RZnS5eddx4PtJYyYJUA95cOGXLMW4Fdq2bw%26cry%3D1%26dbm_d%3DAKAmf-BddLsz3GMqVdSPagvyGql4KrztP7hJ7Oc67f4b9q8vK9NnehZY0__jPhTXsySASRHRIQ4xOLGabdb49kykLq_ms1VoPriPH05CqndI-JIJ-vw1q4UmS6qeIki2fkBDRP1m870Yhf7SboM3oVCcGGcYmaxKSbUfgjyra85ZGy6QkOZ5FGMxJhhss-Lx_-A60kRf6QEb9PRi7_0jrYySQNM2WNxVfrRQkTN-WIDL2WrbWhiV8jKhIMQe2Pwb5yZ9iCpqbjNT6rkbEWJuiYBYK2wU1FC_npn3yD_UNrDVmXxK_LP9Q7V7srankgNwnVSLIwzlKv9mjT6soH9wR_mJfG8cnvueuTaOenIg5YLtH5uJ_lDiriEggb3hY7ufcwWGblwYeXFqVXQBcbuEZTThSOqwXn7D5X4cY-behCdMzSjuAQGdvNSKMlVbBEgZrGrCEe8-VCa5%26adurl%3D&documentReferer=https%3A%2F%2Fwww.nyasatimes.com%2F&ancestorOrigins=https%3A%2F%2Fwww.nyasatimes.com&random=5648909947885&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
144.76.104.53 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.53.104.76.144.clients.your-server.de
Software
Apache /
Resource Hash
e84a512a5847981fd67330bb0ecb081f3d93d3ea11de93d8f5c9f6a438229123

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://40c08bcac5bf885dbd447c370f4f6d6d.safeframe.googlesyndication.com/

Response headers

Date
Tue, 09 Nov 2021 04:55:39 GMT
Server
Apache
Cache-Control
no-store, no-cache, must-revalidate, max-age=0
Expires
Tue, 09 Nov 2021 04:55:39 +0100
Pragma
no-cache
P3P
CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Vary
Accept-Encoding
Content-Encoding
gzip
Content-Length
2097
Connection
close
Content-Type
text/html; charset=utf-8
native.png
ad-server.eu/wm/pb/ Frame 560D
Redirect Chain
  • https://medialead.de/trck/eview/e99aace94e6e5873881d3400993e1e7e?subid=19350300013651700710584011773022
  • https://pv.medialead.de/trck/eview/e99aace94e6e5873881d3400993e1e7e?subid=19350300013651700710584011773022
  • https://ad-server.eu/wm/pb/native.png
68 B
312 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad-server.eu/wm/pb/native.png
Requested by
Host: 40c08bcac5bf885dbd447c370f4f6d6d.safeframe.googlesyndication.com
URL: https://40c08bcac5bf885dbd447c370f4f6d6d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
HTTP/1.1
Server
54.76.176.197 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-76-176-197.eu-west-1.compute.amazonaws.com
Software
nginx/1.4.6 (Ubuntu) /
Resource Hash
93ae7d494fad0fb30cbf3ae746a39c4bc7a0f8bbf87fbb587a3f3c01f3c5ce20

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://40c08bcac5bf885dbd447c370f4f6d6d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date
Tue, 09 Nov 2021 04:59:47 GMT
Last-Modified
Sat, 21 Dec 2019 23:06:59 GMT
Server
nginx/1.4.6 (Ubuntu)
ETag
"5dfea593-44"
Content-Type
image/png
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
68

Redirect headers

Date
Tue, 09 Nov 2021 04:55:39 GMT
Server
nginx/1.17.5
X-IPLB-Request-ID
B9D59BA5:C176_91EFC182:01BB_6189FF4B_6F380C0:2A265
X-Powered-By
PHP/7.2.21
X-IPLB-Instance
40028
Strict-Transport-Security
max-age=63072000;includeSubdomains;preload, max-age=15768000
Content-Type
text/html; charset=UTF-8
Location
https://ad-server.eu/wm/pb/native.png
Cache-control
private
Transfer-Encoding
chunked
Keep-Alive
timeout=20
truncated
/ Frame 560D 		210 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
52895bdcfd2f2089508c6e5fd4cb4ceafd797d67c4cb183e93764c1476b1a483

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Content-Type
image/png
css
fonts.googleapis.com/ Frame 0B76 		4 KB
650 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Source+Sans+Pro:400,600
Requested by
Host: hal900022.redintelligence.net
URL: https://hal900022.redintelligence.net/request_content.php?s=19350300013651700710584011773022&a=007198d4
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
932060b34fe451f1cb994f3da257f6d2d0f281e1e286e9f3f0e2da63e862fec6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://hal900022.redintelligence.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Tue, 09 Nov 2021 02:56:36 GMT
server
ESF
date
Tue, 09 Nov 2021 04:55:39 GMT
x-frame-options
SAMEORIGIN
report-to
{"group":"AXrpQdfmR0fDhCOPhF1MuC4lh4qBOg6Nc66MCVJYeKk","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/encsid_AXrpQdfmR0fDhCOPhF1MuC4lh4qBOg6Nc66MCVJYeKk"}]}
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
cross-origin-opener-policy-report-only
same-origin; report-to="AXrpQdfmR0fDhCOPhF1MuC4lh4qBOg6Nc66MCVJYeKk"
expires
Tue, 09 Nov 2021 04:55:39 GMT
/
hal9000.redintelligence.net/scale/ Frame 0B76 		16 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hal9000.redintelligence.net/scale/?nw=20&mode=bb&width=120&height=60&url=https://cdn.contentspread.net/24i/advertiser/6383/creativesup/postbank_pool_privatkredit_1200x627.jpg
Requested by
Host: hal900022.redintelligence.net
URL: https://hal900022.redintelligence.net/request_content.php?s=19350300013651700710584011773022&a=007198d4
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
138.201.135.164 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.164.135.201.138.clients.your-server.de
Software
Apache /
Resource Hash
ecd1add1790844329ee5df6d91e99e7f9d50ef9dbb1cdb7e0b851f80ae7fed62

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://hal900022.redintelligence.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date
Tue, 09 Nov 2021 04:55:39 GMT
Content-Encoding
gzip
Server
Apache
Connection
close
Content-Length
16248
Vary
Accept-Encoding
Content-Type
image/png
/
hal9000.redintelligence.net/scale/ Frame 0B76 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hal9000.redintelligence.net/scale/?nw=20&mode=bb&width=120&height=60&url=https://cdn.contentspread.net/24i/advertiser/51649/creativesup/PS_Herbstkampagne2019_Inga1_OnlineMarketing_Display_Yahoo_1200x627.jpg
Requested by
Host: hal900022.redintelligence.net
URL: https://hal900022.redintelligence.net/request_content.php?s=19350300013651700710584011773022&a=007198d4
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
138.201.135.164 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.164.135.201.138.clients.your-server.de
Software
Apache /
Resource Hash
fa9fe1b309d3dd1e996d1c09c0971a68676dd7ac4ed3a47bda490a5ef31722aa

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://hal900022.redintelligence.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date
Tue, 09 Nov 2021 04:55:39 GMT
Content-Encoding
gzip
Server
Apache
Connection
close
Content-Length
7155
Vary
Accept-Encoding
Content-Type
image/png
/
hal9000.redintelligence.net/scale/ Frame 0B76 		14 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hal9000.redintelligence.net/scale/?nw=20&mode=bb&width=120&height=60&url=https://cdn.contentspread.net/24i/advertiser/52113/creativesup/paninishop-nfl-2021-banner-1200x627.jpg
Requested by
Host: hal900022.redintelligence.net
URL: https://hal900022.redintelligence.net/request_content.php?s=19350300013651700710584011773022&a=007198d4
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
138.201.135.164 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.164.135.201.138.clients.your-server.de
Software
Apache /
Resource Hash
4695dd13af6c56cad7ea6cec23fc24f86935ddadb048108bfaf468abfdeedd9d

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://hal900022.redintelligence.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date
Tue, 09 Nov 2021 04:55:39 GMT
Content-Encoding
gzip
Server
Apache
Connection
close
Content-Length
14157
Vary
Accept-Encoding
Content-Type
image/png
AdServerServlet
vid.pubmatic.com/AdServer/ Frame CD8A 		27 B
0 		XHR
General
Check archive.org
Download Go to
Full URL
https://vid.pubmatic.com/AdServer/AdServerServlet?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+7+9+1+1+6&gdpr=0&gdpr_consent=&kadpageurl=https%3A%2F%2Fwww.nyasatimes.com%2F&schain=1.0,1!vidoomy.com,62144,1,1636433736608,,&us_privacy=&cb=1636433738610&SAVersion=2&inIframe=1&pageURL=https%253A%252F%252Fwww.nyasatimes.com%252F&screenResolution=1600x1200&kdntuid=1&vwndh=0&vwndw=0&vwndurl=https%253A%252F%252Fwww.nyasatimes.com%252F&vwndref=&vc=2&js=1&sec=1&kltstamp=2021-11-9%204:55:39&ranreq=0.5863647211086438&timezone=0&depth=0
Requested by
Host: vpaid.pubmatic.com
URL: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr==&gdpr_consent=&kadpageurl=https%3A%2F%2Fwww.nyasatimes.com%2F&schain=1.0,1!vidoomy.com,62144,1,1636433736608,,
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.111 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 09 Nov 2021 04:55:39 GMT
content-encoding
gzip
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
access-control-allow-origin
https://www.nyasatimes.com
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
x-vdbg
1:0/165:-1
content-type
application/xml; charset=utf-8
peg_logger.js
singles.parship.de/static_cms/parship/static/peg_utils/peg_logger/ Frame 42B1 		12 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://singles.parship.de/static_cms/parship/static/peg_utils/peg_logger/peg_logger.js
Requested by
Host: singles.parship.de
URL: https://singles.parship.de/lp/v00/6/U/htlp/index2.html?pscode=01_100_60078_1026_0001_0001_empty_AF00ID_GV1636433739.5503284.48ab17ac-4119-11ec-82f1-00155d255900ID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6813:ba79 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aaf0feabc8ee4333a21f396ddb102bd77de04e83504d24120c0edc7bba4de188
Security Headers
Name Value
Strict-Transport-Security max-age=15552000
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://singles.parship.de/lp/v00/6/U/htlp/index2.html?pscode=01_100_60078_1026_0001_0001_empty_AF00ID_GV1636433739.5503284.48ab17ac-4119-11ec-82f1-00155d255900ID
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 09 Nov 2021 04:55:39 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
age
76726
strict-transport-security
max-age=15552000
referrer-policy
no-referrer-when-downgrade
last-modified
Wed, 13 Oct 2021 06:54:58 GMT
server
cloudflare
etag
W/"616682c2-2e24"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/x-javascript
cache-control
max-age=86400
cf-ray
6ab47335dc703260-FRA
expires
Tue, 09 Nov 2021 07:36:53 GMT
pegtracking_combined.js
singles.parship.de/static_cms/parship/static/peg_utils/tracking/ Frame 42B1 		28 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://singles.parship.de/static_cms/parship/static/peg_utils/tracking/pegtracking_combined.js
Requested by
Host: singles.parship.de
URL: https://singles.parship.de/lp/v00/6/U/htlp/index2.html?pscode=01_100_60078_1026_0001_0001_empty_AF00ID_GV1636433739.5503284.48ab17ac-4119-11ec-82f1-00155d255900ID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6813:ba79 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b46d5f663781cd06f6de358326e376dd342ea2a2667cb418e403c8ef3203bda3
Security Headers
Name Value
Strict-Transport-Security max-age=15552000
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://singles.parship.de/lp/v00/6/U/htlp/index2.html?pscode=01_100_60078_1026_0001_0001_empty_AF00ID_GV1636433739.5503284.48ab17ac-4119-11ec-82f1-00155d255900ID
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 09 Nov 2021 04:55:39 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
age
71305
strict-transport-security
max-age=15552000
referrer-policy
no-referrer-when-downgrade
last-modified
Tue, 26 Oct 2021 09:00:17 GMT
server
cloudflare
etag
W/"6177c3a1-71b9"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/x-javascript
cache-control
max-age=86400
cf-ray
6ab47335dc713260-FRA
expires
Tue, 09 Nov 2021 09:07:14 GMT
beacon.min.js
static.cloudflareinsights.com/ Frame 42B1 		13 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.cloudflareinsights.com/beacon.min.js
Requested by
Host: singles.parship.de
URL: https://singles.parship.de/lp/v00/6/U/htlp/index2.html?pscode=01_100_60078_1026_0001_0001_empty_AF00ID_GV1636433739.5503284.48ab17ac-4119-11ec-82f1-00155d255900ID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:5f41 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
acd89c8dd5cc9cf47ee574302ec883993c33d419da8840ddb05763b857f1f09f

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://singles.parship.de/lp/v00/6/U/htlp/index2.html?pscode=01_100_60078_1026_0001_0001_empty_AF00ID_GV1636433739.5503284.48ab17ac-4119-11ec-82f1-00155d255900ID
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 09 Nov 2021 04:55:39 GMT
content-encoding
gzip
last-modified
Fri, 22 Oct 2021 22:23:12 GMT
server
cloudflare
etag
W/2021.9.0
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
cf-ray
6ab47335f9f1434b-FRA
i
vid-io-cle.springserve.com/vd/ Frame 34D2 		0
118 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://vid-io-cle.springserve.com/vd/i?suuid=e2e32b1a&ps_id=356921&batch=1
Requested by
Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_d700fabb.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.139.192.142 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-139-192-142.us-east-2.compute.amazonaws.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.nyasatimes.com
date
Tue, 09 Nov 2021 04:55:39 GMT
access-control-allow-credentials
true
server
nginx
content-length
0
track
aktrack.pubmatic.com/ Frame 34D2 		0
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aktrack.pubmatic.com/track?operId=7&p=156498&s=399115&a=1801592&ts=1636433738&wa=0&e=96&ier=901
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-233-180.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 09 Nov 2021 04:55:39 GMT
content-length
0
content-type
text/html
pvClk.min.js
analytics.webgains.io/ Frame 560D 		51 KB
51 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://analytics.webgains.io/pvClk.min.js
Requested by
Host: track.webgains.com
URL: https://track.webgains.com/link.html?wglinkid=3432265&wgcampaignid=99582&js=1&nw=1&viewref=19350300013651700710584011773022
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.98.5 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-98-5.fra50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
c6ce2b47cde7cf913a3c34ddce355fa9c75012577dd34c35928add8676cb7fa0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://40c08bcac5bf885dbd447c370f4f6d6d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-amz-version-id
ESJ1m.JcTMC7xiA46tdzcog3eD2HGNO9
via
1.1 e64eb476d8f76c461d21278e018e194f.cloudfront.net (CloudFront)
last-modified
Mon, 13 Sep 2021 10:14:21 GMT
server
AmazonS3
age
89047
etag
"ec0ced40cbb5211db06b8a36f209e442"
x-cache
Hit from cloudfront
content-type
application/javascript
date
Mon, 08 Nov 2021 05:29:33 GMT
x-amz-cf-pop
FRA50-C1
accept-ranges
bytes
content-length
51794
x-amz-cf-id
qBodA-XRrPyVWxjWiyFbUolTLFpGPdxxSaiw4fz_lrxE6D1AucLZrg==
link.html
track.webgains.com/ Frame 560D 		667 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://track.webgains.com/link.html?wgcampaignid=99582&viewref=27302100014361200710584011773009&wglinkid=3432265
Requested by
Host: 40c08bcac5bf885dbd447c370f4f6d6d.safeframe.googlesyndication.com
URL: https://40c08bcac5bf885dbd447c370f4f6d6d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_CBC
Server
46.236.13.147 , United Kingdom, ASN12703 (PULSANT-AS, GB),
Reverse DNS
46-236-13-147.servers.dedipower.net
Software
Apache /
Resource Hash
9ea21905a7edfa4ceda705f977891d5e100f9709318836cfacbab47ad3321ff1

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://40c08bcac5bf885dbd447c370f4f6d6d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 09 Nov 2021 04:55:39 GMT
Last-Modified
Tue, 09 Nov 2021 04:55:39 GMT
Server
Apache
P3P
policyref="http://www.webgains.com/w3c/p3p.xml", CP="NON DSP COR NID ADM DEV CURi OUR NOR COM NAV"
X-WG-cache
hit
Cache-Control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection
close
Content-Type
image/jpeg
Content-Length
667
Expires
Mon, 26 Jul 1997 05:00:00 GMT
eum.min.js
eum.instana.io/ Frame 42B1 		24 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eum.instana.io/eum.min.js
Requested by
Host: singles.parship.de
URL: https://singles.parship.de/static_cms/parship/static/peg_utils/peg_logger/peg_logger.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:9df3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d72fe48350b82bd31bd6c6b8e90811d971f483c9722af13005cb7539a0c0a2fa

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://singles.parship.de/lp/v00/6/U/htlp/index2.html?pscode=01_100_60078_1026_0001_0001_empty_AF00ID_GV1636433739.5503284.48ab17ac-4119-11ec-82f1-00155d255900ID
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 09 Nov 2021 04:55:39 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Tue, 2 Nov 2021 12:43:40 GMT
server
cloudflare
age
12137
etag
-1517129700--gzip
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript;charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=604800, stale-while-revalidate=2678400, stale-if-error=2678400
cf-ray
6ab473366f044e07-FRA
via
1.1 google
nvi
singles.parship.de/nocache/ Frame 42B1 		15 B
383 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://singles.parship.de/nocache/nvi?url_path=%2Flp%2Fv00%2F6%2FU%2Fhtlp%2Findex2.html&pscode=01_100_60078_1026_0001_0001_empty_AF00ID_GV1636433739.5503284.48ab17ac-4119-11ec-82f1-00155d255900ID&ref=https%3A%2F%2F40c08bcac5bf885dbd447c370f4f6d6d.safeframe.googlesyndication.com%2F
Requested by
Host: singles.parship.de
URL: https://singles.parship.de/static_cms/parship/static/peg_utils/tracking/pegtracking_combined.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6813:ba79 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
92f75b3d52eb22fd4d5af5352dc0bb43e5d0bc979f274783e7cd17884221b72e
Security Headers
Name Value
Strict-Transport-Security max-age=15552000
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://singles.parship.de/lp/v00/6/U/htlp/index2.html?pscode=01_100_60078_1026_0001_0001_empty_AF00ID_GV1636433739.5503284.48ab17ac-4119-11ec-82f1-00155d255900ID
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 09 Nov 2021 04:55:39 GMT
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15552000
content-type
application/json
cf-ray
6ab473363cb23260-FRA
content-length
15
rum
singles.parship.de/cdn-cgi/ Frame 42B1 		0
213 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://singles.parship.de/cdn-cgi/rum?
Requested by
Host: eum.instana.io
URL: https://eum.instana.io/eum.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6813:ba79 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

X-INSTANA-T
716dfcf747623cee
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Referer
https://singles.parship.de/lp/v00/6/U/htlp/index2.html?pscode=01_100_60078_1026_0001_0001_empty_AF00ID_GV1636433739.5503284.48ab17ac-4119-11ec-82f1-00155d255900ID
X-INSTANA-S
716dfcf747623cee
Accept-Language
de-DE,de;q=0.9
X-INSTANA-L
1,correlationType=web;correlationId=716dfcf747623cee
content-type
application/json

Response headers

date
Tue, 09 Nov 2021 04:55:39 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cloudflare
x-frame-options
DENY
access-control-allow-methods
POST,OPTIONS
content-type
text/plain
access-control-allow-origin
https://singles.parship.de
access-control-max-age
86400
access-control-allow-credentials
true
cf-ray
6ab473369cea3260-FRA
vary
Origin
PMAdMgr.js
vpaid.pubmatic.com/ads/video/ Frame EA0A 		152 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr=0&gdpr_consent=&kadpageurl=https%3A%2F%2Fwww.nyasatimes.com%2F&schain=1.0%2C1%21vidoomy.com%2C62144%2C1%2C54283961372527544011935234587%2C%2C
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-233-180.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
f0f6a8b6c19b0c4d1cab075ab2f4f755cfef747424837668e65f431410f816e8

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 09 Nov 2021 04:55:39 GMT
content-encoding
gzip
last-modified
Tue, 10 Aug 2021 05:02:46 GMT
server
Apache/2.2.15 (CentOS)
etag
"1408294-25f9a-5c92d699d3c58"
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=10800
accept-ranges
bytes
content-length
36260
showad.js
ads.pubmatic.com/AdServer/js/ Frame CA13 		38 KB
14 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/showad.js?
Requested by
Host: vpaid.pubmatic.com
URL: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr=0&gdpr_consent=&kadpageurl=https%3A%2F%2Fwww.nyasatimes.com%2F&schain=1.0%2C1%21vidoomy.com%2C62144%2C1%2C54283961372527544011935234587%2C%2C
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-233-180.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
e2cdec10db9a0a224e9f5e49b6f004c5426564fb8d857ad3df480e9c916bafe6

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

last-modified
Tue, 19 Oct 2021 10:00:01 GMT
etag
"1302647-96ae-5ceb1b98ba7c4"
server
Apache/2.2.15 (CentOS)
accept-ranges
bytes
content-encoding
gzip
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
13882
content-type
text/html; charset=UTF-8
cache-control
public, max-age=87042
expires
Wed, 10 Nov 2021 05:06:21 GMT
date
Tue, 09 Nov 2021 04:55:39 GMT
vary
Accept-Encoding
showad.js
ads.pubmatic.com/AdServer/js/ Frame EA0A 		38 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/showad.js?
Requested by
Host: vpaid.pubmatic.com
URL: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr=0&gdpr_consent=&kadpageurl=https%3A%2F%2Fwww.nyasatimes.com%2F&schain=1.0%2C1%21vidoomy.com%2C62144%2C1%2C54283961372527544011935234587%2C%2C
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-233-180.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
e2cdec10db9a0a224e9f5e49b6f004c5426564fb8d857ad3df480e9c916bafe6

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 09 Nov 2021 04:55:39 GMT
content-encoding
gzip
last-modified
Tue, 19 Oct 2021 10:00:01 GMT
server
Apache/2.2.15 (CentOS)
etag
"1302647-96ae-5ceb1b98ba7c4"
vary
Accept-Encoding
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
public, max-age=87042
accept-ranges
bytes
content-type
text/html; charset=UTF-8
content-length
13882
expires
Wed, 10 Nov 2021 05:06:21 GMT
PugMaster
image6.pubmatic.com/AdServer/ Frame CA13 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=12961572&p=156498&s=399115&a=1801592&ptask=ALL&np=0&fp=0&rp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js?
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.78 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
a6cbceea7eda0e507f3a2c7633c052eb79d59890a93ad1bc6f3b9a0638e57ae0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 09 Nov 2021 04:55:39 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
1645
content-type
text/html; charset=UTF-8
Pug
simage2.pubmatic.com/AdServer/ Frame 5EB7
Redirect Chain
  • https://csync.loopme.me/?redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzImdGw9MTI5NjAw&piggybackCookie={device_id}&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode&gdpr_consent=null&piggybackCookie={device_id}&gdpr=0
0
88 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode&gdpr_consent=null&piggybackCookie={device_id}&gdpr=0
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js?
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/

Response headers

server
nginx
date
Tue, 09 Nov 2021 04:55:38 GMT
content-type
text/html; charset=utf-8
x-lat
amspug002:2:247
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
no-store, no-cache, private
content-encoding
gzip

Redirect headers

location
https://simage2.pubmatic.com/AdServer/Pug?vcode&gdpr_consent=null&piggybackCookie={device_id}&gdpr=0
content-length
0
date
Tue, 09 Nov 2021 04:55:39 GMT
server
_
dpe
ad4m.at/ad/ Frame 5641 		15 B
915 B 		Document
General
Check archive.org
Download Go to
Full URL
https://ad4m.at/ad/dpe?b=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjkmdGw9MTI5NjAw&piggybackCookie=$UID
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js?
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c6420ab9ec6ebff1cd61333dade6ba9ac879d3617a59334148672dee6af12fec
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content; report-to report-endpoint; report-uri https://as.ad4m.at/ad/rcv; upgrade-insecure-requests; sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/

Response headers

date
Tue, 09 Nov 2021 04:55:39 GMT
content-type
text/plain; charset=utf-8
content-length
15
report-to
{"endpoints":[{"url":"https://as.ad4m.at/ad/vre"}],"group":"report-endpoint","max_age":86400}
nel
{"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0"}
expires
0
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate
content-security-policy
block-all-mixed-content; report-to report-endpoint; report-uri https://as.ad4m.at/ad/rcv; upgrade-insecure-requests; sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox
feature-policy
geolocation 'none';midi 'none';sync-xhr 'none';microphone 'none';camera 'none';magnetometer 'none';gyroscope 'none';fullscreen 'none';payment 'none';accelerometer 'none';usb 'none';autoplay 'self'
referrer-policy
same-origin
pragma
no-cache
surrogate-control
no-store
via
1.1 google
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
6ab473375c085c02-FRA
bridge
cm.adgrx.com/ Frame 514E 		43 B
408 B 		Document
General
Check archive.org
Download Go to
Full URL
https://cm.adgrx.com/bridge?AG_PID=pubmatic&AG_SETCOOKIE&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js?
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
72.251.245.179 Amsterdam, Netherlands, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software
Cowboy /
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/

Response headers

Date
Tue, 09 Nov 2021 04:55:39 GMT
Content-Type
image/gif
Content-Length
43
Connection
keep-alive
server
Cowboy
X-RealServer-NX
ams-delivery-7
Cache-Control
no-cache, no-store, must-revalidate, proxy-revalidate
Pragma
no-cache
Expires
Thu, 23 Sep 2004 17:42:04 GMT
P3P
CP="NOI OTC OTP OUR NOR"
Access-Control-Allow-Origin
*
Pug
simage2.pubmatic.com/AdServer/ Frame F77D
Redirect Chain
  • https://sync.1rx.io/usersync2/pubmatic&gdpr=0&gdpr_consent=
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=2678031625
  • https://sync.1rx.io/usersync/tradedesk/d698b73d-77bd-436e-abfb-366d9d32e243
  • https://sync.targeting.unrulymedia.com/csync/RX-7acde18c-f6c6-4d6a-bf33-3329d6889aec-003?redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA%...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA=&piggybackCookie=RX-7acde18c-f6c6-4d6a-bf33-3329d6889aec-003
42 B
385 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA=&piggybackCookie=RX-7acde18c-f6c6-4d6a-bf33-3329d6889aec-003
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js?
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/

Response headers

server
nginx
date
Tue, 09 Nov 2021 04:55:39 GMT
content-type
image/gif; charset=utf-8
content-length
42
x-lat
amspug010:0:338
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
no-store, no-cache, private

Redirect headers

server
Tengine
date
Tue, 09 Nov 2021 04:55:39 GMT
content-type
text/html
p3p
CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA=&piggybackCookie=RX-7acde18c-f6c6-4d6a-bf33-3329d6889aec-003
etag
RX7acde18cf6c64d6abf333329d6889aec003
i.match
s.tribalfusion.com/z/ Frame 98A4
Redirect Chain
  • https://a.tribalfusion.com/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATI...
  • https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMA...
43 B
421 B 		Document
General
Check archive.org
Download Go to
Full URL
https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js?
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:d05 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4f49e616d278a16d9cd55a6d5fe19c99ebd37d7d3848d14422190618b67011e0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/

Response headers

date
Tue, 09 Nov 2021 04:55:39 GMT
content-type
image/gif; charset=utf-8
content-length
43
p3p
CP="NOI DEVo TAIa OUR BUS"
x-function
302
cache-control
no-cache private
expires
Thu, 01 Jan 1970 00:00:00 GMT
pragma
no-cache
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
6ab473387eb65b74-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

Redirect headers

date
Tue, 09 Nov 2021 04:55:39 GMT
content-type
text/html
p3p
CP="NOI DEVo TAIa OUR BUS"
x-function
206
x-reuse-index
97
cache-control
no-cache private
expires
Thu, 01 Jan 1970 00:00:00 GMT
pragma
no-cache
location
https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
6ab473375dd45b74-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
141
match.deepintent.com/usersync/ Frame CF0B 		0
44 B 		Document
General
Check archive.org
Download Go to
Full URL
https://match.deepintent.com/usersync/141?gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js?
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
169.197.150.7 , United States, ASN398989 (DEEPINTENT, US),
Reverse DNS
g.deepintent.com
Software
c /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/

Response headers

content-length
0
date
Tue, 09 Nov 2021 04:55:39 GMT
server
c
Pug
simage2.pubmatic.com/AdServer/ Frame D190
Redirect Chain
  • https://core.iprom.net/cookiesync
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzcmdGw9ODY0MDA=&piggybackCookie=uid:10141410113735
42 B
211 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzcmdGw9ODY0MDA=&piggybackCookie=uid:10141410113735
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js?
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/

Response headers

server
nginx
date
Tue, 09 Nov 2021 04:22:42 GMT
content-type
image/gif; charset=utf-8
content-length
42
x-lat
amspug0021:0:328
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
no-store, no-cache, private

Redirect headers

Vary
Accept-Encoding
X-adserver-worker
komodo-44e34db7079b@version_1.343rc2
Connection
close
X-server-arch
v2
Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzcmdGw9ODY0MDA=&piggybackCookie=uid:10141410113735
Content-Type
text/html; charset=utf-8
Content-Length
285
X-core-time
0ms
Date
Tue, 09 Nov 2021 04:55:39 GMT
rtb-h
match.taboola.com/sg/pubmatic-ssp-network/1/ Frame AB6D
Redirect Chain
  • https://trc.taboola.com/sg/pubmatic-ssp-network/1/rtb-h?taboola_hm=1&redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjcmdGw9MTI5NjAw&piggybackCookie=uid:$UID
  • https://match.taboola.com/sg/pubmatic-ssp-network/1/rtb-h?taboola_hm=1&tbid=84e54cc0-0f5b-40ac-a93b-e207a6b04de3-tuct88384cb&query=taboola_hm%3D1%26redir%3Dhttps%3A%2F%2Fsimage2.pubmatic.com%2FAdSe...
0
54 B 		Document
General
Check archive.org
Download Go to
Full URL
https://match.taboola.com/sg/pubmatic-ssp-network/1/rtb-h?taboola_hm=1&tbid=84e54cc0-0f5b-40ac-a93b-e207a6b04de3-tuct88384cb&query=taboola_hm%3D1%26redir%3Dhttps%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM0MjcmdGw9MTI5NjAw%26piggybackCookie%3Duid%3A%24UID&isDirect=0
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js?
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/

Response headers

server
nginx
accept-ranges
bytes
date
Tue, 09 Nov 2021 04:55:39 GMT
via
1.1 varnish
x-served-by
cache-hhn4069-HHN
x-cache
MISS
x-cache-hits
0
x-timer
S1636433739.436530,VS0,VE9
content-length
0

Redirect headers

server
nginx
location
https://match.taboola.com/sg/pubmatic-ssp-network/1/rtb-h?taboola_hm=1&tbid=84e54cc0-0f5b-40ac-a93b-e207a6b04de3-tuct88384cb&query=taboola_hm%3D1%26redir%3Dhttps%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM0MjcmdGw9MTI5NjAw%26piggybackCookie%3Duid%3A%24UID&isDirect=0
accept-ranges
bytes
date
Tue, 09 Nov 2021 04:55:39 GMT
via
1.1 varnish
x-served-by
cache-hhn4069-HHN
x-cache
MISS
x-cache-hits
0
x-timer
S1636433739.412935,VS0,VE9
x-vcl-time-ms
9
content-length
0
Pug
simage2.pubmatic.com/AdServer/ Frame CA13
Redirect Chain
  • https://ads.playground.xyz/usersync/apn?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID
  • https://secure.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=6956644907051674345
42 B
133 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=6956644907051674345
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js?
Protocol
H2
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 09 Nov 2021 04:55:38 GMT
cache-control
no-store, no-cache, private
x-lat
amspug008:0:313
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Pragma
no-cache
Date
Tue, 09 Nov 2021 04:55:39 GMT
X-Proxy-Origin
185.213.155.165; 185.213.155.165; 718.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid
e5d281df-c383-4960-a3dd-e8aae47bad94
Server
nginx/1.17.9
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=6956644907051674345
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
d1ba4609
rtb.gumgum.com/getuid/ Frame CA13 		35 B
238 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.gumgum.com/getuid/d1ba4609?gdpr=0&gdpr_consent=&r=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzNDImdGw9MTI5NjAw%26piggybackCookie%3D
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js?
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.208.210.171 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-208-210-171.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 09 Nov 2021 04:55:39 GMT
content-type
image/gif;charset=UTF-8
server
nginx
p3p
CP="This is not a P3P policy"
cache-control
private, no-store, must-revalidate, max-age=0
timing-allow-origin
*
content-length
35
expires
0
t
t.lkqd.net/ Frame 0558 		0
166 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://t.lkqd.net/t
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.128.190 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
application/json

Response headers

access-control-allow-origin
https://www.nyasatimes.com
date
Tue, 09 Nov 2021 04:55:39 GMT
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
server
nginx
content-length
0
content-type
text/plain; charset=UTF-8
t
t.lkqd.net/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://t.lkqd.net/t
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.128.190 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type
Origin
https://www.nyasatimes.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

server
nginx
date
Tue, 09 Nov 2021 04:55:39 GMT
content-type
text/plain; charset=UTF-8
content-length
0
access-control-allow-credentials
true
access-control-expose-headers
Content-Type, Content-Disposition
access-control-allow-headers
Content-Type
access-control-allow-methods
GET, OPTIONS, POST
cache-control
max-age=300
access-control-max-age
300
access-control-allow-origin
https://www.nyasatimes.com
gen_204
pagead2.googlesyndication.com/pagead/ 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=224&t=2&li=gpt_2021110401&jk=2168745486402461&bg=!HR6lHlrNAAYH3anuB907ACkAdvg8WhE1feC_QeJWZpBOXm0w_5rcEYiQmUNkU4FNKWxe7AGb5V_Y-wIAAAB8UgAAAAloAQcKAAKaqZkCyDWcO9T65o4gUDpGYfenmVlZKN12RgQwMS7kW2piY6JrY9Xv5TvYfEoYP5iOSwT1ouW8VnaT3AHH6AfyV5RA5vazDhkcKDluQ1AT5B1PhDyowLbR0ve03-yW-_Ys9nKpjQlqv27H6ZtychOb74nxYlB9PhaZhV922SlkiEetI3CVjEOpPaGlURYB4-4EWCoN4eXxK6-A-8zK31K05iOeZEajDt4lvankZbYUgxg0L9cBrbkVk93SaCVcbjXtS3-on7PJTzWZ7FCcis0JjptWBHfWl5kajC03qKwRPcGFPqoHGaj5nG4-YQm0ItKKHpZytlUX5AdJ_Cii6-56FHAPfYIjHwHy5Z7gNt2OKCHRmnmM_z7MZgdPt56ksoCnodkZK708LgSCZPi6kYrEX3UNuUKCe1Ua-iB9PCPgRki0t--xW64dCE3e7aViw5uVKf5KS9ol8L48KNvRuOIxNBY2mhwMNLBJsOes5XpR9Bgz0O0omxvR06_xG63Ed9mrvbhql8BdClHAh9h_1TCg723XmwMSHHbvnt2E3RfKGsfnz8AcDqAxmKwNSAnnrgpPod767YbavwElyDlZH1Zxt8UNRFmr72rddh_9TFXX4NRwkFb6z__kETTRx-BgEzRglShWmCNBwzhSZUB0J90ZIYbjcVPJw4opow4_oVadsitQ7zEULJ0ej2jy5tDRPZe5kjHjnKLQgT0m-rbjsnVzc3kcAnOp1ABaH1k45rQe_w_ISiHBu99S4KMlmZk51dM24ZPA4HXILp_CuVfTyQKjaVpxIzXh3gIW2zyeVj-I2ze1BcsP9Gvt20TwsuH-kcub_of9tdmjjEoikrekeLPoRGGSEi2Mc00aRkirYRVazF6d36dL7I4hyxv_xa5h2hH45wiGcZIO5aGYvr4yHixG7Fdoxjj0ZCmYyz2NcvySB9wwguLio-3WvugLwq8
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.nyasatimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 09 Nov 2021 04:55:39 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame 3C29 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjst6o45tMWW1t9sm92768G19BrM9XksG1hT9N5X-mQdsGaxu7LQZv-1GFMrBVqAx6toggKCeP-4kEwJRS3QWyvuy1VTSxzRmP1iFv8N9G2B_aU032qx6Wg&sai=AMfl-YSAuJTF7BfwZK4Umi4rLuFrxAlDX0LelTpZUp7BmbPU3Q6L7kofGgd_fbkTpI5MR3fzY1tkH7BF1qn7ZkBz22Je08ClHjEdcPcRoG9pIfH0HxFcBHceIxxBFz8ma6Y&sig=Cg0ArKJSzC7AQjHq1t-IEAE&cid=CAASFeRoZtYQO9Lksh31CHQ8Skf30nfd1g&id=lidar2&mcvt=1000&p=528,436,618,1164&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20211108&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=20&adk=116743872&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0%3D&vs=4&r=v&rst=1636433737004&rpt=1659&isd=0&lsd=0&met=ce&wmsd=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://40c08bcac5bf885dbd447c370f4f6d6d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 09 Nov 2021 04:55:39 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
AdServerServlet
vid.pubmatic.com/AdServer/ Frame EA0A 		27 B
366 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://vid.pubmatic.com/AdServer/AdServerServlet?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+7+9+1+1+6&gdpr=0&gdpr_consent=&kadpageurl=https%3A%2F%2Fwww.nyasatimes.com%2F&schain=1.0%2C1%21vidoomy.com%2C62144%2C1%2C54283961372527544011935234587%2C%2C&us_privacy=&cb=1636433739331&SAVersion=2&inIframe=1&pageURL=https%253A%252F%252Fwww.nyasatimes.com%252F&screenResolution=1600x1200&kdntuid=1&vwndh=0&vwndw=0&vwndurl=https%253A%252F%252Fwww.nyasatimes.com%252F&vwndref=&vc=2&js=1&sec=1&kltstamp=2021-11-9%204:55:39&ranreq=0.05988319553239285&timezone=0&depth=0
Requested by
Host: vpaid.pubmatic.com
URL: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr=0&gdpr_consent=&kadpageurl=https%3A%2F%2Fwww.nyasatimes.com%2F&schain=1.0%2C1%21vidoomy.com%2C62144%2C1%2C54283961372527544011935234587%2C%2C
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.111 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
a71702232a771b558b12f8c0012a15f5652b500fd2e33464d283406cee36754d

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 09 Nov 2021 04:55:40 GMT
content-encoding
gzip
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
access-control-allow-origin
https://www.nyasatimes.com
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
x-vdbg
1:0/165:-1
content-type
application/xml; charset=utf-8
cookie.js
partner.googleadservices.com/gampad/ 		12 B
278 B 		Script
General
Check archive.org
Download Go to
Full URL
https://partner.googleadservices.com/gampad/cookie.js?domain=www.nyasatimes.com&callback=_gfp_s_&client=ca-pub-6272874513322487&cookie=ID%3D794056464356ba8c-22ee49fb40cb0076%3AT%3D1636433736%3AS%3DALNI_MZxGv2IOQA2RS0JcD_TPrlKHt_CvA
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202111080101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-6272874513322487&plah=www.nyasatimes.com&bust=31063682
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
cafe /
Resource Hash
daa795332e5dbcf893adf2d5f3349f02b8c1cb957ff3b5f4c11b742e33c3376f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.nyasatimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 09 Nov 2021 04:55:40 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
text/javascript; charset=UTF-8
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
32
x-xss-protection
0
integrator.js
adservice.google.de/adsid/ 		0
0
integrator.js
adservice.google.com/adsid/ 		107 B
165 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=www.nyasatimes.com
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202111080101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-6272874513322487&plah=www.nyasatimes.com&bust=31063682
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f2.1e100.net
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.nyasatimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 09 Nov 2021 04:55:40 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame 3D10 		269 KB
65 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6272874513322487&output=html&adk=1812271804&adf=3025194257&lmt=1636433740&plat=3%3A32%2C4%3A32%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fwww.nyasatimes.com%2F&ea=0&flash=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1636433735654&bpp=4&bdt=3262&idt=4413&shv=r20211103&mjsv=m202111080101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D794056464356ba8c-22ee49fb40cb0076%3AT%3D1636433736%3AS%3DALNI_MZxGv2IOQA2RS0JcD_TPrlKHt_CvA&nras=1&correlator=3787691824628&frm=20&pv=2&ga_vid=1514767491.1636433735&ga_sid=1636433736&ga_hid=803458727&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062944%2C31063355%2C31063682&oid=2&pvsid=2168745486402461&pem=902&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=4433
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202111080101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-6272874513322487&plah=www.nyasatimes.com&bust=31063682
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a551f5b31132be14d4c38234239a6d1efde22844860665cb93fdc96aab90a081
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://www.nyasatimes.com/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
br
date
Tue, 09 Nov 2021 04:55:40 GMT
server
cafe
content-length
66329
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
PMAdMgr.js
vpaid.pubmatic.com/ads/video/ Frame B374 		152 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr=0&gdpr_consent=&kadpageurl=https%3A%2F%2Fwww.nyasatimes.com%2F&schain=1.0%2C1%21vidoomy.com%2C62144%2C1%2C6240666375428396137252754401%2C%2C
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-233-180.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
f0f6a8b6c19b0c4d1cab075ab2f4f755cfef747424837668e65f431410f816e8

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 09 Nov 2021 04:55:40 GMT
content-encoding
gzip
last-modified
Tue, 10 Aug 2021 05:02:46 GMT
server
Apache/2.2.15 (CentOS)
etag
"1408294-25f9a-5c92d699d3c58"
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=10800
accept-ranges
bytes
content-length
36260
track
aktrack.pubmatic.com/ Frame EA0A 		0
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aktrack.pubmatic.com/track?operId=7&p=156498&s=399115&a=1801592&ts=1636433740&wa=0&e=95&vc=2
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-233-180.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 09 Nov 2021 04:55:40 GMT
content-length
0
content-type
text/html
tracking-event
api.webgains.io/ Frame 560D 		16 B
232 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://api.webgains.io/tracking-event
Requested by
Host: analytics.webgains.io
URL: https://analytics.webgains.io/pvClk.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.215.101.139 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-215-101-139.eu-west-1.compute.amazonaws.com
Software
nginx / PHP/7.4.21
Resource Hash
c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://40c08bcac5bf885dbd447c370f4f6d6d.safeframe.googlesyndication.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
application/json

Response headers

date
Tue, 09 Nov 2021 04:55:40 GMT
x-content-type-options
nosniff
server
nginx
x-powered-by
PHP/7.4.21
x-frame-options
SAMEORIGIN
content-type
application/json
access-control-allow-origin
*
cache-control
no-cache, private
x-xss-protection
1; mode=block
tracking-event
api.webgains.io/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://api.webgains.io/tracking-event
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.215.101.139 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-215-101-139.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type
Origin
https://40c08bcac5bf885dbd447c370f4f6d6d.safeframe.googlesyndication.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

date
Tue, 09 Nov 2021 04:55:40 GMT
server
nginx
access-control-allow-origin
*
access-control-allow-headers
Content-Type
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
showad.js
ads.pubmatic.com/AdServer/js/ Frame 25C5 		38 KB
14 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/showad.js?
Requested by
Host: vpaid.pubmatic.com
URL: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr=0&gdpr_consent=&kadpageurl=https%3A%2F%2Fwww.nyasatimes.com%2F&schain=1.0%2C1%21vidoomy.com%2C62144%2C1%2C6240666375428396137252754401%2C%2C
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-233-180.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
e2cdec10db9a0a224e9f5e49b6f004c5426564fb8d857ad3df480e9c916bafe6

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

last-modified
Tue, 19 Oct 2021 10:00:01 GMT
etag
"1302647-96ae-5ceb1b98ba7c4"
server
Apache/2.2.15 (CentOS)
accept-ranges
bytes
content-encoding
gzip
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
13882
content-type
text/html; charset=UTF-8
cache-control
public, max-age=87041
expires
Wed, 10 Nov 2021 05:06:21 GMT
date
Tue, 09 Nov 2021 04:55:40 GMT
vary
Accept-Encoding
showad.js
ads.pubmatic.com/AdServer/js/ Frame B374 		38 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/showad.js?
Requested by
Host: vpaid.pubmatic.com
URL: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr=0&gdpr_consent=&kadpageurl=https%3A%2F%2Fwww.nyasatimes.com%2F&schain=1.0%2C1%21vidoomy.com%2C62144%2C1%2C6240666375428396137252754401%2C%2C
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-233-180.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
e2cdec10db9a0a224e9f5e49b6f004c5426564fb8d857ad3df480e9c916bafe6

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 09 Nov 2021 04:55:40 GMT
content-encoding
gzip
last-modified
Tue, 19 Oct 2021 10:00:01 GMT
server
Apache/2.2.15 (CentOS)
etag
"1302647-96ae-5ceb1b98ba7c4"
vary
Accept-Encoding
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
public, max-age=87041
accept-ranges
bytes
content-type
text/html; charset=UTF-8
content-length
13882
expires
Wed, 10 Nov 2021 05:06:21 GMT
aNNWlbpyBdP4mP9d7th6qOA8X9p-adJ6S1XSHexjUrk.js
pagead2.googlesyndication.com/bg/ Frame 6AD6 		35 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/aNNWlbpyBdP4mP9d7th6qOA8X9p-adJ6S1XSHexjUrk.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
68d35695ba7205d3f898ff5deed87aa8e03c5fda7e69d27a4b55d21dec6352b9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Mon, 08 Nov 2021 19:22:17 GMT
content-encoding
br
x-content-type-options
nosniff
age
34403
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13338
x-xss-protection
0
last-modified
Fri, 29 Oct 2021 13:38:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Tue, 08 Nov 2022 19:22:17 GMT
t
t.lkqd.net/ Frame 0558 		0
166 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://t.lkqd.net/t
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.128.190 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
application/json

Response headers

access-control-allow-origin
https://www.nyasatimes.com
date
Tue, 09 Nov 2021 04:55:40 GMT
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
server
nginx
content-length
0
content-type
text/plain; charset=UTF-8
t
t.lkqd.net/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://t.lkqd.net/t
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.128.190 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type
Origin
https://www.nyasatimes.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

server
nginx
date
Tue, 09 Nov 2021 04:55:40 GMT
content-type
text/plain; charset=UTF-8
content-length
0
access-control-allow-credentials
true
access-control-expose-headers
Content-Type, Content-Disposition
access-control-allow-headers
Content-Type
access-control-allow-methods
GET, OPTIONS, POST
cache-control
max-age=300
access-control-max-age
300
access-control-allow-origin
https://www.nyasatimes.com
viewability
hal900022.redintelligence.net/ Frame 0B76 		0
150 B 		Script
General
Check archive.org
Download Go to
Full URL
https://hal900022.redintelligence.net/viewability?s=19350300013651700710584011773022&a=d5cadfd1&vb=m
Requested by
Host: hal900022.redintelligence.net
URL: https://hal900022.redintelligence.net/request_content.php?s=19350300013651700710584011773022&a=007198d4
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
144.76.104.53 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.53.104.76.144.clients.your-server.de
Software
Apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://hal900022.redintelligence.net/request_content.php?s=19350300013651700710584011773022&a=007198d4
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date
Tue, 09 Nov 2021 04:55:40 GMT
Server
Apache
Connection
close
Content-Length
0
Content-Type
text/html; charset=UTF-8
6xKydSBYKcSV-LCoeQqfX1RYOo3i54rwlxdu.woff2
fonts.gstatic.com/s/sourcesanspro/v14/ Frame 0B76 		16 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/sourcesanspro/v14/6xKydSBYKcSV-LCoeQqfX1RYOo3i54rwlxdu.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Source+Sans+Pro:400,600
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
efb3cdc5e4582fd67dffab6fc6e5062074ce3f8c51747346af944e97749dc309
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://hal900022.redintelligence.net
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Thu, 04 Nov 2021 21:28:54 GMT
x-content-type-options
nosniff
age
372406
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15948
x-xss-protection
0
last-modified
Tue, 15 Sep 2020 18:10:32 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Fri, 04 Nov 2022 21:28:54 GMT
6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7l.woff2
fonts.gstatic.com/s/sourcesanspro/v14/ Frame 0B76 		16 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/sourcesanspro/v14/6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7l.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Source+Sans+Pro:400,600
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a9950fa5ca9cf47072770900d259bcf6778aa1119652d2e706d5eb92df254199
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://hal900022.redintelligence.net
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Sun, 07 Nov 2021 11:16:30 GMT
x-content-type-options
nosniff
age
149950
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
16112
x-xss-protection
0
last-modified
Tue, 15 Sep 2020 18:10:09 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Mon, 07 Nov 2022 11:16:30 GMT
AdServerServlet
vid.pubmatic.com/AdServer/ Frame B374 		27 B
136 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://vid.pubmatic.com/AdServer/AdServerServlet?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+7+9+1+1+6&gdpr=0&gdpr_consent=&kadpageurl=https%3A%2F%2Fwww.nyasatimes.com%2F&schain=1.0%2C1%21vidoomy.com%2C62144%2C1%2C6240666375428396137252754401%2C%2C&us_privacy=&cb=1636433740147&SAVersion=2&inIframe=1&pageURL=https%253A%252F%252Fwww.nyasatimes.com%252F&screenResolution=1600x1200&kdntuid=1&vwndh=0&vwndw=0&vwndurl=https%253A%252F%252Fwww.nyasatimes.com%252F&vwndref=&vc=2&js=1&sec=1&kltstamp=2021-11-9%204:55:40&ranreq=0.27269315411650386&timezone=0&depth=0
Requested by
Host: vpaid.pubmatic.com
URL: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr=0&gdpr_consent=&kadpageurl=https%3A%2F%2Fwww.nyasatimes.com%2F&schain=1.0%2C1%21vidoomy.com%2C62144%2C1%2C6240666375428396137252754401%2C%2C
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.111 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
a71702232a771b558b12f8c0012a15f5652b500fd2e33464d283406cee36754d

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 09 Nov 2021 04:55:40 GMT
content-encoding
gzip
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
access-control-allow-origin
https://www.nyasatimes.com
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
x-vdbg
1:0/165:-1
content-type
application/xml; charset=utf-8
PMAdMgr.js
vpaid.pubmatic.com/ads/video/ Frame C021 		152 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr=0&gdpr_consent=&kadpageurl=https%3A%2F%2Fwww.nyasatimes.com%2F&schain=1.0%2C1%21vidoomy.com%2C62144%2C1%2C5428396137252754401925154198%2C%2C
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-233-180.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
f0f6a8b6c19b0c4d1cab075ab2f4f755cfef747424837668e65f431410f816e8

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 09 Nov 2021 04:55:40 GMT
content-encoding
gzip
last-modified
Tue, 10 Aug 2021 05:02:46 GMT
server
Apache/2.2.15 (CentOS)
etag
"1408294-25f9a-5c92d699d3c58"
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=10800
accept-ranges
bytes
content-length
36260
track
aktrack.pubmatic.com/ Frame B374 		0
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aktrack.pubmatic.com/track?operId=7&p=156498&s=399115&a=1801592&ts=1636433741&wa=0&e=95&vc=2
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-233-180.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 09 Nov 2021 04:55:40 GMT
content-length
0
content-type
text/html
showad.js
ads.pubmatic.com/AdServer/js/ Frame F4A0 		38 KB
14 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/showad.js?
Requested by
Host: vpaid.pubmatic.com
URL: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr=0&gdpr_consent=&kadpageurl=https%3A%2F%2Fwww.nyasatimes.com%2F&schain=1.0%2C1%21vidoomy.com%2C62144%2C1%2C5428396137252754401925154198%2C%2C
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-233-180.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
e2cdec10db9a0a224e9f5e49b6f004c5426564fb8d857ad3df480e9c916bafe6

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

last-modified
Tue, 19 Oct 2021 10:00:01 GMT
etag
"1302647-96ae-5ceb1b98ba7c4"
server
Apache/2.2.15 (CentOS)
accept-ranges
bytes
content-encoding
gzip
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
13882
content-type
text/html; charset=UTF-8
cache-control
public, max-age=87041
expires
Wed, 10 Nov 2021 05:06:21 GMT
date
Tue, 09 Nov 2021 04:55:40 GMT
vary
Accept-Encoding
showad.js
ads.pubmatic.com/AdServer/js/ Frame C021 		38 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/showad.js?
Requested by
Host: vpaid.pubmatic.com
URL: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr=0&gdpr_consent=&kadpageurl=https%3A%2F%2Fwww.nyasatimes.com%2F&schain=1.0%2C1%21vidoomy.com%2C62144%2C1%2C5428396137252754401925154198%2C%2C
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-233-180.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
e2cdec10db9a0a224e9f5e49b6f004c5426564fb8d857ad3df480e9c916bafe6

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 09 Nov 2021 04:55:40 GMT
content-encoding
gzip
last-modified
Tue, 19 Oct 2021 10:00:01 GMT
server
Apache/2.2.15 (CentOS)
etag
"1302647-96ae-5ceb1b98ba7c4"
vary
Accept-Encoding
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
public, max-age=87041
accept-ranges
bytes
content-type
text/html; charset=UTF-8
content-length
13882
expires
Wed, 10 Nov 2021 05:06:21 GMT
PugMaster
image6.pubmatic.com/AdServer/ Frame F4A0 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=93424434&p=156498&s=399115&a=1801592&ptask=ALL&np=0&fp=0&rp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js?
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.78 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
661ff67f331d063bd112283b929493a35e3e617468bfcc0a0b9d49e4756c353b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 09 Nov 2021 04:55:40 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
1048
content-type
text/html; charset=UTF-8
usersync
match.bnmla.com/ Frame 751C 		0
114 B 		Document
General
Check archive.org
Download Go to
Full URL
https://match.bnmla.com/usersync?sspid=10738&redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTI3NzUmdGw9MTI5NjAw%26piggybackCookie%3D%5BUUID%5D
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js?
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
38.27.122.158 Chestertown, United States, ASN174 (COGENT-174, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/

Response headers

Server
nginx
Date
Tue, 09 Nov 2021 04:55:41 GMT
Content-Length
0
Connection
keep-alive
Pug
simage2.pubmatic.com/AdServer/ Frame F850
Redirect Chain
  • https://pm.w55c.net/ping_match.gif?ei=PUBMATIC&rurl=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:_wfivefivec_&gdpr=0&gdpr_consent=
  • https://pm.w55c.net/ping_match.gif?scc=1&ei=PUBMATIC&rurl=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:_wfivefivec_&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:4C5nLrAO1MKjaA5&gdpr=0&gdpr_consent=
42 B
496 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:4C5nLrAO1MKjaA5&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js?
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/

Response headers

server
nginx
date
Tue, 09 Nov 2021 04:22:44 GMT
content-type
image/gif; charset=utf-8
content-length
42
x-lat
amspug0021:0:2994
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
no-store, no-cache, private

Redirect headers

Cache-Control
no-cache, must-revalidate
Date
Tue, 09 Nov 2021 04:55:40 GMT
Expires
Fri, 01 Jan 1990 00:00:00 GMT
Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:4C5nLrAO1MKjaA5&gdpr=0&gdpr_consent=
P3P
policyref="https://cts.w55c.net/ct/p3p_policy_ref.xml", CP="UNI PUR COM INT STA OTC STP OUR CUR TAIo COR DSP NOI"
Pragma
no-cache
Server
PingMatch/v2.0.30-691-gbabbd08#rel-ec2-master i-02cbf440f9d738c39@eu-central-1a@dxedge-app-eu-central-1-prod-asg
Strict-Transport-Security
max-age=2592000; includeSubDomains
Content-Length
0
Connection
keep-alive
Pug
image2.pubmatic.com/AdServer/ Frame C6A9
Redirect Chain
  • https://green.erne.co/pubmatic/cm?
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw&piggybackCookie=XzC0w1dATbi0qnhrI2GqXyVn
42 B
373 B 		Document
General
Check archive.org
Download Go to
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw&piggybackCookie=XzC0w1dATbi0qnhrI2GqXyVn
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js?
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/

Response headers

server
nginx
date
Tue, 09 Nov 2021 04:55:40 GMT
content-type
image/gif; charset=utf-8
content-length
42
x-lat
lhrpug016:0:439
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
no-store, no-cache, private

Redirect headers

server
openresty
date
Tue, 09 Nov 2021 04:55:40 GMT
content-length
0
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw&piggybackCookie=XzC0w1dATbi0qnhrI2GqXyVn
strict-transport-security
max-age=0; includeSubDomains;
Pug
simage2.pubmatic.com/AdServer/ Frame 8CFB
Redirect Chain
  • https://um.simpli.fi/pm_match?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:$UID
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:5B494D62A10C4AC6B237AE512971C575
1 B
145 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:5B494D62A10C4AC6B237AE512971C575
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js?
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
36a9e7f1c95b82ffb99743e0c5c4ce95d83c9a430aac59f84ef3cbfab6145068

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/

Response headers

server
nginx
date
Tue, 09 Nov 2021 04:55:40 GMT
content-type
text/html; charset=utf-8
content-length
1
x-lat
amspug002:0:352
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
no-store, no-cache, private

Redirect headers

server
nginx
date
Tue, 09 Nov 2021 04:55:40 GMT
content-type
text/html
content-length
138
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:5B494D62A10C4AC6B237AE512971C575
expires
Mon, 08 Nov 2021 04:55:40 GMT
cache-control
no-cache
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-content-type-options
nosniff
access-control-allow-origin
*
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
Pug
simage2.pubmatic.com/AdServer/ Frame E4AE
Redirect Chain
  • https://sync.srv.stackadapt.com/sync?nid=11
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=BUmmYzgbTfZDbmXiysfiCrnVm6U
42 B
298 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=BUmmYzgbTfZDbmXiysfiCrnVm6U
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js?
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/

Response headers

server
nginx
date
Tue, 09 Nov 2021 04:55:40 GMT
content-type
image/gif; charset=utf-8
content-length
42
x-lat
amspug013:0:400
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
no-store, no-cache, private

Redirect headers

Content-Type
text/html; charset=utf-8
Date
Tue, 09 Nov 2021 04:55:41 GMT
Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=BUmmYzgbTfZDbmXiysfiCrnVm6U
Content-Length
159
Connection
keep-alive
Pug
simage2.pubmatic.com/AdServer/ Frame F4A0
Redirect Chain
  • https://sync.ipredictive.com/d/sync/cookie/generic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzI1MCZ0bD0xMjk2MDA=&piggybackCookie=${ADELPHIC_CUID}&gdpr=0&gdpr_cons...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzI1MCZ0bD0xMjk2MDA=&piggybackCookie=49ea1cb4-4119-11ec-9dfb-3f0efd89842f&gdpr=0&gdpr_consent=
1 B
372 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzI1MCZ0bD0xMjk2MDA=&piggybackCookie=49ea1cb4-4119-11ec-9dfb-3f0efd89842f&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js?
Protocol
H2
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 09 Nov 2021 04:55:41 GMT
cache-control
no-store, no-cache, private
x-lat
amspug014:0:428
server
nginx
content-type
text/html; charset=utf-8
content-length
1
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzI1MCZ0bD0xMjk2MDA=&piggybackCookie=49ea1cb4-4119-11ec-9dfb-3f0efd89842f&gdpr=0&gdpr_consent=
Date
Tue, 09 Nov 2021 04:55:40 GMT
Server
Apache-Coyote/1.1
Connection
keep-alive
Content-Length
0
X-CI-RTID
49ea1cb5-4119-11ec-9dfb-3f0efd89842f
t
t.lkqd.net/ Frame 0558 		0
166 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://t.lkqd.net/t
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.128.190 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
application/json

Response headers

access-control-allow-origin
https://www.nyasatimes.com
date
Tue, 09 Nov 2021 04:55:40 GMT
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
server
nginx
content-length
0
content-type
text/plain; charset=UTF-8
t
t.lkqd.net/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://t.lkqd.net/t
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.128.190 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type
Origin
https://www.nyasatimes.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

server
nginx
date
Tue, 09 Nov 2021 04:55:40 GMT
content-type
text/plain; charset=UTF-8
content-length
0
access-control-allow-credentials
true
access-control-expose-headers
Content-Type, Content-Disposition
access-control-allow-headers
Content-Type
access-control-allow-methods
GET, OPTIONS, POST
cache-control
max-age=300
access-control-max-age
300
access-control-allow-origin
https://www.nyasatimes.com
a-Nyasa-Times-pic-3804.jpg
www.nyasatimes.com/wp-content/uploads/ 		60 KB
60 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.nyasatimes.com/wp-content/uploads/a-Nyasa-Times-pic-3804.jpg
Requested by
Host: 3e58xg3iuaa84csjh2769ipd-wpengine.netdna-ssl.com
URL: https://3e58xg3iuaa84csjh2769ipd-wpengine.netdna-ssl.com/wp-content/plugins/autoptimize/classes/external/js/lazysizes.min.js?ao_version=2.9.2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4681 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1bd00b2681ba5cf15016290fb3c65a7d1868a7b890a4c544847ee207999d5e80

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.nyasatimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 09 Nov 2021 04:55:40 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
15022
cf-polished
degrade=85, origSize=112592
content-length
61307
last-modified
Fri, 01 Mar 2019 14:57:39 GMT
server
cloudflare
etag
"5c794863-1b7d0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BkiSgPa3Cug9Luwr0%2FshubonpgDtC7wQ8xTMMpC966g68BruGJpcg7uxfSNqNAlsCCvEyImrBf9D34ALIvr19E7YlNPL%2BjhBaCHvcNjOcNZ%2BFAvBTz2khhMcOLvvfeKL0IwdSE9hIpmheQowmvw2bg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
cf-ray
6ab4734098dc05e9-FRA
cf-bgj
imgq:85,h2pri
AdServerServlet
vid.pubmatic.com/AdServer/ Frame C021 		27 B
366 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://vid.pubmatic.com/AdServer/AdServerServlet?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+7+9+1+1+6&gdpr=0&gdpr_consent=&kadpageurl=https%3A%2F%2Fwww.nyasatimes.com%2F&schain=1.0%2C1%21vidoomy.com%2C62144%2C1%2C5428396137252754401925154198%2C%2C&us_privacy=&cb=1636433740772&SAVersion=2&inIframe=1&pageURL=https%253A%252F%252Fwww.nyasatimes.com%252F&screenResolution=1600x1200&kdntuid=1&vwndh=0&vwndw=0&vwndurl=https%253A%252F%252Fwww.nyasatimes.com%252F&vwndref=&vc=2&js=1&sec=1&kltstamp=2021-11-9%204:55:41&ranreq=0.1094379231538849&timezone=0&depth=0
Requested by
Host: vpaid.pubmatic.com
URL: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr=0&gdpr_consent=&kadpageurl=https%3A%2F%2Fwww.nyasatimes.com%2F&schain=1.0%2C1%21vidoomy.com%2C62144%2C1%2C5428396137252754401925154198%2C%2C
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.111 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
a71702232a771b558b12f8c0012a15f5652b500fd2e33464d283406cee36754d

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 09 Nov 2021 04:55:41 GMT
content-encoding
gzip
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
access-control-allow-origin
https://www.nyasatimes.com
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
x-vdbg
1:0/165:-1
content-type
application/xml; charset=utf-8
/
eum-eu-west-1.instana.io/ Frame 42B1 		0
190 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://eum-eu-west-1.instana.io/
Requested by
Host: eum.instana.io
URL: https://eum.instana.io/eum.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
108.128.44.193 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-108-128-44-193.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://singles.parship.de/lp/v00/6/U/htlp/index2.html?pscode=01_100_60078_1026_0001_0001_empty_AF00ID_GV1636433739.5503284.48ab17ac-4119-11ec-82f1-00155d255900ID
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
Date
Tue, 09 Nov 2021 04:55:41 GMT
Cache-Control
no-cache, no-store
Connection
keep-alive
timing-allow-origin
*
Content-Length
0
t
t.lkqd.net/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://t.lkqd.net/t
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.128.190 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type
Origin
https://www.nyasatimes.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

server
nginx
date
Tue, 09 Nov 2021 04:55:41 GMT
content-type
text/plain; charset=UTF-8
content-length
0
access-control-allow-credentials
true
access-control-expose-headers
Content-Type, Content-Disposition
access-control-allow-headers
Content-Type
access-control-allow-methods
GET, OPTIONS, POST
cache-control
max-age=300
access-control-max-age
300
access-control-allow-origin
https://www.nyasatimes.com
t
t.lkqd.net/ Frame 0558 		0
166 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://t.lkqd.net/t
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.128.190 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
application/json

Response headers

access-control-allow-origin
https://www.nyasatimes.com
date
Tue, 09 Nov 2021 04:55:41 GMT
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
server
nginx
content-length
0
content-type
text/plain; charset=UTF-8
track
aktrack.pubmatic.com/ Frame C021 		0
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aktrack.pubmatic.com/track?operId=7&p=156498&s=399115&a=1801592&ts=1636433741&wa=0&e=95&vc=2
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-233-180.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 09 Nov 2021 04:55:41 GMT
content-length
0
content-type
text/html
v2dpr3s6w8XqBfiwmHOdLbax8-094EuAX4rUf2Cgx9Z73tvXfxWPKFOwR9cflGU0PtDEDGvO6Iri-kqYivOEh7_q-7tRcCnkxv2hu0cgfSMaRDqxzHge_iR3rmOznEyD4Uuxj0vQjDmnd9A
steadfastsystem.com/ 		139 B
222 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://steadfastsystem.com/v2dpr3s6w8XqBfiwmHOdLbax8-094EuAX4rUf2Cgx9Z73tvXfxWPKFOwR9cflGU0PtDEDGvO6Iri-kqYivOEh7_q-7tRcCnkxv2hu0cgfSMaRDqxzHge_iR3rmOznEyD4Uuxj0vQjDmnd9A
Requested by
Host: steadfastsystem.com
URL: https://steadfastsystem.com/v2/0/otbsIu5B1ADm6WfVcR8Zc-iCydrinBppxVUROdXidoTBwND7orK255k9qWkc4OMCrnAaQRGw2U_34risbp8QI6bKAjw1UZplpM-c2QtQovHZdOw4ENyP1ir3Lxy71qmrlzdvynk_Q
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.190.90.202 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
202.90.190.35.bc.googleusercontent.com
Software
/
Resource Hash
ae052538c77b3ad803c527650dc40dcfc81f3585654906cec5c6957c538a883d
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; preload

Request headers

Referer
https://www.nyasatimes.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

strict-transport-security
max-age=15724800; preload
x-datacenter
gce-europe-west1
date
Tue, 09 Nov 2021 04:55:41 GMT
vary
Accept-Encoding, Origin
access-control-allow-methods
POST, OPTIONS
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.nyasatimes.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
x-hostname
e00eae1c
timing-allow-origin
*
access-control-allow-headers
DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Cookie
content-length
139
expires
Tue, 09 Nov 2021 04:55:40 GMT
v2dpr3s6w8XqBfiwmHOdLbax8-094EuAX4rUf2Cgx9Z73tvXfxWPKFOwR9cflGU0PtDEDGvO6Iri-kqYivOEh7_q-7tRcCnkxv2hu0cgfSMaRDqxzHge_iR3rmOznEyD4Uuxj0vQjDmnd9A
steadfastsystem.com/ 		139 B
172 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://steadfastsystem.com/v2dpr3s6w8XqBfiwmHOdLbax8-094EuAX4rUf2Cgx9Z73tvXfxWPKFOwR9cflGU0PtDEDGvO6Iri-kqYivOEh7_q-7tRcCnkxv2hu0cgfSMaRDqxzHge_iR3rmOznEyD4Uuxj0vQjDmnd9A
Requested by
Host: steadfastsystem.com
URL: https://steadfastsystem.com/v2/0/otbsIu5B1ADm6WfVcR8Zc-iCydrinBppxVUROdXidoTBwND7orK255k9qWkc4OMCrnAaQRGw2U_34risbp8QI6bKAjw1UZplpM-c2QtQovHZdOw4ENyP1ir3Lxy71qmrlzdvynk_Q
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.190.90.202 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
202.90.190.35.bc.googleusercontent.com
Software
/
Resource Hash
ae052538c77b3ad803c527650dc40dcfc81f3585654906cec5c6957c538a883d
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; preload

Request headers

Referer
https://www.nyasatimes.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

strict-transport-security
max-age=15724800; preload
x-datacenter
gce-europe-west1
date
Tue, 09 Nov 2021 04:55:41 GMT
vary
Accept-Encoding, Origin
access-control-allow-methods
POST, OPTIONS
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.nyasatimes.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
x-hostname
e00eae1c
timing-allow-origin
*
access-control-allow-headers
DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Cookie
content-length
139
expires
Tue, 09 Nov 2021 04:55:40 GMT
Enqz_20U.html
tpc.googlesyndication.com/sodar/ Frame 3C58 		22 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://40c08bcac5bf885dbd447c370f4f6d6d.safeframe.googlesyndication.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy-report-only
same-origin; report-to="adspam-signals-scs"
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
timing-allow-origin
*
content-length
8395
date
Mon, 08 Nov 2021 11:10:41 GMT
expires
Tue, 08 Nov 2022 11:10:41 GMT
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
age
63900
cache-control
public, max-age=31536000
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
reactive_library_fy2019.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202111080101/ 		147 KB
52 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202111080101/reactive_library_fy2019.js?bust=31063682
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202111080101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-6272874513322487&plah=www.nyasatimes.com&bust=31063682
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e9d1ed41d979c9ee7a526fdff3b7c448ef682a7b55d158818b6483fc4f6e6647
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.nyasatimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 09 Nov 2021 04:55:42 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
53468
x-xss-protection
0
server
cafe
etag
5727780426103389470
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=1209600
timing-allow-origin
*
expires
Tue, 09 Nov 2021 04:55:42 GMT
ad
v.lkqd.net/ Frame 239D 		22 B
207 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://v.lkqd.net/ad?pid=430&sid=1151941&formats=true&output=vastvpaid&support=html5&execution=outstream&placement=slider&playinit=auto&volume=0&width=400&height=225&gdpr=0&gdprcs=&pageurl=https%3A%2F%2Fwww.nyasatimes.com%2F&dnt=0&c1=&c2=0&c3=1.0%2C1!vidoomy.com%2C62144%2C1%2C&c5=&c6=62144&rnd=81169085&m=
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/formats.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.128.151 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
81fe6ecafb7561bb6d3c764522fe2ce0273f1a2f9ffaa90e5bf5c832b1a1cebb

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

access-control-allow-origin
https://www.nyasatimes.com
date
Tue, 09 Nov 2021 04:55:41 GMT
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
server
nginx
content-length
22
content-type
text/plain; charset=UTF-8
t
t.lkqd.net/ Frame 4CD2 		0
166 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://t.lkqd.net/t
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/formats.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.128.190 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
application/json

Response headers

access-control-allow-origin
https://www.nyasatimes.com
date
Tue, 09 Nov 2021 04:55:42 GMT
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
server
nginx
content-length
0
content-type
text/plain; charset=UTF-8
t
t.lkqd.net/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://t.lkqd.net/t
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.128.190 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type
Origin
https://www.nyasatimes.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

server
nginx
date
Tue, 09 Nov 2021 04:55:42 GMT
content-type
text/plain; charset=UTF-8
content-length
0
access-control-allow-credentials
true
access-control-expose-headers
Content-Type, Content-Disposition
access-control-allow-headers
Content-Type
access-control-allow-methods
GET, OPTIONS, POST
cache-control
max-age=300
access-control-max-age
300
access-control-allow-origin
https://www.nyasatimes.com
ad
v.lkqd.net/ Frame 239D 		2 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://v.lkqd.net/ad?pid=430&sid=1151941&formats=true&output=vastvpaid&support=html5&execution=outstream&placement=slider&playinit=auto&volume=0&width=400&height=225&gdpr=0&gdprcs=&pageurl=https%3A%2F%2Fwww.nyasatimes.com%2F&dnt=0&c1=&c2=0&c3=1.0%2C1!vidoomy.com%2C62144%2C1%2C&c5=&c6=62144&rnd=12657283&m=
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/formats.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.128.151 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
f3d3a396d62c2ea67bef71b2316d7d7e1000b096c0c31486eaa001225c81a1d9

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 09 Nov 2021 04:55:42 GMT
content-encoding
gzip
server
nginx
content-type
application/xml; charset=UTF-8
access-control-allow-origin
https://www.nyasatimes.com
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-length
1355
vpaid.js
ad.lkqd.net/vpaid/ Frame 4FE8 		230 KB
61 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/formats.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
/
Resource Hash
36ae762191d24727fbba21272ea14872bb7824188961282001d50e67f7b1881c

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 09 Nov 2021 04:55:42 GMT
content-encoding
gzip
last-modified
Tue, 02 Nov 2021 21:06:56 GMT
etag
"cca1f428155a1f13b17a4684f2c8ef1c"
x-hw
1636433742.cds125.am5.hn,1636433742.cds300.am5.c
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=1209600
accept-ranges
bytes
content-length
62015
usync.html
ad.lkqd.net/cookie-sync/ Frame 23A1 		5 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ad.lkqd.net/cookie-sync/usync.html
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
/
Resource Hash
b6ff02c733394664dbb2178c88a0d8ab1292602aaad412e44ee83c3ab7943faf

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

date
Tue, 09 Nov 2021 04:55:42 GMT
content-encoding
gzip
content-length
1909
content-type
text/html
last-modified
Tue, 26 Oct 2021 15:08:45 GMT
accept-ranges
bytes
etag
"10c6626c1705141142b0302e29b3bd0e"
cache-control
public, max-age=1209600
x-hw
1636433742.cds125.am5.hn,1636433742.cds257.am5.c
access-control-allow-origin
*
ad
v.lkqd.net/ Frame 4FE8 		97 KB
6 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://v.lkqd.net/ad?pid=430&sid=1151941&formats=true&output=json2&support=html5&execution=outstream&placement=slider&playinit=auto&volume=0&width=400&height=225&gdpr=0&gdprcs=&pageurl=https%3A%2F%2Fwww.nyasatimes.com%2F&dnt=0&c1=&c2=0&c3=1.0%2C1!vidoomy.com%2C62144%2C1%2C&c5=&c6=62144&rnd=12657283&m=&rtv=1&thost=www.nyasatimes.com
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.128.151 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
b772df7ba96adfcb6e5a28d11a68d0f5755b9e31e5b7049932dcac04a21eeef9

Request headers

Referer
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
application/json

Response headers

date
Tue, 09 Nov 2021 04:55:42 GMT
content-encoding
gzip
server
nginx
content-type
application/json
access-control-allow-origin
https://www.nyasatimes.com
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-length
6265
ad
v.lkqd.net/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://v.lkqd.net/ad?pid=430&sid=1151941&formats=true&output=json2&support=html5&execution=outstream&placement=slider&playinit=auto&volume=0&width=400&height=225&gdpr=0&gdprcs=&pageurl=https%3A%2F%2Fwww.nyasatimes.com%2F&dnt=0&c1=&c2=0&c3=1.0%2C1!vidoomy.com%2C62144%2C1%2C&c5=&c6=62144&rnd=12657283&m=&rtv=1&thost=www.nyasatimes.com
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.128.151 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type
Origin
https://www.nyasatimes.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

server
nginx
date
Tue, 09 Nov 2021 04:55:42 GMT
content-length
0
access-control-allow-origin
https://www.nyasatimes.com
access-control-max-age
300
cache-control
max-age=300
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-headers
Content-Type
access-control-expose-headers
Content-Type, Content-Disposition
access-control-allow-credentials
true
cs
cs.lkqd.net/ Frame 23A1 		43 B
308 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.lkqd.net/cs?partnerId=55&redirect=https%3A%2F%2Fidsync.rlcdn.com%2F464986.gif%3Fpartner_uid%3D%24%24rawlkqduserid%24%24&r=if
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/cookie-sync/usync.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.132.196 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ad.lkqd.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 09 Nov 2021 04:55:42 GMT
server
nginx
access-control-max-age
0
access-control-allow-methods
GET
content-type
image/gif
access-control-allow-origin
*
access-control-expose-headers
Content-Type, Content-Disposition
cache-control
max-age=0
access-control-allow-credentials
true
access-control-allow-headers
Content-Type
content-length
43
cs
cs.lkqd.net/ Frame 23A1 		43 B
308 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.lkqd.net/cs?partnerId=103&redirect=https%3A%2F%2Fevent.clientgear.com%2Fcookie%2Flkqd%3Fpartner%3Dlkqd%26cookieid%3D%24%24rawlkqduserid%24%24&r=if
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/cookie-sync/usync.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.132.196 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ad.lkqd.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 09 Nov 2021 04:55:42 GMT
server
nginx
access-control-max-age
0
access-control-allow-methods
GET
content-type
image/gif
access-control-allow-origin
*
access-control-expose-headers
Content-Type, Content-Disposition
cache-control
max-age=0
access-control-allow-credentials
true
access-control-allow-headers
Content-Type
content-length
43
cs
cs.lkqd.net/ Frame 23A1 		43 B
308 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.lkqd.net/cs?partnerId=102&redirect=https%3A%2F%2Fcs.krushmedia.com%2Fcd607442bfdf172cfcec45014a5f4ece.gif%3Fpuid%3D%24%24rawlkqduserid%24%24%26redir%3Dhttps%253A%252F%252Fcs.lkqd.net%252Fcs%253FpartnerId%253D102%2526partnerUserId%253D%255BUID%255D&r=if
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/cookie-sync/usync.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.132.196 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ad.lkqd.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 09 Nov 2021 04:55:42 GMT
server
nginx
access-control-max-age
0
access-control-allow-methods
GET
content-type
image/gif
access-control-allow-origin
*
access-control-expose-headers
Content-Type, Content-Disposition
cache-control
max-age=0
access-control-allow-credentials
true
access-control-allow-headers
Content-Type
content-length
43
cs
cs.lkqd.net/ Frame 23A1 		43 B
308 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.lkqd.net/cs?partnerId=99&redirect=https%3A%2F%2Fc.deployads.com%2Fcs%2FNXST%3Fb%3D%24%24rawlkqduserid%24%24&r=if
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/cookie-sync/usync.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.132.196 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ad.lkqd.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 09 Nov 2021 04:55:42 GMT
server
nginx
access-control-max-age
0
access-control-allow-methods
GET
content-type
image/gif
access-control-allow-origin
*
access-control-expose-headers
Content-Type, Content-Disposition
cache-control
max-age=0
access-control-allow-credentials
true
access-control-allow-headers
Content-Type
content-length
43
cs
cs.lkqd.net/ Frame 23A1
Redirect Chain
  • https://ad.turn.com/r/cs?pid=65
  • https://cs.lkqd.net/cs?partnerId=94&partnerUserId=2910766924132551182
43 B
308 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.lkqd.net/cs?partnerId=94&partnerUserId=2910766924132551182
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/cookie-sync/usync.html
Protocol
H2
Server
146.20.132.196 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ad.lkqd.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 09 Nov 2021 04:55:42 GMT
server
nginx
access-control-max-age
0
access-control-allow-methods
GET
content-type
image/gif
access-control-allow-origin
*
access-control-expose-headers
Content-Type, Content-Disposition
cache-control
max-age=0
access-control-allow-credentials
true
access-control-allow-headers
Content-Type
content-length
43

Redirect headers

location
https://cs.lkqd.net/cs?partnerId=94&partnerUserId=2910766924132551182
pragma
no-cache
date
Tue, 09 Nov 2021 04:55:42 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
0
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"
t
t.lkqd.net/ Frame 3D44 		0
166 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://t.lkqd.net/t
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.128.190 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
application/json

Response headers

access-control-allow-origin
https://www.nyasatimes.com
date
Tue, 09 Nov 2021 04:55:42 GMT
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
server
nginx
content-length
0
content-type
text/plain; charset=UTF-8
t
t.lkqd.net/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://t.lkqd.net/t
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.128.190 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type
Origin
https://www.nyasatimes.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

server
nginx
date
Tue, 09 Nov 2021 04:55:42 GMT
content-type
text/plain; charset=UTF-8
content-length
0
access-control-allow-credentials
true
access-control-expose-headers
Content-Type, Content-Disposition
access-control-allow-headers
Content-Type
access-control-allow-methods
GET, OPTIONS, POST
cache-control
max-age=300
access-control-max-age
300
access-control-allow-origin
https://www.nyasatimes.com
/
adx.adform.net/adx/ 		65 B
741 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://adx.adform.net/adx/?mid=970530&t=2&url=https%3A%2F%2Fwww.nyasatimes.com%2F
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.2.237 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
94e4cb19c22e935d07b372642b91d6ef04fa8a8c61aed1bc5b17a5e79cdb6a54
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.nyasatimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 09 Nov 2021 04:55:42 GMT
content-encoding
gzip
vary
Accept-Encoding
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
strict-transport-security
max-age=31536000; includeSubDomains
content-length
173
pragma
no-cache
server
nginx
access-control-max-age
86400
access-control-allow-methods
GET, POST
content-type
text/xml; charset=utf-8
access-control-allow-origin
https://www.nyasatimes.com
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
expires
-1
218945
search.spotxchange.com/vast/2.0/ 		67 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://search.spotxchange.com/vast/2.0/218945?VPAID=JS&content_page_url=https%3A%2F%2Fwww.nyasatimes.com%2F&cb=1395738562&player_width=400&player_height=225&regs[gdpr]=0&user[consent]=&device[geo][lat]=&device[geo][lon]=&schain=1.0%2C1%21vidoomy.com%2C62144%2C1%2C108352182663142103051177437%2C%2C
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
185.94.180.123 Amsterdam, Netherlands, ASN35220 (SPOTX-AMS, US),
Reverse DNS
Software
nginx /
Resource Hash
78e958d620d6e40a19e424eee3a9b23932cd9bfa4d7f736442048777d203052d

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.nyasatimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date
Tue, 09 Nov 2021 04:55:42 GMT
Content-Encoding
gzip
X-SpotX-Timing-Transform
0.000266
X-SpotX-Timing-SpotMarket
0.007697
X-SpotX-Timing-Page-Mux
0.000241
X-SpotX-Timing-Page-Require
0.000396
X-fe
007
Connection
keep-alive
X-SpotX-Timing-Page-Cookie
0.000023
Content-Length
77
X-SpotX-Timing-Page
0.012256
Pragma
no-cache
X-SpotX-Timing-Page-Context
0.000304
Last-Modified
Tue, 09 Nov 2021 04:55:42 GMT
Server
nginx
Cache-Control
no-cache, must-revalidate, post-check=0, pre-check=0
Access-Control-Allow-Methods
POST, GET, PATCH, DELETE, OPTIONS
Vary
Accept-Encoding
X-SpotX-Timing-SpotMarket-Primary
0.007697
Content-Type
text/xml;charset=UTF-8
Access-Control-Allow-Origin
https://www.nyasatimes.com
X-SpotX-Timing-Page-Misc
0.003318
X-SpotX-Timing-Page-Exception
0.000000
X-SpotX-Timing-SpotMarket-Secondary
0.000000
X-SpotX-Timing-Page-URI
0.000011
Access-Control-Allow-Credentials
true
Access-Control-Allow-Headers
Expires
Thu, 01 Jan 1970 00:00:00 GMT
88k_nHSg_6XSp1263gyM+iSSVC+nZNMH
ads.adaptv.advertising.com/a/h/ 		249 B
548 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.adaptv.advertising.com/a/h/88k_nHSg_6XSp1263gyM+iSSVC+nZNMH?cb=281314111&gdpr=0&gdpr_consent=&pageUrl=https%3A%2F%2Fwww.nyasatimes.com%2F&eov=eov&pi.width=400&pi.height=225&pi.viewable=1&scpid=62144&hp=1
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.156.156.223 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-156-156-223.eu-central-1.compute.amazonaws.com
Software
adaptv/1.0 /
Resource Hash
6c138576e7381d3ab0aa7b511adc3a7cbb7fe3a3d33768bad05577f5dfc60cad
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.nyasatimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=31536000
content-encoding
gzip
server
adaptv/1.0
content-type
text/xml
access-control-allow-origin
https://www.nyasatimes.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
Connection
keep-alive
Content-Length
192
expires
0
88k_nHSg_6XSp1263gyM+iSSVC+nZNMH
ads.adaptv.advertising.com/a/h/ 		249 B
548 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.adaptv.advertising.com/a/h/88k_nHSg_6XSp1263gyM+iSSVC+nZNMH?cb=438421307&gdpr=0&gdpr_consent=&pageUrl=https%3A%2F%2Fwww.nyasatimes.com%2F&eov=eov&pi.width=400&pi.height=225&pi.viewable=1&scpid=62144&hp=1
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.156.156.223 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-156-156-223.eu-central-1.compute.amazonaws.com
Software
adaptv/1.0 /
Resource Hash
6c138576e7381d3ab0aa7b511adc3a7cbb7fe3a3d33768bad05577f5dfc60cad
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.nyasatimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=31536000
content-encoding
gzip
server
adaptv/1.0
content-type
text/xml
access-control-allow-origin
https://www.nyasatimes.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
Connection
keep-alive
Content-Length
192
expires
0
88k_nHSg_6XSp1263gyM+rBJnqbGxDqsAEHMK88FGSM=
ads.adaptv.advertising.com/a/h/ 		249 B
548 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.adaptv.advertising.com/a/h/88k_nHSg_6XSp1263gyM+rBJnqbGxDqsAEHMK88FGSM=?cb=255950650&gdpr=0&gdpr_consent=&pet=preroll&pageUrl=https%3A%2F%2Fwww.nyasatimes.com%2F&eov=eov&pi.width=400&pi.height=225&pi.viewable=1&scpid=62144&hp=1
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.156.156.223 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-156-156-223.eu-central-1.compute.amazonaws.com
Software
adaptv/1.0 /
Resource Hash
6c138576e7381d3ab0aa7b511adc3a7cbb7fe3a3d33768bad05577f5dfc60cad
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.nyasatimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=31536000
content-encoding
gzip
server
adaptv/1.0
content-type
text/xml
access-control-allow-origin
https://www.nyasatimes.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
Connection
keep-alive
Content-Length
192
expires
0
/
adx.adform.net/adx/ 		65 B
741 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://adx.adform.net/adx/?mid=970530&url=https%3A%2F%2Fwww.nyasatimes.com%2F&t=2
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.2.237 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
94e4cb19c22e935d07b372642b91d6ef04fa8a8c61aed1bc5b17a5e79cdb6a54
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.nyasatimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 09 Nov 2021 04:55:42 GMT
content-encoding
gzip
vary
Accept-Encoding
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
strict-transport-security
max-age=31536000; includeSubDomains
content-length
173
pragma
no-cache
server
nginx
access-control-max-age
86400
access-control-allow-methods
GET, POST
content-type
text/xml; charset=utf-8
access-control-allow-origin
https://www.nyasatimes.com
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
expires
-1
vadtag.html
vpaid.pubmatic.com/ads/video/ 		991 B
867 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://vpaid.pubmatic.com/ads/video/vadtag.html?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr=0&gdpr_consent=&kadpageurl=https%3A%2F%2Fwww.nyasatimes.com%2F&schain=1.0%2C1%21vidoomy.com%2C62144%2C1%2C1083521826631421030118426251%2C%2C
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-233-180.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
38e656377a45f557236ec4ad663f83221afdb207487805e384b52694973ac9d8

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.nyasatimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 09 Nov 2021 04:55:42 GMT
content-encoding
gzip
server
Apache/2.2.15 (CentOS)
etag
"461ced-23ca-5c92d699e808f"
vary
Origin, Accept-Encoding
content-type
application/xml
access-control-allow-origin
https://www.nyasatimes.com
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-length
607
expires
Tue, 09 Nov 2021 04:55:42 GMT
vadtag.html
vpaid.pubmatic.com/ads/video/ 		991 B
868 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://vpaid.pubmatic.com/ads/video/vadtag.html?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr=0&gdpr_consent=&kadpageurl=https%3A%2F%2Fwww.nyasatimes.com%2F&schain=1.0%2C1%21vidoomy.com%2C62144%2C1%2C2713954881083521826631421030%2C%2C
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-233-180.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
c84a6ae821ae828041a000d3e1dd0d14490d718a6cd449aa740b11e8199776a0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.nyasatimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 09 Nov 2021 04:55:42 GMT
content-encoding
gzip
server
Apache/2.2.15 (CentOS)
etag
"461ced-23ca-5c92d699e808f"
vary
Origin, Accept-Encoding
content-type
application/xml
access-control-allow-origin
https://www.nyasatimes.com
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-length
608
expires
Tue, 09 Nov 2021 04:55:42 GMT
vadtag.html
vpaid.pubmatic.com/ads/video/ 		991 B
868 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://vpaid.pubmatic.com/ads/video/vadtag.html?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr=0&gdpr_consent=&kadpageurl=https%3A%2F%2Fwww.nyasatimes.com%2F&schain=1.0%2C1%21vidoomy.com%2C62144%2C1%2C1083521826631421030929664512%2C%2C
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-233-180.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
4a8d4f63025198366db263f67c81ef5c294be5c2b7448ddfef7aaf7f512ec98d

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.nyasatimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 09 Nov 2021 04:55:42 GMT
content-encoding
gzip
server
Apache/2.2.15 (CentOS)
etag
"461ced-23ca-5c92d699e808f"
vary
Origin, Accept-Encoding
content-type
application/xml
access-control-allow-origin
https://www.nyasatimes.com
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-length
608
expires
Tue, 09 Nov 2021 04:55:42 GMT
LyoDzRX0cOv8KcvlY2oOQnb1IeL0zelHZZQf70KjSEs=
ads.adaptv.advertising.com/a/h/ 		249 B
548 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.adaptv.advertising.com/a/h/LyoDzRX0cOv8KcvlY2oOQnb1IeL0zelHZZQf70KjSEs=?cb=371064161&gdpr=0&gdpr_consent=&pet=preroll&pageUrl=https%3A%2F%2Fwww.nyasatimes.com%2F&eov=eov&pi.width=400&pi.height=225&pi.viewable=1&scpid=62144&hp=1
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.156.156.223 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-156-156-223.eu-central-1.compute.amazonaws.com
Software
adaptv/1.0 /
Resource Hash
6c138576e7381d3ab0aa7b511adc3a7cbb7fe3a3d33768bad05577f5dfc60cad
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.nyasatimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=31536000
content-encoding
gzip
server
adaptv/1.0
content-type
text/xml
access-control-allow-origin
https://www.nyasatimes.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
Connection
keep-alive
Content-Length
192
expires
0
t
t.lkqd.net/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://t.lkqd.net/t
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.128.190 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type
Origin
https://www.nyasatimes.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

server
nginx
date
Tue, 09 Nov 2021 04:55:42 GMT
content-type
text/plain; charset=UTF-8
content-length
0
access-control-allow-credentials
true
access-control-expose-headers
Content-Type, Content-Disposition
access-control-allow-headers
Content-Type
access-control-allow-methods
GET, OPTIONS, POST
cache-control
max-age=300
access-control-max-age
300
access-control-allow-origin
https://www.nyasatimes.com
t
t.lkqd.net/ Frame 3D44 		0
166 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://t.lkqd.net/t
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.128.190 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
application/json

Response headers

access-control-allow-origin
https://www.nyasatimes.com
date
Tue, 09 Nov 2021 04:55:42 GMT
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
server
nginx
content-length
0
content-type
text/plain; charset=UTF-8
truncated
/ Frame 4FE8 		35 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
90252ef0aa9e3d36c861bbeaa1bd57b7f855333edf2957ab9473838a52e2dd7f

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Content-Type
image/gif
vpaid_d700fabb.js
vpaid.springserve.com/production/ Frame DF00 		494 KB
87 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://vpaid.springserve.com/production/vpaid_d700fabb.js
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2156:7a00:15:6f6c:b180:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
01f62119d738e56887c7298650396be3edc28f9bd4b64af4c496048183172630

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Fri, 29 Oct 2021 15:21:15 GMT
content-encoding
br
last-modified
Fri, 29 Oct 2021 15:00:52 GMT
server
AmazonS3
age
912868
etag
W/"00394b9cabf75acc9a4061ae555e3473"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 f7b7cf90592cf6a380fd34cc45e9c4b5.cloudfront.net (CloudFront)
cache-control
max-age=2678400
x-amz-cf-pop
FRA50-C1
x-amz-cf-id
d9GrfLXC8YfHlZsesAknARZE5fpkBKmTvgqT4u5EjEfyxruxDlDbnA==
vadtag.html
vpaid.pubmatic.com/ads/video/ Frame DF00 		962 B
849 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://vpaid.pubmatic.com/ads/video/vadtag.html?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr==&gdpr_consent=&kadpageurl=https%3A%2F%2Fwww.nyasatimes.com%2F&schain=1.0,1!vidoomy.com,62144,1,1636433742316,,
Requested by
Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_d700fabb.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-233-180.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
eb1b5b489f5a7ea6bed2f96fc0b1ab2ce988165232678aa8355ce4a119e4c950

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 09 Nov 2021 04:55:42 GMT
content-encoding
gzip
server
Apache/2.2.15 (CentOS)
etag
"461ced-23ca-5c92d699e808f"
vary
Origin, Accept-Encoding
content-type
application/xml
access-control-allow-origin
https://www.nyasatimes.com
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-length
589
expires
Tue, 09 Nov 2021 04:55:42 GMT
openrtb
ads.adaptv.advertising.com/rtb/ Frame DF00 		0
219 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.adaptv.advertising.com/rtb/openrtb?ext_id=Vidoomy
Requested by
Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_d700fabb.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.156.156.223 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-156-156-223.eu-central-1.compute.amazonaws.com
Software
adaptv/1.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.nyasatimes.com
access-control-allow-credentials
true
server
adaptv/1.0
Connection
keep-alive
content-length
0
content-type
application/json
prebid
ib.adnxs.com/ut/v3/ Frame DF00 		166 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_d700fabb.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.220.243 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
722.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
d7ccdbeeef496b6070db7d13dc69669cbc6041d914c32f3ab4ecf3e01823e38f
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Tue, 09 Nov 2021 04:55:42 GMT
X-Proxy-Origin
185.213.155.165; 185.213.155.165; 722.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid
c8733c4c-97a0-4abc-9b35-3068d23c08b8
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://www.nyasatimes.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json; charset=utf-8
Content-Length
166
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
prebid
ib.adnxs.com/ut/v3/ Frame DF00 		166 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_d700fabb.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.220.243 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
722.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
2a6184b6a38bda06bcfec605b4585b4129838276a06670aa0294d188541f68c4
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Tue, 09 Nov 2021 04:55:42 GMT
X-Proxy-Origin
185.213.155.165; 185.213.155.165; 722.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid
5de7b22f-1a88-4347-b6e0-c5b245579e75
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://www.nyasatimes.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json; charset=utf-8
Content-Length
166
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
t
t.lkqd.net/ Frame 3D44 		0
166 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://t.lkqd.net/t
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.128.190 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
application/json

Response headers

access-control-allow-origin
https://www.nyasatimes.com
date
Tue, 09 Nov 2021 04:55:42 GMT
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
server
nginx
content-length
0
content-type
text/plain; charset=UTF-8
t
t.lkqd.net/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://t.lkqd.net/t
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.128.190 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type
Origin
https://www.nyasatimes.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

server
nginx
date
Tue, 09 Nov 2021 04:55:42 GMT
content-type
text/plain; charset=UTF-8
content-length
0
access-control-allow-credentials
true
access-control-expose-headers
Content-Type, Content-Disposition
access-control-allow-headers
Content-Type
access-control-allow-methods
GET, OPTIONS, POST
cache-control
max-age=300
access-control-max-age
300
access-control-allow-origin
https://www.nyasatimes.com
PMAdMgr.js
vpaid.pubmatic.com/ads/video/ Frame C0C2 		152 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr==&gdpr_consent=&kadpageurl=https%3A%2F%2Fwww.nyasatimes.com%2F&schain=1.0,1!vidoomy.com,62144,1,1636433742316,,
Requested by
Host: blank
URL: about:blank
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-233-180.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
f0f6a8b6c19b0c4d1cab075ab2f4f755cfef747424837668e65f431410f816e8

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 09 Nov 2021 04:55:42 GMT
content-encoding
gzip
last-modified
Tue, 10 Aug 2021 05:02:46 GMT
server
Apache/2.2.15 (CentOS)
etag
"1408294-25f9a-5c92d699d3c58"
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=10800
accept-ranges
bytes
content-length
36260
showad.js
ads.pubmatic.com/AdServer/js/ Frame 37DA 		38 KB
14 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/showad.js?
Requested by
Host: vpaid.pubmatic.com
URL: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr==&gdpr_consent=&kadpageurl=https%3A%2F%2Fwww.nyasatimes.com%2F&schain=1.0,1!vidoomy.com,62144,1,1636433742316,,
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-233-180.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
e2cdec10db9a0a224e9f5e49b6f004c5426564fb8d857ad3df480e9c916bafe6

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

last-modified
Tue, 19 Oct 2021 10:00:01 GMT
etag
"1302647-96ae-5ceb1b98ba7c4"
server
Apache/2.2.15 (CentOS)
accept-ranges
bytes
content-encoding
gzip
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
13882
content-type
text/html; charset=UTF-8
cache-control
public, max-age=87039
expires
Wed, 10 Nov 2021 05:06:21 GMT
date
Tue, 09 Nov 2021 04:55:42 GMT
vary
Accept-Encoding
showad.js
ads.pubmatic.com/AdServer/js/ Frame C0C2 		38 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/showad.js?
Requested by
Host: vpaid.pubmatic.com
URL: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr==&gdpr_consent=&kadpageurl=https%3A%2F%2Fwww.nyasatimes.com%2F&schain=1.0,1!vidoomy.com,62144,1,1636433742316,,
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-233-180.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
e2cdec10db9a0a224e9f5e49b6f004c5426564fb8d857ad3df480e9c916bafe6

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 09 Nov 2021 04:55:42 GMT
content-encoding
gzip
last-modified
Tue, 19 Oct 2021 10:00:01 GMT
server
Apache/2.2.15 (CentOS)
etag
"1302647-96ae-5ceb1b98ba7c4"
vary
Accept-Encoding
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
public, max-age=87039
accept-ranges
bytes
content-type
text/html; charset=UTF-8
content-length
13882
expires
Wed, 10 Nov 2021 05:06:21 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 6AD6 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BOCJgSf-JYbXOLKyL9u8Pg_GW4A8AAAAAOAHgBAI&bg=!kZKlktbNAAYH3anuB907ACkAdvg8WmxPrVdM4pc1Fdt1g7w_j_PkBMdJgW_pBGg7yySgcvMBGZwhEAIAAABOUgAAAAtoAQeZAvTfd-zG46G-poYDhRcd6MYCrlh580ZERMQXLL-4cLUZkccO30yV9a0HUt6MbUJCZsK_SyvrrjjknqFjZZgVpePsB-NJuRxFKnj4AK0Z5RFMy1yWbhhAyWQv591QYhieggmHB6O4U0e4-vFxwGLcLGiALZaOuYqK8mI59UPVRlvqOYMBstFhAhSOlqvlPxsvsMlFA5AAHUtwo5XYDi_3qBjDid66ctsnnNNivOz-jLjACFtdGdKiOdjiLAOYjFLjlM0mCCbuZo2orUgSeXsmrPOo2zegIzgJ3bM08HZo3AQ9KocTrMUCTebHFHzFyV8ud7Jl2cqDfDAu34OvR5oZuTvKCFPdK55-lRG0CwBDOrBNlU8qZkQ6U99oCmtL8IriWWjGsGYgcc9BqQmXpQGMYhHTBkusc67CqQjJhIu_N9JhJgI6iA--jiMF9spUE7MFRx5cZRRyU6JCT_hHjcqiXjEA_3AiJS6xuL27N0Rlk4euHRWhTFc1PmllyMkxY5tceB--EgekZrPuJHOCI46yS8xCJhrKbhVtiDpNW0OjLI4zQ86R-AABwiqbPSHfT9XSp8U7nfYjlaOw-gP3JFMGaFgj1F3l07o28ST1d3UZz2G4_oVklN0iVVh7VFqteQ3t1ls219Z7xVbZStoG4h_vjHPZcv9FzqttfVW-QMwviVZ32TIIqU-gAlquWewiTfDAtmAb5y5EkDiuGj9pnqv22ItOEbd3VyzQQvIkdjUrbBb3SSXxg31ZlGQ6hGHukrw9OTVSpJj-t5kU6UybCJFOE-3toJgo2qhbDdsL3ogikMRbhtfBMg89pJsdo9UomsvThVo66AnI2OlLcQsbVymXVGiar0-yvALTFUAisoRm01n5kP8nTkXRG_8xY4i7AnYmgs5dQtNGaDrcJBjVqkuE3cj1WKSDlaWAL1YaKlOWt3SWEba9Jr-x6QlPWvi4xAdlWpi65F4fSAIYNxVfr-pH4U9k_StZkF4rXrrKttqOP4xNz0dEWZQ
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 09 Nov 2021 04:55:42 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
PugMaster
image6.pubmatic.com/AdServer/ Frame 37DA 		47 B
167 B 		Script
General
Check archive.org
Download Go to
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=14202424&p=156498&s=399115&a=1801592&ptask=ALL&np=0&fp=0&rp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js?
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.78 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
09343d3b3473e1c994b2d603c99feb8a0f63fbd3ff20be7432ff18b973dbe651

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 09 Nov 2021 04:55:42 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
47
content-type
text/html; charset=UTF-8
show_ads_impl_with_ama_fy2019.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202111040101/ Frame C2B1 		267 KB
96 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202111040101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-6272874513322487&plah=40c08bcac5bf885dbd447c370f4f6d6d.safeframe.googlesyndication.com
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
6ef8f450e55451de3da1e6ec1d6a883e42112841adcdedbb2d6da5d926b67c8b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://40c08bcac5bf885dbd447c370f4f6d6d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 09 Nov 2021 04:55:43 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
97992
x-xss-protection
0
server
cafe
etag
6769920751861283988
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
expires
Tue, 09 Nov 2021 04:55:43 GMT
AdServerServlet
vid.pubmatic.com/AdServer/ Frame C0C2 		27 B
0 		XHR
General
Check archive.org
Download Go to
Full URL
https://vid.pubmatic.com/AdServer/AdServerServlet?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+7+9+1+1+6&gdpr=0&gdpr_consent=&kadpageurl=https%3A%2F%2Fwww.nyasatimes.com%2F&schain=1.0,1!vidoomy.com,62144,1,1636433742316,,&us_privacy=&cb=1636433742573&SAVersion=2&inIframe=1&pageURL=https%253A%252F%252Fwww.nyasatimes.com%252F&screenResolution=1600x1200&kdntuid=1&vwndh=0&vwndw=0&vwndurl=https%253A%252F%252Fwww.nyasatimes.com%252F&vwndref=&vc=2&js=1&sec=1&kltstamp=2021-11-9%204:55:43&ranreq=0.40315336139691693&timezone=0&depth=0
Requested by
Host: vpaid.pubmatic.com
URL: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr==&gdpr_consent=&kadpageurl=https%3A%2F%2Fwww.nyasatimes.com%2F&schain=1.0,1!vidoomy.com,62144,1,1636433742316,,
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.111 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 09 Nov 2021 04:55:43 GMT
content-encoding
gzip
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
access-control-allow-origin
https://www.nyasatimes.com
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
x-vdbg
1:0/165:-1
content-type
application/xml; charset=utf-8
i
vid-io-cle.springserve.com/vd/ Frame DF00 		0
118 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://vid-io-cle.springserve.com/vd/i?suuid=945da3be&ps_id=357265&batch=1
Requested by
Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_d700fabb.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.139.192.142 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-139-192-142.us-east-2.compute.amazonaws.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.nyasatimes.com
date
Tue, 09 Nov 2021 04:55:43 GMT
access-control-allow-credentials
true
server
nginx
content-length
0
track
aktrack.pubmatic.com/ Frame DF00 		0
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aktrack.pubmatic.com/track?operId=7&p=156498&s=399115&a=1801592&ts=1636433742&wa=0&e=96&ier=901
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-233-180.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 09 Nov 2021 04:55:43 GMT
content-length
0
content-type
text/html
vpaid_d700fabb.js
vpaid.springserve.com/production/ Frame 9677 		494 KB
87 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://vpaid.springserve.com/production/vpaid_d700fabb.js
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2156:7a00:15:6f6c:b180:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
01f62119d738e56887c7298650396be3edc28f9bd4b64af4c496048183172630

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Fri, 29 Oct 2021 15:21:15 GMT
content-encoding
br
last-modified
Fri, 29 Oct 2021 15:00:52 GMT
server
AmazonS3
age
912869
etag
W/"00394b9cabf75acc9a4061ae555e3473"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 f7b7cf90592cf6a380fd34cc45e9c4b5.cloudfront.net (CloudFront)
cache-control
max-age=2678400
x-amz-cf-pop
FRA50-C1
x-amz-cf-id
Xogez3XX18GFmFEg1EO-Ic02PlgCRlZsTJ8oP1G8xRTveF0yCbCihA==
vadtag.html
vpaid.pubmatic.com/ads/video/ Frame 9677 		962 B
849 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://vpaid.pubmatic.com/ads/video/vadtag.html?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr==&gdpr_consent=&kadpageurl=https%3A%2F%2Fwww.nyasatimes.com%2F&schain=1.0,1!vidoomy.com,62144,1,1636433742316,,
Requested by
Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_d700fabb.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-233-180.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
edc812c34046a0951b7d3a30248a93557654dc642ee72012132aa4ab9576d367

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 09 Nov 2021 04:55:43 GMT
content-encoding
gzip
server
Apache/2.2.15 (CentOS)
etag
"461ced-23ca-5c92d699e808f"
vary
Origin, Accept-Encoding
content-type
application/xml
access-control-allow-origin
https://www.nyasatimes.com
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-length
589
expires
Tue, 09 Nov 2021 04:55:43 GMT
openrtb
ads.adaptv.advertising.com/rtb/ Frame 9677 		0
219 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.adaptv.advertising.com/rtb/openrtb?ext_id=Vidoomy
Requested by
Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_d700fabb.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.156.156.223 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-156-156-223.eu-central-1.compute.amazonaws.com
Software
adaptv/1.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.nyasatimes.com
access-control-allow-credentials
true
server
adaptv/1.0
Connection
keep-alive
content-length
0
content-type
application/json
prebid
ib.adnxs.com/ut/v3/ Frame 9677 		166 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_d700fabb.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.220.243 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
722.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
1da9e15814a2704f91c84e357989a65e797ae245b8added64673b88c27638add
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Tue, 09 Nov 2021 04:55:43 GMT
X-Proxy-Origin
185.213.155.165; 185.213.155.165; 722.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid
f4636710-bcbd-44a9-bf21-edca5e373636
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://www.nyasatimes.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json; charset=utf-8
Content-Length
166
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
prebid
ib.adnxs.com/ut/v3/ Frame 9677 		166 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_d700fabb.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.220.243 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
722.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
a324dc96faa573de36a262d7928faac4a6ae30ff784a958d356af5d4d064d262
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Tue, 09 Nov 2021 04:55:43 GMT
X-Proxy-Origin
185.213.155.165; 185.213.155.165; 722.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid
8ae11309-dd07-4b3d-8fc0-f3f09392ad19
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://www.nyasatimes.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json; charset=utf-8
Content-Length
166
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
t
t.lkqd.net/ Frame 3D44 		0
166 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://t.lkqd.net/t
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.128.190 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
application/json

Response headers

access-control-allow-origin
https://www.nyasatimes.com
date
Tue, 09 Nov 2021 04:55:43 GMT
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
server
nginx
content-length
0
content-type
text/plain; charset=UTF-8
t
t.lkqd.net/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://t.lkqd.net/t
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.128.190 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type
Origin
https://www.nyasatimes.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

server
nginx
date
Tue, 09 Nov 2021 04:55:43 GMT
content-type
text/plain; charset=UTF-8
content-length
0
access-control-allow-credentials
true
access-control-expose-headers
Content-Type, Content-Disposition
access-control-allow-headers
Content-Type
access-control-allow-methods
GET, OPTIONS, POST
cache-control
max-age=300
access-control-max-age
300
access-control-allow-origin
https://www.nyasatimes.com
PMAdMgr.js
vpaid.pubmatic.com/ads/video/ Frame A0F5 		152 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr==&gdpr_consent=&kadpageurl=https%3A%2F%2Fwww.nyasatimes.com%2F&schain=1.0,1!vidoomy.com,62144,1,1636433742316,,
Requested by
Host: blank
URL: about:blank
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-233-180.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
f0f6a8b6c19b0c4d1cab075ab2f4f755cfef747424837668e65f431410f816e8

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 09 Nov 2021 04:55:43 GMT
content-encoding
gzip
last-modified
Tue, 10 Aug 2021 05:02:46 GMT
server
Apache/2.2.15 (CentOS)
etag
"1408294-25f9a-5c92d699d3c58"
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=10800
accept-ranges
bytes
content-length
36260
showad.js
ads.pubmatic.com/AdServer/js/ Frame 3AF3 		38 KB
14 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/showad.js?
Requested by
Host: vpaid.pubmatic.com
URL: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr==&gdpr_consent=&kadpageurl=https%3A%2F%2Fwww.nyasatimes.com%2F&schain=1.0,1!vidoomy.com,62144,1,1636433742316,,
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-233-180.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
e2cdec10db9a0a224e9f5e49b6f004c5426564fb8d857ad3df480e9c916bafe6

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

last-modified
Tue, 19 Oct 2021 10:00:01 GMT
etag
"1302647-96ae-5ceb1b98ba7c4"
server
Apache/2.2.15 (CentOS)
accept-ranges
bytes
content-encoding
gzip
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
13882
content-type
text/html; charset=UTF-8
cache-control
public, max-age=87038
expires
Wed, 10 Nov 2021 05:06:21 GMT
date
Tue, 09 Nov 2021 04:55:43 GMT
vary
Accept-Encoding
showad.js
ads.pubmatic.com/AdServer/js/ Frame A0F5 		38 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/showad.js?
Requested by
Host: vpaid.pubmatic.com
URL: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr==&gdpr_consent=&kadpageurl=https%3A%2F%2Fwww.nyasatimes.com%2F&schain=1.0,1!vidoomy.com,62144,1,1636433742316,,
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-233-180.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
e2cdec10db9a0a224e9f5e49b6f004c5426564fb8d857ad3df480e9c916bafe6

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 09 Nov 2021 04:55:43 GMT
content-encoding
gzip
last-modified
Tue, 19 Oct 2021 10:00:01 GMT
server
Apache/2.2.15 (CentOS)
etag
"1302647-96ae-5ceb1b98ba7c4"
vary
Accept-Encoding
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
public, max-age=87038
accept-ranges
bytes
content-type
text/html; charset=UTF-8
content-length
13882
expires
Wed, 10 Nov 2021 05:06:21 GMT
show_ads_impl_with_ama_fy2019.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202111040101/ Frame 6C8C 		267 KB
96 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202111040101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-6272874513322487&plah=40c08bcac5bf885dbd447c370f4f6d6d.safeframe.googlesyndication.com
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
6ef8f450e55451de3da1e6ec1d6a883e42112841adcdedbb2d6da5d926b67c8b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://40c08bcac5bf885dbd447c370f4f6d6d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 09 Nov 2021 04:55:44 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
97992
x-xss-protection
0
server
cafe
etag
6769920751861283988
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
expires
Tue, 09 Nov 2021 04:55:44 GMT
show_ads_impl_with_ama_fy2019.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202111040101/ Frame 40B1 		267 KB
96 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202111040101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-6272874513322487&plah=40c08bcac5bf885dbd447c370f4f6d6d.safeframe.googlesyndication.com&bust=31063681
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
6ef8f450e55451de3da1e6ec1d6a883e42112841adcdedbb2d6da5d926b67c8b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://40c08bcac5bf885dbd447c370f4f6d6d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 09 Nov 2021 04:55:44 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
97992
x-xss-protection
0
server
cafe
etag
6769920751861283988
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
expires
Tue, 09 Nov 2021 04:55:44 GMT
AdServerServlet
vid.pubmatic.com/AdServer/ Frame A0F5 		27 B
0 		XHR
General
Check archive.org
Download Go to
Full URL
https://vid.pubmatic.com/AdServer/AdServerServlet?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+7+9+1+1+6&gdpr=0&gdpr_consent=&kadpageurl=https%3A%2F%2Fwww.nyasatimes.com%2F&schain=1.0,1!vidoomy.com,62144,1,1636433742316,,&us_privacy=&cb=1636433743357&SAVersion=2&inIframe=1&pageURL=https%253A%252F%252Fwww.nyasatimes.com%252F&screenResolution=1600x1200&kdntuid=1&vwndh=0&vwndw=0&vwndurl=https%253A%252F%252Fwww.nyasatimes.com%252F&vwndref=&vc=2&js=1&sec=1&kltstamp=2021-11-9%204:55:43&ranreq=0.5484194776506954&timezone=0&depth=0
Requested by
Host: vpaid.pubmatic.com
URL: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr==&gdpr_consent=&kadpageurl=https%3A%2F%2Fwww.nyasatimes.com%2F&schain=1.0,1!vidoomy.com,62144,1,1636433742316,,
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.111 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 09 Nov 2021 04:55:43 GMT
content-encoding
gzip
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
access-control-allow-origin
https://www.nyasatimes.com
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
x-vdbg
1:0/165:-1
content-type
application/xml; charset=utf-8
i
vid-io-cle.springserve.com/vd/ Frame 9677 		0
118 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://vid-io-cle.springserve.com/vd/i?suuid=79c96c46&ps_id=356921&batch=1
Requested by
Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_d700fabb.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.139.192.142 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-139-192-142.us-east-2.compute.amazonaws.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.nyasatimes.com
date
Tue, 09 Nov 2021 04:55:44 GMT
access-control-allow-credentials
true
server
nginx
content-length
0
track
aktrack.pubmatic.com/ Frame 9677 		0
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aktrack.pubmatic.com/track?operId=7&p=156498&s=399115&a=1801592&ts=1636433743&wa=0&e=96&ier=901
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-233-180.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 09 Nov 2021 04:55:43 GMT
content-length
0
content-type
text/html
PMAdMgr.js
vpaid.pubmatic.com/ads/video/ Frame 4CFF 		152 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr=0&gdpr_consent=&kadpageurl=https%3A%2F%2Fwww.nyasatimes.com%2F&schain=1.0%2C1%21vidoomy.com%2C62144%2C1%2C1083521826631421030118426251%2C%2C
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-233-180.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
f0f6a8b6c19b0c4d1cab075ab2f4f755cfef747424837668e65f431410f816e8

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 09 Nov 2021 04:55:44 GMT
content-encoding
gzip
last-modified
Tue, 10 Aug 2021 05:02:46 GMT
server
Apache/2.2.15 (CentOS)
etag
"1408294-25f9a-5c92d699d3c58"
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=10800
accept-ranges
bytes
content-length
36260
showad.js
ads.pubmatic.com/AdServer/js/ Frame C564 		38 KB
14 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/showad.js?
Requested by
Host: vpaid.pubmatic.com
URL: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr=0&gdpr_consent=&kadpageurl=https%3A%2F%2Fwww.nyasatimes.com%2F&schain=1.0%2C1%21vidoomy.com%2C62144%2C1%2C1083521826631421030118426251%2C%2C
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-233-180.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
e2cdec10db9a0a224e9f5e49b6f004c5426564fb8d857ad3df480e9c916bafe6

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

last-modified
Tue, 19 Oct 2021 10:00:01 GMT
etag
"1302647-96ae-5ceb1b98ba7c4"
server
Apache/2.2.15 (CentOS)
accept-ranges
bytes
content-encoding
gzip
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
13882
content-type
text/html; charset=UTF-8
cache-control
public, max-age=87037
expires
Wed, 10 Nov 2021 05:06:21 GMT
date
Tue, 09 Nov 2021 04:55:44 GMT
vary
Accept-Encoding
showad.js
ads.pubmatic.com/AdServer/js/ Frame 4CFF 		38 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/showad.js?
Requested by
Host: vpaid.pubmatic.com
URL: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr=0&gdpr_consent=&kadpageurl=https%3A%2F%2Fwww.nyasatimes.com%2F&schain=1.0%2C1%21vidoomy.com%2C62144%2C1%2C1083521826631421030118426251%2C%2C
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-233-180.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
e2cdec10db9a0a224e9f5e49b6f004c5426564fb8d857ad3df480e9c916bafe6

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 09 Nov 2021 04:55:44 GMT
content-encoding
gzip
last-modified
Tue, 19 Oct 2021 10:00:01 GMT
server
Apache/2.2.15 (CentOS)
etag
"1302647-96ae-5ceb1b98ba7c4"
vary
Accept-Encoding
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
public, max-age=87037
accept-ranges
bytes
content-type
text/html; charset=UTF-8
content-length
13882
expires
Wed, 10 Nov 2021 05:06:21 GMT
t
t.lkqd.net/ Frame 3D44 		0
166 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://t.lkqd.net/t
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.128.190 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
application/json

Response headers

access-control-allow-origin
https://www.nyasatimes.com
date
Tue, 09 Nov 2021 04:55:44 GMT
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
server
nginx
content-length
0
content-type
text/plain; charset=UTF-8
t
t.lkqd.net/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://t.lkqd.net/t
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.128.190 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type
Origin
https://www.nyasatimes.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

server
nginx
date
Tue, 09 Nov 2021 04:55:44 GMT
content-type
text/plain; charset=UTF-8
content-length
0
access-control-allow-credentials
true
access-control-expose-headers
Content-Type, Content-Disposition
access-control-allow-headers
Content-Type
access-control-allow-methods
GET, OPTIONS, POST
cache-control
max-age=300
access-control-max-age
300
access-control-allow-origin
https://www.nyasatimes.com
aNNWlbpyBdP4mP9d7th6qOA8X9p-adJ6S1XSHexjUrk.js
pagead2.googlesyndication.com/bg/ Frame 3C58 		35 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/aNNWlbpyBdP4mP9d7th6qOA8X9p-adJ6S1XSHexjUrk.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
68d35695ba7205d3f898ff5deed87aa8e03c5fda7e69d27a4b55d21dec6352b9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Mon, 08 Nov 2021 19:22:17 GMT
content-encoding
br
x-content-type-options
nosniff
age
34407
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13338
x-xss-protection
0
last-modified
Fri, 29 Oct 2021 13:38:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Tue, 08 Nov 2022 19:22:17 GMT
AdServerServlet
vid.pubmatic.com/AdServer/ Frame 4CFF 		27 B
366 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://vid.pubmatic.com/AdServer/AdServerServlet?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+7+9+1+1+6&gdpr=0&gdpr_consent=&kadpageurl=https%3A%2F%2Fwww.nyasatimes.com%2F&schain=1.0%2C1%21vidoomy.com%2C62144%2C1%2C1083521826631421030118426251%2C%2C&us_privacy=&cb=1636433744107&SAVersion=2&inIframe=1&pageURL=https%253A%252F%252Fwww.nyasatimes.com%252F&screenResolution=1600x1200&kdntuid=1&vwndh=0&vwndw=0&vwndurl=https%253A%252F%252Fwww.nyasatimes.com%252F&vwndref=&vc=2&js=1&sec=1&kltstamp=2021-11-9%204:55:44&ranreq=0.4393002648950246&timezone=0&depth=0
Requested by
Host: vpaid.pubmatic.com
URL: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr=0&gdpr_consent=&kadpageurl=https%3A%2F%2Fwww.nyasatimes.com%2F&schain=1.0%2C1%21vidoomy.com%2C62144%2C1%2C1083521826631421030118426251%2C%2C
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.111 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
a71702232a771b558b12f8c0012a15f5652b500fd2e33464d283406cee36754d

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 09 Nov 2021 04:55:44 GMT
content-encoding
gzip
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
access-control-allow-origin
https://www.nyasatimes.com
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
x-vdbg
1:0/165:-1
content-type
application/xml; charset=utf-8
PMAdMgr.js
vpaid.pubmatic.com/ads/video/ Frame 6CBC 		152 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr=0&gdpr_consent=&kadpageurl=https%3A%2F%2Fwww.nyasatimes.com%2F&schain=1.0%2C1%21vidoomy.com%2C62144%2C1%2C2713954881083521826631421030%2C%2C
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-233-180.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
f0f6a8b6c19b0c4d1cab075ab2f4f755cfef747424837668e65f431410f816e8

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 09 Nov 2021 04:55:44 GMT
content-encoding
gzip
last-modified
Tue, 10 Aug 2021 05:02:46 GMT
server
Apache/2.2.15 (CentOS)
etag
"1408294-25f9a-5c92d699d3c58"
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=10800
accept-ranges
bytes
content-length
36260
track
aktrack.pubmatic.com/ Frame 4CFF 		0
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aktrack.pubmatic.com/track?operId=7&p=156498&s=399115&a=1801592&ts=1636433745&wa=0&e=95&vc=2
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-233-180.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 09 Nov 2021 04:55:44 GMT
content-length
0
content-type
text/html
showad.js
ads.pubmatic.com/AdServer/js/ Frame 68CA 		38 KB
14 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/showad.js?
Requested by
Host: vpaid.pubmatic.com
URL: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr=0&gdpr_consent=&kadpageurl=https%3A%2F%2Fwww.nyasatimes.com%2F&schain=1.0%2C1%21vidoomy.com%2C62144%2C1%2C2713954881083521826631421030%2C%2C
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-233-180.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
e2cdec10db9a0a224e9f5e49b6f004c5426564fb8d857ad3df480e9c916bafe6

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

last-modified
Tue, 19 Oct 2021 10:00:01 GMT
etag
"1302647-96ae-5ceb1b98ba7c4"
server
Apache/2.2.15 (CentOS)
accept-ranges
bytes
content-encoding
gzip
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
13882
content-type
text/html; charset=UTF-8
cache-control
public, max-age=87037
expires
Wed, 10 Nov 2021 05:06:21 GMT
date
Tue, 09 Nov 2021 04:55:44 GMT
vary
Accept-Encoding
showad.js
ads.pubmatic.com/AdServer/js/ Frame 6CBC 		38 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/showad.js?
Requested by
Host: vpaid.pubmatic.com
URL: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr=0&gdpr_consent=&kadpageurl=https%3A%2F%2Fwww.nyasatimes.com%2F&schain=1.0%2C1%21vidoomy.com%2C62144%2C1%2C2713954881083521826631421030%2C%2C
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-233-180.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
e2cdec10db9a0a224e9f5e49b6f004c5426564fb8d857ad3df480e9c916bafe6

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 09 Nov 2021 04:55:44 GMT
content-encoding
gzip
last-modified
Tue, 19 Oct 2021 10:00:01 GMT
server
Apache/2.2.15 (CentOS)
etag
"1302647-96ae-5ceb1b98ba7c4"
vary
Accept-Encoding
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
public, max-age=87037
accept-ranges
bytes
content-type
text/html; charset=UTF-8
content-length
13882
expires
Wed, 10 Nov 2021 05:06:21 GMT
t
t.lkqd.net/ Frame 3D44 		0
166 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://t.lkqd.net/t
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.128.190 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
application/json

Response headers

access-control-allow-origin
https://www.nyasatimes.com
date
Tue, 09 Nov 2021 04:55:44 GMT
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
server
nginx
content-length
0
content-type
text/plain; charset=UTF-8
t
t.lkqd.net/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://t.lkqd.net/t
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.128.190 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type
Origin
https://www.nyasatimes.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

server
nginx
date
Tue, 09 Nov 2021 04:55:44 GMT
content-type
text/plain; charset=UTF-8
content-length
0
access-control-allow-credentials
true
access-control-expose-headers
Content-Type, Content-Disposition
access-control-allow-headers
Content-Type
access-control-allow-methods
GET, OPTIONS, POST
cache-control
max-age=300
access-control-max-age
300
access-control-allow-origin
https://www.nyasatimes.com
AdServerServlet
vid.pubmatic.com/AdServer/ Frame 6CBC 		27 B
366 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://vid.pubmatic.com/AdServer/AdServerServlet?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+7+9+1+1+6&gdpr=0&gdpr_consent=&kadpageurl=https%3A%2F%2Fwww.nyasatimes.com%2F&schain=1.0%2C1%21vidoomy.com%2C62144%2C1%2C2713954881083521826631421030%2C%2C&us_privacy=&cb=1636433744720&SAVersion=2&inIframe=1&pageURL=https%253A%252F%252Fwww.nyasatimes.com%252F&screenResolution=1600x1200&kdntuid=1&vwndh=0&vwndw=0&vwndurl=https%253A%252F%252Fwww.nyasatimes.com%252F&vwndref=&vc=2&js=1&sec=1&kltstamp=2021-11-9%204:55:45&ranreq=0.7567620752842512&timezone=0&depth=0
Requested by
Host: vpaid.pubmatic.com
URL: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr=0&gdpr_consent=&kadpageurl=https%3A%2F%2Fwww.nyasatimes.com%2F&schain=1.0%2C1%21vidoomy.com%2C62144%2C1%2C2713954881083521826631421030%2C%2C
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.111 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
a71702232a771b558b12f8c0012a15f5652b500fd2e33464d283406cee36754d

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 09 Nov 2021 04:55:45 GMT
content-encoding
gzip
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
access-control-allow-origin
https://www.nyasatimes.com
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
x-vdbg
1:0/165:-1
content-type
application/xml; charset=utf-8
PMAdMgr.js
vpaid.pubmatic.com/ads/video/ Frame 0C6E 		152 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr=0&gdpr_consent=&kadpageurl=https%3A%2F%2Fwww.nyasatimes.com%2F&schain=1.0%2C1%21vidoomy.com%2C62144%2C1%2C1083521826631421030929664512%2C%2C
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-233-180.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
f0f6a8b6c19b0c4d1cab075ab2f4f755cfef747424837668e65f431410f816e8

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 09 Nov 2021 04:55:45 GMT
content-encoding
gzip
last-modified
Tue, 10 Aug 2021 05:02:46 GMT
server
Apache/2.2.15 (CentOS)
etag
"1408294-25f9a-5c92d699d3c58"
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=10800
accept-ranges
bytes
content-length
36260
track
aktrack.pubmatic.com/ Frame 6CBC 		0
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aktrack.pubmatic.com/track?operId=7&p=156498&s=399115&a=1801592&ts=1636433745&wa=0&e=95&vc=2
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-233-180.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 09 Nov 2021 04:55:45 GMT
content-length
0
content-type
text/html
t
t.lkqd.net/ Frame 3D44 		0
166 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://t.lkqd.net/t
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.128.190 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
application/json

Response headers

access-control-allow-origin
https://www.nyasatimes.com
date
Tue, 09 Nov 2021 04:55:45 GMT
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
server
nginx
content-length
0
content-type
text/plain; charset=UTF-8
t
t.lkqd.net/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://t.lkqd.net/t
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.128.190 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type
Origin
https://www.nyasatimes.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

server
nginx
date
Tue, 09 Nov 2021 04:55:45 GMT
content-type
text/plain; charset=UTF-8
content-length
0
access-control-allow-credentials
true
access-control-expose-headers
Content-Type, Content-Disposition
access-control-allow-headers
Content-Type
access-control-allow-methods
GET, OPTIONS, POST
cache-control
max-age=300
access-control-max-age
300
access-control-allow-origin
https://www.nyasatimes.com
showad.js
ads.pubmatic.com/AdServer/js/ Frame C92D 		38 KB
14 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/showad.js?
Requested by
Host: vpaid.pubmatic.com
URL: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr=0&gdpr_consent=&kadpageurl=https%3A%2F%2Fwww.nyasatimes.com%2F&schain=1.0%2C1%21vidoomy.com%2C62144%2C1%2C1083521826631421030929664512%2C%2C
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-233-180.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
e2cdec10db9a0a224e9f5e49b6f004c5426564fb8d857ad3df480e9c916bafe6

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

last-modified
Tue, 19 Oct 2021 10:00:01 GMT
etag
"1302647-96ae-5ceb1b98ba7c4"
server
Apache/2.2.15 (CentOS)
accept-ranges
bytes
content-encoding
gzip
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
13882
content-type
text/html; charset=UTF-8
cache-control
public, max-age=87036
expires
Wed, 10 Nov 2021 05:06:21 GMT
date
Tue, 09 Nov 2021 04:55:45 GMT
vary
Accept-Encoding
showad.js
ads.pubmatic.com/AdServer/js/ Frame 0C6E 		38 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/showad.js?
Requested by
Host: vpaid.pubmatic.com
URL: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr=0&gdpr_consent=&kadpageurl=https%3A%2F%2Fwww.nyasatimes.com%2F&schain=1.0%2C1%21vidoomy.com%2C62144%2C1%2C1083521826631421030929664512%2C%2C
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-233-180.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
e2cdec10db9a0a224e9f5e49b6f004c5426564fb8d857ad3df480e9c916bafe6

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 09 Nov 2021 04:55:45 GMT
content-encoding
gzip
last-modified
Tue, 19 Oct 2021 10:00:01 GMT
server
Apache/2.2.15 (CentOS)
etag
"1302647-96ae-5ceb1b98ba7c4"
vary
Accept-Encoding
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
public, max-age=87036
accept-ranges
bytes
content-type
text/html; charset=UTF-8
content-length
13882
expires
Wed, 10 Nov 2021 05:06:21 GMT
integrator.js
adservice.google.com/adsid/ 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=www.nyasatimes.com
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202111080101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-6272874513322487&plah=www.nyasatimes.com&bust=31063682
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.nyasatimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 09 Nov 2021 04:55:45 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20211103/r20110914/ Frame 0402 		11 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20211103/r20110914/zrt_lookup.html?fsb=1
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202111080101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-6272874513322487&plah=www.nyasatimes.com&bust=31063682
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
097ee9cf7679385b826098b24be6ed2e5c6b660342513932a8018203cc0497bc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://www.nyasatimes.com/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
vary
Accept-Encoding
date
Mon, 08 Nov 2021 19:01:06 GMT
expires
Mon, 22 Nov 2021 19:01:06 GMT
content-type
text/html; charset=UTF-8
etag
2948287274155451234
x-content-type-options
nosniff
content-encoding
gzip
server
cafe
content-length
4905
x-xss-protection
0
age
35679
cache-control
public, max-age=1209600
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20211103/r20110914/ Frame 4A4D 		11 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20211103/r20110914/zrt_lookup.html?fsb=1
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202111080101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-6272874513322487&plah=www.nyasatimes.com&bust=31063682
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
097ee9cf7679385b826098b24be6ed2e5c6b660342513932a8018203cc0497bc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://www.nyasatimes.com/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
vary
Accept-Encoding
date
Mon, 08 Nov 2021 19:01:06 GMT
expires
Mon, 22 Nov 2021 19:01:06 GMT
content-type
text/html; charset=UTF-8
etag
2948287274155451234
x-content-type-options
nosniff
content-encoding
gzip
server
cafe
content-length
4905
x-xss-protection
0
age
35679
cache-control
public, max-age=1209600
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
gen_204
pagead2.googlesyndication.com/pagead/ Frame 3C58 		0
22 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=B02bsSf-JYbrBKtb4gAfi9orACAAAAAA4AeAEAg&bg=!RkWlRQHNAAYH3anuB907ACkAdvg8WgzfLQoN_KRt7W3eOKpy84nZkRl9SZg4U-LaCsYppLP91dLaxgIAAACBUgAAAAtoAQcKAD2zCy4hoq2lHW0sOWdZGvNw8w8drsDGCHicV74OCPs04bZMukJDm5YzrnSvsFeG1t_zak39gRk2lRwku7b0mQL4NvQOS2nU0UCAqJ1U6FsvJq03wN14lIC7ACgasA9_7FknD5TI1J6eKkog9bOF2Ewro9rYMfL1cHrlsxQnc7oSoDRpWJ5dI7Oi87TgceznEw7nMc4RlgI4cbqqDaQDhBckGN_opwgwUyH_jmqIBnU1pODaU1r8ocjUszqpDMw9NDDt3SvMLmYcrcV2niYk5_VIy4za5xr9QZkJvkWc77D6nDmMens4GAblBF0kn9dvI2m_epQ_sacCYhPEGPmEshy6iM-W46lQc9Cvt4elyt-1DsWRS5Lfk992Xt8D46HDVehZFhrLZNnrFLSYDL0u0stj2SpWtQpFfuie4kKzcIw8HNzz5ewFW_OXBeJxo_rVMdvRQDBIOuHiybyhYUsbwHTEN7rCw-f-APViShDLJEf52FucTdA-eTCMbZ3KqlBQfzp9w2-buuYCe7K0xWXsiGQxx8CxpSbpHp6IaA-C-s1yOJpnmBcdWf2gCuzm7JxK2u1OAtoPidLgPlX6cWVKHQdLkAl9S2xaDsCOHfD83HUtJGdw6n-ad35auDfXtQh6a19rs09Jg-YxZa3POBA_XfnUztUakxOBGMxbgrlVbDIrde5mX2Fa5v26r9ZnmW27rCkzyQnNAmPY1tRyN8iqMpmvAbOkkvap5hYTIjqKd9XZHcrSE_PwCLzYJtNaLxNcvJtPMjK2LH9CpLhTTSNOxTFRKUrlxkLUZdXirK4OF2m1kARqTkM57LueWJ1OAJFVoZp-SxcCi8gwvTt4dxV1TGa9fbqzPaKca3k-tyPuUyKcaXYzJ_Kk5ZK9Zbt_UvDtU3jeUMyj64ufYD9s8KXs0TeQSK4STHVho5IhffDIIOjdWOSjkkeuizJWt7L7cYhU5YZIwYoEghbuyriD5u-onUsGUQzWIEBHw0c6gUnd14j_xmKSUiP-9ZUvVeHzRbykF3MnjvLYZKxeC8l4gfBz6wl6wr47IxCJq53sBU21tSY_0N7kgsnEkHlezwwtOmoj_y_cbNLJnTXdvA
Requested by
Host: 40c08bcac5bf885dbd447c370f4f6d6d.safeframe.googlesyndication.com
URL: https://40c08bcac5bf885dbd447c370f4f6d6d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 09 Nov 2021 04:55:45 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
AdServerServlet
vid.pubmatic.com/AdServer/ Frame 0C6E 		27 B
136 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://vid.pubmatic.com/AdServer/AdServerServlet?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+7+9+1+1+6&gdpr=0&gdpr_consent=&kadpageurl=https%3A%2F%2Fwww.nyasatimes.com%2F&schain=1.0%2C1%21vidoomy.com%2C62144%2C1%2C1083521826631421030929664512%2C%2C&us_privacy=&cb=1636433745339&SAVersion=2&inIframe=1&pageURL=https%253A%252F%252Fwww.nyasatimes.com%252F&screenResolution=1600x1200&kdntuid=1&vwndh=0&vwndw=0&vwndurl=https%253A%252F%252Fwww.nyasatimes.com%252F&vwndref=&vc=2&js=1&sec=1&kltstamp=2021-11-9%204:55:45&ranreq=0.9192440675828948&timezone=0&depth=0
Requested by
Host: vpaid.pubmatic.com
URL: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr=0&gdpr_consent=&kadpageurl=https%3A%2F%2Fwww.nyasatimes.com%2F&schain=1.0%2C1%21vidoomy.com%2C62144%2C1%2C1083521826631421030929664512%2C%2C
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.111 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
a71702232a771b558b12f8c0012a15f5652b500fd2e33464d283406cee36754d

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 09 Nov 2021 04:55:45 GMT
content-encoding
gzip
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
access-control-allow-origin
https://www.nyasatimes.com
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
x-vdbg
1:0/165:-1
content-type
application/xml; charset=utf-8
1x1.trans.gif
www.nyasatimes.com/wp-content/plugins/lazy-load/images/ 		42 B
373 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.nyasatimes.com/wp-content/plugins/lazy-load/images/1x1.trans.gif
Requested by
Host: 3e58xg3iuaa84csjh2769ipd-wpengine.netdna-ssl.com
URL: https://3e58xg3iuaa84csjh2769ipd-wpengine.netdna-ssl.com/wp-content/plugins/autoptimize/classes/external/js/lazysizes.min.js?ao_version=2.9.2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4681 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.nyasatimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 09 Nov 2021 04:55:45 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
34200
cf-polished
status=not_needed
content-length
42
last-modified
Thu, 13 Apr 2017 10:28:12 GMT
server
cloudflare
etag
"58ef52bc-2a"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FT8lg3KNBfCRsM3uWV4gxZ3ZXEeESx3uRH6uHaRzHyjYaSr4JxhmlabBV%2FjXWABl2%2FOnhDkyeOQ99ZdyngIzh0EgLm41CDS2m4ndJBB7zkiAUfVrGOesOhGlihNvJfALVOo9S76v1M4KHvr7KRtp1A%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/gif
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
cf-ray
6ab4735fdb5e05e9-FRA
cf-bgj
imgq:85,h2pri
t
t.lkqd.net/ Frame 3D44 		0
166 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://t.lkqd.net/t
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.128.190 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
application/json

Response headers

access-control-allow-origin
https://www.nyasatimes.com
date
Tue, 09 Nov 2021 04:55:46 GMT
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
server
nginx
content-length
0
content-type
text/plain; charset=UTF-8
track
aktrack.pubmatic.com/ Frame 0C6E 		0
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aktrack.pubmatic.com/track?operId=7&p=156498&s=399115&a=1801592&ts=1636433746&wa=0&e=95&vc=2
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-233-180.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 09 Nov 2021 04:55:45 GMT
content-length
0
content-type
text/html
t
t.lkqd.net/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://t.lkqd.net/t
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.128.190 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type
Origin
https://www.nyasatimes.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

server
nginx
date
Tue, 09 Nov 2021 04:55:46 GMT
content-type
text/plain; charset=UTF-8
content-length
0
access-control-allow-credentials
true
access-control-expose-headers
Content-Type, Content-Disposition
access-control-allow-headers
Content-Type
access-control-allow-methods
GET, OPTIONS, POST
cache-control
max-age=300
access-control-max-age
300
access-control-allow-origin
https://www.nyasatimes.com
9703f06907c5d574db4d8eade29cba29.js
www.gstatic.com/mysidia/ Frame 4A4D 		8 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/mysidia/9703f06907c5d574db4d8eade29cba29.js?tag=client_fast_engine_2019
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20211103/r20110914/zrt_lookup.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.195 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f3.1e100.net
Software
sffe /
Resource Hash
b1ea339daaa89b586a011d5bd1950ac69401da87ac9b364d631847cf3e2cd7ca
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 02 Nov 2021 05:32:01 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
602625
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3339
x-xss-protection
0
last-modified
Thu, 28 Oct 2021 04:53:03 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type
text/javascript
cache-control
public, max-age=7776000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="mysidia"
expires
Mon, 31 Jan 2022 05:32:01 GMT
8a67d772edd96b36f2855b74b7c31d82.js
www.gstatic.com/mysidia/ Frame 4A4D 		8 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/mysidia/8a67d772edd96b36f2855b74b7c31d82.js?tag=text/vanilla_highlight
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20211103/r20110914/zrt_lookup.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.195 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f3.1e100.net
Software
sffe /
Resource Hash
d7a6c57be84a2088f7cdfd0d3a289ced1e5097cc8a6ced0de0185d4943267f52
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Thu, 04 Nov 2021 05:17:08 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
430718
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3479
x-xss-protection
0
last-modified
Wed, 03 Nov 2021 05:34:30 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="mysidia"
vary
Accept-Encoding
report-to
{"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type
text/javascript
cache-control
public, max-age=7776000
accept-ranges
bytes
expires
Wed, 02 Feb 2022 05:17:08 GMT
css
fonts.googleapis.com/ Frame 4A4D 		3 KB
580 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20211103/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
32b5c88160bab78ae20a39de4a8abe015f4f4c5d48be8300a6686d32a570ccfb
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Tue, 09 Nov 2021 04:44:56 GMT
server
ESF
date
Tue, 09 Nov 2021 04:55:46 GMT
x-frame-options
SAMEORIGIN
report-to
{"group":"AXrpQdfmR0fDhCOPhF1MuC4lh4qBOg6Nc66MCVJYeKk","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/encsid_AXrpQdfmR0fDhCOPhF1MuC4lh4qBOg6Nc66MCVJYeKk"}]}
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
cross-origin-opener-policy-report-only
same-origin; report-to="AXrpQdfmR0fDhCOPhF1MuC4lh4qBOg6Nc66MCVJYeKk"
expires
Tue, 09 Nov 2021 04:55:46 GMT
load_preloaded_resource_fy2019.js
tpc.googlesyndication.com/pagead/js/r20211103/r20110914/client/ Frame 4A4D 		2 KB
912 B 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20211103/r20110914/client/load_preloaded_resource_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20211103/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
1b4e852fde612daeb72f1f4cca801a99cc2730875048c5ac3faa9f5ca5854155
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 09 Nov 2021 04:35:03 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1243
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
885
x-xss-protection
0
server
cafe
etag
638833322182864030
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 23 Nov 2021 04:35:03 GMT
abg_lite_fy2019.js
tpc.googlesyndication.com/pagead/js/r20211103/r20110914/ Frame 4A4D 		19 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20211103/r20110914/abg_lite_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20211103/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
4c9d68e6fcd7df4461d8628656db38b9b67c9f193e49fdd74e0ab213c56e3581
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 09 Nov 2021 04:51:27 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
259
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7933
x-xss-protection
0
server
cafe
etag
7671872550847203596
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 23 Nov 2021 04:51:27 GMT
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20211103/r20110914/client/ Frame 4A4D 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20211103/r20110914/client/window_focus_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20211103/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
4af635698cb6488a8df86b99febedbc979c76e04f675f3a9cdc66f7b4d86aff6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 09 Nov 2021 04:45:43 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
603
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1470
x-xss-protection
0
server
cafe
etag
9165589572046851897
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 23 Nov 2021 04:45:43 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 4A4D 		121 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20211103/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
sffe /
Resource Hash
eae50574ea0a56447a194b3b9b6f1c5b351bc2839e59a8faed20d1c93ca6e651
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 09 Nov 2021 04:55:46 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
37743
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1636374859716629"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Tue, 09 Nov 2021 04:55:46 GMT
qs_click_protection_fy2019.js
tpc.googlesyndication.com/pagead/js/r20211103/r20110914/client/ Frame 4A4D 		15 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20211103/r20110914/client/qs_click_protection_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20211103/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
69a051355ad02c286b388a0013340d02657eb3f463d628f7fc1069c40ab8a7e5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 09 Nov 2021 04:35:24 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1222
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6619
x-xss-protection
0
server
cafe
etag
4215814365075848680
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 23 Nov 2021 04:35:24 GMT
l
www.google.com/ads/measurement/ Frame 4A4D 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaT_uTR_TaqaCPzOw7aEd0SOf55kHe2_NIeoBYuYiR18b6xuCSJLzfRdS8qTMt88QKoZ8Cf1ktLYcelCE4qsrEuUfGRV-w
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20211103/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers
5193475774055ccce470a7af02e48ef6.js
www.gstatic.com/mysidia/ Frame 4A4D 		27 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/mysidia/5193475774055ccce470a7af02e48ef6.js?tag=mysidia_one_click_handler_one_afma_2019
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20211103/r20110914/zrt_lookup.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.195 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f3.1e100.net
Software
sffe /
Resource Hash
024bf58839434bcdbb669f44e683ecbb58be25cde0d0e721d68031a67a40dd40
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 02 Nov 2021 05:32:03 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
602623
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11340
x-xss-protection
0
last-modified
Thu, 28 Oct 2021 04:53:03 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type
text/javascript
cache-control
public, max-age=7776000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="mysidia"
expires
Mon, 31 Jan 2022 05:32:03 GMT
css2
fonts.googleapis.com/ Frame 0402 		4 KB
635 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Roboto:wght@400;700&display=swap
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20211103/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
ab7475d461d9f613ef90faa375ec3387987dd7536af23c13cacd6be9c0c0e370
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Tue, 09 Nov 2021 04:52:46 GMT
server
ESF
date
Tue, 09 Nov 2021 04:55:46 GMT
x-frame-options
SAMEORIGIN
report-to
{"group":"AXrpQdfmR0fDhCOPhF1MuC4lh4qBOg6Nc66MCVJYeKk","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/encsid_AXrpQdfmR0fDhCOPhF1MuC4lh4qBOg6Nc66MCVJYeKk"}]}
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
cross-origin-opener-policy-report-only
same-origin; report-to="AXrpQdfmR0fDhCOPhF1MuC4lh4qBOg6Nc66MCVJYeKk"
expires
Tue, 09 Nov 2021 04:55:46 GMT
feedback_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame 0402 		205 B
492 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gstatic.com/images/icons/material/system/2x/feedback_grey600_24dp.png
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20211103/r20110914/zrt_lookup.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.195 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f3.1e100.net
Software
sffe /
Resource Hash
4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Mon, 08 Nov 2021 23:46:23 GMT
x-content-type-options
nosniff
age
18563
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
205
x-xss-protection
0
last-modified
Tue, 22 Oct 2019 18:15:00 GMT
server
sffe
vary
Origin
report-to
{"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type
image/png
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="static-on-bigtable"
expires
Tue, 08 Nov 2022 23:46:23 GMT
settings_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame 0402 		604 B
696 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gstatic.com/images/icons/material/system/2x/settings_grey600_24dp.png
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20211103/r20110914/zrt_lookup.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.195 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f3.1e100.net
Software
sffe /
Resource Hash
5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Sun, 07 Nov 2021 16:17:08 GMT
x-content-type-options
nosniff
age
131918
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
604
x-xss-protection
0
last-modified
Tue, 22 Oct 2019 18:15:00 GMT
server
sffe
vary
Origin
report-to
{"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type
image/png
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="static-on-bigtable"
expires
Mon, 07 Nov 2022 16:17:08 GMT
interstitial_ad_frame_fy2019.js
tpc.googlesyndication.com/pagead/js/r20211103/r20110914/elements/html/ Frame 0402 		19 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20211103/r20110914/elements/html/interstitial_ad_frame_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20211103/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
b6e53c942b19db58c2d7f74fd56324abaaa5624df6aa559aaab50c56d13c69f1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 09 Nov 2021 03:22:24 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
5602
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
8166
x-xss-protection
0
server
cafe
etag
3013067873597081824
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 23 Nov 2021 03:22:24 GMT
/
eum-eu-west-1.instana.io/ Frame 42B1 		0
190 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://eum-eu-west-1.instana.io/
Requested by
Host: eum.instana.io
URL: https://eum.instana.io/eum.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
108.128.44.193 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-108-128-44-193.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://singles.parship.de/lp/v00/6/U/htlp/index2.html?pscode=01_100_60078_1026_0001_0001_empty_AF00ID_GV1636433739.5503284.48ab17ac-4119-11ec-82f1-00155d255900ID
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
Date
Tue, 09 Nov 2021 04:55:46 GMT
Cache-Control
no-cache, no-store
Connection
keep-alive
timing-allow-origin
*
Content-Length
0
css
fonts.googleapis.com/ Frame FCB6 		3 KB
580 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20211103/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
32b5c88160bab78ae20a39de4a8abe015f4f4c5d48be8300a6686d32a570ccfb
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Tue, 09 Nov 2021 04:53:09 GMT
server
ESF
date
Tue, 09 Nov 2021 04:55:46 GMT
x-frame-options
SAMEORIGIN
report-to
{"group":"AXrpQdfmR0fDhCOPhF1MuC4lh4qBOg6Nc66MCVJYeKk","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/encsid_AXrpQdfmR0fDhCOPhF1MuC4lh4qBOg6Nc66MCVJYeKk"}]}
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
cross-origin-opener-policy-report-only
same-origin; report-to="AXrpQdfmR0fDhCOPhF1MuC4lh4qBOg6Nc66MCVJYeKk"
expires
Tue, 09 Nov 2021 04:55:46 GMT
load_preloaded_resource_fy2019.js
tpc.googlesyndication.com/pagead/js/r20211103/r20110914/client/ Frame FCB6 		2 KB
912 B 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20211103/r20110914/client/load_preloaded_resource_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20211103/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
1b4e852fde612daeb72f1f4cca801a99cc2730875048c5ac3faa9f5ca5854155
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 09 Nov 2021 04:35:03 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1243
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
885
x-xss-protection
0
server
cafe
etag
638833322182864030
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 23 Nov 2021 04:35:03 GMT
abg_lite_fy2019.js
tpc.googlesyndication.com/pagead/js/r20211103/r20110914/ Frame FCB6 		19 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20211103/r20110914/abg_lite_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20211103/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
4c9d68e6fcd7df4461d8628656db38b9b67c9f193e49fdd74e0ab213c56e3581
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 09 Nov 2021 04:51:27 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
259
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7933
x-xss-protection
0
server
cafe
etag
7671872550847203596
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 23 Nov 2021 04:51:27 GMT
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20211103/r20110914/client/ Frame FCB6 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20211103/r20110914/client/window_focus_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20211103/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
4af635698cb6488a8df86b99febedbc979c76e04f675f3a9cdc66f7b4d86aff6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 09 Nov 2021 04:45:43 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
603
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1470
x-xss-protection
0
server
cafe
etag
9165589572046851897
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 23 Nov 2021 04:45:43 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame FCB6 		121 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20211103/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
sffe /
Resource Hash
eae50574ea0a56447a194b3b9b6f1c5b351bc2839e59a8faed20d1c93ca6e651
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 09 Nov 2021 04:55:46 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
37743
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1636374859716629"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Tue, 09 Nov 2021 04:55:46 GMT
qs_click_protection_fy2019.js
tpc.googlesyndication.com/pagead/js/r20211103/r20110914/client/ Frame FCB6 		15 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20211103/r20110914/client/qs_click_protection_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20211103/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
69a051355ad02c286b388a0013340d02657eb3f463d628f7fc1069c40ab8a7e5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 09 Nov 2021 04:35:24 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1222
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6619
x-xss-protection
0
server
cafe
etag
4215814365075848680
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 23 Nov 2021 04:35:24 GMT
l
www.google.com/ads/measurement/ Frame FCB6 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaQ2L4pXZziWbmo-8l3WfsgQpXxGxLiebcKVBEYjzAEsF_S_LUJKQZyQJqZo5LjMpxk9oVxcs9TroG7mTsBDAnUuFiRgvg
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20211103/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers
5193475774055ccce470a7af02e48ef6.js
www.gstatic.com/mysidia/ Frame FCB6 		27 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/mysidia/5193475774055ccce470a7af02e48ef6.js?tag=mysidia_one_click_handler_one_afma_2019
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20211103/r20110914/zrt_lookup.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.195 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f3.1e100.net
Software
sffe /
Resource Hash
024bf58839434bcdbb669f44e683ecbb58be25cde0d0e721d68031a67a40dd40
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 02 Nov 2021 05:32:03 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
602623
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11340
x-xss-protection
0
last-modified
Thu, 28 Oct 2021 04:53:03 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type
text/javascript
cache-control
public, max-age=7776000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="mysidia"
expires
Mon, 31 Jan 2022 05:32:03 GMT
ad
v.lkqd.net/ Frame 239D 		2 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://v.lkqd.net/ad?pid=430&sid=1151941&formats=true&output=vastvpaid&support=html5&execution=outstream&placement=slider&playinit=auto&volume=0&width=400&height=225&gdpr=0&gdprcs=&pageurl=https%3A%2F%2Fwww.nyasatimes.com%2F&dnt=0&c1=&c2=0&c3=1.0%2C1!vidoomy.com%2C62144%2C1%2C&c5=&c6=62144&rnd=97504146&m=
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/formats.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.128.151 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
1d4bf3a31fe934300b0714df8b06ae0571ebcf116eac943f718bd347cf114ea4

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 09 Nov 2021 04:55:46 GMT
content-encoding
gzip
server
nginx
content-type
application/xml; charset=UTF-8
access-control-allow-origin
https://www.nyasatimes.com
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-length
1359
vpaid.js
ad.lkqd.net/vpaid/ Frame 5E79 		230 KB
61 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/formats.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
/
Resource Hash
36ae762191d24727fbba21272ea14872bb7824188961282001d50e67f7b1881c

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 09 Nov 2021 04:55:46 GMT
content-encoding
gzip
last-modified
Tue, 02 Nov 2021 21:06:56 GMT
etag
"cca1f428155a1f13b17a4684f2c8ef1c"
x-hw
1636433746.cds125.am5.hn,1636433746.cds300.am5.c
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=1209600
accept-ranges
bytes
content-length
62015
usync.html
ad.lkqd.net/cookie-sync/ Frame ECAC 		5 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ad.lkqd.net/cookie-sync/usync.html
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
/
Resource Hash
b6ff02c733394664dbb2178c88a0d8ab1292602aaad412e44ee83c3ab7943faf

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

date
Tue, 09 Nov 2021 04:55:46 GMT
content-encoding
gzip
content-length
1909
content-type
text/html
last-modified
Tue, 26 Oct 2021 15:08:45 GMT
accept-ranges
bytes
etag
"10c6626c1705141142b0302e29b3bd0e"
cache-control
public, max-age=1209600
x-hw
1636433746.cds125.am5.hn,1636433746.cds257.am5.c
access-control-allow-origin
*
ad
v.lkqd.net/ Frame 5E79 		91 KB
6 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://v.lkqd.net/ad?pid=430&sid=1151941&formats=true&output=json2&support=html5&execution=outstream&placement=slider&playinit=auto&volume=0&width=400&height=225&gdpr=0&gdprcs=&pageurl=https%3A%2F%2Fwww.nyasatimes.com%2F&dnt=0&c1=&c2=0&c3=1.0%2C1!vidoomy.com%2C62144%2C1%2C&c5=&c6=62144&rnd=97504146&m=&rtv=1&thost=www.nyasatimes.com
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.128.151 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
436a0bfb30895463fa4ee57941ecee6ca3738f93f0dcd735f0ee1fc912f3d4ef

Request headers

Referer
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
application/json

Response headers

date
Tue, 09 Nov 2021 04:55:47 GMT
content-encoding
gzip
server
nginx
content-type
application/json
access-control-allow-origin
https://www.nyasatimes.com
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-length
6268
ad
v.lkqd.net/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://v.lkqd.net/ad?pid=430&sid=1151941&formats=true&output=json2&support=html5&execution=outstream&placement=slider&playinit=auto&volume=0&width=400&height=225&gdpr=0&gdprcs=&pageurl=https%3A%2F%2Fwww.nyasatimes.com%2F&dnt=0&c1=&c2=0&c3=1.0%2C1!vidoomy.com%2C62144%2C1%2C&c5=&c6=62144&rnd=97504146&m=&rtv=1&thost=www.nyasatimes.com
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.128.151 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type
Origin
https://www.nyasatimes.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

server
nginx
date
Tue, 09 Nov 2021 04:55:46 GMT
content-length
0
access-control-allow-origin
https://www.nyasatimes.com
access-control-max-age
300
cache-control
max-age=300
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-headers
Content-Type
access-control-expose-headers
Content-Type, Content-Disposition
access-control-allow-credentials
true
adview
googleads.g.doubleclick.net/pagead/ Frame 4A4D 		0
17 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/adview?ai=CB-1FTP-JYafzBpn03gPs-qf4Ba2DmaBm87GehpwO29keEAEgvv-xCmCV4pCCoAegAcvq08ACyAEBqQLkGoonXXGzPqgDAcgDywSqBPUBT9CVKmmI8PSsAC1gJNCtHA1bW-4ANOLqFUfJWoLedzulUeO9PnlXbkOVMdtT8bG9s6viCK9-c3BfD-4f2ey96_RDMdyUPXXE-EJmJj7-MGDJr9Cq07d-Tq_45bFDcRZQqHvvUDZFVLG0By8eb9vPJoN64QkWkj7TupDDGjOuOZspB4rkNYJwN2OzsOlfLaHqknmz4KGTGbWtqRRKUFNwTokLBS3y7USyHR7xJ3PCSpp0TzDMvitRWd2T0sLpmlgeqLmA3aErPgbdi-Q3Ufafr01nuzhSafp7MyHx1jyZ4ZjrQt-1VwPBpuAeH3ykFbGIqDpbZ3fABO_O56XvApIFBAgEGAGSBQQIBRgEgAehzZbBAagHjs4bqAeT2BuoB-6WsQKoB_6esQKoB9XJG6gHpr4b2AcB8gcFEKPe8wXSCAkIgOGAEBABGF-ACgHICwHYEw2IFAbQFQGAFwGyFxwKGggAEhRwdWItNjI3Mjg3NDUxMzMyMjQ4NxgA&sigh=ob78VviZTjE&uach_m=[UACH]
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20211103/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/html/r20211103/r20110914/zrt_lookup.html?fsb=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

timing-allow-origin
*
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
date
Tue, 09 Nov 2021 04:55:46 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
cs
cs.lkqd.net/ Frame ECAC 		43 B
308 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.lkqd.net/cs?partnerId=55&redirect=https%3A%2F%2Fidsync.rlcdn.com%2F464986.gif%3Fpartner_uid%3D%24%24rawlkqduserid%24%24&r=if
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/cookie-sync/usync.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.132.196 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ad.lkqd.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 09 Nov 2021 04:55:46 GMT
server
nginx
access-control-max-age
0
access-control-allow-methods
GET
content-type
image/gif
access-control-allow-origin
*
access-control-expose-headers
Content-Type, Content-Disposition
cache-control
max-age=0
access-control-allow-credentials
true
access-control-allow-headers
Content-Type
content-length
43
cs
cs.lkqd.net/ Frame ECAC 		43 B
308 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.lkqd.net/cs?partnerId=103&redirect=https%3A%2F%2Fevent.clientgear.com%2Fcookie%2Flkqd%3Fpartner%3Dlkqd%26cookieid%3D%24%24rawlkqduserid%24%24&r=if
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/cookie-sync/usync.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.132.196 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ad.lkqd.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 09 Nov 2021 04:55:46 GMT
server
nginx
access-control-max-age
0
access-control-allow-methods
GET
content-type
image/gif
access-control-allow-origin
*
access-control-expose-headers
Content-Type, Content-Disposition
cache-control
max-age=0
access-control-allow-credentials
true
access-control-allow-headers
Content-Type
content-length
43
cs
cs.lkqd.net/ Frame ECAC 		43 B
308 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.lkqd.net/cs?partnerId=102&redirect=https%3A%2F%2Fcs.krushmedia.com%2Fcd607442bfdf172cfcec45014a5f4ece.gif%3Fpuid%3D%24%24rawlkqduserid%24%24%26redir%3Dhttps%253A%252F%252Fcs.lkqd.net%252Fcs%253FpartnerId%253D102%2526partnerUserId%253D%255BUID%255D&r=if
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/cookie-sync/usync.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.132.196 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ad.lkqd.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 09 Nov 2021 04:55:46 GMT
server
nginx
access-control-max-age
0
access-control-allow-methods
GET
content-type
image/gif
access-control-allow-origin
*
access-control-expose-headers
Content-Type, Content-Disposition
cache-control
max-age=0
access-control-allow-credentials
true
access-control-allow-headers
Content-Type
content-length
43
cs
cs.lkqd.net/ Frame ECAC 		43 B
308 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.lkqd.net/cs?partnerId=99&redirect=https%3A%2F%2Fc.deployads.com%2Fcs%2FNXST%3Fb%3D%24%24rawlkqduserid%24%24&r=if
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/cookie-sync/usync.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.132.196 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ad.lkqd.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 09 Nov 2021 04:55:46 GMT
server
nginx
access-control-max-age
0
access-control-allow-methods
GET
content-type
image/gif
access-control-allow-origin
*
access-control-expose-headers
Content-Type, Content-Disposition
cache-control
max-age=0
access-control-allow-credentials
true
access-control-allow-headers
Content-Type
content-length
43
cs
cs.lkqd.net/ Frame ECAC
Redirect Chain
  • https://ad.turn.com/r/cs?pid=65
  • https://cs.lkqd.net/cs?partnerId=94&partnerUserId=2910766924132551182
43 B
308 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.lkqd.net/cs?partnerId=94&partnerUserId=2910766924132551182
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/cookie-sync/usync.html
Protocol
H2
Server
146.20.132.196 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ad.lkqd.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 09 Nov 2021 04:55:46 GMT
server
nginx
access-control-max-age
0
access-control-allow-methods
GET
content-type
image/gif
access-control-allow-origin
*
access-control-expose-headers
Content-Type, Content-Disposition
cache-control
max-age=0
access-control-allow-credentials
true
access-control-allow-headers
Content-Type
content-length
43

Redirect headers

location
https://cs.lkqd.net/cs?partnerId=94&partnerUserId=2910766924132551182
pragma
no-cache
date
Tue, 09 Nov 2021 04:55:46 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
0
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"
t
t.lkqd.net/ Frame 7D9C 		0
166 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://t.lkqd.net/t
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.128.190 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
application/json

Response headers

access-control-allow-origin
https://www.nyasatimes.com
date
Tue, 09 Nov 2021 04:55:47 GMT
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
server
nginx
content-length
0
content-type
text/plain; charset=UTF-8
t
t.lkqd.net/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://t.lkqd.net/t
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.128.190 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type
Origin
https://www.nyasatimes.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

server
nginx
date
Tue, 09 Nov 2021 04:55:47 GMT
content-type
text/plain; charset=UTF-8
content-length
0
access-control-allow-credentials
true
access-control-expose-headers
Content-Type, Content-Disposition
access-control-allow-headers
Content-Type
access-control-allow-methods
GET, OPTIONS, POST
cache-control
max-age=300
access-control-max-age
300
access-control-allow-origin
https://www.nyasatimes.com
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame 1287 		1 KB
753 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20211103/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/

Response headers

p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
vary
Accept-Encoding
date
Mon, 08 Nov 2021 18:26:41 GMT
expires
Tue, 09 Nov 2021 18:26:41 GMT
content-type
text/html; charset=UTF-8
etag
48472445140208031
x-content-type-options
nosniff
content-encoding
gzip
server
cafe
content-length
724
x-xss-protection
0
age
37746
cache-control
public, max-age=86400
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
/
adx.adform.net/adx/ 		65 B
741 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://adx.adform.net/adx/?mid=970530&t=2&url=https%3A%2F%2Fwww.nyasatimes.com%2F
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.2.237 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
94e4cb19c22e935d07b372642b91d6ef04fa8a8c61aed1bc5b17a5e79cdb6a54
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.nyasatimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 09 Nov 2021 04:55:47 GMT
content-encoding
gzip
vary
Accept-Encoding
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
strict-transport-security
max-age=31536000; includeSubDomains
content-length
173
pragma
no-cache
server
nginx
access-control-max-age
86400
access-control-allow-methods
GET, POST
content-type
text/xml; charset=utf-8
access-control-allow-origin
https://www.nyasatimes.com
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
expires
-1
88k_nHSg_6XSp1263gyM+iSSVC+nZNMH
ads.adaptv.advertising.com/a/h/ 		249 B
548 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.adaptv.advertising.com/a/h/88k_nHSg_6XSp1263gyM+iSSVC+nZNMH?cb=1427645829&gdpr=0&gdpr_consent=&pageUrl=https%3A%2F%2Fwww.nyasatimes.com%2F&eov=eov&pi.width=400&pi.height=225&pi.viewable=1&scpid=62144&hp=1
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.156.156.223 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-156-156-223.eu-central-1.compute.amazonaws.com
Software
adaptv/1.0 /
Resource Hash
6c138576e7381d3ab0aa7b511adc3a7cbb7fe3a3d33768bad05577f5dfc60cad
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.nyasatimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=31536000
content-encoding
gzip
server
adaptv/1.0
content-type
text/xml
access-control-allow-origin
https://www.nyasatimes.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
Connection
keep-alive
Content-Length
192
expires
0
88k_nHSg_6XSp1263gyM+iSSVC+nZNMH
ads.adaptv.advertising.com/a/h/ 		249 B
548 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.adaptv.advertising.com/a/h/88k_nHSg_6XSp1263gyM+iSSVC+nZNMH?cb=1285185322&gdpr=0&gdpr_consent=&pageUrl=https%3A%2F%2Fwww.nyasatimes.com%2F&eov=eov&pi.width=400&pi.height=225&pi.viewable=1&scpid=62144&hp=1
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.156.156.223 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-156-156-223.eu-central-1.compute.amazonaws.com
Software
adaptv/1.0 /
Resource Hash
6c138576e7381d3ab0aa7b511adc3a7cbb7fe3a3d33768bad05577f5dfc60cad
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.nyasatimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=31536000
content-encoding
gzip
server
adaptv/1.0
content-type
text/xml
access-control-allow-origin
https://www.nyasatimes.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
Connection
keep-alive
Content-Length
192
expires
0
88k_nHSg_6XSp1263gyM+rBJnqbGxDqsAEHMK88FGSM=
ads.adaptv.advertising.com/a/h/ 		249 B
548 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.adaptv.advertising.com/a/h/88k_nHSg_6XSp1263gyM+rBJnqbGxDqsAEHMK88FGSM=?cb=866870948&gdpr=0&gdpr_consent=&pet=preroll&pageUrl=https%3A%2F%2Fwww.nyasatimes.com%2F&eov=eov&pi.width=400&pi.height=225&pi.viewable=1&scpid=62144&hp=1
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.156.156.223 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-156-156-223.eu-central-1.compute.amazonaws.com
Software
adaptv/1.0 /
Resource Hash
6c138576e7381d3ab0aa7b511adc3a7cbb7fe3a3d33768bad05577f5dfc60cad
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.nyasatimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=31536000
content-encoding
gzip
server
adaptv/1.0
content-type
text/xml
access-control-allow-origin
https://www.nyasatimes.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
Connection
keep-alive
Content-Length
192
expires
0
/
adx.adform.net/adx/ 		65 B
741 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://adx.adform.net/adx/?mid=970530&url=https%3A%2F%2Fwww.nyasatimes.com%2F&t=2
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.2.237 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
94e4cb19c22e935d07b372642b91d6ef04fa8a8c61aed1bc5b17a5e79cdb6a54
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.nyasatimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 09 Nov 2021 04:55:47 GMT
content-encoding
gzip
vary
Accept-Encoding
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
strict-transport-security
max-age=31536000; includeSubDomains
content-length
173
pragma
no-cache
server
nginx
access-control-max-age
86400
access-control-allow-methods
GET, POST
content-type
text/xml; charset=utf-8
access-control-allow-origin
https://www.nyasatimes.com
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
expires
-1
vadtag.html
vpaid.pubmatic.com/ads/video/ 		990 B
867 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://vpaid.pubmatic.com/ads/video/vadtag.html?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr=0&gdpr_consent=&kadpageurl=https%3A%2F%2Fwww.nyasatimes.com%2F&schain=1.0%2C1%21vidoomy.com%2C62144%2C1%2C864018690098919857110650245%2C%2C
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-233-180.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
35c90cc37f55a66b2e533dac9185aefaf626af03b058ed68f9d8db36db10ed82

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.nyasatimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 09 Nov 2021 04:55:47 GMT
content-encoding
gzip
server
Apache/2.2.15 (CentOS)
etag
"461ced-23ca-5c92d699e808f"
vary
Origin, Accept-Encoding
content-type
application/xml
access-control-allow-origin
https://www.nyasatimes.com
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-length
607
expires
Tue, 09 Nov 2021 04:55:47 GMT
vadtag.html
vpaid.pubmatic.com/ads/video/ 		991 B
868 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://vpaid.pubmatic.com/ads/video/vadtag.html?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr=0&gdpr_consent=&kadpageurl=https%3A%2F%2Fwww.nyasatimes.com%2F&schain=1.0%2C1%21vidoomy.com%2C62144%2C1%2C2051206655864018690098919857%2C%2C
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-233-180.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
adcac19da1b816e1e7936fcc0dac230a7e080da98b3d84d1bd91d3a29ba96ebb

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.nyasatimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 09 Nov 2021 04:55:47 GMT
content-encoding
gzip
server
Apache/2.2.15 (CentOS)
etag
"461ced-23ca-5c92d699e808f"
vary
Origin, Accept-Encoding
content-type
application/xml
access-control-allow-origin
https://www.nyasatimes.com
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-length
608
expires
Tue, 09 Nov 2021 04:55:47 GMT
vadtag.html
vpaid.pubmatic.com/ads/video/ 		990 B
867 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://vpaid.pubmatic.com/ads/video/vadtag.html?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr=0&gdpr_consent=&kadpageurl=https%3A%2F%2Fwww.nyasatimes.com%2F&schain=1.0%2C1%21vidoomy.com%2C62144%2C1%2C864018690098919857152153064%2C%2C
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-233-180.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3c8a3709888f956cc29b6f9ea66500d9ee6bbca1085a6411e54864271d757042

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.nyasatimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 09 Nov 2021 04:55:47 GMT
content-encoding
gzip
server
Apache/2.2.15 (CentOS)
etag
"461ced-23ca-5c92d699e808f"
vary
Origin, Accept-Encoding
content-type
application/xml
access-control-allow-origin
https://www.nyasatimes.com
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-length
607
expires
Tue, 09 Nov 2021 04:55:47 GMT
LyoDzRX0cOv8KcvlY2oOQnb1IeL0zelHZZQf70KjSEs=
ads.adaptv.advertising.com/a/h/ 		249 B
548 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.adaptv.advertising.com/a/h/LyoDzRX0cOv8KcvlY2oOQnb1IeL0zelHZZQf70KjSEs=?cb=1483316471&gdpr=0&gdpr_consent=&pet=preroll&pageUrl=https%3A%2F%2Fwww.nyasatimes.com%2F&eov=eov&pi.width=400&pi.height=225&pi.viewable=1&scpid=62144&hp=1
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.156.156.223 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-156-156-223.eu-central-1.compute.amazonaws.com
Software
adaptv/1.0 /
Resource Hash
6c138576e7381d3ab0aa7b511adc3a7cbb7fe3a3d33768bad05577f5dfc60cad
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.nyasatimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=31536000
content-encoding
gzip
server
adaptv/1.0
content-type
text/xml
access-control-allow-origin
https://www.nyasatimes.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
Connection
keep-alive
Content-Length
192
expires
0
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame F662 		1 KB
753 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20211103/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/

Response headers

p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
vary
Accept-Encoding
date
Mon, 08 Nov 2021 18:26:41 GMT
expires
Tue, 09 Nov 2021 18:26:41 GMT
content-type
text/html; charset=UTF-8
etag
48472445140208031
x-content-type-options
nosniff
content-encoding
gzip
server
cafe
content-length
724
x-xss-protection
0
age
37746
cache-control
public, max-age=86400
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
truncated
/ Frame 4A4D 		215 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
11ee782d8f2847e83d0aaf7489c0305c67076a0b10b26b7715e8cd36bddf4ee8

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Content-Type
image/png
t
t.lkqd.net/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://t.lkqd.net/t
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.128.190 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type
Origin
https://www.nyasatimes.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

server
nginx
date
Tue, 09 Nov 2021 04:55:47 GMT
content-type
text/plain; charset=UTF-8
content-length
0
access-control-allow-credentials
true
access-control-expose-headers
Content-Type, Content-Disposition
access-control-allow-headers
Content-Type
access-control-allow-methods
GET, OPTIONS, POST
cache-control
max-age=300
access-control-max-age
300
access-control-allow-origin
https://www.nyasatimes.com
t
t.lkqd.net/ Frame 7D9C 		0
166 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://t.lkqd.net/t
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.128.190 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
application/json

Response headers

access-control-allow-origin
https://www.nyasatimes.com
date
Tue, 09 Nov 2021 04:55:47 GMT
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
server
nginx
content-length
0
content-type
text/plain; charset=UTF-8
truncated
/ Frame 5E79 		35 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
90252ef0aa9e3d36c861bbeaa1bd57b7f855333edf2957ab9473838a52e2dd7f

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Content-Type
image/gif
vpaid_d700fabb.js
vpaid.springserve.com/production/ Frame 9020 		494 KB
87 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://vpaid.springserve.com/production/vpaid_d700fabb.js
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2156:7a00:15:6f6c:b180:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
01f62119d738e56887c7298650396be3edc28f9bd4b64af4c496048183172630

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Fri, 29 Oct 2021 15:21:15 GMT
content-encoding
br
last-modified
Fri, 29 Oct 2021 15:00:52 GMT
server
AmazonS3
age
912873
etag
W/"00394b9cabf75acc9a4061ae555e3473"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 f7b7cf90592cf6a380fd34cc45e9c4b5.cloudfront.net (CloudFront)
cache-control
max-age=2678400
x-amz-cf-pop
FRA50-C1
x-amz-cf-id
C7hg3BiJPVdX0_P8_HvHFCS6ana4qcXjVCTFnahnrbxMP-lKjJ-jIw==
async_usersync.html
acdn.adnxs.com/dmp/ Frame 9986 		52 KB
17 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://acdn.adnxs.com/dmp/async_usersync.html
Requested by
Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_d700fabb.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.193.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

Connection
keep-alive
Content-Length
17053
Server
nginx/1.18.0 (Ubuntu)
Content-Type
text/html
Last-Modified
Wed, 02 Dec 2020 20:56:47 GMT
ETag
W/"5fc7ff8f-cf34"
Expires
Mon, 01 Nov 2021 05:06:57 GMT
Cache-Control
max-age=86402
Access-Control-Allow-Origin
*
Content-Encoding
gzip
Via
1.1 varnish, 1.1 varnish
Accept-Ranges
bytes
Date
Tue, 09 Nov 2021 04:55:47 GMT
Age
1431
X-Served-By
cache-lga21977-LGA, cache-hhn4074-HHN
X-Cache
HIT, HIT
X-Cache-Hits
1, 13133
X-Timer
S1636433747.247172,VS0,VE0
Vary
Accept-Encoding
vadtag.html
vpaid.pubmatic.com/ads/video/ Frame 9020 		962 B
849 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://vpaid.pubmatic.com/ads/video/vadtag.html?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr==&gdpr_consent=&kadpageurl=https%3A%2F%2Fwww.nyasatimes.com%2F&schain=1.0,1!vidoomy.com,62144,1,1636433746982,,
Requested by
Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_d700fabb.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-233-180.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
7c5568b0b56499e58e2beebe55f286c9e5ddd22b9f3e9cb5a3cd7ed79ffa8138

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 09 Nov 2021 04:55:47 GMT
content-encoding
gzip
server
Apache/2.2.15 (CentOS)
etag
"461ced-23ca-5c92d699e808f"
vary
Origin, Accept-Encoding
content-type
application/xml
access-control-allow-origin
https://www.nyasatimes.com
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-length
589
expires
Tue, 09 Nov 2021 04:55:47 GMT
openrtb
ads.adaptv.advertising.com/rtb/ Frame 9020 		0
219 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.adaptv.advertising.com/rtb/openrtb?ext_id=Vidoomy
Requested by
Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_d700fabb.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.156.156.223 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-156-156-223.eu-central-1.compute.amazonaws.com
Software
adaptv/1.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.nyasatimes.com
access-control-allow-credentials
true
server
adaptv/1.0
Connection
keep-alive
content-length
0
content-type
application/json
prebid
ib.adnxs.com/ut/v3/ Frame 9020 		166 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_d700fabb.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.220.243 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
722.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
2830fa9807b2f57b27b92525e11d4d5e25aa07fb5056453bfa69717ce84c94a1
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Tue, 09 Nov 2021 04:55:47 GMT
X-Proxy-Origin
185.213.155.165; 185.213.155.165; 722.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid
472409c5-9f23-4df3-8489-debd6901d4eb
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://www.nyasatimes.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json; charset=utf-8
Content-Length
166
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
prebid
ib.adnxs.com/ut/v3/ Frame 9020 		166 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_d700fabb.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.220.243 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
722.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
d54cfdbe1e3f7eff119abf96ff0bab1321b58a166fa906d3c4e692b92779c473
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Tue, 09 Nov 2021 04:55:47 GMT
X-Proxy-Origin
185.213.155.165; 185.213.155.165; 722.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid
0f941e19-f812-4b4d-a455-e3678d6d958d
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://www.nyasatimes.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json; charset=utf-8
Content-Length
166
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
t
t.lkqd.net/ Frame 7D9C 		0
166 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://t.lkqd.net/t
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.128.190 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
application/json

Response headers

access-control-allow-origin
https://www.nyasatimes.com
date
Tue, 09 Nov 2021 04:55:47 GMT
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
server
nginx
content-length
0
content-type
text/plain; charset=UTF-8
t
t.lkqd.net/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://t.lkqd.net/t
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.128.190 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type
Origin
https://www.nyasatimes.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

server
nginx
date
Tue, 09 Nov 2021 04:55:47 GMT
content-type
text/plain; charset=UTF-8
content-length
0
access-control-allow-credentials
true
access-control-expose-headers
Content-Type, Content-Disposition
access-control-allow-headers
Content-Type
access-control-allow-methods
GET, OPTIONS, POST
cache-control
max-age=300
access-control-max-age
300
access-control-allow-origin
https://www.nyasatimes.com
PMAdMgr.js
vpaid.pubmatic.com/ads/video/ Frame 5A53 		152 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr==&gdpr_consent=&kadpageurl=https%3A%2F%2Fwww.nyasatimes.com%2F&schain=1.0,1!vidoomy.com,62144,1,1636433746982,,
Requested by
Host: blank
URL: about:blank
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-233-180.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
f0f6a8b6c19b0c4d1cab075ab2f4f755cfef747424837668e65f431410f816e8

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 09 Nov 2021 04:55:47 GMT
content-encoding
gzip
last-modified
Tue, 10 Aug 2021 05:02:46 GMT
server
Apache/2.2.15 (CentOS)
etag
"1408294-25f9a-5c92d699d3c58"
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=10800
accept-ranges
bytes
content-length
36260
pixel
cm.g.doubleclick.net/ Frame 1287
Redirect Chain
  • https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESECYjZ2Tc0xNQULsuOzswr2M&google_cver=1&google_push=AYg5qPI1jhOTjk-lnLKuo0MUIcfYsdAGLIQUGvRd4Vbmw6I0DTSe_ZZZyD...
  • https://cm.g.doubleclick.net/pixel?gdpr=1&google_nid=B765081F39B1F7&google_push=AYg5qPI1jhOTjk-lnLKuo0MUIcfYsdAGLIQUGvRd4Vbmw6I0DTSe_ZZZyDwNV1x3ar_7daBgqNkRvKLGmKoNtrIQI_4EKKJKnYU&google_hm=O9dQQul...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?gdpr=1&google_nid=B765081F39B1F7&google_push=AYg5qPI1jhOTjk-lnLKuo0MUIcfYsdAGLIQUGvRd4Vbmw6I0DTSe_ZZZyDwNV1x3ar_7daBgqNkRvKLGmKoNtrIQI_4EKKJKnYU&google_hm=O9dQQul4odzISx6YaPrhRQ
Protocol
H3
Server
172.217.16.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra15s46-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 09 Nov 2021 04:55:47 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Tue, 09 Nov 2021 04:55:47 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
location
https://cm.g.doubleclick.net/pixel?gdpr=1&google_nid=B765081F39B1F7&google_push=AYg5qPI1jhOTjk-lnLKuo0MUIcfYsdAGLIQUGvRd4Vbmw6I0DTSe_ZZZyDwNV1x3ar_7daBgqNkRvKLGmKoNtrIQI_4EKKJKnYU&google_hm=O9dQQul4odzISx6YaPrhRQ
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
0
expires
Fri, 04 Aug 1978 12:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 1287
Redirect Chain
  • https://id.rlcdn.com/466606.gif?cparams=google_push%3DAYg5qPKuUEMqV6feLGK02yzRHVVy5lNG_dxDfOSZZ-JqME4mwaM5pvE5rlZyfUH3oOshn9Ej-VDeofDlChKjIcJxUNNG9IzhPnU&google_gid=CAESEAC8382M2fNFENlKYHnQQc4&goog...
  • https://id.rlcdn.com/1000.gif?memo=CK69HBoNCNP-p4wGEgUI6AcQAEIASm9nb29nbGVfcHVzaD1BWWc1cVBLdVVFTXFWNmZlTEdLMDJ5elJIVlZ5NWxOR19keERmT1NaWi1KcU1FNG13YU01cHZFNXJsWnlmVUgzb09zaG45RWotVkRlb2ZEbENoS2pJY0...
  • https://cm.g.doubleclick.net/pixel?google_nid=liveramp&google_hm=WGMzMDcwZV9xTG1zTkdqTnVBSXpFam95QnNQdDV1ajR2X012MlZqMGlpLTF0YlVqZw==&google_push
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=liveramp&google_hm=WGMzMDcwZV9xTG1zTkdqTnVBSXpFam95QnNQdDV1ajR2X012MlZqMGlpLTF0YlVqZw==&google_push
Protocol
H3
Server
172.217.16.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra15s46-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 09 Nov 2021 04:55:47 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Tue, 09 Nov 2021 04:55:47 GMT
via
1.1 google
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://cm.g.doubleclick.net/pixel?google_nid=liveramp&google_hm=WGMzMDcwZV9xTG1zTkdqTnVBSXpFam95QnNQdDV1ajR2X012MlZqMGlpLTF0YlVqZw==&google_push
cache-control
no-cache, no-store
timing-allow-origin
*
alt-svc
clear
content-length
0
sync
odr.mookie1.com/t/v2/ Frame 1287 		43 B
324 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://odr.mookie1.com/t/v2/sync?tagid=V2_4531&src.visitorid=CAESEBRl7ucdSi0kcexVhxuUzj8&google_push=AYg5qPLF5dVwI_7XNIrNOaGQCwYITgqCDYz_v-aGlHW4b_IkXFDf6nDdI23alhgKY0GA0-blS6WomnRbk7sn1cBd3e8AvxvPXo8&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20211103/r20110914/zrt_lookup.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.67.61 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
61.67.98.34.bc.googleusercontent.com
Software
Apache /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 09 Nov 2021 04:55:47 GMT
via
1.1 google
server
Apache
p3p
CP="NON DSP COR NID CURa PSAa PSDa OUR STP UNI COM NAV STA LOC OTC",policyref="/w3c/p3p.xml"
cache-control
no-cache, no-store, must-revalidate
content-type
image/gif;charset=UTF-8
alt-svc
clear
content-length
43
x-application-context
application
expires
Thu, 01 Jan 1970 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 1287
Redirect Chain
  • https://rtb.openx.net/sync/dds?google_gid=CAESEN2v0BCUBvuZRM46eS73ot0&google_cver=1&google_push=AYg5qPLQ1kVSQndQgemV-Qh82m0uhE9p_vD4PHWAkE7S45YTKQ6lYQCz3DAAGy0-Zx8i0OFtze76UdB_LGcD5X27iSbYYkF0VZs
  • https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AYg5qPLQ1kVSQndQgemV-Qh82m0uhE9p_vD4PHWAkE7S45YTKQ6lYQCz3DAAGy0-Zx8i0OFtze76UdB_LGcD5X27iSbYYkF0VZs&google_hm=_8jTndW6xWkAUWIVC5CvMA==
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AYg5qPLQ1kVSQndQgemV-Qh82m0uhE9p_vD4PHWAkE7S45YTKQ6lYQCz3DAAGy0-Zx8i0OFtze76UdB_LGcD5X27iSbYYkF0VZs&google_hm=_8jTndW6xWkAUWIVC5CvMA==
Protocol
H3
Server
172.217.16.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra15s46-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 09 Nov 2021 04:55:47 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Tue, 09 Nov 2021 04:55:46 GMT
via
1.1 google
server
Cowboy
access-control-allow-origin
null
vary
Origin
p3p
CP="CUR ADM OUR NOR STA NID"
location
https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AYg5qPLQ1kVSQndQgemV-Qh82m0uhE9p_vD4PHWAkE7S45YTKQ6lYQCz3DAAGy0-Zx8i0OFtze76UdB_LGcD5X27iSbYYkF0VZs&google_hm=_8jTndW6xWkAUWIVC5CvMA==
access-control-expose-headers
cache-control
private, max-age=0, no-cache, must-revalidate
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-request-id
j5jrdp205i0s8kthcheuoohfuad7r9om
pixel
cm.g.doubleclick.net/ Frame 1287
Redirect Chain
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=qv20G-isSp-kIiJBC84r0Q%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mp...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=qv20G-isSp-kIiJBC84r0Q%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AYg5qPIrOpgovsplifG1UXANcOSqB3FDNj6KfFnEm6YmL1PhfnX1h7NgvySaQxbu9ncdnCOt2iuo4GxMr1Tv5llk82B9oMNCtCE
Protocol
H3
Server
172.217.16.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra15s46-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 09 Nov 2021 04:55:47 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=qv20G-isSp-kIiJBC84r0Q%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AYg5qPIrOpgovsplifG1UXANcOSqB3FDNj6KfFnEm6YmL1PhfnX1h7NgvySaQxbu9ncdnCOt2iuo4GxMr1Tv5llk82B9oMNCtCE
date
Tue, 09 Nov 2021 04:55:46 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
0
content-type
text/html; charset=UTF-8
pixel
cm.g.doubleclick.net/ Frame 1287
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEJzLms53leo2ZB2HTLKSe78&google_cver=1&google_push=AYg5qPI47qf75cyiVZkdD183snaWgw382j81Lo1VmFoMMRGopxvo3qTV8AbctMdRiD6t_6fZNvX...
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1ZSTUVHSlEtSi0yRUVU&google_push=AYg5qPI47qf75cyiVZkdD183snaWgw382j81Lo1VmFoMMRGopxvo3qTV8AbctMdRiD6t_6fZNvXwynNRSzVqLYn5-vHmI9Q0AG4
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1ZSTUVHSlEtSi0yRUVU&google_push=AYg5qPI47qf75cyiVZkdD183snaWgw382j81Lo1VmFoMMRGopxvo3qTV8AbctMdRiD6t_6fZNvXwynNRSzVqLYn5-vHmI9Q0AG4
Protocol
H3
Server
172.217.16.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra15s46-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 09 Nov 2021 04:55:47 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Location
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1ZSTUVHSlEtSi0yRUVU&google_push=AYg5qPI47qf75cyiVZkdD183snaWgw382j81Lo1VmFoMMRGopxvo3qTV8AbctMdRiD6t_6fZNvXwynNRSzVqLYn5-vHmI9Q0AG4
Cache-Control
no-cache,no-store,must-revalidate
Content-Type
text/html
content-length
0
X-RPHost
6f9fd0201ed801884e5299d5aabca094
Expires
0
pixel
cm.g.doubleclick.net/ Frame 1287
Redirect Chain
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEFYa9KjnHEidbuFn8KIVKR4&google_cver=1&googl...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YYn_SUCgsvsSfCCgq-TDfQAABHMAAAIB&google_cver=1&google_push=AYg5qPL_ZsP67ecl-o9s9yMB46nGFKQL-1fu2nHdCpWD8ySSw9uTaPkqbT99ltiC5KARcAdH9uKe...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YYn_SUCgsvsSfCCgq-TDfQAABHMAAAIB&google_cver=1&google_push=AYg5qPL_ZsP67ecl-o9s9yMB46nGFKQL-1fu2nHdCpWD8ySSw9uTaPkqbT99ltiC5KARcAdH9uKe...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YYn_SUCgsvsSfCCgq-TDfQAABHMAAAIB&google_cver=1&google_push=AYg5qPL_ZsP67ecl-o9s9yMB46nGFKQL-1fu2nHdCpWD8ySSw9uTaPkqbT99ltiC5KARcAdH9uKe...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YYn_SUCgsvsSfCCgq-TDfQAABHMAAAIB&google_cver=1&google_push=AYg5qPL_ZsP67ecl-o9s9yMB46nGFKQL-1fu2nHdCpWD8ySSw9uTaPkqbT99ltiC5KARcAdH9uKe...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YYn_SUCgsvsSfCCgq-TDfQAABHMAAAIB&google_cver=1&google_push=AYg5qPL_ZsP67ecl-o9s9yMB46nGFKQL-1fu2nHdCpWD8ySSw9uTaPkqbT99ltiC5KARcAdH9uKe...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YYn_SUCgsvsSfCCgq-TDfQAABHMAAAIB&google_cver=1&google_push=AYg5qPL_ZsP67ecl-o9s9yMB46nGFKQL-1fu2nHdCpWD8ySSw9uTaPkqbT99ltiC5KARcAdH9uKe...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YYn_SUCgsvsSfCCgq-TDfQAABHMAAAIB&google_cver=1&google_push=AYg5qPL_ZsP67ecl-o9s9yMB46nGFKQL-1fu2nHdCpWD8ySSw9uTaPkqbT99ltiC5KARcAdH9uKe...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YYn_SUCgsvsSfCCgq-TDfQAABHMAAAIB&google_cver=1&google_push=AYg5qPL_ZsP67ecl-o9s9yMB46nGFKQL-1fu2nHdCpWD8ySSw9uTaPkqbT99ltiC5KARcAdH9uKe...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YYn_SUCgsvsSfCCgq-TDfQAABHMAAAIB&google_cver=1&google_push=AYg5qPL_ZsP67ecl-o9s9yMB46nGFKQL-1fu2nHdCpWD8ySSw9uTaPkqbT99ltiC5KARcAdH9uKe...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YYn_SUCgsvsSfCCgq-TDfQAABHMAAAIB&google_cver=1&google_push=AYg5qPL_ZsP67ecl-o9s9yMB46nGFKQL-1fu2nHdCpWD8ySSw9uTaPkqbT99ltiC5KARcAdH9uKe...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YYn_SUCgsvsSfCCgq-TDfQAABHMAAAIB&google_cver=1&google_push=AYg5qPL_ZsP67ecl-o9s9yMB46nGFKQL-1fu2nHdCpWD8ySSw9uTaPkqbT99ltiC5KARcAdH9uKe...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YYn_SUCgsvsSfCCgq-TDfQAABHMAAAIB&google_cver=1&google_push=AYg5qPL_ZsP67ecl-o9s9yMB46nGFKQL-1fu2nHdCpWD8ySSw9uTaPkqbT99ltiC5KARcAdH9uKe...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YYn_SUCgsvsSfCCgq-TDfQAABHMAAAIB&google_cver=1&google_push=AYg5qPL_ZsP67ecl-o9s9yMB46nGFKQL-1fu2nHdCpWD8ySSw9uTaPkqbT99ltiC5KARcAdH9uKe...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YYn_SUCgsvsSfCCgq-TDfQAABHMAAAIB&google_cver=1&google_push=AYg5qPL_ZsP67ecl-o9s9yMB46nGFKQL-1fu2nHdCpWD8ySSw9uTaPkqbT99ltiC5KARcAdH9uKe...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YYn_SUCgsvsSfCCgq-TDfQAABHMAAAIB&google_cver=1&google_push=AYg5qPL_ZsP67ecl-o9s9yMB46nGFKQL-1fu2nHdCpWD8ySSw9uTaPkqbT99ltiC5KARcAdH9uKe...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YYn_SUCgsvsSfCCgq-TDfQAABHMAAAIB&google_cver=1&google_push=AYg5qPL_ZsP67ecl-o9s9yMB46nGFKQL-1fu2nHdCpWD8ySSw9uTaPkqbT99ltiC5KARcAdH9uKe...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YYn_SUCgsvsSfCCgq-TDfQAABHMAAAIB&google_cver=1&google_push=AYg5qPL_ZsP67ecl-o9s9yMB46nGFKQL-1fu2nHdCpWD8ySSw9uTaPkqbT99ltiC5KARcAdH9uKe...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YYn_SUCgsvsSfCCgq-TDfQAABHMAAAIB&google_cver=1&google_push=AYg5qPL_ZsP67ecl-o9s9yMB46nGFKQL-1fu2nHdCpWD8ySSw9uTaPkqbT99ltiC5KARcAdH9uKe...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YYn_SUCgsvsSfCCgq-TDfQAABHMAAAIB&google_cver=1&google_push=AYg5qPL_ZsP67ecl-o9s9yMB46nGFKQL-1fu2nHdCpWD8ySSw9uTaPkqbT99ltiC5KARcAdH9uKe...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YYn_SUCgsvsSfCCgq-TDfQAABHMAAAIB&google_cver=1&google_push=AYg5qPL_ZsP67ecl-o9s9yMB46nGFKQL-1fu2nHdCpWD8ySSw9uTaPkqbT99ltiC5KARcAdH9uKe...
0
0
attr
cm.g.doubleclick.net/pixel/ Frame 1287 		0
12 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13KbhxfSZ71BaE3T5jemWqRyoJDWdyhHu_MhrW7iSML2zZfzB2ZIxMuYdgjFGJ_J3ItnTCKE
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20211103/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.16.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra15s46-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 09 Nov 2021 04:55:47 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
content-type
text/html
zcxQrsBjZtkA-sIi55aDcbNRce-W4yNq16DL4AdK1J0.js
pagead2.googlesyndication.com/bg/ Frame C771 		35 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/zcxQrsBjZtkA-sIi55aDcbNRce-W4yNq16DL4AdK1J0.js
Requested by
Host: www.nyasatimes.com
URL: https://www.nyasatimes.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
cdcc50aec06366d900fac222e7968371b35171ef96e3236ad7a0cbe0074ad49d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Mon, 08 Nov 2021 20:02:57 GMT
content-encoding
br
x-content-type-options
nosniff
age
31970
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13399
x-xss-protection
0
last-modified
Fri, 29 Oct 2021 13:38:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Tue, 08 Nov 2022 20:02:57 GMT
async_usersync
ib.adnxs.com/ Frame 9986 		0
735 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.220.243 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
722.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 09 Nov 2021 04:55:47 GMT
X-Proxy-Origin
185.213.155.165; 185.213.155.165; 722.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid
52d2701f-70d3-46a5-9a3c-782d31207759
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
showad.js
ads.pubmatic.com/AdServer/js/ Frame 5402 		38 KB
14 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/showad.js?
Requested by
Host: vpaid.pubmatic.com
URL: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr==&gdpr_consent=&kadpageurl=https%3A%2F%2Fwww.nyasatimes.com%2F&schain=1.0,1!vidoomy.com,62144,1,1636433746982,,
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-233-180.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
e2cdec10db9a0a224e9f5e49b6f004c5426564fb8d857ad3df480e9c916bafe6

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

last-modified
Tue, 19 Oct 2021 10:00:01 GMT
etag
"1302647-96ae-5ceb1b98ba7c4"
server
Apache/2.2.15 (CentOS)
accept-ranges
bytes
content-encoding
gzip
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
13882
content-type
text/html; charset=UTF-8
cache-control
public, max-age=87034
expires
Wed, 10 Nov 2021 05:06:21 GMT
date
Tue, 09 Nov 2021 04:55:47 GMT
vary
Accept-Encoding
showad.js
ads.pubmatic.com/AdServer/js/ Frame 5A53 		38 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/showad.js?
Requested by
Host: vpaid.pubmatic.com
URL: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr==&gdpr_consent=&kadpageurl=https%3A%2F%2Fwww.nyasatimes.com%2F&schain=1.0,1!vidoomy.com,62144,1,1636433746982,,
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-233-180.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
e2cdec10db9a0a224e9f5e49b6f004c5426564fb8d857ad3df480e9c916bafe6

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 09 Nov 2021 04:55:47 GMT
content-encoding
gzip
last-modified
Tue, 19 Oct 2021 10:00:01 GMT
server
Apache/2.2.15 (CentOS)
etag
"1302647-96ae-5ceb1b98ba7c4"
vary
Accept-Encoding
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
public, max-age=87034
accept-ranges
bytes
content-type
text/html; charset=UTF-8
content-length
13882
expires
Wed, 10 Nov 2021 05:06:21 GMT
466606.gif
id.rlcdn.com/ Frame F662 		42 B
318 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://id.rlcdn.com/466606.gif?cparams=google_push%3DAYg5qPIqu1c0FiarSDt3bblWi-Gbqat0lA-bpVxGbsQu0MjXGPar8sxf4VngKxXSur7-2j4Be-QY_PGgarzcfqENXXK4N_zmlzc&google_gid=CAESEAC8382M2fNFENlKYHnQQc4&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20211103/r20110914/zrt_lookup.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.174.68 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
68.174.244.35.bc.googleusercontent.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 09 Nov 2021 04:55:47 GMT
via
1.1 google
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cache-control
no-cache, no-store
content-type
image/gif
alt-svc
clear
content-length
42
sync
odr.mookie1.com/t/v2/ Frame F662 		43 B
106 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://odr.mookie1.com/t/v2/sync?tagid=V2_4531&src.visitorid=CAESEBRl7ucdSi0kcexVhxuUzj8&google_push=AYg5qPIYrhO8yo5uGtrar6y9AtdfykKn6UE9grRxrIJx45Bz48Mr_xCg5MM_Cz4mNFRNUqvDwm2g8cdzOFa9c4U6Q7Ok6VcwfpKQ&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20211103/r20110914/zrt_lookup.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.67.61 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
61.67.98.34.bc.googleusercontent.com
Software
Apache /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 09 Nov 2021 04:55:47 GMT
via
1.1 google
server
Apache
p3p
CP="NON DSP COR NID CURa PSAa PSDa OUR STP UNI COM NAV STA LOC OTC",policyref="/w3c/p3p.xml"
cache-control
no-cache, no-store, must-revalidate
content-type
image/gif;charset=UTF-8
alt-svc
clear
content-length
43
x-application-context
application
expires
Thu, 01 Jan 1970 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame F662
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEJzLms53leo2ZB2HTLKSe78&google_cver=1&google_push=AYg5qPKftRU1rwPbo8yXNTqXwwMLO67iuJYUhT6gBaTpfkKmihC3pR0UpXmMMGnHWZfCLvXONaM...
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1ZSTUVHTEEtMVctNVg4WQ==&google_push=AYg5qPKftRU1rwPbo8yXNTqXwwMLO67iuJYUhT6gBaTpfkKmihC3pR0UpXmMMGnHWZfCLvXONaM4ePlBB1Akw6a7sjIkB3-Ywbkr
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1ZSTUVHTEEtMVctNVg4WQ==&google_push=AYg5qPKftRU1rwPbo8yXNTqXwwMLO67iuJYUhT6gBaTpfkKmihC3pR0UpXmMMGnHWZfCLvXONaM4ePlBB1Akw6a7sjIkB3-Ywbkr
Protocol
H3
Server
172.217.16.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra15s46-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 09 Nov 2021 04:55:47 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Location
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1ZSTUVHTEEtMVctNVg4WQ==&google_push=AYg5qPKftRU1rwPbo8yXNTqXwwMLO67iuJYUhT6gBaTpfkKmihC3pR0UpXmMMGnHWZfCLvXONaM4ePlBB1Akw6a7sjIkB3-Ywbkr
Cache-Control
no-cache,no-store,must-revalidate
Content-Type
text/html
content-length
0
X-RPHost
6f9fd0201ed801884e5299d5aabca094
Expires
0
pixel
cm.g.doubleclick.net/ Frame F662
Redirect Chain
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEFYa9KjnHEidbuFn8KIVKR4&google_cver=1&googl...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YYn_SUCgsvsSfCCgq-TDfQAABHMAAAIB&google_cver=1&google_gid=CAESEFYa9KjnHEidbuFn8KIVKR4&google_push=AYg5qPIltg-H-rBGexldh1XgwYFOHZ4JFzzbx...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YYn_SUCgsvsSfCCgq-TDfQAABHMAAAIB&google_cver=1&google_gid=CAESEFYa9KjnHEidbuFn8KIVKR4&google_push=AYg5qPIltg-H-rBGexldh1XgwYFOHZ4JFzzbx...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YYn_SUCgsvsSfCCgq-TDfQAABHMAAAIB&google_cver=1&google_gid=CAESEFYa9KjnHEidbuFn8KIVKR4&google_push=AYg5qPIltg-H-rBGexldh1XgwYFOHZ4JFzzbx...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YYn_SUCgsvsSfCCgq-TDfQAABHMAAAIB&google_cver=1&google_gid=CAESEFYa9KjnHEidbuFn8KIVKR4&google_push=AYg5qPIltg-H-rBGexldh1XgwYFOHZ4JFzzbx...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YYn_SUCgsvsSfCCgq-TDfQAABHMAAAIB&google_cver=1&google_gid=CAESEFYa9KjnHEidbuFn8KIVKR4&google_push=AYg5qPIltg-H-rBGexldh1XgwYFOHZ4JFzzbx...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YYn_SUCgsvsSfCCgq-TDfQAABHMAAAIB&google_cver=1&google_gid=CAESEFYa9KjnHEidbuFn8KIVKR4&google_push=AYg5qPIltg-H-rBGexldh1XgwYFOHZ4JFzzbx...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YYn_SUCgsvsSfCCgq-TDfQAABHMAAAIB&google_cver=1&google_gid=CAESEFYa9KjnHEidbuFn8KIVKR4&google_push=AYg5qPIltg-H-rBGexldh1XgwYFOHZ4JFzzbx...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YYn_SUCgsvsSfCCgq-TDfQAABHMAAAIB&google_cver=1&google_gid=CAESEFYa9KjnHEidbuFn8KIVKR4&google_push=AYg5qPIltg-H-rBGexldh1XgwYFOHZ4JFzzbx...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YYn_SUCgsvsSfCCgq-TDfQAABHMAAAIB&google_cver=1&google_gid=CAESEFYa9KjnHEidbuFn8KIVKR4&google_push=AYg5qPIltg-H-rBGexldh1XgwYFOHZ4JFzzbx...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YYn_SUCgsvsSfCCgq-TDfQAABHMAAAIB&google_cver=1&google_gid=CAESEFYa9KjnHEidbuFn8KIVKR4&google_push=AYg5qPIltg-H-rBGexldh1XgwYFOHZ4JFzzbx...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YYn_SUCgsvsSfCCgq-TDfQAABHMAAAIB&google_cver=1&google_gid=CAESEFYa9KjnHEidbuFn8KIVKR4&google_push=AYg5qPIltg-H-rBGexldh1XgwYFOHZ4JFzzbx...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YYn_SUCgsvsSfCCgq-TDfQAABHMAAAIB&google_cver=1&google_gid=CAESEFYa9KjnHEidbuFn8KIVKR4&google_push=AYg5qPIltg-H-rBGexldh1XgwYFOHZ4JFzzbx...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YYn_SUCgsvsSfCCgq-TDfQAABHMAAAIB&google_cver=1&google_gid=CAESEFYa9KjnHEidbuFn8KIVKR4&google_push=AYg5qPIltg-H-rBGexldh1XgwYFOHZ4JFzzbx...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YYn_SUCgsvsSfCCgq-TDfQAABHMAAAIB&google_cver=1&google_gid=CAESEFYa9KjnHEidbuFn8KIVKR4&google_push=AYg5qPIltg-H-rBGexldh1XgwYFOHZ4JFzzbx...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YYn_SUCgsvsSfCCgq-TDfQAABHMAAAIB&google_cver=1&google_gid=CAESEFYa9KjnHEidbuFn8KIVKR4&google_push=AYg5qPIltg-H-rBGexldh1XgwYFOHZ4JFzzbx...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YYn_SUCgsvsSfCCgq-TDfQAABHMAAAIB&google_cver=1&google_gid=CAESEFYa9KjnHEidbuFn8KIVKR4&google_push=AYg5qPIltg-H-rBGexldh1XgwYFOHZ4JFzzbx...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YYn_SUCgsvsSfCCgq-TDfQAABHMAAAIB&google_cver=1&google_gid=CAESEFYa9KjnHEidbuFn8KIVKR4&google_push=AYg5qPIltg-H-rBGexldh1XgwYFOHZ4JFzzbx...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YYn_SUCgsvsSfCCgq-TDfQAABHMAAAIB&google_cver=1&google_gid=CAESEFYa9KjnHEidbuFn8KIVKR4&google_push=AYg5qPIltg-H-rBGexldh1XgwYFOHZ4JFzzbx...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YYn_SUCgsvsSfCCgq-TDfQAABHMAAAIB&google_cver=1&google_gid=CAESEFYa9KjnHEidbuFn8KIVKR4&google_push=AYg5qPIltg-H-rBGexldh1XgwYFOHZ4JFzzbx...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YYn_SUCgsvsSfCCgq-TDfQAABHMAAAIB&google_cver=1&google_gid=CAESEFYa9KjnHEidbuFn8KIVKR4&google_push=AYg5qPIltg-H-rBGexldh1XgwYFOHZ4JFzzbx...
0
0
trk
ag.innovid.com/ Frame F662 		43 B
296 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ag.innovid.com/trk?tid=11711&google_gid=CAESEAUyav0hX-3BNLN6CBTLY80&google_cver=1&google_push=AYg5qPKhkMTSAjRLvqswiuz28jxS--safuSBxczuitbcBU4w05ZTVGdEz5_RJelZhSsaVspmq6-l7bo-sNjRk7pCzlIvJoPD3HPp
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20211103/r20110914/zrt_lookup.html?fsb=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a05:d01c:1d8:8100:f976:bfd0:751d:6023 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 09 Nov 2021 04:55:47 GMT
cache-control
no-cache
content-type
image/gif
content-length
43
request-time
0
expires
-1
pixel
cm.g.doubleclick.net/ Frame F662
Redirect Chain
  • https://googlecm.hit.gemius.pl/googleredir?rid=tknhntsqez&id=ndBK6L_fzwx7rssCbe8.iLes3yi8eMbF6r2JE6Xu.b7.N7&google_gid=CAESEO-8hw7Io0cmYeSAOT4svPc&google_cver=1&google_push=AYg5qPLrLsTeC03PBT3ebJWx...
  • https://cm.g.doubleclick.net/pixel?google_nid=gemius_adh&google_push=AYg5qPLrLsTeC03PBT3ebJWxISxqPpTsQ7M3Udfz84spDhugFkTAIyQaHv2d724UbA_pux_MwXekQ6G4AqzxGVYmRAZJ8OnF5MTpJg&google_hm=
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=gemius_adh&google_push=AYg5qPLrLsTeC03PBT3ebJWxISxqPpTsQ7M3Udfz84spDhugFkTAIyQaHv2d724UbA_pux_MwXekQ6G4AqzxGVYmRAZJ8OnF5MTpJg&google_hm=
Protocol
H3
Server
172.217.16.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra15s46-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 09 Nov 2021 04:55:47 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Tue, 09 Nov 2021 04:55:47 GMT
server
GHC
p3p
CP="NOI DSP COR NID PSAo OUR IND"
location
https://cm.g.doubleclick.net/pixel?google_nid=gemius_adh&google_push=AYg5qPLrLsTeC03PBT3ebJWxISxqPpTsQ7M3Udfz84spDhugFkTAIyQaHv2d724UbA_pux_MwXekQ6G4AqzxGVYmRAZJ8OnF5MTpJg&google_hm=
cache-control
no-store, no-cache, must-revalidate, max-age=0
cross-origin-resource-policy
cross-origin
accept-ranges
none
content-length
0
expires
Mon, 08 Nov 2021 04:55:47 GMT
attr
cm.g.doubleclick.net/pixel/ Frame F662 		0
12 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13LilcYSZjbf2v8JecX59Mz_EMFoEbDastrpGs9cT8-v1MA55D80t95oN0GowSZjNNM
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20211103/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.16.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra15s46-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 09 Nov 2021 04:55:47 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
content-type
text/html
zcxQrsBjZtkA-sIi55aDcbNRce-W4yNq16DL4AdK1J0.js
pagead2.googlesyndication.com/bg/ Frame 0F92 		35 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/zcxQrsBjZtkA-sIi55aDcbNRce-W4yNq16DL4AdK1J0.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20211103/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
cdcc50aec06366d900fac222e7968371b35171ef96e3236ad7a0cbe0074ad49d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Mon, 08 Nov 2021 20:02:57 GMT
content-encoding
br
x-content-type-options
nosniff
age
31970
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13399
x-xss-protection
0
last-modified
Fri, 29 Oct 2021 13:38:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Tue, 08 Nov 2022 20:02:57 GMT
AdServerServlet
vid.pubmatic.com/AdServer/ Frame 5A53 		27 B
0 		XHR
General
Check archive.org
Download Go to
Full URL
https://vid.pubmatic.com/AdServer/AdServerServlet?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+7+9+1+1+6&gdpr=0&gdpr_consent=&kadpageurl=https%3A%2F%2Fwww.nyasatimes.com%2F&schain=1.0,1!vidoomy.com,62144,1,1636433746982,,&us_privacy=&cb=1636433747271&SAVersion=2&inIframe=1&pageURL=https%253A%252F%252Fwww.nyasatimes.com%252F&screenResolution=1600x1200&kdntuid=1&vwndh=0&vwndw=0&vwndurl=https%253A%252F%252Fwww.nyasatimes.com%252F&vwndref=&vc=2&js=1&sec=1&kltstamp=2021-11-9%204:55:47&ranreq=0.21257712820783903&timezone=0&depth=0
Requested by
Host: vpaid.pubmatic.com
URL: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr==&gdpr_consent=&kadpageurl=https%3A%2F%2Fwww.nyasatimes.com%2F&schain=1.0,1!vidoomy.com,62144,1,1636433746982,,
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.111 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 09 Nov 2021 04:55:47 GMT
content-encoding
gzip
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
access-control-allow-origin
https://www.nyasatimes.com
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
x-vdbg
1:0/165:-1
content-type
application/xml; charset=utf-8
i
vid-io-cle.springserve.com/vd/ Frame 9020 		0
118 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://vid-io-cle.springserve.com/vd/i?suuid=f441025f&ps_id=357265&batch=1
Requested by
Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_d700fabb.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.139.192.142 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-139-192-142.us-east-2.compute.amazonaws.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.nyasatimes.com
date
Tue, 09 Nov 2021 04:55:47 GMT
access-control-allow-credentials
true
server
nginx
content-length
0
track
aktrack.pubmatic.com/ Frame 9020 		0
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aktrack.pubmatic.com/track?operId=7&p=156498&s=399115&a=1801592&ts=1636433747&wa=0&e=96&ier=901
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-233-180.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 09 Nov 2021 04:55:47 GMT
content-length
0
content-type
text/html
vpaid_d700fabb.js
vpaid.springserve.com/production/ Frame DC31 		494 KB
87 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://vpaid.springserve.com/production/vpaid_d700fabb.js
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2156:7a00:15:6f6c:b180:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
01f62119d738e56887c7298650396be3edc28f9bd4b64af4c496048183172630

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Fri, 29 Oct 2021 15:21:15 GMT
content-encoding
br
last-modified
Fri, 29 Oct 2021 15:00:52 GMT
server
AmazonS3
age
912873
etag
W/"00394b9cabf75acc9a4061ae555e3473"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 f7b7cf90592cf6a380fd34cc45e9c4b5.cloudfront.net (CloudFront)
cache-control
max-age=2678400
x-amz-cf-pop
FRA50-C1
x-amz-cf-id
moeYSd13oLuDiXxeKGceN9gne4i251_R7bDi1fzSIqE7X3nYgVBKFg==
vadtag.html
vpaid.pubmatic.com/ads/video/ Frame DC31 		962 B
849 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://vpaid.pubmatic.com/ads/video/vadtag.html?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr==&gdpr_consent=&kadpageurl=https%3A%2F%2Fwww.nyasatimes.com%2F&schain=1.0,1!vidoomy.com,62144,1,1636433746982,,
Requested by
Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_d700fabb.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-233-180.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
4cb7722de1dbe3e35aa5fd3f5e32ec08eb624b946a9188bde0fdda969f24002c

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 09 Nov 2021 04:55:48 GMT
content-encoding
gzip
server
Apache/2.2.15 (CentOS)
etag
"461ced-23ca-5c92d699e808f"
vary
Origin, Accept-Encoding
content-type
application/xml
access-control-allow-origin
https://www.nyasatimes.com
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-length
589
expires
Tue, 09 Nov 2021 04:55:48 GMT
openrtb
ads.adaptv.advertising.com/rtb/ Frame DC31 		0
219 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.adaptv.advertising.com/rtb/openrtb?ext_id=Vidoomy
Requested by
Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_d700fabb.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.156.156.223 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-156-156-223.eu-central-1.compute.amazonaws.com
Software
adaptv/1.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.nyasatimes.com
access-control-allow-credentials
true
server
adaptv/1.0
Connection
keep-alive
content-length
0
content-type
application/json
prebid
ib.adnxs.com/ut/v3/ Frame DC31 		166 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_d700fabb.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.220.243 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
722.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
963cab849b7c9ee9c161e4d6e74340069884f362d7cdacae5cdec3d4f6b8a122
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Tue, 09 Nov 2021 04:55:48 GMT
X-Proxy-Origin
185.213.155.165; 185.213.155.165; 722.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid
530d9394-e057-4844-98f8-336709c6383f
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://www.nyasatimes.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json; charset=utf-8
Content-Length
166
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
prebid
ib.adnxs.com/ut/v3/ Frame DC31 		166 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_d700fabb.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.220.243 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
722.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
5068c5121ca30ccd6317e24406c8390b8bd008338fd30f93106e0abd46f1a944
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Tue, 09 Nov 2021 04:55:48 GMT
X-Proxy-Origin
185.213.155.165; 185.213.155.165; 722.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid
00b23c5e-4ad0-46a5-8ff5-0f6c293c9128
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://www.nyasatimes.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json; charset=utf-8
Content-Length
166
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
t
t.lkqd.net/ Frame 7D9C 		0
166 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://t.lkqd.net/t
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.128.190 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
application/json

Response headers

access-control-allow-origin
https://www.nyasatimes.com
date
Tue, 09 Nov 2021 04:55:48 GMT
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
server
nginx
content-length
0
content-type
text/plain; charset=UTF-8
t
t.lkqd.net/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://t.lkqd.net/t
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.128.190 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type
Origin
https://www.nyasatimes.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

server
nginx
date
Tue, 09 Nov 2021 04:55:48 GMT
content-type
text/plain; charset=UTF-8
content-length
0
access-control-allow-credentials
true
access-control-expose-headers
Content-Type, Content-Disposition
access-control-allow-headers
Content-Type
access-control-allow-methods
GET, OPTIONS, POST
cache-control
max-age=300
access-control-max-age
300
access-control-allow-origin
https://www.nyasatimes.com
PMAdMgr.js
vpaid.pubmatic.com/ads/video/ Frame D3C4 		152 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr==&gdpr_consent=&kadpageurl=https%3A%2F%2Fwww.nyasatimes.com%2F&schain=1.0,1!vidoomy.com,62144,1,1636433746982,,
Requested by
Host: blank
URL: about:blank
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-233-180.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
f0f6a8b6c19b0c4d1cab075ab2f4f755cfef747424837668e65f431410f816e8

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 09 Nov 2021 04:55:48 GMT
content-encoding
gzip
last-modified
Tue, 10 Aug 2021 05:02:46 GMT
server
Apache/2.2.15 (CentOS)
etag
"1408294-25f9a-5c92d699d3c58"
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=10800
accept-ranges
bytes
content-length
36260
showad.js
ads.pubmatic.com/AdServer/js/ Frame CB0F 		38 KB
14 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/showad.js?
Requested by
Host: vpaid.pubmatic.com
URL: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr==&gdpr_consent=&kadpageurl=https%3A%2F%2Fwww.nyasatimes.com%2F&schain=1.0,1!vidoomy.com,62144,1,1636433746982,,
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-233-180.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
e2cdec10db9a0a224e9f5e49b6f004c5426564fb8d857ad3df480e9c916bafe6

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

last-modified
Tue, 19 Oct 2021 10:00:01 GMT
etag
"1302647-96ae-5ceb1b98ba7c4"
server
Apache/2.2.15 (CentOS)
accept-ranges
bytes
content-encoding
gzip
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
13882
content-type
text/html; charset=UTF-8
cache-control
public, max-age=87033
expires
Wed, 10 Nov 2021 05:06:21 GMT
date
Tue, 09 Nov 2021 04:55:48 GMT
vary
Accept-Encoding
showad.js
ads.pubmatic.com/AdServer/js/ Frame D3C4 		38 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/showad.js?
Requested by
Host: vpaid.pubmatic.com
URL: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr==&gdpr_consent=&kadpageurl=https%3A%2F%2Fwww.nyasatimes.com%2F&schain=1.0,1!vidoomy.com,62144,1,1636433746982,,
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-233-180.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
e2cdec10db9a0a224e9f5e49b6f004c5426564fb8d857ad3df480e9c916bafe6

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 09 Nov 2021 04:55:48 GMT
content-encoding
gzip
last-modified
Tue, 19 Oct 2021 10:00:01 GMT
server
Apache/2.2.15 (CentOS)
etag
"1302647-96ae-5ceb1b98ba7c4"
vary
Accept-Encoding
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
public, max-age=87033
accept-ranges
bytes
content-type
text/html; charset=UTF-8
content-length
13882
expires
Wed, 10 Nov 2021 05:06:21 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame 4A4D 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsunhkM5s_AuCIBDtkBzyoErmVFIltlUUXMKXS1y4SsiSyeUA1H3gCZ18LsGIihqMgDVueToSyDwhcK-EL6nviA8-5hTqdLPrNZbNnh_d6tmxAqm-coqJM9hZ4d6bWcfOfvrl55GDOer6YDg&sai=AMfl-YTjKR6LeTHLRY5_e9ruYUYH_d97xk3Bd21Pqc6ndQ-C6RUhen638u2KLPjWviRqoNCEhnMmeMT3g9gNORxu8Xf0ip60x_TnmSkXYFINjLep0iPFV7_9PsZcbBA&sig=Cg0ArKJSzCwzMgsvC_eREAE&cid=CAASF-Roa5CIMZfNo4bT6gP5M3pSQISEu5h9&id=lidar2&mcvt=1070&p=0,0,124,1005&mtos=1070,1070,1070,1070,1070&tos=1070,0,0,0,0&v=20211108&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=22&adk=1812271801&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0%3D&vs=4&r=v&rst=1636433745683&rpt=1649&met=mue&wmsd=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 09 Nov 2021 04:55:48 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
AdServerServlet
vid.pubmatic.com/AdServer/ Frame D3C4 		27 B
0 		XHR
General
Check archive.org
Download Go to
Full URL
https://vid.pubmatic.com/AdServer/AdServerServlet?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+7+9+1+1+6&gdpr=0&gdpr_consent=&kadpageurl=https%3A%2F%2Fwww.nyasatimes.com%2F&schain=1.0,1!vidoomy.com,62144,1,1636433746982,,&us_privacy=&cb=1636433748057&SAVersion=2&inIframe=1&pageURL=https%253A%252F%252Fwww.nyasatimes.com%252F&screenResolution=1600x1200&kdntuid=1&vwndh=0&vwndw=0&vwndurl=https%253A%252F%252Fwww.nyasatimes.com%252F&vwndref=&vc=2&js=1&sec=1&kltstamp=2021-11-9%204:55:48&ranreq=0.25564730088575516&timezone=0&depth=0
Requested by
Host: vpaid.pubmatic.com
URL: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr==&gdpr_consent=&kadpageurl=https%3A%2F%2Fwww.nyasatimes.com%2F&schain=1.0,1!vidoomy.com,62144,1,1636433746982,,
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.111 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 09 Nov 2021 04:55:48 GMT
content-encoding
gzip
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
access-control-allow-origin
https://www.nyasatimes.com
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
x-vdbg
1:0/165:-1
content-type
application/xml; charset=utf-8
i
vid-io-cle.springserve.com/vd/ Frame DC31 		0
118 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://vid-io-cle.springserve.com/vd/i?suuid=7e729114&ps_id=356921&batch=1
Requested by
Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_d700fabb.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.139.192.142 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-139-192-142.us-east-2.compute.amazonaws.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.nyasatimes.com
date
Tue, 09 Nov 2021 04:55:48 GMT
access-control-allow-credentials
true
server
nginx
content-length
0
track
aktrack.pubmatic.com/ Frame DC31 		0
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aktrack.pubmatic.com/track?operId=7&p=156498&s=399115&a=1801592&ts=1636433748&wa=0&e=96&ier=901
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-233-180.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 09 Nov 2021 04:55:48 GMT
content-length
0
content-type
text/html
PMAdMgr.js
vpaid.pubmatic.com/ads/video/ Frame 080D 		152 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr=0&gdpr_consent=&kadpageurl=https%3A%2F%2Fwww.nyasatimes.com%2F&schain=1.0%2C1%21vidoomy.com%2C62144%2C1%2C864018690098919857110650245%2C%2C
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-233-180.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
f0f6a8b6c19b0c4d1cab075ab2f4f755cfef747424837668e65f431410f816e8

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 09 Nov 2021 04:55:48 GMT
content-encoding
gzip
last-modified
Tue, 10 Aug 2021 05:02:46 GMT
server
Apache/2.2.15 (CentOS)
etag
"1408294-25f9a-5c92d699d3c58"
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=10800
accept-ranges
bytes
content-length
36260
showad.js
ads.pubmatic.com/AdServer/js/ Frame F871 		38 KB
14 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/showad.js?
Requested by
Host: vpaid.pubmatic.com
URL: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr=0&gdpr_consent=&kadpageurl=https%3A%2F%2Fwww.nyasatimes.com%2F&schain=1.0%2C1%21vidoomy.com%2C62144%2C1%2C864018690098919857110650245%2C%2C
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-233-180.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
e2cdec10db9a0a224e9f5e49b6f004c5426564fb8d857ad3df480e9c916bafe6

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

last-modified
Tue, 19 Oct 2021 10:00:01 GMT
etag
"1302647-96ae-5ceb1b98ba7c4"
server
Apache/2.2.15 (CentOS)
accept-ranges
bytes
content-encoding
gzip
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
13882
content-type
text/html; charset=UTF-8
cache-control
public, max-age=87033
expires
Wed, 10 Nov 2021 05:06:21 GMT
date
Tue, 09 Nov 2021 04:55:48 GMT
vary
Accept-Encoding
showad.js
ads.pubmatic.com/AdServer/js/ Frame 080D 		38 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/showad.js?
Requested by
Host: vpaid.pubmatic.com
URL: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr=0&gdpr_consent=&kadpageurl=https%3A%2F%2Fwww.nyasatimes.com%2F&schain=1.0%2C1%21vidoomy.com%2C62144%2C1%2C864018690098919857110650245%2C%2C
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-233-180.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
e2cdec10db9a0a224e9f5e49b6f004c5426564fb8d857ad3df480e9c916bafe6

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 09 Nov 2021 04:55:48 GMT
content-encoding
gzip
last-modified
Tue, 19 Oct 2021 10:00:01 GMT
server
Apache/2.2.15 (CentOS)
etag
"1302647-96ae-5ceb1b98ba7c4"
vary
Accept-Encoding
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
public, max-age=87033
accept-ranges
bytes
content-type
text/html; charset=UTF-8
content-length
13882
expires
Wed, 10 Nov 2021 05:06:21 GMT
t
t.lkqd.net/ Frame 7D9C 		0
166 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://t.lkqd.net/t
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.128.190 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
application/json

Response headers

access-control-allow-origin
https://www.nyasatimes.com
date
Tue, 09 Nov 2021 04:55:48 GMT
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
server
nginx
content-length
0
content-type
text/plain; charset=UTF-8
t
t.lkqd.net/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://t.lkqd.net/t
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.128.190 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type
Origin
https://www.nyasatimes.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

server
nginx
date
Tue, 09 Nov 2021 04:55:48 GMT
content-type
text/plain; charset=UTF-8
content-length
0
access-control-allow-credentials
true
access-control-expose-headers
Content-Type, Content-Disposition
access-control-allow-headers
Content-Type
access-control-allow-methods
GET, OPTIONS, POST
cache-control
max-age=300
access-control-max-age
300
access-control-allow-origin
https://www.nyasatimes.com
AdServerServlet
vid.pubmatic.com/AdServer/ Frame 080D 		27 B
550 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://vid.pubmatic.com/AdServer/AdServerServlet?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+7+9+1+1+6&gdpr=0&gdpr_consent=&kadpageurl=https%3A%2F%2Fwww.nyasatimes.com%2F&schain=1.0%2C1%21vidoomy.com%2C62144%2C1%2C864018690098919857110650245%2C%2C&us_privacy=&cb=1636433748788&SAVersion=2&inIframe=1&pageURL=https%253A%252F%252Fwww.nyasatimes.com%252F&screenResolution=1600x1200&kdntuid=1&vwndh=0&vwndw=0&vwndurl=https%253A%252F%252Fwww.nyasatimes.com%252F&vwndref=&vc=2&js=1&sec=1&kltstamp=2021-11-9%204:55:49&ranreq=0.11114419959039368&timezone=0&depth=0
Requested by
Host: vpaid.pubmatic.com
URL: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr=0&gdpr_consent=&kadpageurl=https%3A%2F%2Fwww.nyasatimes.com%2F&schain=1.0%2C1%21vidoomy.com%2C62144%2C1%2C864018690098919857110650245%2C%2C
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.111 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
a71702232a771b558b12f8c0012a15f5652b500fd2e33464d283406cee36754d

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 09 Nov 2021 04:55:49 GMT
content-encoding
gzip
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
access-control-allow-origin
https://www.nyasatimes.com
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
x-vdbg
1:0/165:-1
content-type
application/xml; charset=utf-8
PMAdMgr.js
vpaid.pubmatic.com/ads/video/ Frame 37D2 		152 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr=0&gdpr_consent=&kadpageurl=https%3A%2F%2Fwww.nyasatimes.com%2F&schain=1.0%2C1%21vidoomy.com%2C62144%2C1%2C2051206655864018690098919857%2C%2C
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-233-180.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
f0f6a8b6c19b0c4d1cab075ab2f4f755cfef747424837668e65f431410f816e8

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 09 Nov 2021 04:55:49 GMT
content-encoding
gzip
last-modified
Tue, 10 Aug 2021 05:02:46 GMT
server
Apache/2.2.15 (CentOS)
etag
"1408294-25f9a-5c92d699d3c58"
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=10800
accept-ranges
bytes
content-length
36260
track
aktrack.pubmatic.com/ Frame 080D 		0
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aktrack.pubmatic.com/track?operId=7&p=156498&s=399115&a=1801592&ts=1636433749&wa=0&e=95&vc=2
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-233-180.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 09 Nov 2021 04:55:49 GMT
content-length
0
content-type
text/html
integrator.js
adservice.google.de/adsid/ Frame C2B1 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=40c08bcac5bf885dbd447c370f4f6d6d.safeframe.googlesyndication.com
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202111040101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-6272874513322487&plah=40c08bcac5bf885dbd447c370f4f6d6d.safeframe.googlesyndication.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://40c08bcac5bf885dbd447c370f4f6d6d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 09 Nov 2021 04:55:49 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ Frame C2B1 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=40c08bcac5bf885dbd447c370f4f6d6d.safeframe.googlesyndication.com
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202111040101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-6272874513322487&plah=40c08bcac5bf885dbd447c370f4f6d6d.safeframe.googlesyndication.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://40c08bcac5bf885dbd447c370f4f6d6d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 09 Nov 2021 04:55:49 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame 4A2D 		74 KB
28 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6272874513322487&output=html&h=250&slotname=6384578477&adk=1846531979&adf=776186312&pi=t.ma~as.6384578477&w=300&psa=0&format=300x250&url=https%3A%2F%2Fwww.nyasatimes.com%2F&ea=0&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1636433742983&bpp=4&bdt=5644&idt=6412&shv=r20211103&mjsv=m202111040101&ptt=9&saldr=aa&correlator=2528790567943&frm=24&ife=3&pv=2&ga_vid=628199854.1636433749&ga_sid=1636433749&ga_hid=1992209139&ga_fc=0&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=300&ish=250&ifk=4290881538&scr_x=-12245933&scr_y=-12245933&eid=31060032%2C44748552&oid=2&pvsid=1329697686204708&pem=848&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.h3zi3xrz7pfb&fsb=1&dtd=6423
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202111040101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-6272874513322487&plah=40c08bcac5bf885dbd447c370f4f6d6d.safeframe.googlesyndication.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
08406d1c32022b50005b99660d841d8a5b5cdc835de1e91cc05524ae7c362158
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://40c08bcac5bf885dbd447c370f4f6d6d.safeframe.googlesyndication.com/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
br
date
Tue, 09 Nov 2021 04:55:50 GMT
server
cafe
content-length
28628
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
t
t.lkqd.net/ Frame 7D9C 		0
166 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://t.lkqd.net/t
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.128.190 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
application/json

Response headers

access-control-allow-origin
https://www.nyasatimes.com
date
Tue, 09 Nov 2021 04:55:49 GMT
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
server
nginx
content-length
0
content-type
text/plain; charset=UTF-8
t
t.lkqd.net/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://t.lkqd.net/t
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.128.190 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type
Origin
https://www.nyasatimes.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

server
nginx
date
Tue, 09 Nov 2021 04:55:49 GMT
content-type
text/plain; charset=UTF-8
content-length
0
access-control-allow-credentials
true
access-control-expose-headers
Content-Type, Content-Disposition
access-control-allow-headers
Content-Type
access-control-allow-methods
GET, OPTIONS, POST
cache-control
max-age=300
access-control-max-age
300
access-control-allow-origin
https://www.nyasatimes.com
showad.js
ads.pubmatic.com/AdServer/js/ Frame 6F75 		38 KB
14 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/showad.js?
Requested by
Host: vpaid.pubmatic.com
URL: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr=0&gdpr_consent=&kadpageurl=https%3A%2F%2Fwww.nyasatimes.com%2F&schain=1.0%2C1%21vidoomy.com%2C62144%2C1%2C2051206655864018690098919857%2C%2C
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-233-180.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
e2cdec10db9a0a224e9f5e49b6f004c5426564fb8d857ad3df480e9c916bafe6

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

last-modified
Tue, 19 Oct 2021 10:00:01 GMT
etag
"1302647-96ae-5ceb1b98ba7c4"
server
Apache/2.2.15 (CentOS)
accept-ranges
bytes
content-encoding
gzip
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
13882
content-type
text/html; charset=UTF-8
cache-control
public, max-age=87032
expires
Wed, 10 Nov 2021 05:06:21 GMT
date
Tue, 09 Nov 2021 04:55:49 GMT
vary
Accept-Encoding
showad.js
ads.pubmatic.com/AdServer/js/ Frame 37D2 		38 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/showad.js?
Requested by
Host: vpaid.pubmatic.com
URL: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr=0&gdpr_consent=&kadpageurl=https%3A%2F%2Fwww.nyasatimes.com%2F&schain=1.0%2C1%21vidoomy.com%2C62144%2C1%2C2051206655864018690098919857%2C%2C
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-233-180.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
e2cdec10db9a0a224e9f5e49b6f004c5426564fb8d857ad3df480e9c916bafe6

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 09 Nov 2021 04:55:49 GMT
content-encoding
gzip
last-modified
Tue, 19 Oct 2021 10:00:01 GMT
server
Apache/2.2.15 (CentOS)
etag
"1302647-96ae-5ceb1b98ba7c4"
vary
Accept-Encoding
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
public, max-age=87032
accept-ranges
bytes
content-type
text/html; charset=UTF-8
content-length
13882
expires
Wed, 10 Nov 2021 05:06:21 GMT
integrator.js
adservice.google.de/adsid/ Frame 40B1 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=40c08bcac5bf885dbd447c370f4f6d6d.safeframe.googlesyndication.com
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202111040101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-6272874513322487&plah=40c08bcac5bf885dbd447c370f4f6d6d.safeframe.googlesyndication.com&bust=31063681
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://40c08bcac5bf885dbd447c370f4f6d6d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 09 Nov 2021 04:55:49 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ Frame 40B1 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=40c08bcac5bf885dbd447c370f4f6d6d.safeframe.googlesyndication.com
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202111040101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-6272874513322487&plah=40c08bcac5bf885dbd447c370f4f6d6d.safeframe.googlesyndication.com&bust=31063681
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://40c08bcac5bf885dbd447c370f4f6d6d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 09 Nov 2021 04:55:49 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame ECCE 		18 KB
10 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6272874513322487&output=html&h=90&slotname=8623798812&adk=3893537616&adf=776186306&pi=t.ma~as.8623798812&w=728&psa=0&format=728x90&url=https%3A%2F%2Fwww.nyasatimes.com%2F&ea=0&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1636433743870&bpp=4&bdt=6496&idt=5866&shv=r20211103&mjsv=m202111040101&ptt=9&saldr=aa&correlator=4653366252255&frm=24&ife=3&pv=2&ga_vid=702292323.1636433750&ga_sid=1636433750&ga_hid=1407238254&ga_fc=0&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=728&ish=90&ifk=1565869666&scr_x=-12245933&scr_y=-12245933&eid=44754331%2C31063355%2C31063681&oid=2&pvsid=1907843007424657&pem=848&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.kp2obwvw52ai&fsb=1&dtd=5883
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202111040101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-6272874513322487&plah=40c08bcac5bf885dbd447c370f4f6d6d.safeframe.googlesyndication.com&bust=31063681
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a5bbeaa469787c9f0bd267485542f77b2177afd4167475b96c18c71c9aff59f8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://40c08bcac5bf885dbd447c370f4f6d6d.safeframe.googlesyndication.com/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
br
date
Tue, 09 Nov 2021 04:55:50 GMT
server
cafe
content-length
10309
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
integrator.js
adservice.google.de/adsid/ Frame 6C8C 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=40c08bcac5bf885dbd447c370f4f6d6d.safeframe.googlesyndication.com
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202111040101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-6272874513322487&plah=40c08bcac5bf885dbd447c370f4f6d6d.safeframe.googlesyndication.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://40c08bcac5bf885dbd447c370f4f6d6d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 09 Nov 2021 04:55:49 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ Frame 6C8C 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=40c08bcac5bf885dbd447c370f4f6d6d.safeframe.googlesyndication.com
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202111040101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-6272874513322487&plah=40c08bcac5bf885dbd447c370f4f6d6d.safeframe.googlesyndication.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://40c08bcac5bf885dbd447c370f4f6d6d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 09 Nov 2021 04:55:49 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame 8A2D 		73 KB
28 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6272874513322487&output=html&h=250&slotname=6384578477&adk=1846531979&adf=776186319&pi=t.ma~as.6384578477&w=300&psa=0&format=300x250&url=https%3A%2F%2Fwww.nyasatimes.com%2F&ea=0&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1636433743833&bpp=1&bdt=6485&idt=5947&shv=r20211103&mjsv=m202111040101&ptt=9&saldr=aa&correlator=5893607863727&frm=24&ife=3&pv=2&ga_vid=41738721.1636433750&ga_sid=1636433750&ga_hid=1346727697&ga_fc=0&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=300&ish=250&ifk=4290881538&scr_x=-12245933&scr_y=-12245933&eid=44752093%2C44754331%2C31062945%2C31063355%2C31063361&oid=2&pvsid=3587062973168272&pem=848&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.rvv642hkv21k&fsb=1&dtd=5952
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202111040101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-6272874513322487&plah=40c08bcac5bf885dbd447c370f4f6d6d.safeframe.googlesyndication.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
aa1f30dfc95db43d4b547a851004ce7f16dfe22290c1f0aab7b40bc4be0a1e67
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://40c08bcac5bf885dbd447c370f4f6d6d.safeframe.googlesyndication.com/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
br
date
Tue, 09 Nov 2021 04:55:50 GMT
server
cafe
content-length
28389
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
AdServerServlet
vid.pubmatic.com/AdServer/ Frame 37D2 		27 B
126 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://vid.pubmatic.com/AdServer/AdServerServlet?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+7+9+1+1+6&gdpr=0&gdpr_consent=&kadpageurl=https%3A%2F%2Fwww.nyasatimes.com%2F&schain=1.0%2C1%21vidoomy.com%2C62144%2C1%2C2051206655864018690098919857%2C%2C&us_privacy=&cb=1636433749424&SAVersion=2&inIframe=1&pageURL=https%253A%252F%252Fwww.nyasatimes.com%252F&screenResolution=1600x1200&kdntuid=1&vwndh=0&vwndw=0&vwndurl=https%253A%252F%252Fwww.nyasatimes.com%252F&vwndref=&vc=2&js=1&sec=1&kltstamp=2021-11-9%204:55:49&ranreq=0.5923444610919302&timezone=0&depth=0
Requested by
Host: vpaid.pubmatic.com
URL: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr=0&gdpr_consent=&kadpageurl=https%3A%2F%2Fwww.nyasatimes.com%2F&schain=1.0%2C1%21vidoomy.com%2C62144%2C1%2C2051206655864018690098919857%2C%2C
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.111 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
a71702232a771b558b12f8c0012a15f5652b500fd2e33464d283406cee36754d

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 09 Nov 2021 04:55:49 GMT
content-encoding
gzip
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
access-control-allow-origin
https://www.nyasatimes.com
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
x-vdbg
1:0/165:-1
content-type
application/xml; charset=utf-8
PMAdMgr.js
vpaid.pubmatic.com/ads/video/ Frame C078 		152 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr=0&gdpr_consent=&kadpageurl=https%3A%2F%2Fwww.nyasatimes.com%2F&schain=1.0%2C1%21vidoomy.com%2C62144%2C1%2C864018690098919857152153064%2C%2C
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-233-180.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
f0f6a8b6c19b0c4d1cab075ab2f4f755cfef747424837668e65f431410f816e8

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 09 Nov 2021 04:55:50 GMT
content-encoding
gzip
last-modified
Tue, 10 Aug 2021 05:02:46 GMT
server
Apache/2.2.15 (CentOS)
etag
"1408294-25f9a-5c92d699d3c58"
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=10800
accept-ranges
bytes
content-length
36260
track
aktrack.pubmatic.com/ Frame 37D2 		0
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aktrack.pubmatic.com/track?operId=7&p=156498&s=399115&a=1801592&ts=1636433750&wa=0&e=95&vc=2
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-233-180.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 09 Nov 2021 04:55:50 GMT
content-length
0
content-type
text/html
t
t.lkqd.net/ Frame 7D9C 		0
166 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://t.lkqd.net/t
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.128.190 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
application/json

Response headers

access-control-allow-origin
https://www.nyasatimes.com
date
Tue, 09 Nov 2021 04:55:50 GMT
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
server
nginx
content-length
0
content-type
text/plain; charset=UTF-8
t
t.lkqd.net/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://t.lkqd.net/t
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.128.190 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type
Origin
https://www.nyasatimes.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

server
nginx
date
Tue, 09 Nov 2021 04:55:50 GMT
content-type
text/plain; charset=UTF-8
content-length
0
access-control-allow-credentials
true
access-control-expose-headers
Content-Type, Content-Disposition
access-control-allow-headers
Content-Type
access-control-allow-methods
GET, OPTIONS, POST
cache-control
max-age=300
access-control-max-age
300
access-control-allow-origin
https://www.nyasatimes.com
showad.js
ads.pubmatic.com/AdServer/js/ Frame 2E88 		38 KB
14 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/showad.js?
Requested by
Host: vpaid.pubmatic.com
URL: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr=0&gdpr_consent=&kadpageurl=https%3A%2F%2Fwww.nyasatimes.com%2F&schain=1.0%2C1%21vidoomy.com%2C62144%2C1%2C864018690098919857152153064%2C%2C
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-233-180.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
e2cdec10db9a0a224e9f5e49b6f004c5426564fb8d857ad3df480e9c916bafe6

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

last-modified
Tue, 19 Oct 2021 10:00:01 GMT
etag
"1302647-96ae-5ceb1b98ba7c4"
server
Apache/2.2.15 (CentOS)
accept-ranges
bytes
content-encoding
gzip
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
13882
content-type
text/html; charset=UTF-8
cache-control
public, max-age=87031
expires
Wed, 10 Nov 2021 05:06:21 GMT
date
Tue, 09 Nov 2021 04:55:50 GMT
vary
Accept-Encoding
showad.js
ads.pubmatic.com/AdServer/js/ Frame C078 		38 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/showad.js?
Requested by
Host: vpaid.pubmatic.com
URL: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr=0&gdpr_consent=&kadpageurl=https%3A%2F%2Fwww.nyasatimes.com%2F&schain=1.0%2C1%21vidoomy.com%2C62144%2C1%2C864018690098919857152153064%2C%2C
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-233-180.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
e2cdec10db9a0a224e9f5e49b6f004c5426564fb8d857ad3df480e9c916bafe6

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 09 Nov 2021 04:55:50 GMT
content-encoding
gzip
last-modified
Tue, 19 Oct 2021 10:00:01 GMT
server
Apache/2.2.15 (CentOS)
etag
"1302647-96ae-5ceb1b98ba7c4"
vary
Accept-Encoding
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
public, max-age=87031
accept-ranges
bytes
content-type
text/html; charset=UTF-8
content-length
13882
expires
Wed, 10 Nov 2021 05:06:21 GMT
14543548777636036037
tpc.googlesyndication.com/simgad/ Frame 4A2D 		27 KB
27 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/14543548777636036037?sqp=4sqPyQQ7QjkqNxABHQAAtEIgASgBMAk4A0DwkwlYAWBfcAKAAQGIAQGdAQAAgD-oAQGwAYCt4gS4AV_FAS2ynT4&rs=AOga4ql87DzWiMLdnaFme0HVvxK6tF5NwA
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6272874513322487&output=html&h=250&slotname=6384578477&adk=1846531979&adf=776186312&pi=t.ma~as.6384578477&w=300&psa=0&format=300x250&url=https%3A%2F%2Fwww.nyasatimes.com%2F&ea=0&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1636433742983&bpp=4&bdt=5644&idt=6412&shv=r20211103&mjsv=m202111040101&ptt=9&saldr=aa&correlator=2528790567943&frm=24&ife=3&pv=2&ga_vid=628199854.1636433749&ga_sid=1636433749&ga_hid=1992209139&ga_fc=0&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=300&ish=250&ifk=4290881538&scr_x=-12245933&scr_y=-12245933&eid=31060032%2C44748552&oid=2&pvsid=1329697686204708&pem=848&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.h3zi3xrz7pfb&fsb=1&dtd=6423
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
48605412d3fb49e8c7e9b30905facc795c8ac91ae8911025d20c407a8ab1c4a0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Fri, 05 Nov 2021 00:06:56 GMT
x-content-type-options
nosniff
age
362934
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
27591
x-xss-protection
0
last-modified
Fri, 15 Oct 2021 16:38:57 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Sat, 05 Nov 2022 00:06:56 GMT
adview
googleads.g.doubleclick.net/pagead/ Frame 4A2D 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/adview?ai=CN6EJVf-JYfCjGrKe7_UPl-sYntGfqmbr96z-yg7yntyg1AEQASC-_7EKYJXikIKgB6ABv7XGvALIAQKpAulCMQ-AvrY-qAMByAPJBKoE8wFP0MzD7O4Fn40VXtV_krI1p5xrUQLKLI7J609yIo8MqYfiLzchiAaBINIwiPMf3JpqDXbk7hvaoqkzwRMS4Js6SjAHwvaXgAeXDnXmFh4vSURwlR6UnPtUBW1EsM8IexcHz5rLDCi_Zhfxn2yHtXo4qlmJ64pFHxoU_6JGiL4LNBEd5Z3Of_hGfmvWBfUYW6exR47nqX70qIfqJRVvWsc1vUdYpUEsXU62SagM07YZ3AvBWUhgCWPSL_ZBquytGcW1TsrTKd022QUH5s25_173QF6hhaiJNvORAVRTx8oBOCAMabucm0Ufy1DBcmd7lQh3skDABNbjgtnUA5IFBAgEGAGSBQQIBRgEoAYCgAepyrnDAagHjs4bqAeT2BuoB-6WsQKoB_6esQKoB9XJG6gHpr4b2AcB8gcEENnTDNIICQiA4YAQEAEYX4AKAcgLAdgTDdAVAZgWAYAXAbIXHAoaCAASFHB1Yi02MjcyODc0NTEzMzIyNDg3GAA&sigh=2BRBcCtyNXI&uach_m=[UACH]
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6272874513322487&output=html&h=250&slotname=6384578477&adk=1846531979&adf=776186312&pi=t.ma~as.6384578477&w=300&psa=0&format=300x250&url=https%3A%2F%2Fwww.nyasatimes.com%2F&ea=0&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1636433742983&bpp=4&bdt=5644&idt=6412&shv=r20211103&mjsv=m202111040101&ptt=9&saldr=aa&correlator=2528790567943&frm=24&ife=3&pv=2&ga_vid=628199854.1636433749&ga_sid=1636433749&ga_hid=1992209139&ga_fc=0&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=300&ish=250&ifk=4290881538&scr_x=-12245933&scr_y=-12245933&eid=31060032%2C44748552&oid=2&pvsid=1329697686204708&pem=848&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.h3zi3xrz7pfb&fsb=1&dtd=6423
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6272874513322487&output=html&h=250&slotname=6384578477&adk=1846531979&adf=776186312&pi=t.ma~as.6384578477&w=300&psa=0&format=300x250&url=https%3A%2F%2Fwww.nyasatimes.com%2F&ea=0&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1636433742983&bpp=4&bdt=5644&idt=6412&shv=r20211103&mjsv=m202111040101&ptt=9&saldr=aa&correlator=2528790567943&frm=24&ife=3&pv=2&ga_vid=628199854.1636433749&ga_sid=1636433749&ga_hid=1992209139&ga_fc=0&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=300&ish=250&ifk=4290881538&scr_x=-12245933&scr_y=-12245933&eid=31060032%2C44748552&oid=2&pvsid=1329697686204708&pem=848&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.h3zi3xrz7pfb&fsb=1&dtd=6423
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

timing-allow-origin
*
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
date
Tue, 09 Nov 2021 04:55:50 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
abg_lite_fy2019.js
tpc.googlesyndication.com/pagead/js/r20211103/r20110914/ Frame 4A2D 		19 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20211103/r20110914/abg_lite_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6272874513322487&output=html&h=250&slotname=6384578477&adk=1846531979&adf=776186312&pi=t.ma~as.6384578477&w=300&psa=0&format=300x250&url=https%3A%2F%2Fwww.nyasatimes.com%2F&ea=0&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1636433742983&bpp=4&bdt=5644&idt=6412&shv=r20211103&mjsv=m202111040101&ptt=9&saldr=aa&correlator=2528790567943&frm=24&ife=3&pv=2&ga_vid=628199854.1636433749&ga_sid=1636433749&ga_hid=1992209139&ga_fc=0&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=300&ish=250&ifk=4290881538&scr_x=-12245933&scr_y=-12245933&eid=31060032%2C44748552&oid=2&pvsid=1329697686204708&pem=848&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.h3zi3xrz7pfb&fsb=1&dtd=6423
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
4c9d68e6fcd7df4461d8628656db38b9b67c9f193e49fdd74e0ab213c56e3581
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 09 Nov 2021 04:51:27 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
263
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7933
x-xss-protection
0
server
cafe
etag
7671872550847203596
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 23 Nov 2021 04:51:27 GMT
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20211103/r20110914/client/ Frame 4A2D 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20211103/r20110914/client/window_focus_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6272874513322487&output=html&h=250&slotname=6384578477&adk=1846531979&adf=776186312&pi=t.ma~as.6384578477&w=300&psa=0&format=300x250&url=https%3A%2F%2Fwww.nyasatimes.com%2F&ea=0&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1636433742983&bpp=4&bdt=5644&idt=6412&shv=r20211103&mjsv=m202111040101&ptt=9&saldr=aa&correlator=2528790567943&frm=24&ife=3&pv=2&ga_vid=628199854.1636433749&ga_sid=1636433749&ga_hid=1992209139&ga_fc=0&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=300&ish=250&ifk=4290881538&scr_x=-12245933&scr_y=-12245933&eid=31060032%2C44748552&oid=2&pvsid=1329697686204708&pem=848&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.h3zi3xrz7pfb&fsb=1&dtd=6423
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
4af635698cb6488a8df86b99febedbc979c76e04f675f3a9cdc66f7b4d86aff6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 09 Nov 2021 04:45:43 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
607
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1470
x-xss-protection
0
server
cafe
etag
9165589572046851897
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 23 Nov 2021 04:45:43 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 4A2D 		121 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6272874513322487&output=html&h=250&slotname=6384578477&adk=1846531979&adf=776186312&pi=t.ma~as.6384578477&w=300&psa=0&format=300x250&url=https%3A%2F%2Fwww.nyasatimes.com%2F&ea=0&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1636433742983&bpp=4&bdt=5644&idt=6412&shv=r20211103&mjsv=m202111040101&ptt=9&saldr=aa&correlator=2528790567943&frm=24&ife=3&pv=2&ga_vid=628199854.1636433749&ga_sid=1636433749&ga_hid=1992209139&ga_fc=0&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=300&ish=250&ifk=4290881538&scr_x=-12245933&scr_y=-12245933&eid=31060032%2C44748552&oid=2&pvsid=1329697686204708&pem=848&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.h3zi3xrz7pfb&fsb=1&dtd=6423
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
sffe /
Resource Hash
eae50574ea0a56447a194b3b9b6f1c5b351bc2839e59a8faed20d1c93ca6e651
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 09 Nov 2021 04:55:50 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
37743
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1636374859716629"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Tue, 09 Nov 2021 04:55:50 GMT
qs_click_protection_fy2019.js
tpc.googlesyndication.com/pagead/js/r20211103/r20110914/client/ Frame 4A2D 		15 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20211103/r20110914/client/qs_click_protection_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6272874513322487&output=html&h=250&slotname=6384578477&adk=1846531979&adf=776186312&pi=t.ma~as.6384578477&w=300&psa=0&format=300x250&url=https%3A%2F%2Fwww.nyasatimes.com%2F&ea=0&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1636433742983&bpp=4&bdt=5644&idt=6412&shv=r20211103&mjsv=m202111040101&ptt=9&saldr=aa&correlator=2528790567943&frm=24&ife=3&pv=2&ga_vid=628199854.1636433749&ga_sid=1636433749&ga_hid=1992209139&ga_fc=0&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=300&ish=250&ifk=4290881538&scr_x=-12245933&scr_y=-12245933&eid=31060032%2C44748552&oid=2&pvsid=1329697686204708&pem=848&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.h3zi3xrz7pfb&fsb=1&dtd=6423
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
69a051355ad02c286b388a0013340d02657eb3f463d628f7fc1069c40ab8a7e5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 09 Nov 2021 04:35:24 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1226
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6619
x-xss-protection
0
server
cafe
etag
4215814365075848680
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 23 Nov 2021 04:35:24 GMT
l
www.google.com/ads/measurement/ Frame 4A2D 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaQ1KZ_jO6fvWOa7HQ0ODWxPMH7Sfbq9dNCCgbEMYgNU3W0dE73cCWF0nNoO-zKWpFVnNEkaPIHa1MrRmzHmrygO5NODsw
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6272874513322487&output=html&h=250&slotname=6384578477&adk=1846531979&adf=776186312&pi=t.ma~as.6384578477&w=300&psa=0&format=300x250&url=https%3A%2F%2Fwww.nyasatimes.com%2F&ea=0&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1636433742983&bpp=4&bdt=5644&idt=6412&shv=r20211103&mjsv=m202111040101&ptt=9&saldr=aa&correlator=2528790567943&frm=24&ife=3&pv=2&ga_vid=628199854.1636433749&ga_sid=1636433749&ga_hid=1992209139&ga_fc=0&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=300&ish=250&ifk=4290881538&scr_x=-12245933&scr_y=-12245933&eid=31060032%2C44748552&oid=2&pvsid=1329697686204708&pem=848&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.h3zi3xrz7pfb&fsb=1&dtd=6423
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers
AdServerServlet
vid.pubmatic.com/AdServer/ Frame C078 		27 B
356 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://vid.pubmatic.com/AdServer/AdServerServlet?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+7+9+1+1+6&gdpr=0&gdpr_consent=&kadpageurl=https%3A%2F%2Fwww.nyasatimes.com%2F&schain=1.0%2C1%21vidoomy.com%2C62144%2C1%2C864018690098919857152153064%2C%2C&us_privacy=&cb=1636433750044&SAVersion=2&inIframe=1&pageURL=https%253A%252F%252Fwww.nyasatimes.com%252F&screenResolution=1600x1200&kdntuid=1&vwndh=0&vwndw=0&vwndurl=https%253A%252F%252Fwww.nyasatimes.com%252F&vwndref=&vc=2&js=1&sec=1&kltstamp=2021-11-9%204:55:50&ranreq=0.9231635690922058&timezone=0&depth=0
Requested by
Host: vpaid.pubmatic.com
URL: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr=0&gdpr_consent=&kadpageurl=https%3A%2F%2Fwww.nyasatimes.com%2F&schain=1.0%2C1%21vidoomy.com%2C62144%2C1%2C864018690098919857152153064%2C%2C
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.111 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
a71702232a771b558b12f8c0012a15f5652b500fd2e33464d283406cee36754d

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 09 Nov 2021 04:55:50 GMT
content-encoding
gzip
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
access-control-allow-origin
https://www.nyasatimes.com
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
x-vdbg
1:0/165:-1
content-type
application/xml; charset=utf-8
t
t.lkqd.net/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://t.lkqd.net/t
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.128.190 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type
Origin
https://www.nyasatimes.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

server
nginx
date
Tue, 09 Nov 2021 04:55:50 GMT
content-type
text/plain; charset=UTF-8
content-length
0
access-control-allow-credentials
true
access-control-expose-headers
Content-Type, Content-Disposition
access-control-allow-headers
Content-Type
access-control-allow-methods
GET, OPTIONS, POST
cache-control
max-age=300
access-control-max-age
300
access-control-allow-origin
https://www.nyasatimes.com
t
t.lkqd.net/ Frame 7D9C 		0
166 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://t.lkqd.net/t
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.128.190 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
application/json

Response headers

access-control-allow-origin
https://www.nyasatimes.com
date
Tue, 09 Nov 2021 04:55:50 GMT
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
server
nginx
content-length
0
content-type
text/plain; charset=UTF-8
track
aktrack.pubmatic.com/ Frame C078 		0
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aktrack.pubmatic.com/track?operId=7&p=156498&s=399115&a=1801592&ts=1636433751&wa=0&e=95&vc=2
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-233-180.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 09 Nov 2021 04:55:50 GMT
content-length
0
content-type
text/html
one_click_handler_one_afma_fy2019.js
tpc.googlesyndication.com/pagead/js/r20211103/r20110914/client/ Frame 4A2D 		27 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20211103/r20110914/client/one_click_handler_one_afma_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6272874513322487&output=html&h=250&slotname=6384578477&adk=1846531979&adf=776186312&pi=t.ma~as.6384578477&w=300&psa=0&format=300x250&url=https%3A%2F%2Fwww.nyasatimes.com%2F&ea=0&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1636433742983&bpp=4&bdt=5644&idt=6412&shv=r20211103&mjsv=m202111040101&ptt=9&saldr=aa&correlator=2528790567943&frm=24&ife=3&pv=2&ga_vid=628199854.1636433749&ga_sid=1636433749&ga_hid=1992209139&ga_fc=0&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=300&ish=250&ifk=4290881538&scr_x=-12245933&scr_y=-12245933&eid=31060032%2C44748552&oid=2&pvsid=1329697686204708&pem=848&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.h3zi3xrz7pfb&fsb=1&dtd=6423
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
958cb8992e75141f60d67383af5df25397e04446753f027dd317be9d51136ab0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Mon, 08 Nov 2021 07:17:49 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
77881
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11538
x-xss-protection
0
server
cafe
etag
16299297374704173702
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 22 Nov 2021 07:17:49 GMT
1x1.trans.gif
www.nyasatimes.com/wp-content/plugins/lazy-load/images/ 		42 B
521 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.nyasatimes.com/wp-content/plugins/lazy-load/images/1x1.trans.gif
Requested by
Host: 3e58xg3iuaa84csjh2769ipd-wpengine.netdna-ssl.com
URL: https://3e58xg3iuaa84csjh2769ipd-wpengine.netdna-ssl.com/wp-content/plugins/autoptimize/classes/external/js/lazysizes.min.js?ao_version=2.9.2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4681 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.nyasatimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 09 Nov 2021 04:55:50 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
34205
cf-polished
status=not_needed
content-length
42
last-modified
Thu, 13 Apr 2017 10:28:12 GMT
server
cloudflare
etag
"58ef52bc-2a"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=582Z2gZLAA%2BLsP%2BMptvvkyvRH8cEwme9LWxnJ%2FK%2FVxmuvVovkx467Lc7P5T2CYVVr6lbZ5hH0oQS9HVZgN7HaeMH9296OF1iK66nctn9HFLEfGHUtOPqILAGSEEEWG1Jr9F3BqPXnMSeiIj8UHn%2FAQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/gif
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
cf-ray
6ab4737f3da305e9-FRA
cf-bgj
imgq:85,h2pri
ad
v.lkqd.net/ Frame 239D 		2 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://v.lkqd.net/ad?pid=430&sid=1151941&formats=true&output=vastvpaid&support=html5&execution=outstream&placement=slider&playinit=auto&volume=0&width=400&height=225&gdpr=0&gdprcs=&pageurl=https%3A%2F%2Fwww.nyasatimes.com%2F&dnt=0&c1=&c2=0&c3=1.0%2C1!vidoomy.com%2C62144%2C1%2C&c5=&c6=62144&rnd=43113407&m=
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/formats.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.128.151 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
4cb35cbd51b850ff4f6466dc26a3a2d8b5c32638e0e41beeb66ef407edf47fd7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 09 Nov 2021 04:55:51 GMT
content-encoding
gzip
server
nginx
content-type
application/xml; charset=UTF-8
access-control-allow-origin
https://www.nyasatimes.com
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-length
1355
vpaid.js
ad.lkqd.net/vpaid/ Frame B6EF 		230 KB
61 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/formats.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
/
Resource Hash
36ae762191d24727fbba21272ea14872bb7824188961282001d50e67f7b1881c

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 09 Nov 2021 04:55:51 GMT
content-encoding
gzip
last-modified
Tue, 02 Nov 2021 21:06:56 GMT
etag
"cca1f428155a1f13b17a4684f2c8ef1c"
x-hw
1636433751.cds125.am5.hn,1636433751.cds300.am5.c
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=1209600
accept-ranges
bytes
content-length
62015
usync.html
ad.lkqd.net/cookie-sync/ Frame 3A92 		5 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ad.lkqd.net/cookie-sync/usync.html
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
/
Resource Hash
b6ff02c733394664dbb2178c88a0d8ab1292602aaad412e44ee83c3ab7943faf

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

date
Tue, 09 Nov 2021 04:55:51 GMT
content-encoding
gzip
content-length
1909
content-type
text/html
last-modified
Tue, 26 Oct 2021 15:08:45 GMT
accept-ranges
bytes
etag
"10c6626c1705141142b0302e29b3bd0e"
cache-control
public, max-age=1209600
x-hw
1636433751.cds125.am5.hn,1636433751.cds257.am5.c
access-control-allow-origin
*
ad
v.lkqd.net/ Frame B6EF 		90 KB
6 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://v.lkqd.net/ad?pid=430&sid=1151941&formats=true&output=json2&support=html5&execution=outstream&placement=slider&playinit=auto&volume=0&width=400&height=225&gdpr=0&gdprcs=&pageurl=https%3A%2F%2Fwww.nyasatimes.com%2F&dnt=0&c1=&c2=0&c3=1.0%2C1!vidoomy.com%2C62144%2C1%2C&c5=&c6=62144&rnd=43113407&m=&rtv=1&thost=www.nyasatimes.com
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.128.151 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
d952b355779a8499cb0c700081b3ab5edd35c988c2ce9f77c6e1e0efb829cc97

Request headers

Referer
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
application/json

Response headers

date
Tue, 09 Nov 2021 04:55:51 GMT
content-encoding
gzip
server
nginx
content-type
application/json
access-control-allow-origin
https://www.nyasatimes.com
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-length
5916
ad
v.lkqd.net/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://v.lkqd.net/ad?pid=430&sid=1151941&formats=true&output=json2&support=html5&execution=outstream&placement=slider&playinit=auto&volume=0&width=400&height=225&gdpr=0&gdprcs=&pageurl=https%3A%2F%2Fwww.nyasatimes.com%2F&dnt=0&c1=&c2=0&c3=1.0%2C1!vidoomy.com%2C62144%2C1%2C&c5=&c6=62144&rnd=43113407&m=&rtv=1&thost=www.nyasatimes.com
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.128.151 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type
Origin
https://www.nyasatimes.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

server
nginx
date
Tue, 09 Nov 2021 04:55:51 GMT
content-length
0
access-control-allow-origin
https://www.nyasatimes.com
access-control-max-age
300
cache-control
max-age=300
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-headers
Content-Type
access-control-expose-headers
Content-Type, Content-Disposition
access-control-allow-credentials
true
cs
cs.lkqd.net/ Frame 3A92 		43 B
308 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.lkqd.net/cs?partnerId=55&redirect=https%3A%2F%2Fidsync.rlcdn.com%2F464986.gif%3Fpartner_uid%3D%24%24rawlkqduserid%24%24&r=if
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/cookie-sync/usync.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.132.196 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ad.lkqd.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 09 Nov 2021 04:55:51 GMT
server
nginx
access-control-max-age
0
access-control-allow-methods
GET
content-type
image/gif
access-control-allow-origin
*
access-control-expose-headers
Content-Type, Content-Disposition
cache-control
max-age=0
access-control-allow-credentials
true
access-control-allow-headers
Content-Type
content-length
43
cs
cs.lkqd.net/ Frame 3A92 		43 B
308 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.lkqd.net/cs?partnerId=103&redirect=https%3A%2F%2Fevent.clientgear.com%2Fcookie%2Flkqd%3Fpartner%3Dlkqd%26cookieid%3D%24%24rawlkqduserid%24%24&r=if
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/cookie-sync/usync.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.132.196 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ad.lkqd.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 09 Nov 2021 04:55:51 GMT
server
nginx
access-control-max-age
0
access-control-allow-methods
GET
content-type
image/gif
access-control-allow-origin
*
access-control-expose-headers
Content-Type, Content-Disposition
cache-control
max-age=0
access-control-allow-credentials
true
access-control-allow-headers
Content-Type
content-length
43
cs
cs.lkqd.net/ Frame 3A92 		43 B
308 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.lkqd.net/cs?partnerId=102&redirect=https%3A%2F%2Fcs.krushmedia.com%2Fcd607442bfdf172cfcec45014a5f4ece.gif%3Fpuid%3D%24%24rawlkqduserid%24%24%26redir%3Dhttps%253A%252F%252Fcs.lkqd.net%252Fcs%253FpartnerId%253D102%2526partnerUserId%253D%255BUID%255D&r=if
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/cookie-sync/usync.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.132.196 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ad.lkqd.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 09 Nov 2021 04:55:51 GMT
server
nginx
access-control-max-age
0
access-control-allow-methods
GET
content-type
image/gif
access-control-allow-origin
*
access-control-expose-headers
Content-Type, Content-Disposition
cache-control
max-age=0
access-control-allow-credentials
true
access-control-allow-headers
Content-Type
content-length
43
cs
cs.lkqd.net/ Frame 3A92 		43 B
308 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.lkqd.net/cs?partnerId=99&redirect=https%3A%2F%2Fc.deployads.com%2Fcs%2FNXST%3Fb%3D%24%24rawlkqduserid%24%24&r=if
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/cookie-sync/usync.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.132.196 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ad.lkqd.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 09 Nov 2021 04:55:51 GMT
server
nginx
access-control-max-age
0
access-control-allow-methods
GET
content-type
image/gif
access-control-allow-origin
*
access-control-expose-headers
Content-Type, Content-Disposition
cache-control
max-age=0
access-control-allow-credentials
true
access-control-allow-headers
Content-Type
content-length
43
cs
cs.lkqd.net/ Frame 3A92
Redirect Chain
  • https://ad.turn.com/r/cs?pid=65
  • https://cs.lkqd.net/cs?partnerId=94&partnerUserId=2910766924132551182
43 B
308 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.lkqd.net/cs?partnerId=94&partnerUserId=2910766924132551182
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/cookie-sync/usync.html
Protocol
H2
Server
146.20.132.196 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ad.lkqd.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 09 Nov 2021 04:55:51 GMT
server
nginx
access-control-max-age
0
access-control-allow-methods
GET
content-type
image/gif
access-control-allow-origin
*
access-control-expose-headers
Content-Type, Content-Disposition
cache-control
max-age=0
access-control-allow-credentials
true
access-control-allow-headers
Content-Type
content-length
43

Redirect headers

location
https://cs.lkqd.net/cs?partnerId=94&partnerUserId=2910766924132551182
pragma
no-cache
date
Tue, 09 Nov 2021 04:55:51 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
0
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame 8873 		1 KB
754 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6272874513322487&output=html&h=250&slotname=6384578477&adk=1846531979&adf=776186312&pi=t.ma~as.6384578477&w=300&psa=0&format=300x250&url=https%3A%2F%2Fwww.nyasatimes.com%2F&ea=0&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1636433742983&bpp=4&bdt=5644&idt=6412&shv=r20211103&mjsv=m202111040101&ptt=9&saldr=aa&correlator=2528790567943&frm=24&ife=3&pv=2&ga_vid=628199854.1636433749&ga_sid=1636433749&ga_hid=1992209139&ga_fc=0&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=300&ish=250&ifk=4290881538&scr_x=-12245933&scr_y=-12245933&eid=31060032%2C44748552&oid=2&pvsid=1329697686204708&pem=848&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.h3zi3xrz7pfb&fsb=1&dtd=6423
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/

Response headers

p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
vary
Accept-Encoding
date
Mon, 08 Nov 2021 18:26:41 GMT
expires
Tue, 09 Nov 2021 18:26:41 GMT
content-type
text/html; charset=UTF-8
etag
48472445140208031
x-content-type-options
nosniff
content-encoding
gzip
server
cafe
content-length
724
x-xss-protection
0
age
37750
cache-control
public, max-age=86400
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
14543548777636036037
tpc.googlesyndication.com/simgad/ Frame 8A2D 		27 KB
27 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/14543548777636036037?sqp=4sqPyQQ7QjkqNxABHQAAtEIgASgBMAk4A0DwkwlYAWBfcAKAAQGIAQGdAQAAgD-oAQGwAYCt4gS4AV_FAS2ynT4&rs=AOga4ql87DzWiMLdnaFme0HVvxK6tF5NwA
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6272874513322487&output=html&h=250&slotname=6384578477&adk=1846531979&adf=776186319&pi=t.ma~as.6384578477&w=300&psa=0&format=300x250&url=https%3A%2F%2Fwww.nyasatimes.com%2F&ea=0&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1636433743833&bpp=1&bdt=6485&idt=5947&shv=r20211103&mjsv=m202111040101&ptt=9&saldr=aa&correlator=5893607863727&frm=24&ife=3&pv=2&ga_vid=41738721.1636433750&ga_sid=1636433750&ga_hid=1346727697&ga_fc=0&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=300&ish=250&ifk=4290881538&scr_x=-12245933&scr_y=-12245933&eid=44752093%2C44754331%2C31062945%2C31063355%2C31063361&oid=2&pvsid=3587062973168272&pem=848&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.rvv642hkv21k&fsb=1&dtd=5952
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
48605412d3fb49e8c7e9b30905facc795c8ac91ae8911025d20c407a8ab1c4a0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Fri, 05 Nov 2021 00:06:56 GMT
x-content-type-options
nosniff
age
362935
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
27591
x-xss-protection
0
last-modified
Fri, 15 Oct 2021 16:38:57 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Sat, 05 Nov 2022 00:06:56 GMT
abg_lite_fy2019.js
tpc.googlesyndication.com/pagead/js/r20211103/r20110914/ Frame 8A2D 		19 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20211103/r20110914/abg_lite_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6272874513322487&output=html&h=250&slotname=6384578477&adk=1846531979&adf=776186319&pi=t.ma~as.6384578477&w=300&psa=0&format=300x250&url=https%3A%2F%2Fwww.nyasatimes.com%2F&ea=0&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1636433743833&bpp=1&bdt=6485&idt=5947&shv=r20211103&mjsv=m202111040101&ptt=9&saldr=aa&correlator=5893607863727&frm=24&ife=3&pv=2&ga_vid=41738721.1636433750&ga_sid=1636433750&ga_hid=1346727697&ga_fc=0&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=300&ish=250&ifk=4290881538&scr_x=-12245933&scr_y=-12245933&eid=44752093%2C44754331%2C31062945%2C31063355%2C31063361&oid=2&pvsid=3587062973168272&pem=848&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.rvv642hkv21k&fsb=1&dtd=5952
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
4c9d68e6fcd7df4461d8628656db38b9b67c9f193e49fdd74e0ab213c56e3581
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 09 Nov 2021 04:51:27 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
264
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7933
x-xss-protection
0
server
cafe
etag
7671872550847203596
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 23 Nov 2021 04:51:27 GMT
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20211103/r20110914/client/ Frame 8A2D 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20211103/r20110914/client/window_focus_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6272874513322487&output=html&h=250&slotname=6384578477&adk=1846531979&adf=776186319&pi=t.ma~as.6384578477&w=300&psa=0&format=300x250&url=https%3A%2F%2Fwww.nyasatimes.com%2F&ea=0&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1636433743833&bpp=1&bdt=6485&idt=5947&shv=r20211103&mjsv=m202111040101&ptt=9&saldr=aa&correlator=5893607863727&frm=24&ife=3&pv=2&ga_vid=41738721.1636433750&ga_sid=1636433750&ga_hid=1346727697&ga_fc=0&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=300&ish=250&ifk=4290881538&scr_x=-12245933&scr_y=-12245933&eid=44752093%2C44754331%2C31062945%2C31063355%2C31063361&oid=2&pvsid=3587062973168272&pem=848&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.rvv642hkv21k&fsb=1&dtd=5952
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
4af635698cb6488a8df86b99febedbc979c76e04f675f3a9cdc66f7b4d86aff6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 09 Nov 2021 04:45:43 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
608
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1470
x-xss-protection
0
server
cafe
etag
9165589572046851897
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 23 Nov 2021 04:45:43 GMT
adview
googleads.g.doubleclick.net/pagead/ Frame 8A2D 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/adview?ai=CqxH0Vf-JYfS3MZjlgAfJ37-QDZ7Rn6pm6_es_soO8p7coNQBEAEgvv-xCmCV4pCCoAegAb-1xrwCyAECqQJ09bqiQ8G2PqgDAcgDyYSAAqoE8wFP0PpbgsdPdQCLl4_fnvyJpweAaUDTIXvjD8-226UTlYfmUTq76P0H-lCYrnhphFkNgS_QP0vT88LJsMz3oB5S_C6neiosZqTB-idip8vvWX7C28AJna_kLIK58Tv3GGHO4rIyEmE5WNHoYAaORasW7akf8YjLDvsy6q3MfMSwLat0A3Wk09ZUgjELFJqzhrYn23zu6wGaHUcL99544VaukPHwdF3TJ1fzPG1P98qAaspV4TUNpITjEms8BLxmSk_PTl-ognxzJD456rVvKyYrq9GYFonHs4wxX8j2yPqbuA30oNUxUzz7HNlwuAMeoJ8LK-_ABNbjgtnUA5IFBAgEGAGSBQQIBRgEoAYCgAepyrnDAagHjs4bqAeT2BuoB-6WsQKoB_6esQKoB9XJG6gHpr4b2AcB8gcEEOjpC9IICQiA4YAQEAEYX4AKAcgLAdgTDdAVAZgWAYAXAbIXHAoaCAASFHB1Yi02MjcyODc0NTEzMzIyNDg3GAA&sigh=J-QVGmVRjA0&uach_m=[UACH]
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6272874513322487&output=html&h=250&slotname=6384578477&adk=1846531979&adf=776186319&pi=t.ma~as.6384578477&w=300&psa=0&format=300x250&url=https%3A%2F%2Fwww.nyasatimes.com%2F&ea=0&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1636433743833&bpp=1&bdt=6485&idt=5947&shv=r20211103&mjsv=m202111040101&ptt=9&saldr=aa&correlator=5893607863727&frm=24&ife=3&pv=2&ga_vid=41738721.1636433750&ga_sid=1636433750&ga_hid=1346727697&ga_fc=0&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=300&ish=250&ifk=4290881538&scr_x=-12245933&scr_y=-12245933&eid=44752093%2C44754331%2C31062945%2C31063355%2C31063361&oid=2&pvsid=3587062973168272&pem=848&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.rvv642hkv21k&fsb=1&dtd=5952
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6272874513322487&output=html&h=250&slotname=6384578477&adk=1846531979&adf=776186319&pi=t.ma~as.6384578477&w=300&psa=0&format=300x250&url=https%3A%2F%2Fwww.nyasatimes.com%2F&ea=0&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1636433743833&bpp=1&bdt=6485&idt=5947&shv=r20211103&mjsv=m202111040101&ptt=9&saldr=aa&correlator=5893607863727&frm=24&ife=3&pv=2&ga_vid=41738721.1636433750&ga_sid=1636433750&ga_hid=1346727697&ga_fc=0&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=300&ish=250&ifk=4290881538&scr_x=-12245933&scr_y=-12245933&eid=44752093%2C44754331%2C31062945%2C31063355%2C31063361&oid=2&pvsid=3587062973168272&pem=848&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.rvv642hkv21k&fsb=1&dtd=5952
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

timing-allow-origin
*
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
date
Tue, 09 Nov 2021 04:55:51 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
gen_204
pagead2.googlesyndication.com/pagead/ Frame ECCE 		42 B
68 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-AtuiekmwvUv0i0x46jqGniwxOVW5H501QaDFm4MTz5tM6El3Mydg1EysZ6vedibdrAg1OFUnUc0Bu-oQr1nNQ_vu6Wt4ih-c1DBzJretW8JDJ013A
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6272874513322487&output=html&h=90&slotname=8623798812&adk=3893537616&adf=776186306&pi=t.ma~as.8623798812&w=728&psa=0&format=728x90&url=https%3A%2F%2Fwww.nyasatimes.com%2F&ea=0&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1636433743870&bpp=4&bdt=6496&idt=5866&shv=r20211103&mjsv=m202111040101&ptt=9&saldr=aa&correlator=4653366252255&frm=24&ife=3&pv=2&ga_vid=702292323.1636433750&ga_sid=1636433750&ga_hid=1407238254&ga_fc=0&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=728&ish=90&ifk=1565869666&scr_x=-12245933&scr_y=-12245933&eid=44754331%2C31063355%2C31063681&oid=2&pvsid=1907843007424657&pem=848&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.kp2obwvw52ai&fsb=1&dtd=5883
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 09 Nov 2021 04:55:51 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20211103/r20110914/client/ Frame ECCE 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20211103/r20110914/client/window_focus_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6272874513322487&output=html&h=90&slotname=8623798812&adk=3893537616&adf=776186306&pi=t.ma~as.8623798812&w=728&psa=0&format=728x90&url=https%3A%2F%2Fwww.nyasatimes.com%2F&ea=0&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1636433743870&bpp=4&bdt=6496&idt=5866&shv=r20211103&mjsv=m202111040101&ptt=9&saldr=aa&correlator=4653366252255&frm=24&ife=3&pv=2&ga_vid=702292323.1636433750&ga_sid=1636433750&ga_hid=1407238254&ga_fc=0&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=728&ish=90&ifk=1565869666&scr_x=-12245933&scr_y=-12245933&eid=44754331%2C31063355%2C31063681&oid=2&pvsid=1907843007424657&pem=848&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.kp2obwvw52ai&fsb=1&dtd=5883
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
4af635698cb6488a8df86b99febedbc979c76e04f675f3a9cdc66f7b4d86aff6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 09 Nov 2021 04:45:43 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
608
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1470
x-xss-protection
0
server
cafe
etag
9165589572046851897
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 23 Nov 2021 04:45:43 GMT
pixel
googleads.g.doubleclick.net/xbbe/ Frame 91FE 		499 B
334 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhCn9EsYvNLFlQEwAQ&v=APEucNUMjdQC5fEbr0_NwAZZK3sPdZ7zhFx8FGrbImwzv9MZujNks2wZ8YUYcUDhBgQ8qPYdlvBomz8TLoPSxa70YrNQgyd6PPoz5zQo-tc7My9Xrh42b2ukbVErbgwrnmgc32-uHPT2Py8keRt57cuL9WAr_0SmIHaKNWnh98kGmjGwJs47IOE
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6272874513322487&output=html&h=90&slotname=8623798812&adk=3893537616&adf=776186306&pi=t.ma~as.8623798812&w=728&psa=0&format=728x90&url=https%3A%2F%2Fwww.nyasatimes.com%2F&ea=0&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1636433743870&bpp=4&bdt=6496&idt=5866&shv=r20211103&mjsv=m202111040101&ptt=9&saldr=aa&correlator=4653366252255&frm=24&ife=3&pv=2&ga_vid=702292323.1636433750&ga_sid=1636433750&ga_hid=1407238254&ga_fc=0&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=728&ish=90&ifk=1565869666&scr_x=-12245933&scr_y=-12245933&eid=44754331%2C31063355%2C31063681&oid=2&pvsid=1907843007424657&pem=848&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.kp2obwvw52ai&fsb=1&dtd=5883
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
583eda12fed77c078f7391866e53eedd80aec5b9b178a3537a3c4c3b09575485
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6272874513322487&output=html&h=90&slotname=8623798812&adk=3893537616&adf=776186306&pi=t.ma~as.8623798812&w=728&psa=0&format=728x90&url=https%3A%2F%2Fwww.nyasatimes.com%2F&ea=0&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1636433743870&bpp=4&bdt=6496&idt=5866&shv=r20211103&mjsv=m202111040101&ptt=9&saldr=aa&correlator=4653366252255&frm=24&ife=3&pv=2&ga_vid=702292323.1636433750&ga_sid=1636433750&ga_hid=1407238254&ga_fc=0&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=728&ish=90&ifk=1565869666&scr_x=-12245933&scr_y=-12245933&eid=44754331%2C31063355%2C31063681&oid=2&pvsid=1907843007424657&pem=848&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.kp2obwvw52ai&fsb=1&dtd=5883

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
gzip
date
Tue, 09 Nov 2021 04:55:51 GMT
server
cafe
cache-control
private
content-length
313
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
ad
googleads.g.doubleclick.net/dbm/ Frame ECCE 		26 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-CzMwbgbkb4VQfjNb0CC9M6oMP3SpeG8d8a1HxAhD_U3pXazSKNkwMIL-YkuvApN2fQ4udsro2aC1sSb-ns2UbmNnCFrZqbJetu4kx1If8GXbFAiLmuEvcYqzIVGZSketSXRqxfkoYiEDzX_55ZN6i0YyHyRg&cry=1&dbm_d=AKAmf-BBypONiEZC2E_tiPPLpXXva1Vg-nZLuRqyUqcxCkUzqnIj1DfXVPylYaldUP6kiuXcrDyMK6uuflPFPIsr7boHEKfzvAfqFueZWRqamUj7LaAYTnTsMDXWAHBaEVX6lmflLo47IGdT6zX43X8iMyKg3dxMy8_ZT0PSKptt-5y44nMMN7GVm7msfhu9MwBcMJm7RnKU7rKIb6omq8maZfpMjFBGkYoDKbIcK6-CEP9vdsrsuEfAIzfooolZEc0bF2TEPOaTchF2fxkmLKr0QG4fmFGTm3QL4ZGWvlamoB4vLyX22vY6mz509gGYw75QOFHrWbP-sTLpypiOTHWVlpZJuokf-GBqnmaqyGXT4zGvawOjuClcw9n36EjrS_K5LVc1eJ09TLBN71Br5MSw8LOTkfC6dONpfYaMm0d4sE7ew6K6Wk1bHhX0sHqPW11bqzh5nvZvVcg9OOxKJWXye2n0D16_9T2t6aueZbUTA_ztt4hb_Rv00WoZeh62JO4YFrvPeWEuSH5wAzOsZuUBbDxTWhB1jstfQmURehQVmuW2H8kcHZtDdFsuy3NV-8KoPuM0GEBQ8aiZ5mXXtKd0Q7dvYBJ3DVYtxWmTFkszqp8DIf1l_xViRwqz5nYlHQkTjUtqPHzeywZwBHzOiM04Ox3VSluhlNdGJjHH44vVbUh190wXoPKlcc16_ZxHF7fZJwJz_1ODhN1pNDrqr4XKP-VX0wtLCmc2FT1dp8bmh4T-ZwUmAWdPwHJVwFZonGZVhZM1gBAyTZC36ubpFvyL_lsfWqLVVm1--5uc32vsYhy-xUSEPJTq4YP6C6L9CeGAsmB1VrjXkXrcpqf1RO0J7EOSOSsr7MOi-gEwEMf4tAc7ArX5NSgDnDHq0niuiUUtTSf8ErrFGB9nCyY5Ua0abUmEBTxjCkrnlweJtdOrYfHbQ4eSyfUFSS7l-6u7oQSY96SvFInG0-3hVZqfiXlPCoOfa4hpXIwemjZzfUBDwpfW6Mv0sFJjujxNA6UITUL4-ZyktvDfrfdPR4D4HIh9hwECO_ng1fxu1cf9c_aU-AhiZ5kowcDJLzo0NHDvFBpJ3QqEvGdFlPbxfOJ2mQcNevjxqCOLLRy2ES82VtOA3wcQrhirU8O_agRkBRcv04sICW7mCN6kSXGe5NjNipC6CYe0Hoiy_c9L_ZpSmvBd032WVa7XfVDYnfaBIyJaTjyIV9adyh2-9zZaEc1TxADq6k6hTTaBa50IS6v9s6QCW4Q1SYJuN0KO0j4kISaNRPx8StLr9dAEbPB7DPs06SgwO7-8wr1opSH7jCJO3mM8pFt4mk4-LS-gJ9o6YxScLeP9otFvf4zftTC6JKJGO985JXnIlxW94WatoSUyjRqh5TRj3n_TLHmqlFbwLZ89zjkYqEm42gj6xc8gNRr545lKuDQz8gnc8uARhOo1j4J6GuMZknUblJmbkFdjtBxqevwUUqIEoA6kTxA4RMeHuIgyUy1AtUyjk069zF3NDjDYDULrlPyg4FD5qo0BOU1MURXONaso5k4zq5zV87bnwymUstV9nC9TQdFnOnDGkFTnf7PCvCpfeIWJW7Fc6exInXN8OMoBbV00HLAp53ZOMH7sjlLp6Cn5nKlGIZkHrOJ2L11Gly_HWe-Tc59Qjxj7jp5zVXJtsSQT_HDAh0w7ROwRKXzyaSbZAHhV--RFpk3sUxauXDO6r8VM6zy22wJmD7uh6sgLWhFRBkRjoanb_jscys0C2ocEDKhapQzIE664LFTl24CSF6J7f_x17BV9WqHsbvjF_o7BgXSDfKFX2jepHJ5YMv5po_zT4qzG-WP9anW44ynvb_Fide5YOZcdwt99WVujdKvbe2rJ_NjDQ4TqPKezLMTQtO5Ckj3Ds3msmFkekYV2GGL6E7rf5G2bcgU8PH37GF7O55luUlzNheBfJjIA9Rul2bR6n2FPL0AdYRPE_91kbW8_0iLfQmpdWh5embwGraRG0Du10az1Gp7haO6HBLpv0SUz5RhfAxGDf9QVIsLVoxWegh7_Jf3qZFdKg4z8afO8y0HgYyqhms1u-3pY1Ds5y-1YIJuYQqfJkJdMEXKS5_mCr-Ka3zxPWMdBvyVdurLH-yl2Nyr_m_wgCsqz5MFu24--XqwPGCTxj-o6sxDGWqJpdLJVHodeK2BejalXF3Ph_Xjmhl432TQlciGx10OZyAmPQ-e5XEFbz9zSfVFYZw4cdR8mfA-atk8StuGSfHsbMdKT8O4ruzWHxjzi3m_feHh5ogSwm9pSCwc3R5deFP-6ITeWk9JrAXDKD-y89uOf-MO-RNmIHhwcMeBtVt6J-l-pV2mmRaUXWL-XfYDkOA2XxFJ_R-6K5-nInM7g87vjU5AywZEqWl7OiNvoxT3HZbqLCROlh64CEe6yOzAQcJxXTyK-qBomGlYU3zh7QZ9heiMNju3-NtW6e6zA9yvk2pFhoTcYKubs2Nj0Xm6qVEdefm2xikSj1g-Moy9QJjnuqd0LUdZud2epZ-yk_nZ-IZO1sCCj5dWCqjohlbWyxLjfzpzkpwFBqfSlC8RQErcOBoBNSLF8dAG3M0Tzo_v6q5MlzN5j0jK4BT1WIk9qiZ32t8TVfA3Kj5k6cjcy8JH8IGeyppHyfLFwU-0mf6v6tKoD8co5V-SoAvZ17CGceTvVCg-lm3YrAQ4sKyopBVgnEnv4GIxssbQa9NFsAWsou8n3UU0acH0CpqeaahES_Hj4GEVKFh77yKPuzxE5qTh2Y5wU_iojfFqH1vQKa88aknMHbu_8DM8XMPOc5ARxlX9cJmO1P2XY23oirQMtMDoZNdfQoJo8W_1Tg8CpgDcuEkt0_YEKgDUsXgSr4jrAK89AFKVfmcuFCA0Li3Pv8oEDgzsXWEsLV7cfeU7j-EcyHW2Lrhy9KzScTb0DofBX_gR3jMlo3S5gJO_nRfvXzHP2v14b2pnqpX9G3_10F6ZFh3YuNH25R4lcZzb98bQZ3D3G8RnsSI9xf43di3jmGk1E3ndzxLJS-KBt6YM8CtAp6rvcBLgQPZBnE0rqLMPm86va-4C5__mHyvUuLFA5mYMftLHCzanddhlFUyhL-IteIv6vPRuqq6wfBZxpv5NnOYS5jhEDXoY5Aw0PGvjPjOnNIxR-5tlqpadM5FHKzlNMveEmJmaP3GJP3pGz5WYdCSNsdLIju0Gy__0A4my5HHGB&cid=CAASEuRois0OoXpCaV3er6mKxhxZBg&rfl=2%2Chttps%253A%252F%252Fwww.nyasatimes.com%242%2Chttps%253A%252F%252F40c08bcac5bf885dbd447c370f4f6d6d.safeframe.googlesyndication.com%252F%240
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6272874513322487&output=html&h=90&slotname=8623798812&adk=3893537616&adf=776186306&pi=t.ma~as.8623798812&w=728&psa=0&format=728x90&url=https%3A%2F%2Fwww.nyasatimes.com%2F&ea=0&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1636433743870&bpp=4&bdt=6496&idt=5866&shv=r20211103&mjsv=m202111040101&ptt=9&saldr=aa&correlator=4653366252255&frm=24&ife=3&pv=2&ga_vid=702292323.1636433750&ga_sid=1636433750&ga_hid=1407238254&ga_fc=0&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=728&ish=90&ifk=1565869666&scr_x=-12245933&scr_y=-12245933&eid=44754331%2C31063355%2C31063681&oid=2&pvsid=1907843007424657&pem=848&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.kp2obwvw52ai&fsb=1&dtd=5883
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
f64601e60de6ab3c4515edee4ba981182966c386c2fa61b6c5c05b897212a4d4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6272874513322487&output=html&h=90&slotname=8623798812&adk=3893537616&adf=776186306&pi=t.ma~as.8623798812&w=728&psa=0&format=728x90&url=https%3A%2F%2Fwww.nyasatimes.com%2F&ea=0&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1636433743870&bpp=4&bdt=6496&idt=5866&shv=r20211103&mjsv=m202111040101&ptt=9&saldr=aa&correlator=4653366252255&frm=24&ife=3&pv=2&ga_vid=702292323.1636433750&ga_sid=1636433750&ga_hid=1407238254&ga_fc=0&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=728&ish=90&ifk=1565869666&scr_x=-12245933&scr_y=-12245933&eid=44754331%2C31063355%2C31063681&oid=2&pvsid=1907843007424657&pem=848&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.kp2obwvw52ai&fsb=1&dtd=5883
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 09 Nov 2021 04:55:51 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13835
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame ECCE 		121 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6272874513322487&output=html&h=90&slotname=8623798812&adk=3893537616&adf=776186306&pi=t.ma~as.8623798812&w=728&psa=0&format=728x90&url=https%3A%2F%2Fwww.nyasatimes.com%2F&ea=0&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1636433743870&bpp=4&bdt=6496&idt=5866&shv=r20211103&mjsv=m202111040101&ptt=9&saldr=aa&correlator=4653366252255&frm=24&ife=3&pv=2&ga_vid=702292323.1636433750&ga_sid=1636433750&ga_hid=1407238254&ga_fc=0&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=728&ish=90&ifk=1565869666&scr_x=-12245933&scr_y=-12245933&eid=44754331%2C31063355%2C31063681&oid=2&pvsid=1907843007424657&pem=848&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.kp2obwvw52ai&fsb=1&dtd=5883
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
sffe /
Resource Hash
eae50574ea0a56447a194b3b9b6f1c5b351bc2839e59a8faed20d1c93ca6e651
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 09 Nov 2021 04:55:51 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
37743
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1636374859716629"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Tue, 09 Nov 2021 04:55:51 GMT
qs_click_protection_fy2019.js
tpc.googlesyndication.com/pagead/js/r20211103/r20110914/client/ Frame ECCE 		15 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20211103/r20110914/client/qs_click_protection_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6272874513322487&output=html&h=90&slotname=8623798812&adk=3893537616&adf=776186306&pi=t.ma~as.8623798812&w=728&psa=0&format=728x90&url=https%3A%2F%2Fwww.nyasatimes.com%2F&ea=0&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1636433743870&bpp=4&bdt=6496&idt=5866&shv=r20211103&mjsv=m202111040101&ptt=9&saldr=aa&correlator=4653366252255&frm=24&ife=3&pv=2&ga_vid=702292323.1636433750&ga_sid=1636433750&ga_hid=1407238254&ga_fc=0&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=728&ish=90&ifk=1565869666&scr_x=-12245933&scr_y=-12245933&eid=44754331%2C31063355%2C31063681&oid=2&pvsid=1907843007424657&pem=848&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.kp2obwvw52ai&fsb=1&dtd=5883
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
69a051355ad02c286b388a0013340d02657eb3f463d628f7fc1069c40ab8a7e5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 09 Nov 2021 04:35:24 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1227
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6619
x-xss-protection
0
server
cafe
etag
4215814365075848680
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 23 Nov 2021 04:35:24 GMT
l
www.google.com/ads/measurement/ Frame ECCE 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaSfK4jcEfet_asOWFF8njxbKVYiLzv7mfm-hvVl5AZ4vgTtY_WX4elfQsqrE699HNUfoX2q4tt3JJ7WPHSHk9E43Sb2cQ
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6272874513322487&output=html&h=90&slotname=8623798812&adk=3893537616&adf=776186306&pi=t.ma~as.8623798812&w=728&psa=0&format=728x90&url=https%3A%2F%2Fwww.nyasatimes.com%2F&ea=0&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1636433743870&bpp=4&bdt=6496&idt=5866&shv=r20211103&mjsv=m202111040101&ptt=9&saldr=aa&correlator=4653366252255&frm=24&ife=3&pv=2&ga_vid=702292323.1636433750&ga_sid=1636433750&ga_hid=1407238254&ga_fc=0&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=728&ish=90&ifk=1565869666&scr_x=-12245933&scr_y=-12245933&eid=44754331%2C31063355%2C31063681&oid=2&pvsid=1907843007424657&pem=848&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.kp2obwvw52ai&fsb=1&dtd=5883
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 8A2D 		121 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6272874513322487&output=html&h=250&slotname=6384578477&adk=1846531979&adf=776186319&pi=t.ma~as.6384578477&w=300&psa=0&format=300x250&url=https%3A%2F%2Fwww.nyasatimes.com%2F&ea=0&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1636433743833&bpp=1&bdt=6485&idt=5947&shv=r20211103&mjsv=m202111040101&ptt=9&saldr=aa&correlator=5893607863727&frm=24&ife=3&pv=2&ga_vid=41738721.1636433750&ga_sid=1636433750&ga_hid=1346727697&ga_fc=0&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=300&ish=250&ifk=4290881538&scr_x=-12245933&scr_y=-12245933&eid=44752093%2C44754331%2C31062945%2C31063355%2C31063361&oid=2&pvsid=3587062973168272&pem=848&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.rvv642hkv21k&fsb=1&dtd=5952
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
sffe /
Resource Hash
eae50574ea0a56447a194b3b9b6f1c5b351bc2839e59a8faed20d1c93ca6e651
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 09 Nov 2021 04:55:51 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
37743
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1636374859716629"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Tue, 09 Nov 2021 04:55:51 GMT
qs_click_protection_fy2019.js
tpc.googlesyndication.com/pagead/js/r20211103/r20110914/client/ Frame 8A2D 		15 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20211103/r20110914/client/qs_click_protection_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6272874513322487&output=html&h=250&slotname=6384578477&adk=1846531979&adf=776186319&pi=t.ma~as.6384578477&w=300&psa=0&format=300x250&url=https%3A%2F%2Fwww.nyasatimes.com%2F&ea=0&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1636433743833&bpp=1&bdt=6485&idt=5947&shv=r20211103&mjsv=m202111040101&ptt=9&saldr=aa&correlator=5893607863727&frm=24&ife=3&pv=2&ga_vid=41738721.1636433750&ga_sid=1636433750&ga_hid=1346727697&ga_fc=0&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=300&ish=250&ifk=4290881538&scr_x=-12245933&scr_y=-12245933&eid=44752093%2C44754331%2C31062945%2C31063355%2C31063361&oid=2&pvsid=3587062973168272&pem=848&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.rvv642hkv21k&fsb=1&dtd=5952
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
69a051355ad02c286b388a0013340d02657eb3f463d628f7fc1069c40ab8a7e5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 09 Nov 2021 04:35:24 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1227
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6619
x-xss-protection
0
server
cafe
etag
4215814365075848680
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 23 Nov 2021 04:35:24 GMT
l
www.google.com/ads/measurement/ Frame 8A2D 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaSVwNZUL_QfYGZ4WAtz2e1fk2fgNonPBBN8qzF2BRfPe9wfeaxLBHIGE8N3EuGkzOPImFpDsmsGLDD3y7hqAS4435O8uw
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6272874513322487&output=html&h=250&slotname=6384578477&adk=1846531979&adf=776186319&pi=t.ma~as.6384578477&w=300&psa=0&format=300x250&url=https%3A%2F%2Fwww.nyasatimes.com%2F&ea=0&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1636433743833&bpp=1&bdt=6485&idt=5947&shv=r20211103&mjsv=m202111040101&ptt=9&saldr=aa&correlator=5893607863727&frm=24&ife=3&pv=2&ga_vid=41738721.1636433750&ga_sid=1636433750&ga_hid=1346727697&ga_fc=0&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=300&ish=250&ifk=4290881538&scr_x=-12245933&scr_y=-12245933&eid=44752093%2C44754331%2C31062945%2C31063355%2C31063361&oid=2&pvsid=3587062973168272&pem=848&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.rvv642hkv21k&fsb=1&dtd=5952
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers
one_click_handler_one_afma_fy2019.js
tpc.googlesyndication.com/pagead/js/r20211103/r20110914/client/ Frame 8A2D 		27 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20211103/r20110914/client/one_click_handler_one_afma_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6272874513322487&output=html&h=250&slotname=6384578477&adk=1846531979&adf=776186319&pi=t.ma~as.6384578477&w=300&psa=0&format=300x250&url=https%3A%2F%2Fwww.nyasatimes.com%2F&ea=0&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1636433743833&bpp=1&bdt=6485&idt=5947&shv=r20211103&mjsv=m202111040101&ptt=9&saldr=aa&correlator=5893607863727&frm=24&ife=3&pv=2&ga_vid=41738721.1636433750&ga_sid=1636433750&ga_hid=1346727697&ga_fc=0&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=300&ish=250&ifk=4290881538&scr_x=-12245933&scr_y=-12245933&eid=44752093%2C44754331%2C31062945%2C31063355%2C31063361&oid=2&pvsid=3587062973168272&pem=848&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.rvv642hkv21k&fsb=1&dtd=5952
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
958cb8992e75141f60d67383af5df25397e04446753f027dd317be9d51136ab0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Mon, 08 Nov 2021 07:17:49 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
77882
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11538
x-xss-protection
0
server
cafe
etag
16299297374704173702
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 22 Nov 2021 07:17:49 GMT
t
t.lkqd.net/ Frame F584 		0
166 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://t.lkqd.net/t
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.128.190 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
application/json

Response headers

access-control-allow-origin
https://www.nyasatimes.com
date
Tue, 09 Nov 2021 04:55:51 GMT
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
server
nginx
content-length
0
content-type
text/plain; charset=UTF-8
t
t.lkqd.net/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://t.lkqd.net/t
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.128.190 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type
Origin
https://www.nyasatimes.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

server
nginx
date
Tue, 09 Nov 2021 04:55:51 GMT
content-type
text/plain; charset=UTF-8
content-length
0
access-control-allow-credentials
true
access-control-expose-headers
Content-Type, Content-Disposition
access-control-allow-headers
Content-Type
access-control-allow-methods
GET, OPTIONS, POST
cache-control
max-age=300
access-control-max-age
300
access-control-allow-origin
https://www.nyasatimes.com
/
adx.adform.net/adx/ 		65 B
741 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://adx.adform.net/adx/?mid=970530&t=2&url=https%3A%2F%2Fwww.nyasatimes.com%2F
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.2.237 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
94e4cb19c22e935d07b372642b91d6ef04fa8a8c61aed1bc5b17a5e79cdb6a54
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.nyasatimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 09 Nov 2021 04:55:51 GMT
content-encoding
gzip
vary
Accept-Encoding
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
strict-transport-security
max-age=31536000; includeSubDomains
content-length
173
pragma
no-cache
server
nginx
access-control-max-age
86400
access-control-allow-methods
GET, POST
content-type
text/xml; charset=utf-8
access-control-allow-origin
https://www.nyasatimes.com
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
expires
-1
88k_nHSg_6XSp1263gyM+iSSVC+nZNMH
ads.adaptv.advertising.com/a/h/ 		249 B
548 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.adaptv.advertising.com/a/h/88k_nHSg_6XSp1263gyM+iSSVC+nZNMH?cb=445621320&gdpr=0&gdpr_consent=&pageUrl=https%3A%2F%2Fwww.nyasatimes.com%2F&eov=eov&pi.width=400&pi.height=225&pi.viewable=1&scpid=62144&hp=1
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.156.156.223 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-156-156-223.eu-central-1.compute.amazonaws.com
Software
adaptv/1.0 /
Resource Hash
6c138576e7381d3ab0aa7b511adc3a7cbb7fe3a3d33768bad05577f5dfc60cad
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.nyasatimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=31536000
content-encoding
gzip
server
adaptv/1.0
content-type
text/xml
access-control-allow-origin
https://www.nyasatimes.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
Connection
keep-alive
Content-Length
192
expires
0
88k_nHSg_6XSp1263gyM+iSSVC+nZNMH
ads.adaptv.advertising.com/a/h/ 		249 B
548 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.adaptv.advertising.com/a/h/88k_nHSg_6XSp1263gyM+iSSVC+nZNMH?cb=1009566977&gdpr=0&gdpr_consent=&pageUrl=https%3A%2F%2Fwww.nyasatimes.com%2F&eov=eov&pi.width=400&pi.height=225&pi.viewable=1&scpid=62144&hp=1
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.156.156.223 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-156-156-223.eu-central-1.compute.amazonaws.com
Software
adaptv/1.0 /
Resource Hash
6c138576e7381d3ab0aa7b511adc3a7cbb7fe3a3d33768bad05577f5dfc60cad
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.nyasatimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=31536000
content-encoding
gzip
server
adaptv/1.0
content-type
text/xml
access-control-allow-origin
https://www.nyasatimes.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
Connection
keep-alive
Content-Length
192
expires
0
88k_nHSg_6XSp1263gyM+rBJnqbGxDqsAEHMK88FGSM=
ads.adaptv.advertising.com/a/h/ 		249 B
548 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.adaptv.advertising.com/a/h/88k_nHSg_6XSp1263gyM+rBJnqbGxDqsAEHMK88FGSM=?cb=630781655&gdpr=0&gdpr_consent=&pet=preroll&pageUrl=https%3A%2F%2Fwww.nyasatimes.com%2F&eov=eov&pi.width=400&pi.height=225&pi.viewable=1&scpid=62144&hp=1
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.156.156.223 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-156-156-223.eu-central-1.compute.amazonaws.com
Software
adaptv/1.0 /
Resource Hash
6c138576e7381d3ab0aa7b511adc3a7cbb7fe3a3d33768bad05577f5dfc60cad
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.nyasatimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=31536000
content-encoding
gzip
server
adaptv/1.0
content-type
text/xml
access-control-allow-origin
https://www.nyasatimes.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
Connection
keep-alive
Content-Length
192
expires
0
/
adx.adform.net/adx/ 		65 B
741 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://adx.adform.net/adx/?mid=970530&url=https%3A%2F%2Fwww.nyasatimes.com%2F&t=2
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.2.237 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
94e4cb19c22e935d07b372642b91d6ef04fa8a8c61aed1bc5b17a5e79cdb6a54
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.nyasatimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 09 Nov 2021 04:55:51 GMT
content-encoding
gzip
vary
Accept-Encoding
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
strict-transport-security
max-age=31536000; includeSubDomains
content-length
173
pragma
no-cache
server
nginx
access-control-max-age
86400
access-control-allow-methods
GET, POST
content-type
text/xml; charset=utf-8
access-control-allow-origin
https://www.nyasatimes.com
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
expires
-1
vadtag.html
vpaid.pubmatic.com/ads/video/ 		992 B
868 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://vpaid.pubmatic.com/ads/video/vadtag.html?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr=0&gdpr_consent=&kadpageurl=https%3A%2F%2Fwww.nyasatimes.com%2F&schain=1.0%2C1%21vidoomy.com%2C62144%2C1%2C49000376608330150591745889038%2C%2C
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-233-180.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
a99f6b2462822621ce4a1f66108316ac9cb8f6fff3a6c9e1fefea2065d72fa7d

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.nyasatimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 09 Nov 2021 04:55:51 GMT
content-encoding
gzip
server
Apache/2.2.15 (CentOS)
etag
"461ced-23ca-5c92d699e808f"
vary
Origin, Accept-Encoding
content-type
application/xml
access-control-allow-origin
https://www.nyasatimes.com
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-length
608
expires
Tue, 09 Nov 2021 04:55:51 GMT
vadtag.html
vpaid.pubmatic.com/ads/video/ 		991 B
867 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://vpaid.pubmatic.com/ads/video/vadtag.html?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr=0&gdpr_consent=&kadpageurl=https%3A%2F%2Fwww.nyasatimes.com%2F&schain=1.0%2C1%21vidoomy.com%2C62144%2C1%2C7522160614900037660833015059%2C%2C
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-233-180.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
4bc5807c442efc249fdd0a03b31bf38062101c18c15997167cdeccf276c0da84

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.nyasatimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 09 Nov 2021 04:55:51 GMT
content-encoding
gzip
server
Apache/2.2.15 (CentOS)
etag
"461ced-23ca-5c92d699e808f"
vary
Origin, Accept-Encoding
content-type
application/xml
access-control-allow-origin
https://www.nyasatimes.com
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-length
607
expires
Tue, 09 Nov 2021 04:55:51 GMT
vadtag.html
vpaid.pubmatic.com/ads/video/ 		992 B
868 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://vpaid.pubmatic.com/ads/video/vadtag.html?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr=0&gdpr_consent=&kadpageurl=https%3A%2F%2Fwww.nyasatimes.com%2F&schain=1.0%2C1%21vidoomy.com%2C62144%2C1%2C49000376608330150591668537246%2C%2C
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-233-180.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
33b9cfaf63abe61231d2d8583a7e386351c573af15338dfc422c3065d38bc8b6

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.nyasatimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 09 Nov 2021 04:55:51 GMT
content-encoding
gzip
server
Apache/2.2.15 (CentOS)
etag
"461ced-23ca-5c92d699e808f"
vary
Origin, Accept-Encoding
content-type
application/xml
access-control-allow-origin
https://www.nyasatimes.com
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-length
608
expires
Tue, 09 Nov 2021 04:55:51 GMT
LyoDzRX0cOv8KcvlY2oOQnb1IeL0zelHZZQf70KjSEs=
ads.adaptv.advertising.com/a/h/ 		249 B
548 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.adaptv.advertising.com/a/h/LyoDzRX0cOv8KcvlY2oOQnb1IeL0zelHZZQf70KjSEs=?cb=1294956249&gdpr=0&gdpr_consent=&pet=preroll&pageUrl=https%3A%2F%2Fwww.nyasatimes.com%2F&eov=eov&pi.width=400&pi.height=225&pi.viewable=1&scpid=62144&hp=1
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.156.156.223 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-156-156-223.eu-central-1.compute.amazonaws.com
Software
adaptv/1.0 /
Resource Hash
6c138576e7381d3ab0aa7b511adc3a7cbb7fe3a3d33768bad05577f5dfc60cad
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.nyasatimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=31536000
content-encoding
gzip
server
adaptv/1.0
content-type
text/xml
access-control-allow-origin
https://www.nyasatimes.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
Connection
keep-alive
Content-Length
192
expires
0
t
t.lkqd.net/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://t.lkqd.net/t
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.128.190 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type
Origin
https://www.nyasatimes.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

server
nginx
date
Tue, 09 Nov 2021 04:55:51 GMT
content-type
text/plain; charset=UTF-8
content-length
0
access-control-allow-credentials
true
access-control-expose-headers
Content-Type, Content-Disposition
access-control-allow-headers
Content-Type
access-control-allow-methods
GET, OPTIONS, POST
cache-control
max-age=300
access-control-max-age
300
access-control-allow-origin
https://www.nyasatimes.com
t
t.lkqd.net/ Frame F584 		0
166 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://t.lkqd.net/t
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.128.190 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
application/json

Response headers

access-control-allow-origin
https://www.nyasatimes.com
date
Tue, 09 Nov 2021 04:55:51 GMT
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
server
nginx
content-length
0
content-type
text/plain; charset=UTF-8
truncated
/ Frame B6EF 		35 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
90252ef0aa9e3d36c861bbeaa1bd57b7f855333edf2957ab9473838a52e2dd7f

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Content-Type
image/gif
vpaid_d700fabb.js
vpaid.springserve.com/production/ Frame 1165 		494 KB
87 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://vpaid.springserve.com/production/vpaid_d700fabb.js
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2156:7a00:15:6f6c:b180:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
01f62119d738e56887c7298650396be3edc28f9bd4b64af4c496048183172630

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Fri, 29 Oct 2021 15:21:15 GMT
content-encoding
br
last-modified
Fri, 29 Oct 2021 15:00:52 GMT
server
AmazonS3
age
912877
etag
W/"00394b9cabf75acc9a4061ae555e3473"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 f7b7cf90592cf6a380fd34cc45e9c4b5.cloudfront.net (CloudFront)
cache-control
max-age=2678400
x-amz-cf-pop
FRA50-C1
x-amz-cf-id
Mbz5xc-ZpcU8slwwd3OZRFq2-iksYtZbueBhytrD2xuWya97XU-ryw==
vadtag.html
vpaid.pubmatic.com/ads/video/ Frame 1165 		962 B
849 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://vpaid.pubmatic.com/ads/video/vadtag.html?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr==&gdpr_consent=&kadpageurl=https%3A%2F%2Fwww.nyasatimes.com%2F&schain=1.0,1!vidoomy.com,62144,1,1636433751469,,
Requested by
Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_d700fabb.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-233-180.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
486f645df3c6d9049478f9fdbf363f21e63e2bb9b43669ea63c019fe4d75b4c8

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 09 Nov 2021 04:55:51 GMT
content-encoding
gzip
server
Apache/2.2.15 (CentOS)
etag
"461ced-23ca-5c92d699e808f"
vary
Origin, Accept-Encoding
content-type
application/xml
access-control-allow-origin
https://www.nyasatimes.com
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-length
589
expires
Tue, 09 Nov 2021 04:55:51 GMT
openrtb
ads.adaptv.advertising.com/rtb/ Frame 1165 		0
219 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.adaptv.advertising.com/rtb/openrtb?ext_id=Vidoomy
Requested by
Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_d700fabb.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.156.156.223 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-156-156-223.eu-central-1.compute.amazonaws.com
Software
adaptv/1.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.nyasatimes.com
access-control-allow-credentials
true
server
adaptv/1.0
Connection
keep-alive
content-length
0
content-type
application/json
prebid
ib.adnxs.com/ut/v3/ Frame 1165 		166 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_d700fabb.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.220.243 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
722.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
fa20f0c13e954d34f92457488a06ff69c4c118d4bb330ef1e20d0192beaab443
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Tue, 09 Nov 2021 04:55:51 GMT
X-Proxy-Origin
185.213.155.165; 185.213.155.165; 722.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid
43deecbb-1734-485e-87bf-7062fbbc3bb9
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://www.nyasatimes.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json; charset=utf-8
Content-Length
166
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
prebid
ib.adnxs.com/ut/v3/ Frame 1165 		166 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_d700fabb.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.220.243 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
722.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
e0fe644f6147b02ef6d63d75e9e89764bc09fb65b8c37293605cdfdcb7286edf
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Tue, 09 Nov 2021 04:55:51 GMT
X-Proxy-Origin
185.213.155.165; 185.213.155.165; 722.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid
1e34aed9-3764-4947-8544-ebde199edc7e
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://www.nyasatimes.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json; charset=utf-8
Content-Length
166
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
truncated
/ Frame 4A2D 		215 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
bda5faeee736e63949f23b0111cc7b93ee6323933619a6ad677c489d79151df5

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Content-Type
image/png
t
t.lkqd.net/ Frame F584 		0
166 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://t.lkqd.net/t
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.128.190 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
application/json

Response headers

access-control-allow-origin
https://www.nyasatimes.com
date
Tue, 09 Nov 2021 04:55:51 GMT
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
server
nginx
content-length
0
content-type
text/plain; charset=UTF-8
t
t.lkqd.net/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://t.lkqd.net/t
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.128.190 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type
Origin
https://www.nyasatimes.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

server
nginx
date
Tue, 09 Nov 2021 04:55:51 GMT
content-type
text/plain; charset=UTF-8
content-length
0
access-control-allow-credentials
true
access-control-expose-headers
Content-Type, Content-Disposition
access-control-allow-headers
Content-Type
access-control-allow-methods
GET, OPTIONS, POST
cache-control
max-age=300
access-control-max-age
300
access-control-allow-origin
https://www.nyasatimes.com
PMAdMgr.js
vpaid.pubmatic.com/ads/video/ Frame 9FB5 		152 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr==&gdpr_consent=&kadpageurl=https%3A%2F%2Fwww.nyasatimes.com%2F&schain=1.0,1!vidoomy.com,62144,1,1636433751469,,
Requested by
Host: blank
URL: about:blank
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-233-180.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
f0f6a8b6c19b0c4d1cab075ab2f4f755cfef747424837668e65f431410f816e8

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 09 Nov 2021 04:55:51 GMT
content-encoding
gzip
last-modified
Tue, 10 Aug 2021 05:02:46 GMT
server
Apache/2.2.15 (CentOS)
etag
"1408294-25f9a-5c92d699d3c58"
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=10800
accept-ranges
bytes
content-length
36260
partner
sync.search.spotxchange.com/ Frame 91FE
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=spotxchange_dbm&google_cm&google_dbm
  • https://sync.search.spotxchange.com/partner?adv_id=7025&uid=CAESENTXF4PlFyxw1FG880LdqX8&google_cver=1
43 B
548 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.search.spotxchange.com/partner?adv_id=7025&uid=CAESENTXF4PlFyxw1FG880LdqX8&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhCn9EsYvNLFlQEwAQ&v=APEucNUMjdQC5fEbr0_NwAZZK3sPdZ7zhFx8FGrbImwzv9MZujNks2wZ8YUYcUDhBgQ8qPYdlvBomz8TLoPSxa70YrNQgyd6PPoz5zQo-tc7My9Xrh42b2ukbVErbgwrnmgc32-uHPT2Py8keRt57cuL9WAr_0SmIHaKNWnh98kGmjGwJs47IOE
Protocol
HTTP/1.1
Server
185.94.180.126 Amsterdam, Netherlands, ASN35220 (SPOTX-AMS, US),
Reverse DNS
Software
nginx /
Resource Hash
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date
Tue, 09 Nov 2021 04:55:51 GMT
Server
nginx
Access-Control-Allow-Methods
GET, POST, OPTIONS
Content-Type
image/gif
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Access-Control-Allow-Credentials
false
X-fe
32
Connection
keep-alive
Content-Length
43

Redirect headers

pragma
no-cache
date
Tue, 09 Nov 2021 04:55:51 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://sync.search.spotxchange.com/partner?adv_id=7025&uid=CAESENTXF4PlFyxw1FG880LdqX8&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
306
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 91FE
Redirect Chain
  • https://sync.search.spotxchange.com/partner?adv_id=7025&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dspotxchange_dbm%26google_hm%3D%24SPOTX_BASE64_USER_ID
  • https://cm.g.doubleclick.net/pixel?google_nid=spotxchange_dbm&google_hm=NDc0YzYyN2EtNDExOS0xMWVjLWI0OTYtMTNiODBkODYwMDA2
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=spotxchange_dbm&google_hm=NDc0YzYyN2EtNDExOS0xMWVjLWI0OTYtMTNiODBkODYwMDA2
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhCn9EsYvNLFlQEwAQ&v=APEucNUMjdQC5fEbr0_NwAZZK3sPdZ7zhFx8FGrbImwzv9MZujNks2wZ8YUYcUDhBgQ8qPYdlvBomz8TLoPSxa70YrNQgyd6PPoz5zQo-tc7My9Xrh42b2ukbVErbgwrnmgc32-uHPT2Py8keRt57cuL9WAr_0SmIHaKNWnh98kGmjGwJs47IOE
Protocol
H3
Server
172.217.16.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra15s46-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 09 Nov 2021 04:55:51 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date
Tue, 09 Nov 2021 04:55:51 GMT
Server
nginx
Location
https://cm.g.doubleclick.net/pixel?google_nid=spotxchange_dbm&google_hm=NDc0YzYyN2EtNDExOS0xMWVjLWI0OTYtMTNiODBkODYwMDA2
Access-Control-Allow-Methods
GET, POST, OPTIONS
Content-Type
text/plain
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Access-Control-Allow-Credentials
false
X-fe
132
Connection
keep-alive
Content-Length
0
v1
ads.yahoo.com/cms/ Frame 91FE 		0
444 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.yahoo.com/cms/v1?esig=1~b04e41039133c73fafd60e0ed8cb49a70ecfb061&nwid=10000483131&sigv=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhCn9EsYvNLFlQEwAQ&v=APEucNUMjdQC5fEbr0_NwAZZK3sPdZ7zhFx8FGrbImwzv9MZujNks2wZ8YUYcUDhBgQ8qPYdlvBomz8TLoPSxa70YrNQgyd6PPoz5zQo-tc7My9Xrh42b2ukbVErbgwrnmgc32-uHPT2Py8keRt57cuL9WAr_0SmIHaKNWnh98kGmjGwJs47IOE
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1288:80:800::7001 Frankfurt am Main, Germany, ASN203220 (YAHOO-DEB, GB),
Reverse DNS
Software
ATS /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 09 Nov 2021 04:55:51 GMT
cache-control
no-store
x-content-type-options
nosniff
server
ATS
strict-transport-security
max-age=15552000
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-xss-protection
1; mode=block
showad.js
ads.pubmatic.com/AdServer/js/ Frame 331A 		38 KB
14 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/showad.js?
Requested by
Host: vpaid.pubmatic.com
URL: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr==&gdpr_consent=&kadpageurl=https%3A%2F%2Fwww.nyasatimes.com%2F&schain=1.0,1!vidoomy.com,62144,1,1636433751469,,
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-233-180.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
e2cdec10db9a0a224e9f5e49b6f004c5426564fb8d857ad3df480e9c916bafe6

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

last-modified
Tue, 19 Oct 2021 10:00:01 GMT
etag
"1302647-96ae-5ceb1b98ba7c4"
server
Apache/2.2.15 (CentOS)
accept-ranges
bytes
content-encoding
gzip
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
13882
content-type
text/html; charset=UTF-8
cache-control
public, max-age=87030
expires
Wed, 10 Nov 2021 05:06:21 GMT
date
Tue, 09 Nov 2021 04:55:51 GMT
vary
Accept-Encoding
showad.js
ads.pubmatic.com/AdServer/js/ Frame 9FB5 		38 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/showad.js?
Requested by
Host: vpaid.pubmatic.com
URL: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr==&gdpr_consent=&kadpageurl=https%3A%2F%2Fwww.nyasatimes.com%2F&schain=1.0,1!vidoomy.com,62144,1,1636433751469,,
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-233-180.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
e2cdec10db9a0a224e9f5e49b6f004c5426564fb8d857ad3df480e9c916bafe6

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 09 Nov 2021 04:55:51 GMT
content-encoding
gzip
last-modified
Tue, 19 Oct 2021 10:00:01 GMT
server
Apache/2.2.15 (CentOS)
etag
"1302647-96ae-5ceb1b98ba7c4"
vary
Accept-Encoding
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
public, max-age=87030
accept-ranges
bytes
content-type
text/html; charset=UTF-8
content-length
13882
expires
Wed, 10 Nov 2021 05:06:21 GMT
pixel
cm.g.doubleclick.net/ Frame 8873
Redirect Chain
  • https://pixel.everesttech.net/1/m?url=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Deverest%26google_hm%3D__EFGSURFER_USB64__%26google_push%3DAYg5qPLUERD8qMHjs9zDaU70QUmKvNBYNf4HGhKo16b...
  • https://cm.g.doubleclick.net/pixel?google_nid=everest&google_hm=WVluLVNnQURMTXJqbUFBeg&google_push=AYg5qPLUERD8qMHjs9zDaU70QUmKvNBYNf4HGhKo16b4G2xp6b6fKLxuDiBqZiZmet-kWnW8jZ_iy9eVfCc23jIjdP6X2uBbuIU
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=everest&google_hm=WVluLVNnQURMTXJqbUFBeg&google_push=AYg5qPLUERD8qMHjs9zDaU70QUmKvNBYNf4HGhKo16b4G2xp6b6fKLxuDiBqZiZmet-kWnW8jZ_iy9eVfCc23jIjdP6X2uBbuIU
Protocol
H3
Server
172.217.16.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra15s46-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 09 Nov 2021 04:55:52 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=everest&google_hm=WVluLVNnQURMTXJqbUFBeg&google_push=AYg5qPLUERD8qMHjs9zDaU70QUmKvNBYNf4HGhKo16b4G2xp6b6fKLxuDiBqZiZmet-kWnW8jZ_iy9eVfCc23jIjdP6X2uBbuIU
Date
Tue, 09 Nov 2021 04:55:52 GMT
Server
Apache
Connection
keep-alive
Content-Length
390
Content-Type
text/html; charset=iso-8859-1
pixel
cm.g.doubleclick.net/ Frame 8873
Redirect Chain
  • https://e.dlx.addthis.com/e/a-1189/s-3614?redirect_provider_id=3614&ru=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Ddatalogix_dmp%26google_hm%3D%3CNA_ID%3E%26google_push%3DAYg5qPJXT7Bp...
  • https://e.dlx.addthis.com/e/a-1189/s-3614?redirect_provider_id=3614&ru=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Ddatalogix_dmp%26google_hm%3D%3CNA_ID%3E%26google_push%3DAYg5qPJXT7Bp...
  • https://cm.g.doubleclick.net/pixel?google_nid=datalogix_dmp&google_hm=MjAyMTExMDkwNDU1NTIwMDAxODQ0MjYxNjkyMQ%3D%3D&google_push=AYg5qPJXT7BpFp9dzAfLbm6ZoXUyi-j612SfZ7aRdO-XFhyoVV058YhFh8rN4tGOehQVVL...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=datalogix_dmp&google_hm=MjAyMTExMDkwNDU1NTIwMDAxODQ0MjYxNjkyMQ%3D%3D&google_push=AYg5qPJXT7BpFp9dzAfLbm6ZoXUyi-j612SfZ7aRdO-XFhyoVV058YhFh8rN4tGOehQVVLDRFSFEcq3mql21OD_u3l-T3wumSA
Protocol
H3
Server
172.217.16.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra15s46-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 09 Nov 2021 04:55:52 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=datalogix_dmp&google_hm=MjAyMTExMDkwNDU1NTIwMDAxODQ0MjYxNjkyMQ%3D%3D&google_push=AYg5qPJXT7BpFp9dzAfLbm6ZoXUyi-j612SfZ7aRdO-XFhyoVV058YhFh8rN4tGOehQVVLDRFSFEcq3mql21OD_u3l-T3wumSA
pragma
no-cache
date
Tue, 09 Nov 2021 04:55:52 GMT
cache-control
max-age=0, no-cache, no-store
content-length
0
strict-transport-security
max-age=2628000
expires
Tue, 09 Nov 2021 04:55:52 GMT
sync
odr.mookie1.com/t/v2/ Frame 8873 		43 B
106 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://odr.mookie1.com/t/v2/sync?tagid=V2_4531&src.visitorid=CAESEBRl7ucdSi0kcexVhxuUzj8&google_push=AYg5qPLdNi8f4KnqJW5hAZNPSFx-BSxLn6u4d5dKE-iH4JUeMuT_dMoQ9ndS1HkZ-hy2ePPov10kXeVZgGZDxSiycd2CD75TpaQ&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6272874513322487&output=html&h=250&slotname=6384578477&adk=1846531979&adf=776186312&pi=t.ma~as.6384578477&w=300&psa=0&format=300x250&url=https%3A%2F%2Fwww.nyasatimes.com%2F&ea=0&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1636433742983&bpp=4&bdt=5644&idt=6412&shv=r20211103&mjsv=m202111040101&ptt=9&saldr=aa&correlator=2528790567943&frm=24&ife=3&pv=2&ga_vid=628199854.1636433749&ga_sid=1636433749&ga_hid=1992209139&ga_fc=0&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=300&ish=250&ifk=4290881538&scr_x=-12245933&scr_y=-12245933&eid=31060032%2C44748552&oid=2&pvsid=1329697686204708&pem=848&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.h3zi3xrz7pfb&fsb=1&dtd=6423
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.67.61 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
61.67.98.34.bc.googleusercontent.com
Software
Apache /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 09 Nov 2021 04:55:51 GMT
via
1.1 google
server
Apache
p3p
CP="NON DSP COR NID CURa PSAa PSDa OUR STP UNI COM NAV STA LOC OTC",policyref="/w3c/p3p.xml"
cache-control
no-cache, no-store, must-revalidate
content-type
image/gif;charset=UTF-8
alt-svc
clear
content-length
43
x-application-context
application
expires
Thu, 01 Jan 1970 00:00:00 GMT
sd
us-u.openx.net/w/1.0/ Frame 8873
Redirect Chain
  • https://us-u.openx.net/w/1.0/pd?ph=bbb82fae-1d27-4d90-bb10-e24164ecd7bc&google_gid=CAESEN2v0BCUBvuZRM46eS73ot0&google_cver=1&google_push=AYg5qPJSQsOQ0FPtOt2HS0l4blSooECFPCHMPtNX2NUInGXXIKr41NsIUmoa...
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEJlwi3G6gXXEvKSIbluWBsg&google_cver=1
43 B
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEJlwi3G6gXXEvKSIbluWBsg&google_cver=1
Protocol
H3
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/16.218.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 09 Nov 2021 04:55:52 GMT
via
1.1 google
server
OXGW/16.218.0
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Tue, 09 Nov 2021 04:55:52 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEJlwi3G6gXXEvKSIbluWBsg&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
295
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 8873
Redirect Chain
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=qv20G-isSp-kIiJBC84r0Q%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mp...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=qv20G-isSp-kIiJBC84r0Q%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AYg5qPImXSwOywoIKxz7big3t2EAJ7magxx20Fimk59zVifVgHr_vD4GY3CkIgi99GGxVOlfTsccZJa5XtfQ-iVhNRrmQJDGUUc
Protocol
H3
Server
172.217.16.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra15s46-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 09 Nov 2021 04:55:51 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=qv20G-isSp-kIiJBC84r0Q%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AYg5qPImXSwOywoIKxz7big3t2EAJ7magxx20Fimk59zVifVgHr_vD4GY3CkIgi99GGxVOlfTsccZJa5XtfQ-iVhNRrmQJDGUUc
date
Tue, 09 Nov 2021 04:55:51 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
0
content-type
text/html; charset=UTF-8
cma
dsum-sec.casalemedia.com/ Frame 8873 		43 B
315 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/cma?gdpr=${GDPR}&gdpr_consent=${GDPR_CONSENT_10}&google_gid=CAESEFYa9KjnHEidbuFn8KIVKR4&google_cver=1&google_push=AYg5qPLk5FZIRfa9AueoI71z5wfkoSsccMQwk1HwI6rWOOCwm_BgGwMsdgdqmeDhiNUlfI0kBPrJXi0UC9XU4wNP8o4LXXt3mQ
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6272874513322487&output=html&h=250&slotname=6384578477&adk=1846531979&adf=776186312&pi=t.ma~as.6384578477&w=300&psa=0&format=300x250&url=https%3A%2F%2Fwww.nyasatimes.com%2F&ea=0&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1636433742983&bpp=4&bdt=5644&idt=6412&shv=r20211103&mjsv=m202111040101&ptt=9&saldr=aa&correlator=2528790567943&frm=24&ife=3&pv=2&ga_vid=628199854.1636433749&ga_sid=1636433749&ga_hid=1992209139&ga_fc=0&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=300&ish=250&ifk=4290881538&scr_x=-12245933&scr_y=-12245933&eid=31060032%2C44748552&oid=2&pvsid=1329697686204708&pem=848&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.h3zi3xrz7pfb&fsb=1&dtd=6423
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 09 Nov 2021 04:55:51 GMT
Server
Apache
Vary
Is-Traffic-Usersync
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Length
43
Expires
Tue, 09 Nov 2021 04:55:51 GMT
pixel
cm.g.doubleclick.net/ Frame 8873
Redirect Chain
  • https://ag.innovid.com/trk?tid=11711&google_gid=CAESEAUyav0hX-3BNLN6CBTLY80&google_cver=1&google_push=AYg5qPKsBtPo2d_389WSgg_h0RFHbNaPnxMVgB7EY5nTlF5i66cfjQiTrfAb4PpX0p8fbGse9YPgtK8MEB3XD1v-j8G0z9a...
  • https://cm.g.doubleclick.net/pixel?google_nid=innovid_ddp&google_push=AYg5qPKsBtPo2d_389WSgg_h0RFHbNaPnxMVgB7EY5nTlF5i66cfjQiTrfAb4PpX0p8fbGse9YPgtK8MEB3XD1v-j8G0z9amrk0&google_hm=5cFof4AmT--uQKcEA...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=innovid_ddp&google_push=AYg5qPKsBtPo2d_389WSgg_h0RFHbNaPnxMVgB7EY5nTlF5i66cfjQiTrfAb4PpX0p8fbGse9YPgtK8MEB3XD1v-j8G0z9amrk0&google_hm=5cFof4AmT--uQKcEAuLObQ
Protocol
H3
Server
172.217.16.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra15s46-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 09 Nov 2021 04:55:52 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=innovid_ddp&google_push=AYg5qPKsBtPo2d_389WSgg_h0RFHbNaPnxMVgB7EY5nTlF5i66cfjQiTrfAb4PpX0p8fbGse9YPgtK8MEB3XD1v-j8G0z9amrk0&google_hm=5cFof4AmT--uQKcEAuLObQ
pragma
no-cache
date
Tue, 09 Nov 2021 04:55:51 GMT
cache-control
no-cache
content-length
0
request-time
1
expires
-1
attr
cm.g.doubleclick.net/pixel/ Frame 8873 		0
12 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13KJ1EmmxEQqjoVMjk4S-6Mz80MhgExkhhATZ6zd79F02ejyuEg7ua36KXjK7HUKbGqQLH9S
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6272874513322487&output=html&h=250&slotname=6384578477&adk=1846531979&adf=776186312&pi=t.ma~as.6384578477&w=300&psa=0&format=300x250&url=https%3A%2F%2Fwww.nyasatimes.com%2F&ea=0&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1636433742983&bpp=4&bdt=5644&idt=6412&shv=r20211103&mjsv=m202111040101&ptt=9&saldr=aa&correlator=2528790567943&frm=24&ife=3&pv=2&ga_vid=628199854.1636433749&ga_sid=1636433749&ga_hid=1992209139&ga_fc=0&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=300&ish=250&ifk=4290881538&scr_x=-12245933&scr_y=-12245933&eid=31060032%2C44748552&oid=2&pvsid=1329697686204708&pem=848&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.h3zi3xrz7pfb&fsb=1&dtd=6423
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.16.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra15s46-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 09 Nov 2021 04:55:51 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
content-type
text/html
view
securepubads.g.doubleclick.net/pcs/ Frame C2B1 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvkSUR3M-djdUEYfai0gP3NnZ4xpxzZypynQdCoD2q2WJ8z8npUiCZ15zVMoZA6QqDRUKJlgQ7rkkCgRESRMx40qEQcjaJh7v021LyViZ_qjonIVoGk8N44Rce7Kn-oUcbNPYXPdmeOFPWphqzqeqs9_V-ACmL__rhoaxbra3-549gKN09VEkt5iyMw9XhP1ebO4SqIj8CZIwmmi4M3Lk4pdJrJo_7cu6DIiDWHcBoTsAOundkTk_t8XwMMNZ3FIl7JpWRKhtloPKCGFO3bzQXvhUTc8PWeYcCKrV8rZAnyxSl8Z78f2uYKe8-_5i4V6cqW4tJHkhjhfokgAyiv3A&sai=AMfl-YSV9q0563-zAakEroecr9dQM9aRJoZd-Zvpj569u9zbGxYR-3CXFZfZ8C46znK3zVQ0gdhFe6OhPFw02SLIxWgV8XQF87EqoBXjuFQbX1c-h38eGYsQVhM3XbSx0uc&sig=Cg0ArKJSzDJonDK-1_fBEAE&uach_m=[UACH]&urlfix=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0%3D&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://40c08bcac5bf885dbd447c370f4f6d6d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 09 Nov 2021 04:55:51 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
expires
Tue, 09 Nov 2021 04:55:51 GMT
sodar
pagead2.googlesyndication.com/getconfig/ Frame C2B1 		12 KB
9 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20211103&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202111040101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-6272874513322487&plah=40c08bcac5bf885dbd447c370f4f6d6d.safeframe.googlesyndication.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
65a99de98c3b21af6d7f91b28b9f72d8a6f002bd894e4ac44b8017a10e6e4d93
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://40c08bcac5bf885dbd447c370f4f6d6d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 09 Nov 2021 04:55:51 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9249
x-xss-protection
0
zcxQrsBjZtkA-sIi55aDcbNRce-W4yNq16DL4AdK1J0.js
pagead2.googlesyndication.com/bg/ Frame 458A 		35 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/zcxQrsBjZtkA-sIi55aDcbNRce-W4yNq16DL4AdK1J0.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6272874513322487&output=html&h=250&slotname=6384578477&adk=1846531979&adf=776186312&pi=t.ma~as.6384578477&w=300&psa=0&format=300x250&url=https%3A%2F%2Fwww.nyasatimes.com%2F&ea=0&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1636433742983&bpp=4&bdt=5644&idt=6412&shv=r20211103&mjsv=m202111040101&ptt=9&saldr=aa&correlator=2528790567943&frm=24&ife=3&pv=2&ga_vid=628199854.1636433749&ga_sid=1636433749&ga_hid=1992209139&ga_fc=0&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=300&ish=250&ifk=4290881538&scr_x=-12245933&scr_y=-12245933&eid=31060032%2C44748552&oid=2&pvsid=1329697686204708&pem=848&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.h3zi3xrz7pfb&fsb=1&dtd=6423
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
cdcc50aec06366d900fac222e7968371b35171ef96e3236ad7a0cbe0074ad49d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Mon, 08 Nov 2021 20:02:57 GMT
content-encoding
br
x-content-type-options
nosniff
age
31974
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13399
x-xss-protection
0
last-modified
Fri, 29 Oct 2021 13:38:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Tue, 08 Nov 2022 20:02:57 GMT
AdServerServlet
vid.pubmatic.com/AdServer/ Frame 9FB5 		27 B
0 		XHR
General
Check archive.org
Download Go to
Full URL
https://vid.pubmatic.com/AdServer/AdServerServlet?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+7+9+1+1+6&gdpr=0&gdpr_consent=&kadpageurl=https%3A%2F%2Fwww.nyasatimes.com%2F&schain=1.0,1!vidoomy.com,62144,1,1636433751469,,&us_privacy=&cb=1636433751733&SAVersion=2&inIframe=1&pageURL=https%253A%252F%252Fwww.nyasatimes.com%252F&screenResolution=1600x1200&kdntuid=1&vwndh=0&vwndw=0&vwndurl=https%253A%252F%252Fwww.nyasatimes.com%252F&vwndref=&vc=2&js=1&sec=1&kltstamp=2021-11-9%204:55:52&ranreq=0.8276167266595518&timezone=0&depth=0
Requested by
Host: vpaid.pubmatic.com
URL: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr==&gdpr_consent=&kadpageurl=https%3A%2F%2Fwww.nyasatimes.com%2F&schain=1.0,1!vidoomy.com,62144,1,1636433751469,,
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.111 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 09 Nov 2021 04:55:52 GMT
content-encoding
gzip
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
access-control-allow-origin
https://www.nyasatimes.com
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
x-vdbg
1:0/165:-1
content-type
application/xml; charset=utf-8
i
vid-io-cle.springserve.com/vd/ Frame 1165 		0
118 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://vid-io-cle.springserve.com/vd/i?suuid=8ace1c69&ps_id=357265&batch=1
Requested by
Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_d700fabb.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.139.192.142 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-139-192-142.us-east-2.compute.amazonaws.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.nyasatimes.com
date
Tue, 09 Nov 2021 04:55:52 GMT
access-control-allow-credentials
true
server
nginx
content-length
0
track
aktrack.pubmatic.com/ Frame 1165 		0
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aktrack.pubmatic.com/track?operId=7&p=156498&s=399115&a=1801592&ts=1636433751&wa=0&e=96&ier=901
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-233-180.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 09 Nov 2021 04:55:52 GMT
content-length
0
content-type
text/html
vpaid_d700fabb.js
vpaid.springserve.com/production/ Frame 3AD1 		494 KB
87 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://vpaid.springserve.com/production/vpaid_d700fabb.js
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2156:7a00:15:6f6c:b180:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
01f62119d738e56887c7298650396be3edc28f9bd4b64af4c496048183172630

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Fri, 29 Oct 2021 15:21:15 GMT
content-encoding
br
last-modified
Fri, 29 Oct 2021 15:00:52 GMT
server
AmazonS3
age
912878
etag
W/"00394b9cabf75acc9a4061ae555e3473"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 f7b7cf90592cf6a380fd34cc45e9c4b5.cloudfront.net (CloudFront)
cache-control
max-age=2678400
x-amz-cf-pop
FRA50-C1
x-amz-cf-id
YfwnTFDicJOB1j9z64iUtI7Y4jXV7_k-RMQ4sRjE1o0j3olWncIDIw==
t
t.lkqd.net/ Frame F584 		0
166 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://t.lkqd.net/t
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.128.190 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
application/json

Response headers

access-control-allow-origin
https://www.nyasatimes.com
date
Tue, 09 Nov 2021 04:55:52 GMT
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
server
nginx
content-length
0
content-type
text/plain; charset=UTF-8
t
t.lkqd.net/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://t.lkqd.net/t
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.128.190 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type
Origin
https://www.nyasatimes.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

server
nginx
date
Tue, 09 Nov 2021 04:55:52 GMT
content-type
text/plain; charset=UTF-8
content-length
0
access-control-allow-credentials
true
access-control-expose-headers
Content-Type, Content-Disposition
access-control-allow-headers
Content-Type
access-control-allow-methods
GET, OPTIONS, POST
cache-control
max-age=300
access-control-max-age
300
access-control-allow-origin
https://www.nyasatimes.com
vadtag.html
vpaid.pubmatic.com/ads/video/ Frame 3AD1 		962 B
850 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://vpaid.pubmatic.com/ads/video/vadtag.html?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr==&gdpr_consent=&kadpageurl=https%3A%2F%2Fwww.nyasatimes.com%2F&schain=1.0,1!vidoomy.com,62144,1,1636433751473,,
Requested by
Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_d700fabb.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-233-180.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
ada75a176eacbb4f522b140e678f32b609036bedb8aa53f492ac888a2a96f565

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 09 Nov 2021 04:55:52 GMT
content-encoding
gzip
server
Apache/2.2.15 (CentOS)
etag
"461ced-23ca-5c92d699e808f"
vary
Origin, Accept-Encoding
content-type
application/xml
access-control-allow-origin
https://www.nyasatimes.com
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-length
590
expires
Tue, 09 Nov 2021 04:55:52 GMT
openrtb
ads.adaptv.advertising.com/rtb/ Frame 3AD1 		0
219 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.adaptv.advertising.com/rtb/openrtb?ext_id=Vidoomy
Requested by
Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_d700fabb.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.156.156.223 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-156-156-223.eu-central-1.compute.amazonaws.com
Software
adaptv/1.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.nyasatimes.com
access-control-allow-credentials
true
server
adaptv/1.0
Connection
keep-alive
content-length
0
content-type
application/json
prebid
ib.adnxs.com/ut/v3/ Frame 3AD1 		166 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_d700fabb.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.220.243 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
722.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
73cb5c19a798c855997b0a6e9f336eee9ed6436b4cb180c1f8db839079f5c815
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Tue, 09 Nov 2021 04:55:52 GMT
X-Proxy-Origin
185.213.155.165; 185.213.155.165; 722.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid
fef5de59-85be-49e2-bca0-5e37a84bf53e
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://www.nyasatimes.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json; charset=utf-8
Content-Length
166
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
prebid
ib.adnxs.com/ut/v3/ Frame 3AD1 		166 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_d700fabb.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.220.243 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
722.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
35643c3796f1608e5a24b85cba988d72ce4c74e9fa64db6b90bec3353f1cfd69
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Tue, 09 Nov 2021 04:55:52 GMT
X-Proxy-Origin
185.213.155.165; 185.213.155.165; 722.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid
bd561558-a8fe-4165-9a0b-85542d5710a8
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://www.nyasatimes.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json; charset=utf-8
Content-Length
166
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
PMAdMgr.js
vpaid.pubmatic.com/ads/video/ Frame F278 		152 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr==&gdpr_consent=&kadpageurl=https%3A%2F%2Fwww.nyasatimes.com%2F&schain=1.0,1!vidoomy.com,62144,1,1636433751473,,
Requested by
Host: blank
URL: about:blank
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-233-180.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
f0f6a8b6c19b0c4d1cab075ab2f4f755cfef747424837668e65f431410f816e8

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 09 Nov 2021 04:55:52 GMT
content-encoding
gzip
last-modified
Tue, 10 Aug 2021 05:02:46 GMT
server
Apache/2.2.15 (CentOS)
etag
"1408294-25f9a-5c92d699d3c58"
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=10800
accept-ranges
bytes
content-length
36260
showad.js
ads.pubmatic.com/AdServer/js/ Frame 2B5F 		38 KB
14 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/showad.js?
Requested by
Host: vpaid.pubmatic.com
URL: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr==&gdpr_consent=&kadpageurl=https%3A%2F%2Fwww.nyasatimes.com%2F&schain=1.0,1!vidoomy.com,62144,1,1636433751473,,
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-233-180.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
e2cdec10db9a0a224e9f5e49b6f004c5426564fb8d857ad3df480e9c916bafe6

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

last-modified
Tue, 19 Oct 2021 10:00:01 GMT
etag
"1302647-96ae-5ceb1b98ba7c4"
server
Apache/2.2.15 (CentOS)
accept-ranges
bytes
content-encoding
gzip
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
13882
content-type
text/html; charset=UTF-8
cache-control
public, max-age=87029
expires
Wed, 10 Nov 2021 05:06:21 GMT
date
Tue, 09 Nov 2021 04:55:52 GMT
vary
Accept-Encoding
showad.js
ads.pubmatic.com/AdServer/js/ Frame F278 		38 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/showad.js?
Requested by
Host: vpaid.pubmatic.com
URL: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr==&gdpr_consent=&kadpageurl=https%3A%2F%2Fwww.nyasatimes.com%2F&schain=1.0,1!vidoomy.com,62144,1,1636433751473,,
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-233-180.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
e2cdec10db9a0a224e9f5e49b6f004c5426564fb8d857ad3df480e9c916bafe6

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 09 Nov 2021 04:55:52 GMT
content-encoding
gzip
last-modified
Tue, 19 Oct 2021 10:00:01 GMT
server
Apache/2.2.15 (CentOS)
etag
"1302647-96ae-5ceb1b98ba7c4"
vary
Accept-Encoding
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
public, max-age=87029
accept-ranges
bytes
content-type
text/html; charset=UTF-8
content-length
13882
expires
Wed, 10 Nov 2021 05:06:21 GMT
redir.html
p4-fuszz6cmgm5pa-whplufyift7qeelh-if-v6exp3-v4.metric.gstatic.com/v6exp3/ Frame FE68 		247 B
963 B 		Document
General
Check archive.org
Download Go to
Full URL
https://p4-fuszz6cmgm5pa-whplufyift7qeelh-if-v6exp3-v4.metric.gstatic.com/v6exp3/redir.html
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6272874513322487&output=html&h=250&slotname=6384578477&adk=1846531979&adf=776186319&pi=t.ma~as.6384578477&w=300&psa=0&format=300x250&url=https%3A%2F%2Fwww.nyasatimes.com%2F&ea=0&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1636433743833&bpp=1&bdt=6485&idt=5947&shv=r20211103&mjsv=m202111040101&ptt=9&saldr=aa&correlator=5893607863727&frm=24&ife=3&pv=2&ga_vid=41738721.1636433750&ga_sid=1636433750&ga_hid=1346727697&ga_fc=0&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=300&ish=250&ifk=4290881538&scr_x=-12245933&scr_y=-12245933&eid=44752093%2C44754331%2C31062945%2C31063355%2C31063361&oid=2&pvsid=3587062973168272&pem=848&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.rvv642hkv21k&fsb=1&dtd=5952
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.184.227 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f3.1e100.net
Software
sffe /
Resource Hash
daf501ed0c9d8b2dd239692524ddd1e30e1158df99dc06202dd0adf6efc5ae20
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-type
text/html
content-security-policy-report-only
script-src 'nonce-mov3jO5dJASzGIgo8GVMRw' 'report-sample' 'strict-dynamic' 'unsafe-eval' 'unsafe-inline' http: https:; object-src 'none'; report-uri https://csp.withgoogle.com/csp/static-on-bigtable; base-uri 'none'
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy-report-only
same-origin; report-to="static-on-bigtable"
report-to
{"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-length
205
date
Tue, 09 Nov 2021 04:55:52 GMT
pragma
no-cache
expires
Fri, 01 Jan 1990 00:00:00 GMT
cache-control
no-cache, must-revalidate
last-modified
Mon, 02 Dec 2019 20:15:00 GMT
x-content-type-options
nosniff
content-encoding
gzip
server
sffe
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame 8E07 		1 KB
755 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6272874513322487&output=html&h=250&slotname=6384578477&adk=1846531979&adf=776186319&pi=t.ma~as.6384578477&w=300&psa=0&format=300x250&url=https%3A%2F%2Fwww.nyasatimes.com%2F&ea=0&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1636433743833&bpp=1&bdt=6485&idt=5947&shv=r20211103&mjsv=m202111040101&ptt=9&saldr=aa&correlator=5893607863727&frm=24&ife=3&pv=2&ga_vid=41738721.1636433750&ga_sid=1636433750&ga_hid=1346727697&ga_fc=0&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=300&ish=250&ifk=4290881538&scr_x=-12245933&scr_y=-12245933&eid=44752093%2C44754331%2C31062945%2C31063355%2C31063361&oid=2&pvsid=3587062973168272&pem=848&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.rvv642hkv21k&fsb=1&dtd=5952
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/

Response headers

p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
vary
Accept-Encoding
date
Mon, 08 Nov 2021 18:26:41 GMT
expires
Tue, 09 Nov 2021 18:26:41 GMT
content-type
text/html; charset=UTF-8
etag
48472445140208031
x-content-type-options
nosniff
content-encoding
gzip
server
cafe
content-length
724
x-xss-protection
0
age
37751
cache-control
public, max-age=86400
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
pixel
cm.g.doubleclick.net/ Frame 8E07
Redirect Chain
  • https://pixel.everesttech.net/1/m?url=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Deverest%26google_hm%3D__EFGSURFER_USB64__%26google_push%3DAYg5qPIPNIbemAFgXdksIQId-vD1Xo1K25jXfAXU6uS...
  • https://cm.g.doubleclick.net/pixel?google_nid=everest&google_hm=WVluLVNnQURMTXJqbUFBeg&google_push=AYg5qPIPNIbemAFgXdksIQId-vD1Xo1K25jXfAXU6uS1OH8Y4NbakFbRLJNhFaSftOcQ2NwUVDhx22XBs029tCfATdEkoPvC6H...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=everest&google_hm=WVluLVNnQURMTXJqbUFBeg&google_push=AYg5qPIPNIbemAFgXdksIQId-vD1Xo1K25jXfAXU6uS1OH8Y4NbakFbRLJNhFaSftOcQ2NwUVDhx22XBs029tCfATdEkoPvC6H6wxg
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6272874513322487&output=html&h=250&slotname=6384578477&adk=1846531979&adf=776186319&pi=t.ma~as.6384578477&w=300&psa=0&format=300x250&url=https%3A%2F%2Fwww.nyasatimes.com%2F&ea=0&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1636433743833&bpp=1&bdt=6485&idt=5947&shv=r20211103&mjsv=m202111040101&ptt=9&saldr=aa&correlator=5893607863727&frm=24&ife=3&pv=2&ga_vid=41738721.1636433750&ga_sid=1636433750&ga_hid=1346727697&ga_fc=0&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=300&ish=250&ifk=4290881538&scr_x=-12245933&scr_y=-12245933&eid=44752093%2C44754331%2C31062945%2C31063355%2C31063361&oid=2&pvsid=3587062973168272&pem=848&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.rvv642hkv21k&fsb=1&dtd=5952
Protocol
H3
Server
172.217.16.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra15s46-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 09 Nov 2021 04:55:52 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=everest&google_hm=WVluLVNnQURMTXJqbUFBeg&google_push=AYg5qPIPNIbemAFgXdksIQId-vD1Xo1K25jXfAXU6uS1OH8Y4NbakFbRLJNhFaSftOcQ2NwUVDhx22XBs029tCfATdEkoPvC6H6wxg
Date
Tue, 09 Nov 2021 04:55:52 GMT
Server
Apache
Connection
keep-alive
Content-Length
393
Content-Type
text/html; charset=iso-8859-1
pixel
cm.g.doubleclick.net/ Frame 8E07
Redirect Chain
  • https://d.agkn.com/pixel/2175/?google_gid=CAESEBDT4sM0-rlC61pEL_n8zk0&google_cver=1&google_push=AYg5qPLsTRilRxZfiLnOVZpeysLmUblAkM9XQLnKNqE5_2C7UfwAFewF3NZPvVLSug8JHZ14gNU-Z8s0DLpFA9zZnQ9MLMBObs4xbg
  • https://cm.g.doubleclick.net/pixel?google_nid=ak_dmp&google_push=AYg5qPLsTRilRxZfiLnOVZpeysLmUblAkM9XQLnKNqE5_2C7UfwAFewF3NZPvVLSug8JHZ14gNU-Z8s0DLpFA9zZnQ9MLMBObs4xbg&google_hm=Q0FFU0VCRFQ0c00wLXJ...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=ak_dmp&google_push=AYg5qPLsTRilRxZfiLnOVZpeysLmUblAkM9XQLnKNqE5_2C7UfwAFewF3NZPvVLSug8JHZ14gNU-Z8s0DLpFA9zZnQ9MLMBObs4xbg&google_hm=Q0FFU0VCRFQ0c00wLXJsQzYxcEVMX244emsw
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6272874513322487&output=html&h=250&slotname=6384578477&adk=1846531979&adf=776186319&pi=t.ma~as.6384578477&w=300&psa=0&format=300x250&url=https%3A%2F%2Fwww.nyasatimes.com%2F&ea=0&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1636433743833&bpp=1&bdt=6485&idt=5947&shv=r20211103&mjsv=m202111040101&ptt=9&saldr=aa&correlator=5893607863727&frm=24&ife=3&pv=2&ga_vid=41738721.1636433750&ga_sid=1636433750&ga_hid=1346727697&ga_fc=0&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=300&ish=250&ifk=4290881538&scr_x=-12245933&scr_y=-12245933&eid=44752093%2C44754331%2C31062945%2C31063355%2C31063361&oid=2&pvsid=3587062973168272&pem=848&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.rvv642hkv21k&fsb=1&dtd=5952
Protocol
H3
Server
172.217.16.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra15s46-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 09 Nov 2021 04:55:52 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Tue, 09 Nov 2021 04:55:52 GMT
Server
Apache-Coyote/1.1
P3P
CP="NOI DSP COR CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Location
https://cm.g.doubleclick.net/pixel?google_nid=ak_dmp&google_push=AYg5qPLsTRilRxZfiLnOVZpeysLmUblAkM9XQLnKNqE5_2C7UfwAFewF3NZPvVLSug8JHZ14gNU-Z8s0DLpFA9zZnQ9MLMBObs4xbg&google_hm=Q0FFU0VCRFQ0c00wLXJsQzYxcEVMX244emsw
Cache-Control
no-cache, must-revalidate
Connection
keep-alive
Content-Length
0
Expires
Sat, 01 Jan 2000 00:00:00 GMT
466606.gif
id.rlcdn.com/ Frame 8E07 		42 B
307 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://id.rlcdn.com/466606.gif?cparams=google_push%3DAYg5qPLCIMUOxa2AS8pKN9YWTkGkzArpxg-ziIb5o6J6eDuMvVNhDWnXTmF96_0F0QBzDDFGGqzxMdkX4tG2XTvKHnal7r0LQyOFYw&google_gid=CAESEAC8382M2fNFENlKYHnQQc4&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6272874513322487&output=html&h=250&slotname=6384578477&adk=1846531979&adf=776186319&pi=t.ma~as.6384578477&w=300&psa=0&format=300x250&url=https%3A%2F%2Fwww.nyasatimes.com%2F&ea=0&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1636433743833&bpp=1&bdt=6485&idt=5947&shv=r20211103&mjsv=m202111040101&ptt=9&saldr=aa&correlator=5893607863727&frm=24&ife=3&pv=2&ga_vid=41738721.1636433750&ga_sid=1636433750&ga_hid=1346727697&ga_fc=0&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=300&ish=250&ifk=4290881538&scr_x=-12245933&scr_y=-12245933&eid=44752093%2C44754331%2C31062945%2C31063355%2C31063361&oid=2&pvsid=3587062973168272&pem=848&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.rvv642hkv21k&fsb=1&dtd=5952
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.174.68 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
68.174.244.35.bc.googleusercontent.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 09 Nov 2021 04:55:52 GMT
via
1.1 google
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cache-control
no-cache, no-store
content-type
image/gif
alt-svc
clear
content-length
42
pixel
cm.g.doubleclick.net/ Frame 8E07
Redirect Chain
  • https://e.dlx.addthis.com/e/a-1189/s-3614?redirect_provider_id=3614&ru=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Ddatalogix_dmp%26google_hm%3D%3CNA_ID%3E%26google_push%3DAYg5qPLd0LP7...
  • https://cm.g.doubleclick.net/pixel?google_nid=datalogix_dmp&google_hm=MjAyMTExMDkwNDU1NTIwMDAxODQ0MjYxNjkyMQ%3D%3D&google_push=AYg5qPLd0LP7h5LiAKTfERqFTXpH3bnFjUdXIMSVjBM3FBrmIM5BY4t1MF2lgeEBR24WTi...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=datalogix_dmp&google_hm=MjAyMTExMDkwNDU1NTIwMDAxODQ0MjYxNjkyMQ%3D%3D&google_push=AYg5qPLd0LP7h5LiAKTfERqFTXpH3bnFjUdXIMSVjBM3FBrmIM5BY4t1MF2lgeEBR24WTiFor06UWHC0ch_wB4owwiyYJLFlaJt6
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6272874513322487&output=html&h=250&slotname=6384578477&adk=1846531979&adf=776186319&pi=t.ma~as.6384578477&w=300&psa=0&format=300x250&url=https%3A%2F%2Fwww.nyasatimes.com%2F&ea=0&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1636433743833&bpp=1&bdt=6485&idt=5947&shv=r20211103&mjsv=m202111040101&ptt=9&saldr=aa&correlator=5893607863727&frm=24&ife=3&pv=2&ga_vid=41738721.1636433750&ga_sid=1636433750&ga_hid=1346727697&ga_fc=0&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=300&ish=250&ifk=4290881538&scr_x=-12245933&scr_y=-12245933&eid=44752093%2C44754331%2C31062945%2C31063355%2C31063361&oid=2&pvsid=3587062973168272&pem=848&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.rvv642hkv21k&fsb=1&dtd=5952
Protocol
H3
Server
172.217.16.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra15s46-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 09 Nov 2021 04:55:52 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=datalogix_dmp&google_hm=MjAyMTExMDkwNDU1NTIwMDAxODQ0MjYxNjkyMQ%3D%3D&google_push=AYg5qPLd0LP7h5LiAKTfERqFTXpH3bnFjUdXIMSVjBM3FBrmIM5BY4t1MF2lgeEBR24WTiFor06UWHC0ch_wB4owwiyYJLFlaJt6
pragma
no-cache
date
Tue, 09 Nov 2021 04:55:52 GMT
cache-control
max-age=0, no-cache, no-store
content-length
0
strict-transport-security
max-age=2628000
expires
Tue, 09 Nov 2021 04:55:52 GMT
sync
odr.mookie1.com/t/v2/ Frame 8E07 		43 B
106 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://odr.mookie1.com/t/v2/sync?tagid=V2_4531&src.visitorid=CAESEBRl7ucdSi0kcexVhxuUzj8&google_push=AYg5qPLUNkRIj4G778b7LJd_C3ODCFPpg_5I8jelrZNs57_b8i8JVjb7Vp-0af7he3fTBSsknQFfBl9yOTBCHrIz5m2s6Bh5MfLP&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6272874513322487&output=html&h=250&slotname=6384578477&adk=1846531979&adf=776186319&pi=t.ma~as.6384578477&w=300&psa=0&format=300x250&url=https%3A%2F%2Fwww.nyasatimes.com%2F&ea=0&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1636433743833&bpp=1&bdt=6485&idt=5947&shv=r20211103&mjsv=m202111040101&ptt=9&saldr=aa&correlator=5893607863727&frm=24&ife=3&pv=2&ga_vid=41738721.1636433750&ga_sid=1636433750&ga_hid=1346727697&ga_fc=0&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=300&ish=250&ifk=4290881538&scr_x=-12245933&scr_y=-12245933&eid=44752093%2C44754331%2C31062945%2C31063355%2C31063361&oid=2&pvsid=3587062973168272&pem=848&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.rvv642hkv21k&fsb=1&dtd=5952
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.67.61 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
61.67.98.34.bc.googleusercontent.com
Software
Apache /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 09 Nov 2021 04:55:52 GMT
via
1.1 google
server
Apache
p3p
CP="NON DSP COR NID CURa PSAa PSDa OUR STP UNI COM NAV STA LOC OTC",policyref="/w3c/p3p.xml"
cache-control
no-cache, no-store, must-revalidate
content-type
image/gif;charset=UTF-8
alt-svc
clear
content-length
43
x-application-context
application
expires
Thu, 01 Jan 1970 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 8E07
Redirect Chain
  • https://ag.innovid.com/trk?tid=11711&google_gid=CAESEAUyav0hX-3BNLN6CBTLY80&google_cver=1&google_push=AYg5qPJsB3rYUdXyeafqglMBL-AAn1vEuSYCEV24drw-ahuiYbIuxMuZozvqau8nGTn2pG1bYdBuxZM_i-B-cboTXoYMDTd...
  • https://cm.g.doubleclick.net/pixel?google_nid=innovid_ddp&google_push=AYg5qPJsB3rYUdXyeafqglMBL-AAn1vEuSYCEV24drw-ahuiYbIuxMuZozvqau8nGTn2pG1bYdBuxZM_i-B-cboTXoYMDTdwbi1iaA&google_hm=5cFof4AmT--uQK...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=innovid_ddp&google_push=AYg5qPJsB3rYUdXyeafqglMBL-AAn1vEuSYCEV24drw-ahuiYbIuxMuZozvqau8nGTn2pG1bYdBuxZM_i-B-cboTXoYMDTdwbi1iaA&google_hm=5cFof4AmT--uQKcEAuLObQ
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6272874513322487&output=html&h=250&slotname=6384578477&adk=1846531979&adf=776186319&pi=t.ma~as.6384578477&w=300&psa=0&format=300x250&url=https%3A%2F%2Fwww.nyasatimes.com%2F&ea=0&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1636433743833&bpp=1&bdt=6485&idt=5947&shv=r20211103&mjsv=m202111040101&ptt=9&saldr=aa&correlator=5893607863727&frm=24&ife=3&pv=2&ga_vid=41738721.1636433750&ga_sid=1636433750&ga_hid=1346727697&ga_fc=0&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=300&ish=250&ifk=4290881538&scr_x=-12245933&scr_y=-12245933&eid=44752093%2C44754331%2C31062945%2C31063355%2C31063361&oid=2&pvsid=3587062973168272&pem=848&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.rvv642hkv21k&fsb=1&dtd=5952
Protocol
H3
Server
172.217.16.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra15s46-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 09 Nov 2021 04:55:52 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=innovid_ddp&google_push=AYg5qPJsB3rYUdXyeafqglMBL-AAn1vEuSYCEV24drw-ahuiYbIuxMuZozvqau8nGTn2pG1bYdBuxZM_i-B-cboTXoYMDTdwbi1iaA&google_hm=5cFof4AmT--uQKcEAuLObQ
pragma
no-cache
date
Tue, 09 Nov 2021 04:55:52 GMT
cache-control
no-cache
content-length
0
request-time
1
expires
-1
attr
cm.g.doubleclick.net/pixel/ Frame 8E07 		0
12 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13JiY9Kwo9lmSGh0GI3kV2HPU_UWg5_VfrAIowDIHWHgK6axSah20rNL_Iv1DvyImg
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6272874513322487&output=html&h=250&slotname=6384578477&adk=1846531979&adf=776186319&pi=t.ma~as.6384578477&w=300&psa=0&format=300x250&url=https%3A%2F%2Fwww.nyasatimes.com%2F&ea=0&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1636433743833&bpp=1&bdt=6485&idt=5947&shv=r20211103&mjsv=m202111040101&ptt=9&saldr=aa&correlator=5893607863727&frm=24&ife=3&pv=2&ga_vid=41738721.1636433750&ga_sid=1636433750&ga_hid=1346727697&ga_fc=0&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=300&ish=250&ifk=4290881538&scr_x=-12245933&scr_y=-12245933&eid=44752093%2C44754331%2C31062945%2C31063355%2C31063361&oid=2&pvsid=3587062973168272&pem=848&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.rvv642hkv21k&fsb=1&dtd=5952
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.16.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra15s46-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 09 Nov 2021 04:55:52 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
content-type
text/html
iframe.html
p4-fuszz6cmgm5pa-whplufyift7qeelh-if-v6exp3-v4.metric.gstatic.com/v6exp3/ Frame FE68 		4 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://p4-fuszz6cmgm5pa-whplufyift7qeelh-if-v6exp3-v4.metric.gstatic.com/v6exp3/iframe.html
Requested by
Host: p4-fuszz6cmgm5pa-whplufyift7qeelh-if-v6exp3-v4.metric.gstatic.com
URL: https://p4-fuszz6cmgm5pa-whplufyift7qeelh-if-v6exp3-v4.metric.gstatic.com/v6exp3/redir.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.227 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f3.1e100.net
Software
sffe /
Resource Hash
66f418a10ab0a13e15f4f1cab0fdcef351b489557938d218b7ae258a5b8f54ce
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://p4-fuszz6cmgm5pa-whplufyift7qeelh-if-v6exp3-v4.metric.gstatic.com/v6exp3/redir.html

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-type
text/html
content-security-policy-report-only
script-src 'nonce-V3b0dEUlLjmWFQq65ErJ7A' 'report-sample' 'strict-dynamic' 'unsafe-eval' 'unsafe-inline' http: https:; object-src 'none'; report-uri https://csp.withgoogle.com/csp/static-on-bigtable; base-uri 'none'
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy-report-only
same-origin; report-to="static-on-bigtable"
report-to
{"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-length
1862
date
Tue, 09 Nov 2021 04:55:52 GMT
pragma
no-cache
expires
Fri, 01 Jan 1990 00:00:00 GMT
cache-control
no-cache, must-revalidate
last-modified
Thu, 29 Apr 2021 21:38:00 GMT
x-content-type-options
nosniff
content-encoding
gzip
server
sffe
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
truncated
/ Frame 8A2D 		214 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
a49bb4e090ec41a6c49f8a62f97d9793bbeb179536e61a01c9a33b3132d159dd

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Content-Type
image/png
view
securepubads.g.doubleclick.net/pcs/ Frame 6C8C 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvhlOgpb7pd16a9l6ZH6_vf5MD9Iu7A8mZ93R4HQ-6GVt3OvsexbOJfkSmFsCMDCGPwpYUjrRuWQgMejyJnwNVNcfAbObDab1aq5g3w2uOVIwlUBpB-nWDUm58uGfBjzhdCtqr3XXoN3zzIk11yR6afmj2YSlt2L7_5RsQtlP5knUf8Fo3UMG4IyqYjgCaRXo91Ydj1Lc-sAVt6jx05uaExxBwDW-tUfylAOnl65c2yeoxugm9x8MbCDYNcOJzp-lN1llNyjy6PS1rPMu62ZkYExcLJhNLT4e4sqFYvNxiJqS6_XobzkXBgKiIe9XzG9JNDBwXePAY5_zTVKt5TFQ&sai=AMfl-YTHaVhXfJ3qF-prfu0ArdCIrFglbPeie9fmyBa81t4lH9YlsuOCMCkvJpYbGEWhPq8QvZHi7HX5N988L-sKuNbS5aRbHLeHTxjcsiS3YybcLTGM5AEngKcKinEbm4s&sig=Cg0ArKJSzK1bprsMpyJUEAE&uach_m=[UACH]&urlfix=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0%3D&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://40c08bcac5bf885dbd447c370f4f6d6d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 09 Nov 2021 04:55:53 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
expires
Tue, 09 Nov 2021 04:55:53 GMT
sodar
pagead2.googlesyndication.com/getconfig/ Frame 6C8C 		12 KB
9 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20211103&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202111040101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-6272874513322487&plah=40c08bcac5bf885dbd447c370f4f6d6d.safeframe.googlesyndication.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
f737634f15fe825ba0861a18a364196da85273b6de65b120e2a877d3fe86b7c0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://40c08bcac5bf885dbd447c370f4f6d6d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 09 Nov 2021 04:55:53 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9366
x-xss-protection
0
zcxQrsBjZtkA-sIi55aDcbNRce-W4yNq16DL4AdK1J0.js
pagead2.googlesyndication.com/bg/ Frame 3DC5 		35 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/zcxQrsBjZtkA-sIi55aDcbNRce-W4yNq16DL4AdK1J0.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6272874513322487&output=html&h=250&slotname=6384578477&adk=1846531979&adf=776186319&pi=t.ma~as.6384578477&w=300&psa=0&format=300x250&url=https%3A%2F%2Fwww.nyasatimes.com%2F&ea=0&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1636433743833&bpp=1&bdt=6485&idt=5947&shv=r20211103&mjsv=m202111040101&ptt=9&saldr=aa&correlator=5893607863727&frm=24&ife=3&pv=2&ga_vid=41738721.1636433750&ga_sid=1636433750&ga_hid=1346727697&ga_fc=0&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=300&ish=250&ifk=4290881538&scr_x=-12245933&scr_y=-12245933&eid=44752093%2C44754331%2C31062945%2C31063355%2C31063361&oid=2&pvsid=3587062973168272&pem=848&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.rvv642hkv21k&fsb=1&dtd=5952
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
cdcc50aec06366d900fac222e7968371b35171ef96e3236ad7a0cbe0074ad49d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Mon, 08 Nov 2021 20:02:57 GMT
content-encoding
br
x-content-type-options
nosniff
age
31976
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13399
x-xss-protection
0
last-modified
Fri, 29 Oct 2021 13:38:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Tue, 08 Nov 2022 20:02:57 GMT
AdServerServlet
vid.pubmatic.com/AdServer/ Frame F278 		27 B
0 		XHR
General
Check archive.org
Download Go to
Full URL
https://vid.pubmatic.com/AdServer/AdServerServlet?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+7+9+1+1+6&gdpr=0&gdpr_consent=&kadpageurl=https%3A%2F%2Fwww.nyasatimes.com%2F&schain=1.0,1!vidoomy.com,62144,1,1636433751473,,&us_privacy=&cb=1636433752569&SAVersion=2&inIframe=1&pageURL=https%253A%252F%252Fwww.nyasatimes.com%252F&screenResolution=1600x1200&kdntuid=1&vwndh=0&vwndw=0&vwndurl=https%253A%252F%252Fwww.nyasatimes.com%252F&vwndref=&vc=2&js=1&sec=1&kltstamp=2021-11-9%204:55:53&ranreq=0.5126964610650828&timezone=0&depth=0
Requested by
Host: vpaid.pubmatic.com
URL: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr==&gdpr_consent=&kadpageurl=https%3A%2F%2Fwww.nyasatimes.com%2F&schain=1.0,1!vidoomy.com,62144,1,1636433751473,,
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.111 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 09 Nov 2021 04:55:53 GMT
content-encoding
gzip
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
access-control-allow-origin
https://www.nyasatimes.com
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
x-vdbg
1:0/165:-1
content-type
application/xml; charset=utf-8
i
vid-io-cle.springserve.com/vd/ Frame 3AD1 		0
118 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://vid-io-cle.springserve.com/vd/i?suuid=7f7ef30f&ps_id=356921&batch=1
Requested by
Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_d700fabb.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.139.192.142 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-139-192-142.us-east-2.compute.amazonaws.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.nyasatimes.com
date
Tue, 09 Nov 2021 04:55:53 GMT
access-control-allow-credentials
true
server
nginx
content-length
0
track
aktrack.pubmatic.com/ Frame 3AD1 		0
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aktrack.pubmatic.com/track?operId=7&p=156498&s=399115&a=1801592&ts=1636433752&wa=0&e=96&ier=901
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-233-180.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 09 Nov 2021 04:55:53 GMT
content-length
0
content-type
text/html
abg_lite.js
pagead2.googlesyndication.com/pagead/js/r20211103/r20110914/ Frame ECCE 		24 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20211103/r20110914/abg_lite.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-CzMwbgbkb4VQfjNb0CC9M6oMP3SpeG8d8a1HxAhD_U3pXazSKNkwMIL-YkuvApN2fQ4udsro2aC1sSb-ns2UbmNnCFrZqbJetu4kx1If8GXbFAiLmuEvcYqzIVGZSketSXRqxfkoYiEDzX_55ZN6i0YyHyRg&cry=1&dbm_d=AKAmf-BBypONiEZC2E_tiPPLpXXva1Vg-nZLuRqyUqcxCkUzqnIj1DfXVPylYaldUP6kiuXcrDyMK6uuflPFPIsr7boHEKfzvAfqFueZWRqamUj7LaAYTnTsMDXWAHBaEVX6lmflLo47IGdT6zX43X8iMyKg3dxMy8_ZT0PSKptt-5y44nMMN7GVm7msfhu9MwBcMJm7RnKU7rKIb6omq8maZfpMjFBGkYoDKbIcK6-CEP9vdsrsuEfAIzfooolZEc0bF2TEPOaTchF2fxkmLKr0QG4fmFGTm3QL4ZGWvlamoB4vLyX22vY6mz509gGYw75QOFHrWbP-sTLpypiOTHWVlpZJuokf-GBqnmaqyGXT4zGvawOjuClcw9n36EjrS_K5LVc1eJ09TLBN71Br5MSw8LOTkfC6dONpfYaMm0d4sE7ew6K6Wk1bHhX0sHqPW11bqzh5nvZvVcg9OOxKJWXye2n0D16_9T2t6aueZbUTA_ztt4hb_Rv00WoZeh62JO4YFrvPeWEuSH5wAzOsZuUBbDxTWhB1jstfQmURehQVmuW2H8kcHZtDdFsuy3NV-8KoPuM0GEBQ8aiZ5mXXtKd0Q7dvYBJ3DVYtxWmTFkszqp8DIf1l_xViRwqz5nYlHQkTjUtqPHzeywZwBHzOiM04Ox3VSluhlNdGJjHH44vVbUh190wXoPKlcc16_ZxHF7fZJwJz_1ODhN1pNDrqr4XKP-VX0wtLCmc2FT1dp8bmh4T-ZwUmAWdPwHJVwFZonGZVhZM1gBAyTZC36ubpFvyL_lsfWqLVVm1--5uc32vsYhy-xUSEPJTq4YP6C6L9CeGAsmB1VrjXkXrcpqf1RO0J7EOSOSsr7MOi-gEwEMf4tAc7ArX5NSgDnDHq0niuiUUtTSf8ErrFGB9nCyY5Ua0abUmEBTxjCkrnlweJtdOrYfHbQ4eSyfUFSS7l-6u7oQSY96SvFInG0-3hVZqfiXlPCoOfa4hpXIwemjZzfUBDwpfW6Mv0sFJjujxNA6UITUL4-ZyktvDfrfdPR4D4HIh9hwECO_ng1fxu1cf9c_aU-AhiZ5kowcDJLzo0NHDvFBpJ3QqEvGdFlPbxfOJ2mQcNevjxqCOLLRy2ES82VtOA3wcQrhirU8O_agRkBRcv04sICW7mCN6kSXGe5NjNipC6CYe0Hoiy_c9L_ZpSmvBd032WVa7XfVDYnfaBIyJaTjyIV9adyh2-9zZaEc1TxADq6k6hTTaBa50IS6v9s6QCW4Q1SYJuN0KO0j4kISaNRPx8StLr9dAEbPB7DPs06SgwO7-8wr1opSH7jCJO3mM8pFt4mk4-LS-gJ9o6YxScLeP9otFvf4zftTC6JKJGO985JXnIlxW94WatoSUyjRqh5TRj3n_TLHmqlFbwLZ89zjkYqEm42gj6xc8gNRr545lKuDQz8gnc8uARhOo1j4J6GuMZknUblJmbkFdjtBxqevwUUqIEoA6kTxA4RMeHuIgyUy1AtUyjk069zF3NDjDYDULrlPyg4FD5qo0BOU1MURXONaso5k4zq5zV87bnwymUstV9nC9TQdFnOnDGkFTnf7PCvCpfeIWJW7Fc6exInXN8OMoBbV00HLAp53ZOMH7sjlLp6Cn5nKlGIZkHrOJ2L11Gly_HWe-Tc59Qjxj7jp5zVXJtsSQT_HDAh0w7ROwRKXzyaSbZAHhV--RFpk3sUxauXDO6r8VM6zy22wJmD7uh6sgLWhFRBkRjoanb_jscys0C2ocEDKhapQzIE664LFTl24CSF6J7f_x17BV9WqHsbvjF_o7BgXSDfKFX2jepHJ5YMv5po_zT4qzG-WP9anW44ynvb_Fide5YOZcdwt99WVujdKvbe2rJ_NjDQ4TqPKezLMTQtO5Ckj3Ds3msmFkekYV2GGL6E7rf5G2bcgU8PH37GF7O55luUlzNheBfJjIA9Rul2bR6n2FPL0AdYRPE_91kbW8_0iLfQmpdWh5embwGraRG0Du10az1Gp7haO6HBLpv0SUz5RhfAxGDf9QVIsLVoxWegh7_Jf3qZFdKg4z8afO8y0HgYyqhms1u-3pY1Ds5y-1YIJuYQqfJkJdMEXKS5_mCr-Ka3zxPWMdBvyVdurLH-yl2Nyr_m_wgCsqz5MFu24--XqwPGCTxj-o6sxDGWqJpdLJVHodeK2BejalXF3Ph_Xjmhl432TQlciGx10OZyAmPQ-e5XEFbz9zSfVFYZw4cdR8mfA-atk8StuGSfHsbMdKT8O4ruzWHxjzi3m_feHh5ogSwm9pSCwc3R5deFP-6ITeWk9JrAXDKD-y89uOf-MO-RNmIHhwcMeBtVt6J-l-pV2mmRaUXWL-XfYDkOA2XxFJ_R-6K5-nInM7g87vjU5AywZEqWl7OiNvoxT3HZbqLCROlh64CEe6yOzAQcJxXTyK-qBomGlYU3zh7QZ9heiMNju3-NtW6e6zA9yvk2pFhoTcYKubs2Nj0Xm6qVEdefm2xikSj1g-Moy9QJjnuqd0LUdZud2epZ-yk_nZ-IZO1sCCj5dWCqjohlbWyxLjfzpzkpwFBqfSlC8RQErcOBoBNSLF8dAG3M0Tzo_v6q5MlzN5j0jK4BT1WIk9qiZ32t8TVfA3Kj5k6cjcy8JH8IGeyppHyfLFwU-0mf6v6tKoD8co5V-SoAvZ17CGceTvVCg-lm3YrAQ4sKyopBVgnEnv4GIxssbQa9NFsAWsou8n3UU0acH0CpqeaahES_Hj4GEVKFh77yKPuzxE5qTh2Y5wU_iojfFqH1vQKa88aknMHbu_8DM8XMPOc5ARxlX9cJmO1P2XY23oirQMtMDoZNdfQoJo8W_1Tg8CpgDcuEkt0_YEKgDUsXgSr4jrAK89AFKVfmcuFCA0Li3Pv8oEDgzsXWEsLV7cfeU7j-EcyHW2Lrhy9KzScTb0DofBX_gR3jMlo3S5gJO_nRfvXzHP2v14b2pnqpX9G3_10F6ZFh3YuNH25R4lcZzb98bQZ3D3G8RnsSI9xf43di3jmGk1E3ndzxLJS-KBt6YM8CtAp6rvcBLgQPZBnE0rqLMPm86va-4C5__mHyvUuLFA5mYMftLHCzanddhlFUyhL-IteIv6vPRuqq6wfBZxpv5NnOYS5jhEDXoY5Aw0PGvjPjOnNIxR-5tlqpadM5FHKzlNMveEmJmaP3GJP3pGz5WYdCSNsdLIju0Gy__0A4my5HHGB&cid=CAASEuRois0OoXpCaV3er6mKxhxZBg&rfl=2%2Chttps%253A%252F%252Fwww.nyasatimes.com%242%2Chttps%253A%252F%252F40c08bcac5bf885dbd447c370f4f6d6d.safeframe.googlesyndication.com%252F%240
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
f8957910f9a887e298f5c082685e139255d095ec819e8b8cc6469b0006ef204b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 09 Nov 2021 04:51:10 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
283
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9560
x-xss-protection
0
server
cafe
etag
378257483732583304
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 23 Nov 2021 04:51:10 GMT
UFYwWwmt.js
tpc.googlesyndication.com/sodar/ Frame ECCE 		41 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-CzMwbgbkb4VQfjNb0CC9M6oMP3SpeG8d8a1HxAhD_U3pXazSKNkwMIL-YkuvApN2fQ4udsro2aC1sSb-ns2UbmNnCFrZqbJetu4kx1If8GXbFAiLmuEvcYqzIVGZSketSXRqxfkoYiEDzX_55ZN6i0YyHyRg&cry=1&dbm_d=AKAmf-BBypONiEZC2E_tiPPLpXXva1Vg-nZLuRqyUqcxCkUzqnIj1DfXVPylYaldUP6kiuXcrDyMK6uuflPFPIsr7boHEKfzvAfqFueZWRqamUj7LaAYTnTsMDXWAHBaEVX6lmflLo47IGdT6zX43X8iMyKg3dxMy8_ZT0PSKptt-5y44nMMN7GVm7msfhu9MwBcMJm7RnKU7rKIb6omq8maZfpMjFBGkYoDKbIcK6-CEP9vdsrsuEfAIzfooolZEc0bF2TEPOaTchF2fxkmLKr0QG4fmFGTm3QL4ZGWvlamoB4vLyX22vY6mz509gGYw75QOFHrWbP-sTLpypiOTHWVlpZJuokf-GBqnmaqyGXT4zGvawOjuClcw9n36EjrS_K5LVc1eJ09TLBN71Br5MSw8LOTkfC6dONpfYaMm0d4sE7ew6K6Wk1bHhX0sHqPW11bqzh5nvZvVcg9OOxKJWXye2n0D16_9T2t6aueZbUTA_ztt4hb_Rv00WoZeh62JO4YFrvPeWEuSH5wAzOsZuUBbDxTWhB1jstfQmURehQVmuW2H8kcHZtDdFsuy3NV-8KoPuM0GEBQ8aiZ5mXXtKd0Q7dvYBJ3DVYtxWmTFkszqp8DIf1l_xViRwqz5nYlHQkTjUtqPHzeywZwBHzOiM04Ox3VSluhlNdGJjHH44vVbUh190wXoPKlcc16_ZxHF7fZJwJz_1ODhN1pNDrqr4XKP-VX0wtLCmc2FT1dp8bmh4T-ZwUmAWdPwHJVwFZonGZVhZM1gBAyTZC36ubpFvyL_lsfWqLVVm1--5uc32vsYhy-xUSEPJTq4YP6C6L9CeGAsmB1VrjXkXrcpqf1RO0J7EOSOSsr7MOi-gEwEMf4tAc7ArX5NSgDnDHq0niuiUUtTSf8ErrFGB9nCyY5Ua0abUmEBTxjCkrnlweJtdOrYfHbQ4eSyfUFSS7l-6u7oQSY96SvFInG0-3hVZqfiXlPCoOfa4hpXIwemjZzfUBDwpfW6Mv0sFJjujxNA6UITUL4-ZyktvDfrfdPR4D4HIh9hwECO_ng1fxu1cf9c_aU-AhiZ5kowcDJLzo0NHDvFBpJ3QqEvGdFlPbxfOJ2mQcNevjxqCOLLRy2ES82VtOA3wcQrhirU8O_agRkBRcv04sICW7mCN6kSXGe5NjNipC6CYe0Hoiy_c9L_ZpSmvBd032WVa7XfVDYnfaBIyJaTjyIV9adyh2-9zZaEc1TxADq6k6hTTaBa50IS6v9s6QCW4Q1SYJuN0KO0j4kISaNRPx8StLr9dAEbPB7DPs06SgwO7-8wr1opSH7jCJO3mM8pFt4mk4-LS-gJ9o6YxScLeP9otFvf4zftTC6JKJGO985JXnIlxW94WatoSUyjRqh5TRj3n_TLHmqlFbwLZ89zjkYqEm42gj6xc8gNRr545lKuDQz8gnc8uARhOo1j4J6GuMZknUblJmbkFdjtBxqevwUUqIEoA6kTxA4RMeHuIgyUy1AtUyjk069zF3NDjDYDULrlPyg4FD5qo0BOU1MURXONaso5k4zq5zV87bnwymUstV9nC9TQdFnOnDGkFTnf7PCvCpfeIWJW7Fc6exInXN8OMoBbV00HLAp53ZOMH7sjlLp6Cn5nKlGIZkHrOJ2L11Gly_HWe-Tc59Qjxj7jp5zVXJtsSQT_HDAh0w7ROwRKXzyaSbZAHhV--RFpk3sUxauXDO6r8VM6zy22wJmD7uh6sgLWhFRBkRjoanb_jscys0C2ocEDKhapQzIE664LFTl24CSF6J7f_x17BV9WqHsbvjF_o7BgXSDfKFX2jepHJ5YMv5po_zT4qzG-WP9anW44ynvb_Fide5YOZcdwt99WVujdKvbe2rJ_NjDQ4TqPKezLMTQtO5Ckj3Ds3msmFkekYV2GGL6E7rf5G2bcgU8PH37GF7O55luUlzNheBfJjIA9Rul2bR6n2FPL0AdYRPE_91kbW8_0iLfQmpdWh5embwGraRG0Du10az1Gp7haO6HBLpv0SUz5RhfAxGDf9QVIsLVoxWegh7_Jf3qZFdKg4z8afO8y0HgYyqhms1u-3pY1Ds5y-1YIJuYQqfJkJdMEXKS5_mCr-Ka3zxPWMdBvyVdurLH-yl2Nyr_m_wgCsqz5MFu24--XqwPGCTxj-o6sxDGWqJpdLJVHodeK2BejalXF3Ph_Xjmhl432TQlciGx10OZyAmPQ-e5XEFbz9zSfVFYZw4cdR8mfA-atk8StuGSfHsbMdKT8O4ruzWHxjzi3m_feHh5ogSwm9pSCwc3R5deFP-6ITeWk9JrAXDKD-y89uOf-MO-RNmIHhwcMeBtVt6J-l-pV2mmRaUXWL-XfYDkOA2XxFJ_R-6K5-nInM7g87vjU5AywZEqWl7OiNvoxT3HZbqLCROlh64CEe6yOzAQcJxXTyK-qBomGlYU3zh7QZ9heiMNju3-NtW6e6zA9yvk2pFhoTcYKubs2Nj0Xm6qVEdefm2xikSj1g-Moy9QJjnuqd0LUdZud2epZ-yk_nZ-IZO1sCCj5dWCqjohlbWyxLjfzpzkpwFBqfSlC8RQErcOBoBNSLF8dAG3M0Tzo_v6q5MlzN5j0jK4BT1WIk9qiZ32t8TVfA3Kj5k6cjcy8JH8IGeyppHyfLFwU-0mf6v6tKoD8co5V-SoAvZ17CGceTvVCg-lm3YrAQ4sKyopBVgnEnv4GIxssbQa9NFsAWsou8n3UU0acH0CpqeaahES_Hj4GEVKFh77yKPuzxE5qTh2Y5wU_iojfFqH1vQKa88aknMHbu_8DM8XMPOc5ARxlX9cJmO1P2XY23oirQMtMDoZNdfQoJo8W_1Tg8CpgDcuEkt0_YEKgDUsXgSr4jrAK89AFKVfmcuFCA0Li3Pv8oEDgzsXWEsLV7cfeU7j-EcyHW2Lrhy9KzScTb0DofBX_gR3jMlo3S5gJO_nRfvXzHP2v14b2pnqpX9G3_10F6ZFh3YuNH25R4lcZzb98bQZ3D3G8RnsSI9xf43di3jmGk1E3ndzxLJS-KBt6YM8CtAp6rvcBLgQPZBnE0rqLMPm86va-4C5__mHyvUuLFA5mYMftLHCzanddhlFUyhL-IteIv6vPRuqq6wfBZxpv5NnOYS5jhEDXoY5Aw0PGvjPjOnNIxR-5tlqpadM5FHKzlNMveEmJmaP3GJP3pGz5WYdCSNsdLIju0Gy__0A4my5HHGB&cid=CAASEuRois0OoXpCaV3er6mKxhxZBg&rfl=2%2Chttps%253A%252F%252Fwww.nyasatimes.com%242%2Chttps%253A%252F%252F40c08bcac5bf885dbd447c370f4f6d6d.safeframe.googlesyndication.com%252F%240
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Mon, 08 Nov 2021 11:10:41 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
63912
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15207
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="adspam-signals-scs"
expires
Tue, 08 Nov 2022 11:10:41 GMT
PMAdMgr.js
vpaid.pubmatic.com/ads/video/ Frame 7352 		152 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr=0&gdpr_consent=&kadpageurl=https%3A%2F%2Fwww.nyasatimes.com%2F&schain=1.0%2C1%21vidoomy.com%2C62144%2C1%2C49000376608330150591745889038%2C%2C
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-233-180.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
f0f6a8b6c19b0c4d1cab075ab2f4f755cfef747424837668e65f431410f816e8

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 09 Nov 2021 04:55:53 GMT
content-encoding
gzip
last-modified
Tue, 10 Aug 2021 05:02:46 GMT
server
Apache/2.2.15 (CentOS)
etag
"1408294-25f9a-5c92d699d3c58"
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=10800
accept-ranges
bytes
content-length
36260
showad.js
ads.pubmatic.com/AdServer/js/ Frame 22F7 		38 KB
14 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/showad.js?
Requested by
Host: vpaid.pubmatic.com
URL: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr=0&gdpr_consent=&kadpageurl=https%3A%2F%2Fwww.nyasatimes.com%2F&schain=1.0%2C1%21vidoomy.com%2C62144%2C1%2C49000376608330150591745889038%2C%2C
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-233-180.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
e2cdec10db9a0a224e9f5e49b6f004c5426564fb8d857ad3df480e9c916bafe6

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

last-modified
Tue, 19 Oct 2021 10:00:01 GMT
etag
"1302647-96ae-5ceb1b98ba7c4"
server
Apache/2.2.15 (CentOS)
accept-ranges
bytes
content-encoding
gzip
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
13882
content-type
text/html; charset=UTF-8
cache-control
public, max-age=87028
expires
Wed, 10 Nov 2021 05:06:21 GMT
date
Tue, 09 Nov 2021 04:55:53 GMT
vary
Accept-Encoding
showad.js
ads.pubmatic.com/AdServer/js/ Frame 7352 		38 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/showad.js?
Requested by
Host: vpaid.pubmatic.com
URL: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr=0&gdpr_consent=&kadpageurl=https%3A%2F%2Fwww.nyasatimes.com%2F&schain=1.0%2C1%21vidoomy.com%2C62144%2C1%2C49000376608330150591745889038%2C%2C
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-233-180.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
e2cdec10db9a0a224e9f5e49b6f004c5426564fb8d857ad3df480e9c916bafe6

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 09 Nov 2021 04:55:53 GMT
content-encoding
gzip
last-modified
Tue, 19 Oct 2021 10:00:01 GMT
server
Apache/2.2.15 (CentOS)
etag
"1302647-96ae-5ceb1b98ba7c4"
vary
Accept-Encoding
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
public, max-age=87028
accept-ranges
bytes
content-type
text/html; charset=UTF-8
content-length
13882
expires
Wed, 10 Nov 2021 05:06:21 GMT
t
t.lkqd.net/ Frame F584 		0
166 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://t.lkqd.net/t
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.128.190 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
application/json

Response headers

access-control-allow-origin
https://www.nyasatimes.com
date
Tue, 09 Nov 2021 04:55:53 GMT
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
server
nginx
content-length
0
content-type
text/plain; charset=UTF-8
t
t.lkqd.net/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://t.lkqd.net/t
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.128.190 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type
Origin
https://www.nyasatimes.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

server
nginx
date
Tue, 09 Nov 2021 04:55:53 GMT
content-type
text/plain; charset=UTF-8
content-length
0
access-control-allow-credentials
true
access-control-expose-headers
Content-Type, Content-Disposition
access-control-allow-headers
Content-Type
access-control-allow-methods
GET, OPTIONS, POST
cache-control
max-age=300
access-control-max-age
300
access-control-allow-origin
https://www.nyasatimes.com
sodar2.js
tpc.googlesyndication.com/sodar/ Frame C2B1 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202111040101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-6272874513322487&plah=40c08bcac5bf885dbd447c370f4f6d6d.safeframe.googlesyndication.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a5ead9037af4a0e749e217f63b25a25493a7705e17d98f04b336ab1370a353db
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://40c08bcac5bf885dbd447c370f4f6d6d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 09 Nov 2021 04:55:53 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1624308425655142"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6467
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="adspam-signals-scs"
expires
Tue, 09 Nov 2021 04:55:53 GMT
4727t6qteyti
hal9000.redintelligence.net/zone/ Frame ECCE 		11 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hal9000.redintelligence.net/zone/4727t6qteyti?subid=&gdpr=-1&gdpr_consent=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCwv0vVf-JYabaL6OT7gOAwrx4tc35g1f82Lmr5QzwLhABIL7_sQpgleKQgqAHyAEJqQKxQAaDMW6zPqgDAaoEjwJP0KUVPd8ktXVoQl0V-YrTbIrmvQoxJTBhA7Ogeik5g1Og392DkuH8DGGlpqb6hRiSuYWCh5EfqxI4oAxVyFb-9zGpi8V4gBI5RRRTyRykb3WwtuJ-YcF8Ts6ULV7Z0P1hHhFaFMXOA5eBDxyaTxorHv8WUBbLM3S4ab4xFK2de9HXu9uX01d-ny5hGhG6fJCn7C9t9JHxv92wBDjfNnCimoNr8bLWG5jisXcAQZPAQGYYRChtJDUYsYHgMFHiDphRAxLwowU9F_RFelLlkIaDbnTAqqhspyXb0xAmoMKOjwnGscleV1yH8DruxHpja55SddUkfC0uCVg-gj9IC__vDpew6XRvTVepRwC4SxamwASqnfy-zwHgBAOQBgGgBk2AB-vn6F6oB47OG6gHk9gbqAfulrECqAf-nrECqAfVyRuoB6a-G6gH89EbqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAkIgOGAEBABGF-ACgGYCwHICwGADAGwE8Ka2grQEwDYEwPYFAHQFQH4FgGAFwE%26ae%3D1%26num%3D1%26cid%3DCAASEuRois0OoXpCaV3er6mKxhxZBg%26sig%3DAOD64_0P4Bcba0bR5CGXIB2EKJCIuIVniQ%26client%3Dca-pub-6272874513322487%26dbm_c%3DAKAmf-CKT5c-AhkCOZqbruPx9k5Ri-WzUhNtFE3LstmRLk6O12rjETGXFglycKAb1InzwiC7i9ePyaAp2tFLnSXLMd1MGSA11O-fet7G6ILDonV1mCGWLqStZVcyXnK3Fb6Ac51sSxa_sNHdijRfn-KIqEaH2RnALA%26cry%3D1%26dbm_d%3DAKAmf-DOpV5FJOaEhd8cz62c8DBCKB3gYIutC2_RST1KCpkjUMIU4uMhKVD5ZDJNXGxzSdjV54ZxpK9NW6mKj95GUYKpES09VgFsAOodqSOgm-BjPXsIQ493O1qY1PUVVgf8ohr2d_3cIV7W0L-QzWKmMj9o8cPdpS6p19GnkwWi7C1IYJriSzNTNHFI37PLIdeLzI9wjSqcV2O2v9iy1UYI3AmPJhwj7Xy8RYDv9-Yh97NNX6DSBH2MJVcziguaFqh2RD71TaTDS1uqMwLBAhIytbeow0USGD8yzfj60Lsfzi5dsQdMJggkpbz7vwulW_E__CDfjlnnUV6BE6PWS_8QBNkgOKzGZyVtI4wwLv55Hh9_0QwAZharWTqdvizQwtOLIyOuLl6WJ6fe4UVkcfbi4NYYCFpvLBwjKOGc_fHkaAru0KtTxkHmuJjFUNX5xVZvB1ZsNHd_%26adurl%3D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6272874513322487&output=html&h=90&slotname=8623798812&adk=3893537616&adf=776186306&pi=t.ma~as.8623798812&w=728&psa=0&format=728x90&url=https%3A%2F%2Fwww.nyasatimes.com%2F&ea=0&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1636433743870&bpp=4&bdt=6496&idt=5866&shv=r20211103&mjsv=m202111040101&ptt=9&saldr=aa&correlator=4653366252255&frm=24&ife=3&pv=2&ga_vid=702292323.1636433750&ga_sid=1636433750&ga_hid=1407238254&ga_fc=0&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=728&ish=90&ifk=1565869666&scr_x=-12245933&scr_y=-12245933&eid=44754331%2C31063355%2C31063681&oid=2&pvsid=1907843007424657&pem=848&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.kp2obwvw52ai&fsb=1&dtd=5883
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
138.201.135.164 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.164.135.201.138.clients.your-server.de
Software
Apache /
Resource Hash
af8d1de3ef8c9404ae46573a4d16368841714c0c16d2a6a805840b0a0144e79c

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date
Tue, 09 Nov 2021 04:55:53 GMT
Content-Encoding
gzip
Server
Apache
Connection
close
Content-Length
3936
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
AdServerServlet
vid.pubmatic.com/AdServer/ Frame 7352 		27 B
126 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://vid.pubmatic.com/AdServer/AdServerServlet?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+7+9+1+1+6&gdpr=0&gdpr_consent=&kadpageurl=https%3A%2F%2Fwww.nyasatimes.com%2F&schain=1.0%2C1%21vidoomy.com%2C62144%2C1%2C49000376608330150591745889038%2C%2C&us_privacy=&cb=1636433753291&SAVersion=2&inIframe=1&pageURL=https%253A%252F%252Fwww.nyasatimes.com%252F&screenResolution=1600x1200&kdntuid=1&vwndh=0&vwndw=0&vwndurl=https%253A%252F%252Fwww.nyasatimes.com%252F&vwndref=&vc=2&js=1&sec=1&kltstamp=2021-11-9%204:55:53&ranreq=0.08992428350085291&timezone=0&depth=0
Requested by
Host: vpaid.pubmatic.com
URL: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr=0&gdpr_consent=&kadpageurl=https%3A%2F%2Fwww.nyasatimes.com%2F&schain=1.0%2C1%21vidoomy.com%2C62144%2C1%2C49000376608330150591745889038%2C%2C
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.111 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
a71702232a771b558b12f8c0012a15f5652b500fd2e33464d283406cee36754d

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 09 Nov 2021 04:55:53 GMT
content-encoding
gzip
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
access-control-allow-origin
https://www.nyasatimes.com
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
x-vdbg
1:0/165:-1
content-type
application/xml; charset=utf-8
Enqz_20U.html
tpc.googlesyndication.com/sodar/ Frame 9D9D 		22 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy-report-only
same-origin; report-to="adspam-signals-scs"
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
timing-allow-origin
*
content-length
8395
date
Mon, 08 Nov 2021 11:10:41 GMT
expires
Tue, 08 Nov 2022 11:10:41 GMT
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
age
63912
cache-control
public, max-age=31536000
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
runner.html
tpc.googlesyndication.com/sodar/sodar2/224/ Frame A694 		12 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4fa0156d693856f79289525c8e4db988a188d55ce0283351c96d811c7ce3e2c3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://40c08bcac5bf885dbd447c370f4f6d6d.safeframe.googlesyndication.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy-report-only
same-origin; report-to="adspam-signals-scs"
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-length
5029
date
Mon, 08 Nov 2021 19:53:47 GMT
expires
Tue, 08 Nov 2022 19:53:47 GMT
last-modified
Wed, 02 Jun 2021 17:09:45 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, max-age=31536000
age
32526
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
aframe
www.google.com/recaptcha/api2/ Frame C6B5 		783 B
536 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
6a111b8ffceaa622f173dc7133289c6c92bbb51def7bb5aec5dbc81616deb1de
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-FJs1Mqvj32T16XGF6BblFg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://40c08bcac5bf885dbd447c370f4f6d6d.safeframe.googlesyndication.com/

Response headers

cross-origin-resource-policy
cross-origin
cross-origin-embedder-policy
require-corp
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
expires
Tue, 09 Nov 2021 04:55:53 GMT
date
Tue, 09 Nov 2021 04:55:53 GMT
cache-control
private, max-age=300
content-type
text/html; charset=utf-8
content-security-policy
script-src 'report-sample' 'nonce-FJs1Mqvj32T16XGF6BblFg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding
gzip
x-content-type-options
nosniff
x-xss-protection
1; mode=block
content-length
514
server
GSE
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
request.php
hal900019.redintelligence.net/ Frame ECCE 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hal900019.redintelligence.net/request.php?zone=4727t6qteyti&nw=20&renderingType=javascript&namespace=dd070cf336&subid=&uid=ae459e4e010b5f55&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=728x90&scrollPos=0x0&extData[]=&envData=&gdpr=-1&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCwv0vVf-JYabaL6OT7gOAwrx4tc35g1f82Lmr5QzwLhABIL7_sQpgleKQgqAHyAEJqQKxQAaDMW6zPqgDAaoEjwJP0KUVPd8ktXVoQl0V-YrTbIrmvQoxJTBhA7Ogeik5g1Og392DkuH8DGGlpqb6hRiSuYWCh5EfqxI4oAxVyFb-9zGpi8V4gBI5RRRTyRykb3WwtuJ-YcF8Ts6ULV7Z0P1hHhFaFMXOA5eBDxyaTxorHv8WUBbLM3S4ab4xFK2de9HXu9uX01d-ny5hGhG6fJCn7C9t9JHxv92wBDjfNnCimoNr8bLWG5jisXcAQZPAQGYYRChtJDUYsYHgMFHiDphRAxLwowU9F_RFelLlkIaDbnTAqqhspyXb0xAmoMKOjwnGscleV1yH8DruxHpja55SddUkfC0uCVg-gj9IC__vDpew6XRvTVepRwC4SxamwASqnfy-zwHgBAOQBgGgBk2AB-vn6F6oB47OG6gHk9gbqAfulrECqAf-nrECqAfVyRuoB6a-G6gH89EbqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAkIgOGAEBABGF-ACgGYCwHICwGADAGwE8Ka2grQEwDYEwPYFAHQFQH4FgGAFwE%26ae%3D1%26num%3D1%26cid%3DCAASEuRois0OoXpCaV3er6mKxhxZBg%26sig%3DAOD64_0P4Bcba0bR5CGXIB2EKJCIuIVniQ%26client%3Dca-pub-6272874513322487%26dbm_c%3DAKAmf-CKT5c-AhkCOZqbruPx9k5Ri-WzUhNtFE3LstmRLk6O12rjETGXFglycKAb1InzwiC7i9ePyaAp2tFLnSXLMd1MGSA11O-fet7G6ILDonV1mCGWLqStZVcyXnK3Fb6Ac51sSxa_sNHdijRfn-KIqEaH2RnALA%26cry%3D1%26dbm_d%3DAKAmf-DOpV5FJOaEhd8cz62c8DBCKB3gYIutC2_RST1KCpkjUMIU4uMhKVD5ZDJNXGxzSdjV54ZxpK9NW6mKj95GUYKpES09VgFsAOodqSOgm-BjPXsIQ493O1qY1PUVVgf8ohr2d_3cIV7W0L-QzWKmMj9o8cPdpS6p19GnkwWi7C1IYJriSzNTNHFI37PLIdeLzI9wjSqcV2O2v9iy1UYI3AmPJhwj7Xy8RYDv9-Yh97NNX6DSBH2MJVcziguaFqh2RD71TaTDS1uqMwLBAhIytbeow0USGD8yzfj60Lsfzi5dsQdMJggkpbz7vwulW_E__CDfjlnnUV6BE6PWS_8QBNkgOKzGZyVtI4wwLv55Hh9_0QwAZharWTqdvizQwtOLIyOuLl6WJ6fe4UVkcfbi4NYYCFpvLBwjKOGc_fHkaAru0KtTxkHmuJjFUNX5xVZvB1ZsNHd_%26adurl%3D&documentReferer=https%3A%2F%2F40c08bcac5bf885dbd447c370f4f6d6d.safeframe.googlesyndication.com%2F&ancestorOrigins=https%3A%2F%2F40c08bcac5bf885dbd447c370f4f6d6d.safeframe.googlesyndication.com%2Chttps%3A%2F%2Fwww.nyasatimes.com&random=3323785469751&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0
Requested by
Host: hal9000.redintelligence.net
URL: https://hal9000.redintelligence.net/zone/4727t6qteyti?subid=&gdpr=-1&gdpr_consent=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCwv0vVf-JYabaL6OT7gOAwrx4tc35g1f82Lmr5QzwLhABIL7_sQpgleKQgqAHyAEJqQKxQAaDMW6zPqgDAaoEjwJP0KUVPd8ktXVoQl0V-YrTbIrmvQoxJTBhA7Ogeik5g1Og392DkuH8DGGlpqb6hRiSuYWCh5EfqxI4oAxVyFb-9zGpi8V4gBI5RRRTyRykb3WwtuJ-YcF8Ts6ULV7Z0P1hHhFaFMXOA5eBDxyaTxorHv8WUBbLM3S4ab4xFK2de9HXu9uX01d-ny5hGhG6fJCn7C9t9JHxv92wBDjfNnCimoNr8bLWG5jisXcAQZPAQGYYRChtJDUYsYHgMFHiDphRAxLwowU9F_RFelLlkIaDbnTAqqhspyXb0xAmoMKOjwnGscleV1yH8DruxHpja55SddUkfC0uCVg-gj9IC__vDpew6XRvTVepRwC4SxamwASqnfy-zwHgBAOQBgGgBk2AB-vn6F6oB47OG6gHk9gbqAfulrECqAf-nrECqAfVyRuoB6a-G6gH89EbqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAkIgOGAEBABGF-ACgGYCwHICwGADAGwE8Ka2grQEwDYEwPYFAHQFQH4FgGAFwE%26ae%3D1%26num%3D1%26cid%3DCAASEuRois0OoXpCaV3er6mKxhxZBg%26sig%3DAOD64_0P4Bcba0bR5CGXIB2EKJCIuIVniQ%26client%3Dca-pub-6272874513322487%26dbm_c%3DAKAmf-CKT5c-AhkCOZqbruPx9k5Ri-WzUhNtFE3LstmRLk6O12rjETGXFglycKAb1InzwiC7i9ePyaAp2tFLnSXLMd1MGSA11O-fet7G6ILDonV1mCGWLqStZVcyXnK3Fb6Ac51sSxa_sNHdijRfn-KIqEaH2RnALA%26cry%3D1%26dbm_d%3DAKAmf-DOpV5FJOaEhd8cz62c8DBCKB3gYIutC2_RST1KCpkjUMIU4uMhKVD5ZDJNXGxzSdjV54ZxpK9NW6mKj95GUYKpES09VgFsAOodqSOgm-BjPXsIQ493O1qY1PUVVgf8ohr2d_3cIV7W0L-QzWKmMj9o8cPdpS6p19GnkwWi7C1IYJriSzNTNHFI37PLIdeLzI9wjSqcV2O2v9iy1UYI3AmPJhwj7Xy8RYDv9-Yh97NNX6DSBH2MJVcziguaFqh2RD71TaTDS1uqMwLBAhIytbeow0USGD8yzfj60Lsfzi5dsQdMJggkpbz7vwulW_E__CDfjlnnUV6BE6PWS_8QBNkgOKzGZyVtI4wwLv55Hh9_0QwAZharWTqdvizQwtOLIyOuLl6WJ6fe4UVkcfbi4NYYCFpvLBwjKOGc_fHkaAru0KtTxkHmuJjFUNX5xVZvB1ZsNHd_%26adurl%3D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
78.46.90.238 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.238.90.46.78.clients.your-server.de
Software
Apache /
Resource Hash
314b1f34c440e490a4b19a2ae99a0a4a9d27fc4406f1be3544a067e8a37840f1

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 09 Nov 2021 04:55:53 GMT
Content-Encoding
gzip
Server
Apache
Vary
Accept-Encoding
P3P
CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Cache-Control
no-store, no-cache, must-revalidate, max-age=0
X-NEORY-SubId
33506400014560200710612011773019
Connection
close
Content-Type
application/x-javascript; charset=utf-8
Content-Length
1096
Expires
Tue, 09 Nov 2021 04:55:53 +0100
view.aspx
pb.media01.eu/ Frame 8B44
Redirect Chain
  • https://pv.medialead.de/trck/epv/e99aace94e6e5873881d3400993e1e7e?subid=33506400014560200710612011773019&t=htlp
  • https://pb.media01.eu/view.aspx?trackid=529D4F146E3238B0FD87AE72E1190AD4&dt_subid1=52180&dt_subid2=33506400014560200710612011773019&actionid=879111&produktid=ratenkredit&dt_url=
0
182 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pb.media01.eu/view.aspx?trackid=529D4F146E3238B0FD87AE72E1190AD4&dt_subid1=52180&dt_subid2=33506400014560200710612011773019&actionid=879111&produktid=ratenkredit&dt_url=
Requested by
Host: hal900019.redintelligence.net
URL: https://hal900019.redintelligence.net/request.php?zone=4727t6qteyti&nw=20&renderingType=javascript&namespace=dd070cf336&subid=&uid=ae459e4e010b5f55&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=728x90&scrollPos=0x0&extData[]=&envData=&gdpr=-1&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCwv0vVf-JYabaL6OT7gOAwrx4tc35g1f82Lmr5QzwLhABIL7_sQpgleKQgqAHyAEJqQKxQAaDMW6zPqgDAaoEjwJP0KUVPd8ktXVoQl0V-YrTbIrmvQoxJTBhA7Ogeik5g1Og392DkuH8DGGlpqb6hRiSuYWCh5EfqxI4oAxVyFb-9zGpi8V4gBI5RRRTyRykb3WwtuJ-YcF8Ts6ULV7Z0P1hHhFaFMXOA5eBDxyaTxorHv8WUBbLM3S4ab4xFK2de9HXu9uX01d-ny5hGhG6fJCn7C9t9JHxv92wBDjfNnCimoNr8bLWG5jisXcAQZPAQGYYRChtJDUYsYHgMFHiDphRAxLwowU9F_RFelLlkIaDbnTAqqhspyXb0xAmoMKOjwnGscleV1yH8DruxHpja55SddUkfC0uCVg-gj9IC__vDpew6XRvTVepRwC4SxamwASqnfy-zwHgBAOQBgGgBk2AB-vn6F6oB47OG6gHk9gbqAfulrECqAf-nrECqAfVyRuoB6a-G6gH89EbqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAkIgOGAEBABGF-ACgGYCwHICwGADAGwE8Ka2grQEwDYEwPYFAHQFQH4FgGAFwE%26ae%3D1%26num%3D1%26cid%3DCAASEuRois0OoXpCaV3er6mKxhxZBg%26sig%3DAOD64_0P4Bcba0bR5CGXIB2EKJCIuIVniQ%26client%3Dca-pub-6272874513322487%26dbm_c%3DAKAmf-CKT5c-AhkCOZqbruPx9k5Ri-WzUhNtFE3LstmRLk6O12rjETGXFglycKAb1InzwiC7i9ePyaAp2tFLnSXLMd1MGSA11O-fet7G6ILDonV1mCGWLqStZVcyXnK3Fb6Ac51sSxa_sNHdijRfn-KIqEaH2RnALA%26cry%3D1%26dbm_d%3DAKAmf-DOpV5FJOaEhd8cz62c8DBCKB3gYIutC2_RST1KCpkjUMIU4uMhKVD5ZDJNXGxzSdjV54ZxpK9NW6mKj95GUYKpES09VgFsAOodqSOgm-BjPXsIQ493O1qY1PUVVgf8ohr2d_3cIV7W0L-QzWKmMj9o8cPdpS6p19GnkwWi7C1IYJriSzNTNHFI37PLIdeLzI9wjSqcV2O2v9iy1UYI3AmPJhwj7Xy8RYDv9-Yh97NNX6DSBH2MJVcziguaFqh2RD71TaTDS1uqMwLBAhIytbeow0USGD8yzfj60Lsfzi5dsQdMJggkpbz7vwulW_E__CDfjlnnUV6BE6PWS_8QBNkgOKzGZyVtI4wwLv55Hh9_0QwAZharWTqdvizQwtOLIyOuLl6WJ6fe4UVkcfbi4NYYCFpvLBwjKOGc_fHkaAru0KtTxkHmuJjFUNX5xVZvB1ZsNHd_%26adurl%3D&documentReferer=https%3A%2F%2F40c08bcac5bf885dbd447c370f4f6d6d.safeframe.googlesyndication.com%2F&ancestorOrigins=https%3A%2F%2F40c08bcac5bf885dbd447c370f4f6d6d.safeframe.googlesyndication.com%2Chttps%3A%2F%2Fwww.nyasatimes.com&random=3323785469751&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
88.198.250.30 Schwaig, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.88-198-250-30.clients.your-server.de
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/

Response headers

cache-control
no-cache, must-revalidate
pragma
no-cache
content-type
text/html; charset=UTF-8
expires
Mon, 26 Jul 1997 05:00:00 GMT
last-modified
Tue, 09 Nov 2021 05:55:53 GMT
server
Microsoft-IIS/10.0
p3p
policyref="https://pb.media01.eu/pb.media01.eu/p3p.xml", CP="NOI NID PSA OUR BUS NAV STA"
access-control-allow-origin
*
access-control-allow-credentials
true
x-xss-protection
1; mode=block
access-control-allow-methods
GET,POST
access-control-allow-headers
Content-Type, Content-Range, Content-Disposition, Content-Description, X-XSRF-TOKEN, X-Location
x-aspnet-version
4.0.30319
x-powered-by
ASP.NET
date
Tue, 09 Nov 2021 04:55:53 GMT
content-length
0

Redirect headers

Server
nginx/1.19.7
Date
Tue, 09 Nov 2021 04:55:53 GMT
Content-Type
text/html; charset=UTF-8
Transfer-Encoding
chunked
Keep-Alive
timeout=20
X-Powered-By
PHP/7.2.34
Access-Control-Allow-Origin
*
Access-Control-Allow-Methods
GET,PUT,POST,DELETE,OPTIONS
Access-Control-Allow-Headers
Origin, X-Requested-With, Content-Range, Content-Disposition, Content-Type, Authorization
Access-Control-Allow-Credentials
true
Location
https://pb.media01.eu/view.aspx?trackid=529D4F146E3238B0FD87AE72E1190AD4&dt_subid1=52180&dt_subid2=33506400014560200710612011773019&actionid=879111&produktid=ratenkredit&dt_url=
Strict-Transport-Security
max-age=63072000;includeSubdomains;preload max-age=15768000
X-IPLB-Request-ID
B9D59BA5:C176_91EFC182:01BB_6189FF59_6F3821D:2A265
X-IPLB-Instance
40028
Cache-control
private
activityi;dc_pre=CNr77-S-ivQCFRME4AodtSwFMw;src=8019191;type=invmedia;cat=1up4h04i;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=7111219509845.03
8019191.fls.doubleclick.net/ Frame D728
Redirect Chain
  • https://8019191.fls.doubleclick.net/activityi;src=8019191;type=invmedia;cat=1up4h04i;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=7111219509845.03?
  • https://8019191.fls.doubleclick.net/activityi;dc_pre=CNr77-S-ivQCFRME4AodtSwFMw;src=8019191;type=invmedia;cat=1up4h04i;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=7111219509845.03?
390 B
345 B 		Document
General
Check archive.org
Download Go to
Full URL
https://8019191.fls.doubleclick.net/activityi;dc_pre=CNr77-S-ivQCFRME4AodtSwFMw;src=8019191;type=invmedia;cat=1up4h04i;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=7111219509845.03?
Requested by
Host: www.nyasatimes.com
URL: https://www.nyasatimes.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.102 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f6.1e100.net
Software
cafe /
Resource Hash
81b4b620739e7a15c3ef161b6a9d7025e65415add7b7e05cf29e2bd7a9691ea7
Security Headers
Name Value
Strict-Transport-Security max-age=21600
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
date
Tue, 09 Nov 2021 04:55:54 GMT
expires
Tue, 09 Nov 2021 04:55:54 GMT
cache-control
private, max-age=0
strict-transport-security
max-age=21600
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
gzip
server
cafe
content-length
322
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

Redirect headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
date
Tue, 09 Nov 2021 04:55:54 GMT
pragma
no-cache
expires
Fri, 01 Jan 1990 00:00:00 GMT
cache-control
no-cache, must-revalidate
follow-only-when-prerender-shown
1
strict-transport-security
max-age=21600
location
https://8019191.fls.doubleclick.net/activityi;dc_pre=CNr77-S-ivQCFRME4AodtSwFMw;src=8019191;type=invmedia;cat=1up4h04i;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=7111219509845.03?
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
server
cafe
content-length
0
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
request_content.php
hal900019.redintelligence.net/ Frame 64AD 		7 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://hal900019.redintelligence.net/request_content.php?s=33506400014560200710612011773019&a=383cb0cc
Requested by
Host: hal900019.redintelligence.net
URL: https://hal900019.redintelligence.net/request.php?zone=4727t6qteyti&nw=20&renderingType=javascript&namespace=dd070cf336&subid=&uid=ae459e4e010b5f55&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=728x90&scrollPos=0x0&extData[]=&envData=&gdpr=-1&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCwv0vVf-JYabaL6OT7gOAwrx4tc35g1f82Lmr5QzwLhABIL7_sQpgleKQgqAHyAEJqQKxQAaDMW6zPqgDAaoEjwJP0KUVPd8ktXVoQl0V-YrTbIrmvQoxJTBhA7Ogeik5g1Og392DkuH8DGGlpqb6hRiSuYWCh5EfqxI4oAxVyFb-9zGpi8V4gBI5RRRTyRykb3WwtuJ-YcF8Ts6ULV7Z0P1hHhFaFMXOA5eBDxyaTxorHv8WUBbLM3S4ab4xFK2de9HXu9uX01d-ny5hGhG6fJCn7C9t9JHxv92wBDjfNnCimoNr8bLWG5jisXcAQZPAQGYYRChtJDUYsYHgMFHiDphRAxLwowU9F_RFelLlkIaDbnTAqqhspyXb0xAmoMKOjwnGscleV1yH8DruxHpja55SddUkfC0uCVg-gj9IC__vDpew6XRvTVepRwC4SxamwASqnfy-zwHgBAOQBgGgBk2AB-vn6F6oB47OG6gHk9gbqAfulrECqAf-nrECqAfVyRuoB6a-G6gH89EbqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAkIgOGAEBABGF-ACgGYCwHICwGADAGwE8Ka2grQEwDYEwPYFAHQFQH4FgGAFwE%26ae%3D1%26num%3D1%26cid%3DCAASEuRois0OoXpCaV3er6mKxhxZBg%26sig%3DAOD64_0P4Bcba0bR5CGXIB2EKJCIuIVniQ%26client%3Dca-pub-6272874513322487%26dbm_c%3DAKAmf-CKT5c-AhkCOZqbruPx9k5Ri-WzUhNtFE3LstmRLk6O12rjETGXFglycKAb1InzwiC7i9ePyaAp2tFLnSXLMd1MGSA11O-fet7G6ILDonV1mCGWLqStZVcyXnK3Fb6Ac51sSxa_sNHdijRfn-KIqEaH2RnALA%26cry%3D1%26dbm_d%3DAKAmf-DOpV5FJOaEhd8cz62c8DBCKB3gYIutC2_RST1KCpkjUMIU4uMhKVD5ZDJNXGxzSdjV54ZxpK9NW6mKj95GUYKpES09VgFsAOodqSOgm-BjPXsIQ493O1qY1PUVVgf8ohr2d_3cIV7W0L-QzWKmMj9o8cPdpS6p19GnkwWi7C1IYJriSzNTNHFI37PLIdeLzI9wjSqcV2O2v9iy1UYI3AmPJhwj7Xy8RYDv9-Yh97NNX6DSBH2MJVcziguaFqh2RD71TaTDS1uqMwLBAhIytbeow0USGD8yzfj60Lsfzi5dsQdMJggkpbz7vwulW_E__CDfjlnnUV6BE6PWS_8QBNkgOKzGZyVtI4wwLv55Hh9_0QwAZharWTqdvizQwtOLIyOuLl6WJ6fe4UVkcfbi4NYYCFpvLBwjKOGc_fHkaAru0KtTxkHmuJjFUNX5xVZvB1ZsNHd_%26adurl%3D&documentReferer=https%3A%2F%2F40c08bcac5bf885dbd447c370f4f6d6d.safeframe.googlesyndication.com%2F&ancestorOrigins=https%3A%2F%2F40c08bcac5bf885dbd447c370f4f6d6d.safeframe.googlesyndication.com%2Chttps%3A%2F%2Fwww.nyasatimes.com&random=3323785469751&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
78.46.90.238 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.238.90.46.78.clients.your-server.de
Software
Apache /
Resource Hash
e2643009f7263a2cc8e069d89771f44f723bb615262aed3eb26dae41023edd92

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/

Response headers

Date
Tue, 09 Nov 2021 04:55:53 GMT
Server
Apache
Cache-Control
no-store, no-cache, must-revalidate, max-age=0
Expires
Tue, 09 Nov 2021 04:55:53 +0100
Pragma
no-cache
P3P
CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Vary
Accept-Encoding
Content-Encoding
gzip
Content-Length
2062
Connection
close
Content-Type
text/html; charset=utf-8
native.png
ad-server.eu/wm/pb/ Frame ECCE
Redirect Chain
  • https://medialead.de/trck/eview/e99aace94e6e5873881d3400993e1e7e?subid=33506400014560200710612011773019
  • https://pv.medialead.de/trck/eview/e99aace94e6e5873881d3400993e1e7e?subid=33506400014560200710612011773019
  • https://ad-server.eu/wm/pb/native.png
68 B
312 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad-server.eu/wm/pb/native.png
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6272874513322487&output=html&h=90&slotname=8623798812&adk=3893537616&adf=776186306&pi=t.ma~as.8623798812&w=728&psa=0&format=728x90&url=https%3A%2F%2Fwww.nyasatimes.com%2F&ea=0&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1636433743870&bpp=4&bdt=6496&idt=5866&shv=r20211103&mjsv=m202111040101&ptt=9&saldr=aa&correlator=4653366252255&frm=24&ife=3&pv=2&ga_vid=702292323.1636433750&ga_sid=1636433750&ga_hid=1407238254&ga_fc=0&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=728&ish=90&ifk=1565869666&scr_x=-12245933&scr_y=-12245933&eid=44754331%2C31063355%2C31063681&oid=2&pvsid=1907843007424657&pem=848&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.kp2obwvw52ai&fsb=1&dtd=5883
Protocol
HTTP/1.1
Server
54.76.176.197 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-76-176-197.eu-west-1.compute.amazonaws.com
Software
nginx/1.4.6 (Ubuntu) /
Resource Hash
93ae7d494fad0fb30cbf3ae746a39c4bc7a0f8bbf87fbb587a3f3c01f3c5ce20

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date
Tue, 09 Nov 2021 05:00:02 GMT
Last-Modified
Sat, 21 Dec 2019 23:06:59 GMT
Server
nginx/1.4.6 (Ubuntu)
ETag
"5dfea593-44"
Content-Type
image/png
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
68

Redirect headers

Date
Tue, 09 Nov 2021 04:55:53 GMT
Server
nginx/1.19.7
X-IPLB-Request-ID
B9D59BA5:C176_91EFC182:01BB_6189FF59_6F38220:2A265
X-Powered-By
PHP/7.2.34
X-IPLB-Instance
40028
Strict-Transport-Security
max-age=63072000;includeSubdomains;preload, max-age=15768000
Content-Type
text/html; charset=UTF-8
Location
https://ad-server.eu/wm/pb/native.png
Cache-control
private
Transfer-Encoding
chunked
Keep-Alive
timeout=20
cshow.php
www.awin1.com/ Frame ECCE 		43 B
703 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.awin1.com/cshow.php?s=2519595&v=14098&q=379097&r=296283&pref1=33506400014560200710612011773019&pv=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6272874513322487&output=html&h=90&slotname=8623798812&adk=3893537616&adf=776186306&pi=t.ma~as.8623798812&w=728&psa=0&format=728x90&url=https%3A%2F%2Fwww.nyasatimes.com%2F&ea=0&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1636433743870&bpp=4&bdt=6496&idt=5866&shv=r20211103&mjsv=m202111040101&ptt=9&saldr=aa&correlator=4653366252255&frm=24&ife=3&pv=2&ga_vid=702292323.1636433750&ga_sid=1636433750&ga_hid=1407238254&ga_fc=0&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=728&ish=90&ifk=1565869666&scr_x=-12245933&scr_y=-12245933&eid=44754331%2C31063355%2C31063681&oid=2&pvsid=1907843007424657&pem=848&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.kp2obwvw52ai&fsb=1&dtd=5883
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.111.239.217 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-239-217.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 09 Nov 2021 04:55:53 GMT
Strict-Transport-Security
max-age=86400
P3P
policyref="http://www.awin1.com/w3c/p3p.xml", CP="NOI NID CURa ADMa PSAa HISa OUR IND UNI PUR COM NAV"
Cache-Control
no-store, no-cache, max-age=0, must-revalidate
Awin-Akamai-Rule-Set
default
Node
Helix
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
0
cshow.php
www.awin1.com/ Frame ECCE 		43 B
704 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.awin1.com/cshow.php?s=2601051&v=18332&q=376776&r=296283&pref1=33506400014560200710612011773019&pv=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6272874513322487&output=html&h=90&slotname=8623798812&adk=3893537616&adf=776186306&pi=t.ma~as.8623798812&w=728&psa=0&format=728x90&url=https%3A%2F%2Fwww.nyasatimes.com%2F&ea=0&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1636433743870&bpp=4&bdt=6496&idt=5866&shv=r20211103&mjsv=m202111040101&ptt=9&saldr=aa&correlator=4653366252255&frm=24&ife=3&pv=2&ga_vid=702292323.1636433750&ga_sid=1636433750&ga_hid=1407238254&ga_fc=0&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=728&ish=90&ifk=1565869666&scr_x=-12245933&scr_y=-12245933&eid=44754331%2C31063355%2C31063681&oid=2&pvsid=1907843007424657&pem=848&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.kp2obwvw52ai&fsb=1&dtd=5883
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.111.239.217 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-239-217.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 09 Nov 2021 04:55:53 GMT
Strict-Transport-Security
max-age=86400
P3P
policyref="http://www.awin1.com/w3c/p3p.xml", CP="NOI NID CURa ADMa PSAa HISa OUR IND UNI PUR COM NAV"
Cache-Control
no-store, no-cache, max-age=0, must-revalidate
Awin-Akamai-Rule-Set
default
Node
Helix
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
0
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame 3AF7 		1 KB
755 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6272874513322487&output=html&h=90&slotname=8623798812&adk=3893537616&adf=776186306&pi=t.ma~as.8623798812&w=728&psa=0&format=728x90&url=https%3A%2F%2Fwww.nyasatimes.com%2F&ea=0&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1636433743870&bpp=4&bdt=6496&idt=5866&shv=r20211103&mjsv=m202111040101&ptt=9&saldr=aa&correlator=4653366252255&frm=24&ife=3&pv=2&ga_vid=702292323.1636433750&ga_sid=1636433750&ga_hid=1407238254&ga_fc=0&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=728&ish=90&ifk=1565869666&scr_x=-12245933&scr_y=-12245933&eid=44754331%2C31063355%2C31063681&oid=2&pvsid=1907843007424657&pem=848&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.kp2obwvw52ai&fsb=1&dtd=5883
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/

Response headers

p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
vary
Accept-Encoding
date
Mon, 08 Nov 2021 18:26:41 GMT
expires
Tue, 09 Nov 2021 18:26:41 GMT
content-type
text/html; charset=UTF-8
etag
48472445140208031
x-content-type-options
nosniff
content-encoding
gzip
server
cafe
content-length
724
x-xss-protection
0
age
37752
cache-control
public, max-age=86400
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
truncated
/ Frame ECCE 		216 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
309fcbd049e701f4b1759286ec9d58f6bf0f3ce913623f3a57518219e964e63e

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Content-Type
image/png
css
fonts.googleapis.com/ Frame 64AD 		1 KB
420 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Titillium+Web:400,700
Requested by
Host: hal900019.redintelligence.net
URL: https://hal900019.redintelligence.net/request_content.php?s=33506400014560200710612011773019&a=383cb0cc
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
9c1521286e7dd2d6f8c2262b15bca8867bcae973a83879accdd00e1cb9831e5f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://hal900019.redintelligence.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Tue, 09 Nov 2021 03:31:43 GMT
server
ESF
date
Tue, 09 Nov 2021 04:55:54 GMT
x-frame-options
SAMEORIGIN
report-to
{"group":"AXrpQdfmR0fDhCOPhF1MuC4lh4qBOg6Nc66MCVJYeKk","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/encsid_AXrpQdfmR0fDhCOPhF1MuC4lh4qBOg6Nc66MCVJYeKk"}]}
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
cross-origin-opener-policy-report-only
same-origin; report-to="AXrpQdfmR0fDhCOPhF1MuC4lh4qBOg6Nc66MCVJYeKk"
expires
Tue, 09 Nov 2021 04:55:54 GMT
/
hal9000.redintelligence.net/scale/ Frame 64AD 		16 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hal9000.redintelligence.net/scale/?nw=20&mode=bb&width=120&height=60&url=https://cdn.contentspread.net/24i/advertiser/6383/creativesup/postbank_pool_privatkredit_1200x627.jpg
Requested by
Host: hal900019.redintelligence.net
URL: https://hal900019.redintelligence.net/request_content.php?s=33506400014560200710612011773019&a=383cb0cc
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
138.201.135.164 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.164.135.201.138.clients.your-server.de
Software
Apache /
Resource Hash
ecd1add1790844329ee5df6d91e99e7f9d50ef9dbb1cdb7e0b851f80ae7fed62

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://hal900019.redintelligence.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date
Tue, 09 Nov 2021 04:55:54 GMT
Content-Encoding
gzip
Server
Apache
Connection
close
Content-Length
16248
Vary
Accept-Encoding
Content-Type
image/png
/
hal9000.redintelligence.net/scale/ Frame 64AD 		17 KB
17 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hal9000.redintelligence.net/scale/?nw=20&mode=bb&width=120&height=60&url=https://cdn.contentspread.net/24i/advertiser/3839/creativesup/father_daughter_1200x627.jpg
Requested by
Host: hal900019.redintelligence.net
URL: https://hal900019.redintelligence.net/request_content.php?s=33506400014560200710612011773019&a=383cb0cc
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
138.201.135.164 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.164.135.201.138.clients.your-server.de
Software
Apache /
Resource Hash
6462f59072e92f77915cfb30aebb3c3e1813ce7e502476d9b567900fb65e968b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://hal900019.redintelligence.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date
Tue, 09 Nov 2021 04:55:54 GMT
Content-Encoding
gzip
Server
Apache
Connection
close
Content-Length
16857
Vary
Accept-Encoding
Content-Type
image/png
/
hal9000.redintelligence.net/scale/ Frame 64AD 		15 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hal9000.redintelligence.net/scale/?nw=20&mode=bb&width=120&height=60&url=https://cdn.contentspread.net/24i/advertiser/52343/creativesup/1200x627_2.jpg
Requested by
Host: hal900019.redintelligence.net
URL: https://hal900019.redintelligence.net/request_content.php?s=33506400014560200710612011773019&a=383cb0cc
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
138.201.135.164 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.164.135.201.138.clients.your-server.de
Software
Apache /
Resource Hash
18b3bd5064e97764c244353b1dd81639218ecf33c3d04312518b6969d6618144

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://hal900019.redintelligence.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date
Tue, 09 Nov 2021 04:55:54 GMT
Content-Encoding
gzip
Server
Apache
Connection
close
Content-Length
15249
Vary
Accept-Encoding
Content-Type
image/png
PMAdMgr.js
vpaid.pubmatic.com/ads/video/ Frame DDE1 		152 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr=0&gdpr_consent=&kadpageurl=https%3A%2F%2Fwww.nyasatimes.com%2F&schain=1.0%2C1%21vidoomy.com%2C62144%2C1%2C7522160614900037660833015059%2C%2C
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-233-180.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
f0f6a8b6c19b0c4d1cab075ab2f4f755cfef747424837668e65f431410f816e8

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 09 Nov 2021 04:55:54 GMT
content-encoding
gzip
last-modified
Tue, 10 Aug 2021 05:02:46 GMT
server
Apache/2.2.15 (CentOS)
etag
"1408294-25f9a-5c92d699d3c58"
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=10800
accept-ranges
bytes
content-length
36260
track
aktrack.pubmatic.com/ Frame 7352 		0
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aktrack.pubmatic.com/track?operId=7&p=156498&s=399115&a=1801592&ts=1636433754&wa=0&e=95&vc=2
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-233-180.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 09 Nov 2021 04:55:54 GMT
content-length
0
content-type
text/html
zcxQrsBjZtkA-sIi55aDcbNRce-W4yNq16DL4AdK1J0.js
pagead2.googlesyndication.com/bg/ Frame 9D9D 		35 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/zcxQrsBjZtkA-sIi55aDcbNRce-W4yNq16DL4AdK1J0.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
cdcc50aec06366d900fac222e7968371b35171ef96e3236ad7a0cbe0074ad49d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Mon, 08 Nov 2021 20:02:57 GMT
content-encoding
br
x-content-type-options
nosniff
age
31977
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13399
x-xss-protection
0
last-modified
Fri, 29 Oct 2021 13:38:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Tue, 08 Nov 2022 20:02:57 GMT
pixel
cm.g.doubleclick.net/ Frame 3AF7
Redirect Chain
  • https://pixel.everesttech.net/1/m?url=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Deverest%26google_hm%3D__EFGSURFER_USB64__%26google_push%3DAYg5qPKJeg7AdQFTgfPvtTv8nZGjGz3ANJoYzf8MYDC...
  • https://cm.g.doubleclick.net/pixel?google_nid=everest&google_hm=WVluLVNnQURMTXJqbUFBeg&google_push=AYg5qPKJeg7AdQFTgfPvtTv8nZGjGz3ANJoYzf8MYDC3WBD3A6U5-GPp6dCS0o3Fi9mU2dUazLu6V6fePsXUUZUo-pj0Nm3zWk...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=everest&google_hm=WVluLVNnQURMTXJqbUFBeg&google_push=AYg5qPKJeg7AdQFTgfPvtTv8nZGjGz3ANJoYzf8MYDC3WBD3A6U5-GPp6dCS0o3Fi9mU2dUazLu6V6fePsXUUZUo-pj0Nm3zWk0WAw
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6272874513322487&output=html&h=90&slotname=8623798812&adk=3893537616&adf=776186306&pi=t.ma~as.8623798812&w=728&psa=0&format=728x90&url=https%3A%2F%2Fwww.nyasatimes.com%2F&ea=0&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1636433743870&bpp=4&bdt=6496&idt=5866&shv=r20211103&mjsv=m202111040101&ptt=9&saldr=aa&correlator=4653366252255&frm=24&ife=3&pv=2&ga_vid=702292323.1636433750&ga_sid=1636433750&ga_hid=1407238254&ga_fc=0&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=728&ish=90&ifk=1565869666&scr_x=-12245933&scr_y=-12245933&eid=44754331%2C31063355%2C31063681&oid=2&pvsid=1907843007424657&pem=848&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.kp2obwvw52ai&fsb=1&dtd=5883
Protocol
H3
Server
172.217.16.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra15s46-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 09 Nov 2021 04:55:54 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=everest&google_hm=WVluLVNnQURMTXJqbUFBeg&google_push=AYg5qPKJeg7AdQFTgfPvtTv8nZGjGz3ANJoYzf8MYDC3WBD3A6U5-GPp6dCS0o3Fi9mU2dUazLu6V6fePsXUUZUo-pj0Nm3zWk0WAw
Date
Tue, 09 Nov 2021 04:55:54 GMT
Server
Apache
Connection
keep-alive
Content-Length
393
Content-Type
text/html; charset=iso-8859-1
466606.gif
id.rlcdn.com/ Frame 3AF7 		42 B
307 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://id.rlcdn.com/466606.gif?cparams=google_push%3DAYg5qPJVfxvVSWAlFKo4gMLE59rdHx_KqJquoYDP37d3OyaMRjbJ4oq5qN5j_kobVj2LrZqEBlRKYEDVLFuJDf3PQLky7MEZzR4qHw&google_gid=CAESEAC8382M2fNFENlKYHnQQc4&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6272874513322487&output=html&h=90&slotname=8623798812&adk=3893537616&adf=776186306&pi=t.ma~as.8623798812&w=728&psa=0&format=728x90&url=https%3A%2F%2Fwww.nyasatimes.com%2F&ea=0&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1636433743870&bpp=4&bdt=6496&idt=5866&shv=r20211103&mjsv=m202111040101&ptt=9&saldr=aa&correlator=4653366252255&frm=24&ife=3&pv=2&ga_vid=702292323.1636433750&ga_sid=1636433750&ga_hid=1407238254&ga_fc=0&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=728&ish=90&ifk=1565869666&scr_x=-12245933&scr_y=-12245933&eid=44754331%2C31063355%2C31063681&oid=2&pvsid=1907843007424657&pem=848&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.kp2obwvw52ai&fsb=1&dtd=5883
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.174.68 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
68.174.244.35.bc.googleusercontent.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 09 Nov 2021 04:55:54 GMT
via
1.1 google
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cache-control
no-cache, no-store
content-type
image/gif
alt-svc
clear
content-length
42
pixel
cm.g.doubleclick.net/ Frame 3AF7
Redirect Chain
  • https://e.dlx.addthis.com/e/a-1189/s-3614?redirect_provider_id=3614&ru=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Ddatalogix_dmp%26google_hm%3D%3CNA_ID%3E%26google_push%3DAYg5qPJplXJD...
  • https://cm.g.doubleclick.net/pixel?google_nid=datalogix_dmp&google_hm=MjAyMTExMDkwNDU1NTIwMDAxODQ0MjYxNjkyMQ%3D%3D&google_push=AYg5qPJplXJDqfjpo37lV45FC2O19p5MmfGjwXlaH9paw0PxEeDzFbum-TiUj_1DchEF2Q...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=datalogix_dmp&google_hm=MjAyMTExMDkwNDU1NTIwMDAxODQ0MjYxNjkyMQ%3D%3D&google_push=AYg5qPJplXJDqfjpo37lV45FC2O19p5MmfGjwXlaH9paw0PxEeDzFbum-TiUj_1DchEF2Q_LpKS7Vr38b48HZBtYxfLbivlnEW3V
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6272874513322487&output=html&h=90&slotname=8623798812&adk=3893537616&adf=776186306&pi=t.ma~as.8623798812&w=728&psa=0&format=728x90&url=https%3A%2F%2Fwww.nyasatimes.com%2F&ea=0&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1636433743870&bpp=4&bdt=6496&idt=5866&shv=r20211103&mjsv=m202111040101&ptt=9&saldr=aa&correlator=4653366252255&frm=24&ife=3&pv=2&ga_vid=702292323.1636433750&ga_sid=1636433750&ga_hid=1407238254&ga_fc=0&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=728&ish=90&ifk=1565869666&scr_x=-12245933&scr_y=-12245933&eid=44754331%2C31063355%2C31063681&oid=2&pvsid=1907843007424657&pem=848&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.kp2obwvw52ai&fsb=1&dtd=5883
Protocol
H3
Server
172.217.16.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra15s46-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 09 Nov 2021 04:55:54 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=datalogix_dmp&google_hm=MjAyMTExMDkwNDU1NTIwMDAxODQ0MjYxNjkyMQ%3D%3D&google_push=AYg5qPJplXJDqfjpo37lV45FC2O19p5MmfGjwXlaH9paw0PxEeDzFbum-TiUj_1DchEF2Q_LpKS7Vr38b48HZBtYxfLbivlnEW3V
pragma
no-cache
date
Tue, 09 Nov 2021 04:55:54 GMT
cache-control
max-age=0, no-cache, no-store
content-length
0
strict-transport-security
max-age=2628000
expires
Tue, 09 Nov 2021 04:55:54 GMT
pixel
cm.g.doubleclick.net/ Frame 3AF7
Redirect Chain
  • https://us-u.openx.net/w/1.0/pd?ph=bbb82fae-1d27-4d90-bb10-e24164ecd7bc&google_gid=CAESEN2v0BCUBvuZRM46eS73ot0&google_cver=1&google_push=AYg5qPJkE55ELUDIJSfIU-AfiOhsC0_9t0zSRhhm9_5crPsJLL0-9lsOE3QP...
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=MGNmMThhNmItYjU0Yi0yMmUzLWYzYzUtNzQxYjEyNmI1YmVh
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=MGNmMThhNmItYjU0Yi0yMmUzLWYzYzUtNzQxYjEyNmI1YmVh
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6272874513322487&output=html&h=90&slotname=8623798812&adk=3893537616&adf=776186306&pi=t.ma~as.8623798812&w=728&psa=0&format=728x90&url=https%3A%2F%2Fwww.nyasatimes.com%2F&ea=0&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1636433743870&bpp=4&bdt=6496&idt=5866&shv=r20211103&mjsv=m202111040101&ptt=9&saldr=aa&correlator=4653366252255&frm=24&ife=3&pv=2&ga_vid=702292323.1636433750&ga_sid=1636433750&ga_hid=1407238254&ga_fc=0&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=728&ish=90&ifk=1565869666&scr_x=-12245933&scr_y=-12245933&eid=44754331%2C31063355%2C31063681&oid=2&pvsid=1907843007424657&pem=848&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.kp2obwvw52ai&fsb=1&dtd=5883
Protocol
H3
Server
172.217.16.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra15s46-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 09 Nov 2021 04:55:54 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Tue, 09 Nov 2021 04:55:54 GMT
content-encoding
gzip
server
OXGW/16.218.0
vary
Accept, Accept-Encoding
p3p
CP="CUR ADM OUR NOR STA NID"
location
https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=MGNmMThhNmItYjU0Yi0yMmUzLWYzYzUtNzQxYjEyNmI1YmVh
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
via
1.1 google
pixel
cm.g.doubleclick.net/ Frame 3AF7
Redirect Chain
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=qv20G-isSp-kIiJBC84r0Q%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mp...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=qv20G-isSp-kIiJBC84r0Q%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AYg5qPL4NWkD3oqebNDaNJLjEi56QzUtrTZ78ZY8Twfh0__jL4ovOCAxhzGEZy_tNOWZHGDfm1cJa7ei0vIt1MRJxCAtnFugIUOoLQ
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6272874513322487&output=html&h=90&slotname=8623798812&adk=3893537616&adf=776186306&pi=t.ma~as.8623798812&w=728&psa=0&format=728x90&url=https%3A%2F%2Fwww.nyasatimes.com%2F&ea=0&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1636433743870&bpp=4&bdt=6496&idt=5866&shv=r20211103&mjsv=m202111040101&ptt=9&saldr=aa&correlator=4653366252255&frm=24&ife=3&pv=2&ga_vid=702292323.1636433750&ga_sid=1636433750&ga_hid=1407238254&ga_fc=0&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=728&ish=90&ifk=1565869666&scr_x=-12245933&scr_y=-12245933&eid=44754331%2C31063355%2C31063681&oid=2&pvsid=1907843007424657&pem=848&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.kp2obwvw52ai&fsb=1&dtd=5883
Protocol
H3
Server
172.217.16.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra15s46-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 09 Nov 2021 04:55:54 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=qv20G-isSp-kIiJBC84r0Q%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AYg5qPL4NWkD3oqebNDaNJLjEi56QzUtrTZ78ZY8Twfh0__jL4ovOCAxhzGEZy_tNOWZHGDfm1cJa7ei0vIt1MRJxCAtnFugIUOoLQ
date
Tue, 09 Nov 2021 04:55:52 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
0
content-type
text/html; charset=UTF-8
pixel
cm.g.doubleclick.net/ Frame 3AF7
Redirect Chain
  • https://token.rubiconproject.com/token?pid=2249&pt=n&google_gid=CAESEJzLms53leo2ZB2HTLKSe78&google_cver=1&google_push=AYg5qPJYEkebS1gjEWm2XXNpYHH2pccjQEAsZrAH9ap8tk1_YqxMXEOSYIQ-mI_O9YrsNHM4oRdNc20...
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6272874513322487&output=html&h=90&slotname=8623798812&adk=3893537616&adf=776186306&pi=t.ma~as.8623798812&w=728&psa=0&format=728x90&url=https%3A%2F%2Fwww.nyasatimes.com%2F&ea=0&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1636433743870&bpp=4&bdt=6496&idt=5866&shv=r20211103&mjsv=m202111040101&ptt=9&saldr=aa&correlator=4653366252255&frm=24&ife=3&pv=2&ga_vid=702292323.1636433750&ga_sid=1636433750&ga_hid=1407238254&ga_fc=0&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=728&ish=90&ifk=1565869666&scr_x=-12245933&scr_y=-12245933&eid=44754331%2C31063355%2C31063681&oid=2&pvsid=1907843007424657&pem=848&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.kp2obwvw52ai&fsb=1&dtd=5883
Protocol
H3
Server
172.217.16.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra15s46-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 09 Nov 2021 04:55:54 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
78e3bdce5107450057bade54d54a0a7e
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
cma
dsum-sec.casalemedia.com/ Frame 3AF7 		43 B
315 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/cma?gdpr=${GDPR}&gdpr_consent=${GDPR_CONSENT_10}&google_gid=CAESEFYa9KjnHEidbuFn8KIVKR4&google_cver=1&google_push=AYg5qPJ9D1oyvEe7lVADh9aIS7tqblexQvqR_gEDySDnjidQX1XeX2MNefZkaBVPvNhTm6U1I-wYkDZYb3V2_9EsKUHCa9K0wT3k
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6272874513322487&output=html&h=90&slotname=8623798812&adk=3893537616&adf=776186306&pi=t.ma~as.8623798812&w=728&psa=0&format=728x90&url=https%3A%2F%2Fwww.nyasatimes.com%2F&ea=0&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1636433743870&bpp=4&bdt=6496&idt=5866&shv=r20211103&mjsv=m202111040101&ptt=9&saldr=aa&correlator=4653366252255&frm=24&ife=3&pv=2&ga_vid=702292323.1636433750&ga_sid=1636433750&ga_hid=1407238254&ga_fc=0&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=728&ish=90&ifk=1565869666&scr_x=-12245933&scr_y=-12245933&eid=44754331%2C31063355%2C31063681&oid=2&pvsid=1907843007424657&pem=848&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.kp2obwvw52ai&fsb=1&dtd=5883
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 09 Nov 2021 04:55:54 GMT
Server
Apache
Vary
Is-Traffic-Usersync
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Length
43
Expires
Tue, 09 Nov 2021 04:55:54 GMT
attr
cm.g.doubleclick.net/pixel/ Frame 3AF7 		0
12 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13I2Klxe3g7WnbQj-CPXTHQuy8l8l3qbYCwB2yCAuUsss6-qI-KwkknHGH1Lhk5FXkTZEcy5
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6272874513322487&output=html&h=90&slotname=8623798812&adk=3893537616&adf=776186306&pi=t.ma~as.8623798812&w=728&psa=0&format=728x90&url=https%3A%2F%2Fwww.nyasatimes.com%2F&ea=0&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1636433743870&bpp=4&bdt=6496&idt=5866&shv=r20211103&mjsv=m202111040101&ptt=9&saldr=aa&correlator=4653366252255&frm=24&ife=3&pv=2&ga_vid=702292323.1636433750&ga_sid=1636433750&ga_hid=1407238254&ga_fc=0&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=728&ish=90&ifk=1565869666&scr_x=-12245933&scr_y=-12245933&eid=44754331%2C31063355%2C31063681&oid=2&pvsid=1907843007424657&pem=848&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.kp2obwvw52ai&fsb=1&dtd=5883
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.16.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra15s46-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 09 Nov 2021 04:55:54 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
content-type
text/html
showad.js
ads.pubmatic.com/AdServer/js/ Frame E88D 		38 KB
14 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/showad.js?
Requested by
Host: vpaid.pubmatic.com
URL: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr=0&gdpr_consent=&kadpageurl=https%3A%2F%2Fwww.nyasatimes.com%2F&schain=1.0%2C1%21vidoomy.com%2C62144%2C1%2C7522160614900037660833015059%2C%2C
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-233-180.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
e2cdec10db9a0a224e9f5e49b6f004c5426564fb8d857ad3df480e9c916bafe6

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

last-modified
Tue, 19 Oct 2021 10:00:01 GMT
etag
"1302647-96ae-5ceb1b98ba7c4"
server
Apache/2.2.15 (CentOS)
accept-ranges
bytes
content-encoding
gzip
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
13882
content-type
text/html; charset=UTF-8
cache-control
public, max-age=87027
expires
Wed, 10 Nov 2021 05:06:21 GMT
date
Tue, 09 Nov 2021 04:55:54 GMT
vary
Accept-Encoding
showad.js
ads.pubmatic.com/AdServer/js/ Frame DDE1 		38 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/showad.js?
Requested by
Host: vpaid.pubmatic.com
URL: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr=0&gdpr_consent=&kadpageurl=https%3A%2F%2Fwww.nyasatimes.com%2F&schain=1.0%2C1%21vidoomy.com%2C62144%2C1%2C7522160614900037660833015059%2C%2C
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-233-180.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
e2cdec10db9a0a224e9f5e49b6f004c5426564fb8d857ad3df480e9c916bafe6

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 09 Nov 2021 04:55:54 GMT
content-encoding
gzip
last-modified
Tue, 19 Oct 2021 10:00:01 GMT
server
Apache/2.2.15 (CentOS)
etag
"1302647-96ae-5ceb1b98ba7c4"
vary
Accept-Encoding
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
public, max-age=87027
accept-ranges
bytes
content-type
text/html; charset=UTF-8
content-length
13882
expires
Wed, 10 Nov 2021 05:06:21 GMT
t
t.lkqd.net/ Frame F584 		0
166 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://t.lkqd.net/t
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.128.190 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
application/json

Response headers

access-control-allow-origin
https://www.nyasatimes.com
date
Tue, 09 Nov 2021 04:55:54 GMT
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
server
nginx
content-length
0
content-type
text/plain; charset=UTF-8
t
t.lkqd.net/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://t.lkqd.net/t
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.128.190 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type
Origin
https://www.nyasatimes.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

server
nginx
date
Tue, 09 Nov 2021 04:55:54 GMT
content-type
text/plain; charset=UTF-8
content-length
0
access-control-allow-credentials
true
access-control-expose-headers
Content-Type, Content-Disposition
access-control-allow-headers
Content-Type
access-control-allow-methods
GET, OPTIONS, POST
cache-control
max-age=300
access-control-max-age
300
access-control-allow-origin
https://www.nyasatimes.com
dc_pre=CNr77-S-ivQCFRME4AodtSwFMw;src=8019191;type=invmedia;cat=1up4h04i;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=7111219509845.03
adservice.google.com/ddm/fls/z/ Frame D728 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://adservice.google.com/ddm/fls/z/dc_pre=CNr77-S-ivQCFRME4AodtSwFMw;src=8019191;type=invmedia;cat=1up4h04i;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=7111219509845.03
Requested by
Host: 8019191.fls.doubleclick.net
URL: https://8019191.fls.doubleclick.net/activityi;dc_pre=CNr77-S-ivQCFRME4AodtSwFMw;src=8019191;type=invmedia;cat=1up4h04i;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=7111219509845.03?
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://8019191.fls.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 09 Nov 2021 04:55:54 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
viewability
hal900019.redintelligence.net/ Frame 64AD 		0
150 B 		Script
General
Check archive.org
Download Go to
Full URL
https://hal900019.redintelligence.net/viewability?s=33506400014560200710612011773019&a=8d195320&vb=m
Requested by
Host: hal900019.redintelligence.net
URL: https://hal900019.redintelligence.net/request_content.php?s=33506400014560200710612011773019&a=383cb0cc
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
78.46.90.238 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.238.90.46.78.clients.your-server.de
Software
Apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://hal900019.redintelligence.net/request_content.php?s=33506400014560200710612011773019&a=383cb0cc
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date
Tue, 09 Nov 2021 04:55:54 GMT
Server
Apache
Connection
close
Content-Length
0
Content-Type
text/html; charset=UTF-8
gen_204
pagead2.googlesyndication.com/pagead/ Frame 9D9D 		0
28 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=B_f5UV_-JYdWaGvqx7_UPovSU6AYAAAAAOAHgBAI&bg=!np2lndnNAAYH3anuB907ACkAdvg8Wq4GLhTJpylzIglYa7KABd75CFgF3TWtNA79gDgLE3gpPoFejgIAAABjUgAAAAloAQcKAFRoNDx73k4OjXusrfLsQ6QzMiAVNFo45Nne82_--TkmgXGbNyqqY-8YjkiA3Mf6GphJk4_Hl--PXIbs6UaExm25CvwYeRVedVpNGMthfqF4kxRS9maZAzP5j4cdrYQIF7Vpr6ZLnObdTbqQSGY7ZRaKELuMKEbzTZHXcvE8s4z5-hraE0frVlKxEnyrPpLKsMSk_LaZLpHM21g6T8w5ZWW-9X0DtpS-JSmMVwtg2We9SJ_sjdRXKS33JB1GnNgQbQkoipWkF7T1nvfww-JVnX7tPuHW8cYNTThq6qnI6kewRqcI-lraJn5mR-Hx6eh1TTRe5edBOC1oC8geDtCmeT2X5SPm2RablLFEekH_xfBSKBPHxfXi3ubmNfNodGD8xILnqwxsvY7Zuguw3cy0cmYwIOTFbbTOKn0JZk8XtZqq5ucOIKIMr4N8ccfZuyysp6qKuo1u_gjL9igSdvMLXeiuNjQlldLPHde5IzabNQS0V5CLUtcehn8g7I8YHH_JI7IPXUo1cfyWZwGvhTGPB85Y52OtA4zDBofx16EcrbdwwOxXk8qTOGsnhgxgGobT4x6KI0L_K5TlUrl8fOABIwcrxExYT2YZdfrQTmsbC9O6Lga7Y07ZHVlxCG3FtXI-1nL-hZoZXV4xI6HCUG0Elzes3PMRsET6uoaeMajMEH3v3ZCegI5qx1BmE9fCc0_2fWBPyLJuv1eo2uwgC6W7DLfnoyPtIvkzhvNeZ6N_XUqaOnKUFtrPesAo2Sr66nBEnXU2vS6xyzv5iUGcDeEIIubCnZ4I46oUzUjGHTbqSVYWi90siy7QpiUjFcL7emoM12EHyoIuZGjrnur_sedR-QPhreFmYObAAup0PZltjkY-Ekj1at2fNAgmzTtLkriezEQ70zGiBLBcN8ymWhElh53kq47w9F2VZ91nYvpAXYoeB1SFg-vxJYIjbyX8au3Uwv6NGLXBQyM34QbAgEgqZeiXiHkm-bRR43l9zgJG4XloF2nYWmeHBTDdZWO2YytSq4IE03PTPMMByxUKtck8cisqz-3Jp7wiLSqJirS7A-VtDrxB6hgalqa2R2SA8hPw4JW841DKU7ZZaEaNJkOFaMR-7TH_jg0ODTXnZhebQYfSPIshDxHEQQjyBBASD5s6HYtixMsbr7lIWNdWc0xU79o3UKaUAQyD6Z1o8-DKyr-7sdOIOVX-PV9S-e4
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6272874513322487&output=html&h=90&slotname=8623798812&adk=3893537616&adf=776186306&pi=t.ma~as.8623798812&w=728&psa=0&format=728x90&url=https%3A%2F%2Fwww.nyasatimes.com%2F&ea=0&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1636433743870&bpp=4&bdt=6496&idt=5866&shv=r20211103&mjsv=m202111040101&ptt=9&saldr=aa&correlator=4653366252255&frm=24&ife=3&pv=2&ga_vid=702292323.1636433750&ga_sid=1636433750&ga_hid=1407238254&ga_fc=0&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=728&ish=90&ifk=1565869666&scr_x=-12245933&scr_y=-12245933&eid=44754331%2C31063355%2C31063681&oid=2&pvsid=1907843007424657&pem=848&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.kp2obwvw52ai&fsb=1&dtd=5883
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 09 Nov 2021 04:55:54 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame C6B5 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=224&li=gda_r20211103&jk=1329697686204708&rc=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers
AdServerServlet
vid.pubmatic.com/AdServer/ Frame DDE1 		27 B
356 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://vid.pubmatic.com/AdServer/AdServerServlet?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+7+9+1+1+6&gdpr=0&gdpr_consent=&kadpageurl=https%3A%2F%2Fwww.nyasatimes.com%2F&schain=1.0%2C1%21vidoomy.com%2C62144%2C1%2C7522160614900037660833015059%2C%2C&us_privacy=&cb=1636433754066&SAVersion=2&inIframe=1&pageURL=https%253A%252F%252Fwww.nyasatimes.com%252F&screenResolution=1600x1200&kdntuid=1&vwndh=0&vwndw=0&vwndurl=https%253A%252F%252Fwww.nyasatimes.com%252F&vwndref=&vc=2&js=1&sec=1&kltstamp=2021-11-9%204:55:54&ranreq=0.5081549932655689&timezone=0&depth=0
Requested by
Host: vpaid.pubmatic.com
URL: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr=0&gdpr_consent=&kadpageurl=https%3A%2F%2Fwww.nyasatimes.com%2F&schain=1.0%2C1%21vidoomy.com%2C62144%2C1%2C7522160614900037660833015059%2C%2C
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.111 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
a71702232a771b558b12f8c0012a15f5652b500fd2e33464d283406cee36754d

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 09 Nov 2021 04:55:54 GMT
content-encoding
gzip
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
access-control-allow-origin
https://www.nyasatimes.com
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
x-vdbg
1:0/165:-1
content-type
application/xml; charset=utf-8
PMAdMgr.js
vpaid.pubmatic.com/ads/video/ Frame 5DF3 		152 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr=0&gdpr_consent=&kadpageurl=https%3A%2F%2Fwww.nyasatimes.com%2F&schain=1.0%2C1%21vidoomy.com%2C62144%2C1%2C49000376608330150591668537246%2C%2C
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-233-180.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
f0f6a8b6c19b0c4d1cab075ab2f4f755cfef747424837668e65f431410f816e8

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 09 Nov 2021 04:55:54 GMT
content-encoding
gzip
last-modified
Tue, 10 Aug 2021 05:02:46 GMT
server
Apache/2.2.15 (CentOS)
etag
"1408294-25f9a-5c92d699d3c58"
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=10800
accept-ranges
bytes
content-length
36260
track
aktrack.pubmatic.com/ Frame DDE1 		0
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aktrack.pubmatic.com/track?operId=7&p=156498&s=399115&a=1801592&ts=1636433755&wa=0&e=95&vc=2
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-233-180.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 09 Nov 2021 04:55:54 GMT
content-length
0
content-type
text/html
showad.js
ads.pubmatic.com/AdServer/js/ Frame AE04 		38 KB
14 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/showad.js?
Requested by
Host: vpaid.pubmatic.com
URL: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr=0&gdpr_consent=&kadpageurl=https%3A%2F%2Fwww.nyasatimes.com%2F&schain=1.0%2C1%21vidoomy.com%2C62144%2C1%2C49000376608330150591668537246%2C%2C
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-233-180.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
e2cdec10db9a0a224e9f5e49b6f004c5426564fb8d857ad3df480e9c916bafe6

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

last-modified
Tue, 19 Oct 2021 10:00:01 GMT
etag
"1302647-96ae-5ceb1b98ba7c4"
server
Apache/2.2.15 (CentOS)
accept-ranges
bytes
content-encoding
gzip
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
13882
content-type
text/html; charset=UTF-8
cache-control
public, max-age=87027
expires
Wed, 10 Nov 2021 05:06:21 GMT
date
Tue, 09 Nov 2021 04:55:54 GMT
vary
Accept-Encoding
showad.js
ads.pubmatic.com/AdServer/js/ Frame 5DF3 		38 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/showad.js?
Requested by
Host: vpaid.pubmatic.com
URL: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr=0&gdpr_consent=&kadpageurl=https%3A%2F%2Fwww.nyasatimes.com%2F&schain=1.0%2C1%21vidoomy.com%2C62144%2C1%2C49000376608330150591668537246%2C%2C
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-233-180.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
e2cdec10db9a0a224e9f5e49b6f004c5426564fb8d857ad3df480e9c916bafe6

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 09 Nov 2021 04:55:54 GMT
content-encoding
gzip
last-modified
Tue, 19 Oct 2021 10:00:01 GMT
server
Apache/2.2.15 (CentOS)
etag
"1302647-96ae-5ceb1b98ba7c4"
vary
Accept-Encoding
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
public, max-age=87027
accept-ranges
bytes
content-type
text/html; charset=UTF-8
content-length
13882
expires
Wed, 10 Nov 2021 05:06:21 GMT
t
t.lkqd.net/ Frame F584 		0
166 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://t.lkqd.net/t
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.128.190 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
application/json

Response headers

access-control-allow-origin
https://www.nyasatimes.com
date
Tue, 09 Nov 2021 04:55:54 GMT
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
server
nginx
content-length
0
content-type
text/plain; charset=UTF-8
t
t.lkqd.net/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://t.lkqd.net/t
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.128.190 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type
Origin
https://www.nyasatimes.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

server
nginx
date
Tue, 09 Nov 2021 04:55:54 GMT
content-type
text/plain; charset=UTF-8
content-length
0
access-control-allow-credentials
true
access-control-expose-headers
Content-Type, Content-Disposition
access-control-allow-headers
Content-Type
access-control-allow-methods
GET, OPTIONS, POST
cache-control
max-age=300
access-control-max-age
300
access-control-allow-origin
https://www.nyasatimes.com
zcxQrsBjZtkA-sIi55aDcbNRce-W4yNq16DL4AdK1J0.js
pagead2.googlesyndication.com/bg/ Frame A694 		35 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/zcxQrsBjZtkA-sIi55aDcbNRce-W4yNq16DL4AdK1J0.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
cdcc50aec06366d900fac222e7968371b35171ef96e3236ad7a0cbe0074ad49d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Mon, 08 Nov 2021 20:02:57 GMT
content-encoding
br
x-content-type-options
nosniff
age
31977
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13399
x-xss-protection
0
last-modified
Fri, 29 Oct 2021 13:38:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Tue, 08 Nov 2022 20:02:57 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame 40B1 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstTlh1LLiFdjxEfplgU5FZaLZQT9I8jj48zF-VfmeplS6N1aQqz8hioS3-3L546ix7moXU3dctoj-aG2IeCXA3SSQqYNZ7oVA2KorhR629u8GuqwJOrLrulXDAaQYRex32fzqHa6-W1FflW5UKPfM7I_IcjnkEdB_Ins2D324SriTPTpepsPcxnubHIoCQ2TkklFFMKrsFBRwhZugBNeNviN_2YtIkcFH2bpzY-H_K3X_2G2L_MRSpsEEi72mcqk7NHpxm4r3PykCEvOpERXjX4rXy6h9fpliNqtIEZiLST5xlTK81_aeS2bfOi6RnHkQ&sai=AMfl-YRs9RJoUiYasXhRQLIbfw67bE5QlS4br-0J3mrrop27qW2BEFm8hNYIHH1WOl2ysjeM3PIjAHFDd-EicHb4iXlkr49P9Krqt-423ewCdQ79Ur2ausYbQxogQj54rCY&sig=Cg0ArKJSzLWG4T3NVA5xEAE&uach_m=[UACH]&urlfix=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0%3D&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://40c08bcac5bf885dbd447c370f4f6d6d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 09 Nov 2021 04:55:54 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
expires
Tue, 09 Nov 2021 04:55:54 GMT
sodar
pagead2.googlesyndication.com/getconfig/ Frame 40B1 		12 KB
9 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20211103&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202111040101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-6272874513322487&plah=40c08bcac5bf885dbd447c370f4f6d6d.safeframe.googlesyndication.com&bust=31063681
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
fdd3b7a9d7513226208fcf544105497b89ad561b2fb9e86a6df5b9f6aa1de4cc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://40c08bcac5bf885dbd447c370f4f6d6d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 09 Nov 2021 04:55:54 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9244
x-xss-protection
0
gen_204
pagead2.googlesyndication.com/pagead/ Frame C2B1 		0
28 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=224&t=2&li=gda_r20211103&jk=1329697686204708&bg=!FRalFlLNAAYH3anuB907ACkAdvg8WkULtTnEJKUQ41hxIdFR96jk_lTOo2xpRXTOCuuGgQtWdlE_iwIAAABdUgAAAAZoAQeZAwr5rSQ0xBp1dCfBD41rpj_0oGeK98nbNqRPTH2d4Z6PQSHHwcRBW7ueWl2gppnGs4_99W3TzVtFDJTOLTmeqLKjyGoeTCamyPoC8WHY1kH-El7xg9ni3AV9H-fbOkUKRUhMa8xhVYugBfDXO3LqI5vAoKdXm-MvgFykDnnccDnBPj7VdMFKyLiHdMf-Rdra7qf_3ox5UnWwj9SH3lzrq1J1U7KBBoqtnLhA9thcIvwPmHFyQsdQs2MlTZOTez0s8nqMpFgw0XAinE9vVH-TieqzYQgN9nkyt7aTD4M3mCC7nVrLeVwYy3wGCxu1RGc-7D3GsoSj6fcqfVh7Df4A1wCr3rPvwvpVC1RfxeKSHmz20XvRWasaunSgAqJj8gNOq3OndvXPJ4Ga9b8-cDF3AuqxrnbS5g-MqV_e_F3Nz5Cgk9AUXQnl0bzfwp4Ai3KraKdkIPSQ1Rjb8_RA4F9vH_FEKjTV1h6q3lgR9k61tI0N3PH-JEb6uhabDuOA09EUb5HoNgbWF4-ZMOZR-jQC1bHRR2kFlabWx-5ALXVx3HFGu58AVLsV_0aT86fjWi392yNbR4u4nsKucTu_anTrdum8r50GZE0_bERI1fnPVwkimILyYZv26Uw2DCVDh560YwjRKK2xN7_GtH6Kg4aGhQGWp4STM64TO6RjU97s0mgChPm2LANWURtpNvIAKsXYqdtZjpZltzcftxMhRWLuE7HorikXKN2jU70613kzk5rf78ruWLhcshBwWAvIEVoCLYeR83q6Pu13dcdKG9OUVgXgD_kJKE7PBZPVMOkU0mu2Ept4kwxkENOmFwX55rKj-hORhMhmnzsQQMoeAGnHiN0Uj1D4SavoZS-fPoMr7_8yIsbGaJ03W3JXBGBTIySvVABk5mfoKEkIbBjkO2KF3XACspjH4wIMgiztIoEXuGghvLsbLLtJN5uzBybCEcu013W1n7IupfbO3XZ-0lGjKP1m5zHov4Jv6JHkDlNIfWpxML1YCOX1tJA4b3yY8OCWMJpSABkddagpehp9
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://40c08bcac5bf885dbd447c370f4f6d6d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 09 Nov 2021 04:55:55 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
AdServerServlet
vid.pubmatic.com/AdServer/ Frame 5DF3 		27 B
356 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://vid.pubmatic.com/AdServer/AdServerServlet?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+7+9+1+1+6&gdpr=0&gdpr_consent=&kadpageurl=https%3A%2F%2Fwww.nyasatimes.com%2F&schain=1.0%2C1%21vidoomy.com%2C62144%2C1%2C49000376608330150591668537246%2C%2C&us_privacy=&cb=1636433754685&SAVersion=2&inIframe=1&pageURL=https%253A%252F%252Fwww.nyasatimes.com%252F&screenResolution=1600x1200&kdntuid=1&vwndh=0&vwndw=0&vwndurl=https%253A%252F%252Fwww.nyasatimes.com%252F&vwndref=&vc=2&js=1&sec=1&kltstamp=2021-11-9%204:55:55&ranreq=0.9540755234692442&timezone=0&depth=0
Requested by
Host: vpaid.pubmatic.com
URL: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr=0&gdpr_consent=&kadpageurl=https%3A%2F%2Fwww.nyasatimes.com%2F&schain=1.0%2C1%21vidoomy.com%2C62144%2C1%2C49000376608330150591668537246%2C%2C
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.111 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
a71702232a771b558b12f8c0012a15f5652b500fd2e33464d283406cee36754d

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 09 Nov 2021 04:55:55 GMT
content-encoding
gzip
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
access-control-allow-origin
https://www.nyasatimes.com
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
x-vdbg
1:0/165:-1
content-type
application/xml; charset=utf-8
t
t.lkqd.net/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://t.lkqd.net/t
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.128.190 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type
Origin
https://www.nyasatimes.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

server
nginx
date
Tue, 09 Nov 2021 04:55:55 GMT
content-type
text/plain; charset=UTF-8
content-length
0
access-control-allow-credentials
true
access-control-expose-headers
Content-Type, Content-Disposition
access-control-allow-headers
Content-Type
access-control-allow-methods
GET, OPTIONS, POST
cache-control
max-age=300
access-control-max-age
300
access-control-allow-origin
https://www.nyasatimes.com
t
t.lkqd.net/ Frame F584 		0
166 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://t.lkqd.net/t
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.128.190 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
application/json

Response headers

access-control-allow-origin
https://www.nyasatimes.com
date
Tue, 09 Nov 2021 04:55:55 GMT
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
server
nginx
content-length
0
content-type
text/plain; charset=UTF-8
track
aktrack.pubmatic.com/ Frame 5DF3 		0
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aktrack.pubmatic.com/track?operId=7&p=156498&s=399115&a=1801592&ts=1636433755&wa=0&e=95&vc=2
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-233-180.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 09 Nov 2021 04:55:55 GMT
content-length
0
content-type
text/html
ad
v.lkqd.net/ Frame 239D 		2 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://v.lkqd.net/ad?pid=430&sid=1151941&formats=true&output=vastvpaid&support=html5&execution=outstream&placement=slider&playinit=auto&volume=0&width=400&height=225&gdpr=0&gdprcs=&pageurl=https%3A%2F%2Fwww.nyasatimes.com%2F&dnt=0&c1=&c2=0&c3=1.0%2C1!vidoomy.com%2C62144%2C1%2C&c5=&c6=62144&rnd=49596290&m=
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/formats.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.128.151 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
a098436a5df97c9e10e0870b603556e804b32b071c16c335b7689471c338df0e

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 09 Nov 2021 04:55:55 GMT
content-encoding
gzip
server
nginx
content-type
application/xml; charset=UTF-8
access-control-allow-origin
https://www.nyasatimes.com
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-length
1355
vpaid.js
ad.lkqd.net/vpaid/ Frame 1A95 		230 KB
61 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/formats.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
/
Resource Hash
36ae762191d24727fbba21272ea14872bb7824188961282001d50e67f7b1881c

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 09 Nov 2021 04:55:55 GMT
content-encoding
gzip
last-modified
Tue, 02 Nov 2021 21:06:56 GMT
etag
"cca1f428155a1f13b17a4684f2c8ef1c"
x-hw
1636433755.cds125.am5.hn,1636433755.cds300.am5.c
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=1209600
accept-ranges
bytes
content-length
62015
usync.html
ad.lkqd.net/cookie-sync/ Frame A1E0 		5 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ad.lkqd.net/cookie-sync/usync.html
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
/
Resource Hash
b6ff02c733394664dbb2178c88a0d8ab1292602aaad412e44ee83c3ab7943faf

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

date
Tue, 09 Nov 2021 04:55:55 GMT
content-encoding
gzip
content-length
1909
content-type
text/html
last-modified
Tue, 26 Oct 2021 15:08:45 GMT
accept-ranges
bytes
etag
"10c6626c1705141142b0302e29b3bd0e"
cache-control
public, max-age=1209600
x-hw
1636433755.cds125.am5.hn,1636433755.cds257.am5.c
access-control-allow-origin
*
ad
v.lkqd.net/ Frame 1A95 		104 KB
7 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://v.lkqd.net/ad?pid=430&sid=1151941&formats=true&output=json2&support=html5&execution=outstream&placement=slider&playinit=auto&volume=0&width=400&height=225&gdpr=0&gdprcs=&pageurl=https%3A%2F%2Fwww.nyasatimes.com%2F&dnt=0&c1=&c2=0&c3=1.0%2C1!vidoomy.com%2C62144%2C1%2C&c5=&c6=62144&rnd=49596290&m=&rtv=1&thost=www.nyasatimes.com
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.128.151 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
8b532cfa4638bb3fae52654079210c96bc6cb02a446d86704635e8549c4211cf

Request headers

Referer
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
application/json

Response headers

date
Tue, 09 Nov 2021 04:55:56 GMT
content-encoding
gzip
server
nginx
content-type
application/json
access-control-allow-origin
https://www.nyasatimes.com
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-length
7073
ad
v.lkqd.net/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://v.lkqd.net/ad?pid=430&sid=1151941&formats=true&output=json2&support=html5&execution=outstream&placement=slider&playinit=auto&volume=0&width=400&height=225&gdpr=0&gdprcs=&pageurl=https%3A%2F%2Fwww.nyasatimes.com%2F&dnt=0&c1=&c2=0&c3=1.0%2C1!vidoomy.com%2C62144%2C1%2C&c5=&c6=62144&rnd=49596290&m=&rtv=1&thost=www.nyasatimes.com
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.128.151 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type
Origin
https://www.nyasatimes.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

server
nginx
date
Tue, 09 Nov 2021 04:55:55 GMT
content-length
0
access-control-allow-origin
https://www.nyasatimes.com
access-control-max-age
300
cache-control
max-age=300
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-headers
Content-Type
access-control-expose-headers
Content-Type, Content-Disposition
access-control-allow-credentials
true
cs
cs.lkqd.net/ Frame A1E0 		43 B
308 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.lkqd.net/cs?partnerId=55&redirect=https%3A%2F%2Fidsync.rlcdn.com%2F464986.gif%3Fpartner_uid%3D%24%24rawlkqduserid%24%24&r=if
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/cookie-sync/usync.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.132.196 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ad.lkqd.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 09 Nov 2021 04:55:56 GMT
server
nginx
access-control-max-age
0
access-control-allow-methods
GET
content-type
image/gif
access-control-allow-origin
*
access-control-expose-headers
Content-Type, Content-Disposition
cache-control
max-age=0
access-control-allow-credentials
true
access-control-allow-headers
Content-Type
content-length
43
cs
cs.lkqd.net/ Frame A1E0 		43 B
308 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.lkqd.net/cs?partnerId=103&redirect=https%3A%2F%2Fevent.clientgear.com%2Fcookie%2Flkqd%3Fpartner%3Dlkqd%26cookieid%3D%24%24rawlkqduserid%24%24&r=if
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/cookie-sync/usync.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.132.196 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ad.lkqd.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 09 Nov 2021 04:55:56 GMT
server
nginx
access-control-max-age
0
access-control-allow-methods
GET
content-type
image/gif
access-control-allow-origin
*
access-control-expose-headers
Content-Type, Content-Disposition
cache-control
max-age=0
access-control-allow-credentials
true
access-control-allow-headers
Content-Type
content-length
43
cs
cs.lkqd.net/ Frame A1E0 		43 B
308 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.lkqd.net/cs?partnerId=102&redirect=https%3A%2F%2Fcs.krushmedia.com%2Fcd607442bfdf172cfcec45014a5f4ece.gif%3Fpuid%3D%24%24rawlkqduserid%24%24%26redir%3Dhttps%253A%252F%252Fcs.lkqd.net%252Fcs%253FpartnerId%253D102%2526partnerUserId%253D%255BUID%255D&r=if
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/cookie-sync/usync.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.132.196 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ad.lkqd.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 09 Nov 2021 04:55:56 GMT
server
nginx
access-control-max-age
0
access-control-allow-methods
GET
content-type
image/gif
access-control-allow-origin
*
access-control-expose-headers
Content-Type, Content-Disposition
cache-control
max-age=0
access-control-allow-credentials
true
access-control-allow-headers
Content-Type
content-length
43
cs
cs.lkqd.net/ Frame A1E0 		43 B
308 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.lkqd.net/cs?partnerId=99&redirect=https%3A%2F%2Fc.deployads.com%2Fcs%2FNXST%3Fb%3D%24%24rawlkqduserid%24%24&r=if
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/cookie-sync/usync.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.132.196 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ad.lkqd.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 09 Nov 2021 04:55:56 GMT
server
nginx
access-control-max-age
0
access-control-allow-methods
GET
content-type
image/gif
access-control-allow-origin
*
access-control-expose-headers
Content-Type, Content-Disposition
cache-control
max-age=0
access-control-allow-credentials
true
access-control-allow-headers
Content-Type
content-length
43
cs
cs.lkqd.net/ Frame A1E0
Redirect Chain
  • https://ad.turn.com/r/cs?pid=65
  • https://cs.lkqd.net/cs?partnerId=94&partnerUserId=2910766924132551182
43 B
308 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.lkqd.net/cs?partnerId=94&partnerUserId=2910766924132551182
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/cookie-sync/usync.html
Protocol
H2
Server
146.20.132.196 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ad.lkqd.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 09 Nov 2021 04:55:56 GMT
server
nginx
access-control-max-age
0
access-control-allow-methods
GET
content-type
image/gif
access-control-allow-origin
*
access-control-expose-headers
Content-Type, Content-Disposition
cache-control
max-age=0
access-control-allow-credentials
true
access-control-allow-headers
Content-Type
content-length
43

Redirect headers

location
https://cs.lkqd.net/cs?partnerId=94&partnerUserId=2910766924132551182
pragma
no-cache
date
Tue, 09 Nov 2021 04:55:55 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
0
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"
index.html
s0.2mdn.net/8243461/1635517596078/dis_dbm_2111_ohne-euch-sind-es-nur-moebel_reach_fp_banner_728x90_esszimmer/ Frame 0A64 		4 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/8243461/1635517596078/dis_dbm_2111_ohne-euch-sind-es-nur-moebel_reach_fp_banner_728x90_esszimmer/index.html
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_275.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a6e541472551caa8d2c620d2438679f08bef67374293fda859177346886f988f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://40c08bcac5bf885dbd447c370f4f6d6d.safeframe.googlesyndication.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
access-control-allow-origin
*
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-length
1427
date
Mon, 08 Nov 2021 14:23:52 GMT
expires
Tue, 09 Nov 2021 14:23:52 GMT
last-modified
Fri, 29 Oct 2021 14:26:36 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
age
52324
cache-control
public, max-age=86400
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
view
googleads4.g.doubleclick.net/pcs/ Frame 3C29 		0
571 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjstdK00ea_3OHKQGJQJSSAjhEkNldlt3MU2hD42Ar2Cw7vZmchK0dLlF2HJ-xfXGkZpj-aVCysLT8mzk3briyDScHO8sJbdaFg5twtiOj0TGGGrB9FhbfUP_c51PRGHfLHRXws2e_cggLAW_FzT3eXn0baHqupEGt4p1F7v59z9mbrba62LaLGScRs9lnYP31qssFdAiWqvkQOvIRBOnh01Fc-i3QMl4I_1chi0ioP9Td7CowGk_NBOH9LHHidWNEXHbvQdJytU9OEIObLjGIsVVNKAUVbmU9i1aa2564c55atV6IzwIQu1nLLoKqkQMH_2_w4Tid7KUs9tcsJ1_CenAGsHdqXIgKF8kb6xQAgx-3_LnzcAkJ3PV9pNIVCk3u3iQInFhMEidiklIfTSSs_KftM6FhnoOL50drXb1H58cmykJZ5WSo4lkP3tMW3Ukmn5svOofIObG3aAeG6zgpVsIbSFe-WThDm7R2xkWtgcm7614H2f__aEg6CRqlaDE8m484edNcJ21VP8B0979giMPQF_RR0zxslzB43_WsAzwLHIfi26vRysGHTxjmyT2Zsr2Jvc4RxpU-UgyCMoOKnIPfEt6aP5UWZUnrVxdQkiXRM1BYj6hu63JYE0HTzRhXKWUXIcGdLoI7hZX4xUXu8DgiVC6_rlEgOj2N_aokHaenBi3_aMEXT9vROmV-IivbuKwQppbtkq98b_ViydQfNz5uWyUykvYVgO4D9Yt2JNBzy0XYVtGWDoPah4uQs4plDWHKKSZLUuwAbAsQiMJqGnf_HffbndZd2N7pePBsc8-VsOrLjDrb3DPTIGgGAh4S6NAyKmTE0gE1Fa1iKUU750ovXRIOgm2UMvfOuUY10-Pan3W1Rvp9JoJbt5YUk1liiF2JRmpRWASwfLfgFE8z0K0t5xRWXH5C6sczQH6aYckQF7Vkpdv-GRuj1XCnhLW9sD4P2ej5RN1Tbz3Zpp0IZ19UxQQrUci7-3ahYjpXuVP8JFGaqgASTEBlUvKmw0FfEuicDB6OrFZAZw1cfqgu43I-F3GOOPGPSWqokTbzl238pSsmec1V9L9f5KRXMjOMRwvfkQAnru9_wINvKiM7-AatNmEjxqe6VDSIDaRDL7B-ePsVNSxCAhKpdqw6QzsCX0BuVjEfroQIjE_Enamq2-wMiTByEpY7sbLDjpSQkbtBKCTyqpxswuaB4YN8bJqVeau_Fku7RAtj3GAtL3l6Ym9PmZxyEBzWW4Tnw&sai=AMfl-YQGD77DIF2UZn0udaGgQU7LXL0SxxMEhsE4YrFxDjruvQ4nBI1NkRM64yomgfm9dzf8ahH9iaK-hBHIWJK8ltaN_86LcyvrBeWQCsWbdSnAYIwaztRPy_EV_MzRAFXXBjFqhyp7-89bvmH8wS8P3hjyzgCjw8uuJls-LAw&sig=Cg0ArKJSzGNkkGqPWxXZEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=18198&cbvp=1&cstd=18194&cisv=r20211103.38681&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&adurl=
Requested by
Host: www.nyasatimes.com
URL: https://www.nyasatimes.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.74.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s02-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://40c08bcac5bf885dbd447c370f4f6d6d.safeframe.googlesyndication.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

timing-allow-origin
*
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
date
Tue, 09 Nov 2021 04:55:56 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
sodar2.js
tpc.googlesyndication.com/sodar/ Frame 40B1 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202111040101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-6272874513322487&plah=40c08bcac5bf885dbd447c370f4f6d6d.safeframe.googlesyndication.com&bust=31063681
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a5ead9037af4a0e749e217f63b25a25493a7705e17d98f04b336ab1370a353db
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://40c08bcac5bf885dbd447c370f4f6d6d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 09 Nov 2021 04:55:56 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1624308425655142"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6467
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="adspam-signals-scs"
expires
Tue, 09 Nov 2021 04:55:56 GMT
t
t.lkqd.net/ Frame 2330 		0
166 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://t.lkqd.net/t
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.128.190 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
application/json

Response headers

access-control-allow-origin
https://www.nyasatimes.com
date
Tue, 09 Nov 2021 04:55:56 GMT
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
server
nginx
content-length
0
content-type
text/plain; charset=UTF-8
t
t.lkqd.net/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://t.lkqd.net/t
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.128.190 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type
Origin
https://www.nyasatimes.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

server
nginx
date
Tue, 09 Nov 2021 04:55:56 GMT
content-type
text/plain; charset=UTF-8
content-length
0
access-control-allow-credentials
true
access-control-expose-headers
Content-Type, Content-Disposition
access-control-allow-headers
Content-Type
access-control-allow-methods
GET, OPTIONS, POST
cache-control
max-age=300
access-control-max-age
300
access-control-allow-origin
https://www.nyasatimes.com
/
adx.adform.net/adx/ 		65 B
741 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://adx.adform.net/adx/?mid=970530&t=2&url=https%3A%2F%2Fwww.nyasatimes.com%2F
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.2.237 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
94e4cb19c22e935d07b372642b91d6ef04fa8a8c61aed1bc5b17a5e79cdb6a54
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.nyasatimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 09 Nov 2021 04:55:56 GMT
content-encoding
gzip
vary
Accept-Encoding
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
strict-transport-security
max-age=31536000; includeSubDomains
content-length
173
pragma
no-cache
server
nginx
access-control-max-age
86400
access-control-allow-methods
GET, POST
content-type
text/xml; charset=utf-8
access-control-allow-origin
https://www.nyasatimes.com
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
expires
-1
218945
search.spotxchange.com/vast/2.0/ 		67 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://search.spotxchange.com/vast/2.0/218945?VPAID=JS&content_page_url=https%3A%2F%2Fwww.nyasatimes.com%2F&cb=219024075&player_width=400&player_height=225&regs[gdpr]=0&user[consent]=&device[geo][lat]=&device[geo][lon]=&schain=1.0%2C1%21vidoomy.com%2C62144%2C1%2C2689063147895070768160919743%2C%2C
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
185.94.180.123 Amsterdam, Netherlands, ASN35220 (SPOTX-AMS, US),
Reverse DNS
Software
nginx /
Resource Hash
78e958d620d6e40a19e424eee3a9b23932cd9bfa4d7f736442048777d203052d

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.nyasatimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date
Tue, 09 Nov 2021 04:55:56 GMT
Content-Encoding
gzip
X-SpotX-Timing-Transform
0.000839
X-SpotX-Timing-SpotMarket
0.009801
X-SpotX-Timing-Page-Mux
0.000231
X-SpotX-Timing-Page-Require
0.000382
X-fe
134
Connection
keep-alive
X-SpotX-Timing-Page-Cookie
0.000032
Content-Length
77
X-SpotX-Timing-Page
0.016763
Pragma
no-cache
X-SpotX-Timing-Page-Context
0.000341
Last-Modified
Tue, 09 Nov 2021 04:55:56 GMT
Server
nginx
Cache-Control
no-cache, must-revalidate, post-check=0, pre-check=0
Access-Control-Allow-Methods
POST, GET, PATCH, DELETE, OPTIONS
Vary
Accept-Encoding
X-SpotX-Timing-SpotMarket-Primary
0.009801
Content-Type
text/xml;charset=UTF-8
Access-Control-Allow-Origin
https://www.nyasatimes.com
X-SpotX-Timing-Page-Misc
0.005128
X-SpotX-Timing-Page-Exception
0.000000
X-SpotX-Timing-SpotMarket-Secondary
0.000000
X-SpotX-Timing-Page-URI
0.000009
Access-Control-Allow-Credentials
true
Access-Control-Allow-Headers
Expires
Thu, 01 Jan 1970 00:00:00 GMT
88k_nHSg_6XSp1263gyM+iSSVC+nZNMH
ads.adaptv.advertising.com/a/h/ 		249 B
548 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.adaptv.advertising.com/a/h/88k_nHSg_6XSp1263gyM+iSSVC+nZNMH?cb=947457006&gdpr=0&gdpr_consent=&pageUrl=https%3A%2F%2Fwww.nyasatimes.com%2F&eov=eov&pi.width=400&pi.height=225&pi.viewable=1&scpid=62144&hp=1
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.156.156.223 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-156-156-223.eu-central-1.compute.amazonaws.com
Software
adaptv/1.0 /
Resource Hash
6c138576e7381d3ab0aa7b511adc3a7cbb7fe3a3d33768bad05577f5dfc60cad
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.nyasatimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=31536000
content-encoding
gzip
server
adaptv/1.0
content-type
text/xml
access-control-allow-origin
https://www.nyasatimes.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
Connection
keep-alive
Content-Length
192
expires
0
88k_nHSg_6XSp1263gyM+iSSVC+nZNMH
ads.adaptv.advertising.com/a/h/ 		249 B
548 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.adaptv.advertising.com/a/h/88k_nHSg_6XSp1263gyM+iSSVC+nZNMH?cb=2045871520&gdpr=0&gdpr_consent=&pageUrl=https%3A%2F%2Fwww.nyasatimes.com%2F&eov=eov&pi.width=400&pi.height=225&pi.viewable=1&scpid=62144&hp=1
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.156.156.223 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-156-156-223.eu-central-1.compute.amazonaws.com
Software
adaptv/1.0 /
Resource Hash
6c138576e7381d3ab0aa7b511adc3a7cbb7fe3a3d33768bad05577f5dfc60cad
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.nyasatimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=31536000
content-encoding
gzip
server
adaptv/1.0
content-type
text/xml
access-control-allow-origin
https://www.nyasatimes.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
Connection
keep-alive
Content-Length
192
expires
0
88k_nHSg_6XSp1263gyM+rBJnqbGxDqsAEHMK88FGSM=
ads.adaptv.advertising.com/a/h/ 		249 B
548 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.adaptv.advertising.com/a/h/88k_nHSg_6XSp1263gyM+rBJnqbGxDqsAEHMK88FGSM=?cb=986760194&gdpr=0&gdpr_consent=&pet=preroll&pageUrl=https%3A%2F%2Fwww.nyasatimes.com%2F&eov=eov&pi.width=400&pi.height=225&pi.viewable=1&scpid=62144&hp=1
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.156.156.223 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-156-156-223.eu-central-1.compute.amazonaws.com
Software
adaptv/1.0 /
Resource Hash
6c138576e7381d3ab0aa7b511adc3a7cbb7fe3a3d33768bad05577f5dfc60cad
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.nyasatimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=31536000
content-encoding
gzip
server
adaptv/1.0
content-type
text/xml
access-control-allow-origin
https://www.nyasatimes.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
Connection
keep-alive
Content-Length
192
expires
0
/
adx.adform.net/adx/ 		65 B
741 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://adx.adform.net/adx/?mid=970530&url=https%3A%2F%2Fwww.nyasatimes.com%2F&t=2
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.2.237 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
94e4cb19c22e935d07b372642b91d6ef04fa8a8c61aed1bc5b17a5e79cdb6a54
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.nyasatimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 09 Nov 2021 04:55:56 GMT
content-encoding
gzip
vary
Accept-Encoding
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
strict-transport-security
max-age=31536000; includeSubDomains
content-length
173
pragma
no-cache
server
nginx
access-control-max-age
86400
access-control-allow-methods
GET, POST
content-type
text/xml; charset=utf-8
access-control-allow-origin
https://www.nyasatimes.com
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
expires
-1
vadtag.html
vpaid.pubmatic.com/ads/video/ 		991 B
868 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://vpaid.pubmatic.com/ads/video/vadtag.html?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr=0&gdpr_consent=&kadpageurl=https%3A%2F%2Fwww.nyasatimes.com%2F&schain=1.0%2C1%21vidoomy.com%2C62144%2C1%2C2689063147895070768552256464%2C%2C
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-233-180.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3bfd0c3e905ba53870f039a5764f10011366b69cd3e9c2b5249b2213a7f0ce33

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.nyasatimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 09 Nov 2021 04:55:56 GMT
content-encoding
gzip
server
Apache/2.2.15 (CentOS)
etag
"461ced-23ca-5c92d699e808f"
vary
Origin, Accept-Encoding
content-type
application/xml
access-control-allow-origin
https://www.nyasatimes.com
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-length
608
expires
Tue, 09 Nov 2021 04:55:56 GMT
vadtag.html
vpaid.pubmatic.com/ads/video/ 		992 B
868 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://vpaid.pubmatic.com/ads/video/vadtag.html?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr=0&gdpr_consent=&kadpageurl=https%3A%2F%2Fwww.nyasatimes.com%2F&schain=1.0%2C1%21vidoomy.com%2C62144%2C1%2C11337075022689063147895070768%2C%2C
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-233-180.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
d66696a11951b5cd3c52f3f53bb7a8553eb20dcbd69c8b36a76c6944016f56fe

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.nyasatimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 09 Nov 2021 04:55:56 GMT
content-encoding
gzip
server
Apache/2.2.15 (CentOS)
etag
"461ced-23ca-5c92d699e808f"
vary
Origin, Accept-Encoding
content-type
application/xml
access-control-allow-origin
https://www.nyasatimes.com
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-length
608
expires
Tue, 09 Nov 2021 04:55:56 GMT
vadtag.html
vpaid.pubmatic.com/ads/video/ 		992 B
868 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://vpaid.pubmatic.com/ads/video/vadtag.html?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr=0&gdpr_consent=&kadpageurl=https%3A%2F%2Fwww.nyasatimes.com%2F&schain=1.0%2C1%21vidoomy.com%2C62144%2C1%2C26890631478950707681670983559%2C%2C
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-233-180.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
2a30ee5663693b43b5a46c0810c2a99f2bbb0affff9a40d149e29d004f882067

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.nyasatimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 09 Nov 2021 04:55:56 GMT
content-encoding
gzip
server
Apache/2.2.15 (CentOS)
etag
"461ced-23ca-5c92d699e808f"
vary
Origin, Accept-Encoding
content-type
application/xml
access-control-allow-origin
https://www.nyasatimes.com
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-length
608
expires
Tue, 09 Nov 2021 04:55:56 GMT
LyoDzRX0cOv8KcvlY2oOQnb1IeL0zelHZZQf70KjSEs=
ads.adaptv.advertising.com/a/h/ 		249 B
548 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.adaptv.advertising.com/a/h/LyoDzRX0cOv8KcvlY2oOQnb1IeL0zelHZZQf70KjSEs=?cb=493929132&gdpr=0&gdpr_consent=&pet=preroll&pageUrl=https%3A%2F%2Fwww.nyasatimes.com%2F&eov=eov&pi.width=400&pi.height=225&pi.viewable=1&scpid=62144&hp=1
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.156.156.223 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-156-156-223.eu-central-1.compute.amazonaws.com
Software
adaptv/1.0 /
Resource Hash
6c138576e7381d3ab0aa7b511adc3a7cbb7fe3a3d33768bad05577f5dfc60cad
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.nyasatimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=31536000
content-encoding
gzip
server
adaptv/1.0
content-type
text/xml
access-control-allow-origin
https://www.nyasatimes.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
Connection
keep-alive
Content-Length
192
expires
0
t
t.lkqd.net/ Frame 2330 		0
166 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://t.lkqd.net/t
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.128.190 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
application/json

Response headers

access-control-allow-origin
https://www.nyasatimes.com
date
Tue, 09 Nov 2021 04:55:56 GMT
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
server
nginx
content-length
0
content-type
text/plain; charset=UTF-8
t
t.lkqd.net/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://t.lkqd.net/t
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.128.190 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type
Origin
https://www.nyasatimes.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

server
nginx
date
Tue, 09 Nov 2021 04:55:56 GMT
content-type
text/plain; charset=UTF-8
content-length
0
access-control-allow-credentials
true
access-control-expose-headers
Content-Type, Content-Disposition
access-control-allow-headers
Content-Type
access-control-allow-methods
GET, OPTIONS, POST
cache-control
max-age=300
access-control-max-age
300
access-control-allow-origin
https://www.nyasatimes.com
t
t.lkqd.net/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://t.lkqd.net/t
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.128.190 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type
Origin
https://www.nyasatimes.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

server
nginx
date
Tue, 09 Nov 2021 04:55:56 GMT
content-type
text/plain; charset=UTF-8
content-length
0
access-control-allow-credentials
true
access-control-expose-headers
Content-Type, Content-Disposition
access-control-allow-headers
Content-Type
access-control-allow-methods
GET, OPTIONS, POST
cache-control
max-age=300
access-control-max-age
300
access-control-allow-origin
https://www.nyasatimes.com
t
t.lkqd.net/ Frame 2330 		0
166 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://t.lkqd.net/t
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.128.190 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
application/json

Response headers

access-control-allow-origin
https://www.nyasatimes.com
date
Tue, 09 Nov 2021 04:55:56 GMT
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
server
nginx
content-length
0
content-type
text/plain; charset=UTF-8
truncated
/ Frame 1A95 		35 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
90252ef0aa9e3d36c861bbeaa1bd57b7f855333edf2957ab9473838a52e2dd7f

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Content-Type
image/gif
ad.js
ad.lkqd.net/vpaid/ Frame 85CA 		8 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ad.lkqd.net/vpaid/ad.js
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
/
Resource Hash
4a85bbd945d370b499409eeca2ac0a1ca75110c514373441b77a8ec397c4d7db

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 09 Nov 2021 04:55:56 GMT
content-encoding
gzip
last-modified
Fri, 20 Dec 2019 22:17:27 GMT
etag
"b701f7cb2e7466f01798a9e3c2203ca5"
x-hw
1636433756.cds125.am5.hn,1636433756.cds003.am5.c
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=1209600
accept-ranges
bytes
content-length
2049
6C716B1A6B5DFD75BCB2CA0856183041_0x0_19.mp4
creative.lkqd.net/430/video/ 		1 MB
1 MB 		Media
General
Check archive.org
Download Go to
Full URL
https://creative.lkqd.net/430/video/6C716B1A6B5DFD75BCB2CA0856183041_0x0_19.mp4
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
/
Resource Hash
e9ff798ed2c556ac8cb142ab26ac60986ecda39403602245bda4bfe276852366

Request headers

Referer
https://www.nyasatimes.com/
Accept-Encoding
identity;q=1, *;q=0
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Range
bytes=0-

Response headers

date
Tue, 09 Nov 2021 04:55:56 GMT
last-modified
Mon, 25 Oct 2021 19:59:16 GMT
access-control-allow-origin
*
etag
"ae19c37f6448997f4debdb9c02987ab3"
x-hw
1636433756.cds154.am5.hn,1636433756.cds018.am5.c
content-type
video/mp4
Content-Range
bytes 0-1099433/1099434
cache-control
public, max-age=1209600
accept-ranges
bytes
Content-Length
1099434
t
t.lkqd.net/ Frame 2330 		0
166 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://t.lkqd.net/t
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.128.190 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
application/json

Response headers

access-control-allow-origin
https://www.nyasatimes.com
date
Tue, 09 Nov 2021 04:55:56 GMT
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
server
nginx
content-length
0
content-type
text/plain; charset=UTF-8
t
t.lkqd.net/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://t.lkqd.net/t
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.128.190 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type
Origin
https://www.nyasatimes.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

server
nginx
date
Tue, 09 Nov 2021 04:55:56 GMT
content-type
text/plain; charset=UTF-8
content-length
0
access-control-allow-credentials
true
access-control-expose-headers
Content-Type, Content-Disposition
access-control-allow-headers
Content-Type
access-control-allow-methods
GET, OPTIONS, POST
cache-control
max-age=300
access-control-max-age
300
access-control-allow-origin
https://www.nyasatimes.com
framework.css
s0.2mdn.net/8243461/1635517596078/dis_dbm_2111_ohne-euch-sind-es-nur-moebel_reach_fp_banner_728x90_esszimmer/styles/ Frame 0A64 		7 KB
781 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/8243461/1635517596078/dis_dbm_2111_ohne-euch-sind-es-nur-moebel_reach_fp_banner_728x90_esszimmer/styles/framework.css
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/8243461/1635517596078/dis_dbm_2111_ohne-euch-sind-es-nur-moebel_reach_fp_banner_728x90_esszimmer/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7b52e3c4c37ea20ba19251a2d6a41793d3cf0a84a612a0618dbdba55fc555e9e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/8243461/1635517596078/dis_dbm_2111_ohne-euch-sind-es-nur-moebel_reach_fp_banner_728x90_esszimmer/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Mon, 08 Nov 2021 14:23:54 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
52322
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
755
x-xss-protection
0
last-modified
Fri, 29 Oct 2021 14:26:36 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 09 Nov 2021 14:23:54 GMT
framework.js
s0.2mdn.net/8243461/1635517596078/dis_dbm_2111_ohne-euch-sind-es-nur-moebel_reach_fp_banner_728x90_esszimmer/scripts/ Frame 0A64 		565 B
338 B 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/8243461/1635517596078/dis_dbm_2111_ohne-euch-sind-es-nur-moebel_reach_fp_banner_728x90_esszimmer/scripts/framework.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/8243461/1635517596078/dis_dbm_2111_ohne-euch-sind-es-nur-moebel_reach_fp_banner_728x90_esszimmer/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
215f500ae1db630213530e7682c7bc7c64a72a85b8e3e51c9b56a97436d9e05e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/8243461/1635517596078/dis_dbm_2111_ohne-euch-sind-es-nur-moebel_reach_fp_banner_728x90_esszimmer/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Mon, 08 Nov 2021 14:23:54 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
52322
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
312
x-xss-protection
0
last-modified
Fri, 29 Oct 2021 14:26:36 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 09 Nov 2021 14:23:54 GMT
truncated
/ 		477 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
f9a8536bd32bcd9ecba5f08463ea344cfbcf4a2e0c1af51ce14089dcd4dbac51

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Content-Type
image/png
dvtp_src.js
cdn.doubleverify.com/ Frame F511 		8 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.doubleverify.com/dvtp_src.js?ctx=21728770&cmp=DV485761&sid=Verve&plc=Verve-IQM_20210404001_VidJS&adsrv=0&advid=3891363&dvtagver=6.1.src&ppid=302&DVP_PP_IMP_ID=2689063147895070768&DVP_DV_TT=1&DVP_DV_CT=2&tagtype=video&DVP_C1=&DVP_C2=&DVP_PUB=430&DVP_SITE=1151941&DVP_CRT=1062085&DVP_PP_BUNDLE_ID=&DVP_PP_AUCTION_IP=&DVPX_PP_AUCTION_UA=Mozilla%2F5.0%20%28Windows%20NT%2010.0%3B%20Win64%3B%20x64%29%20AppleWebKit%2F537.36%20%28KHTML%2C%20like%20Gecko%29%20Chrome%2F95.0.4638.54%20Safari%2F537.36&turl=https%3A%2F%2Fwww.nyasatimes.com%2F
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00:286::4469 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
5dd139490465c0d5b42eb905451078a5ee84b5c220d6af5b143af49247a8ecf5

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date
Tue, 09 Nov 2021 04:55:56 GMT
Content-Encoding
gzip
Last-Modified
Wed, 03 Nov 2021 18:25:49 GMT
Server
Microsoft-IIS/10.0
ETag
"80f4b239e0d0d71:0"
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
max-age=900
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
3288
t
t.lkqd.net/ Frame 2330 		0
166 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://t.lkqd.net/t
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.128.190 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
application/json

Response headers

access-control-allow-origin
https://www.nyasatimes.com
date
Tue, 09 Nov 2021 04:55:56 GMT
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
server
nginx
content-length
0
content-type
text/plain; charset=UTF-8
pixel.jpg
server-204.lkqd.net/ Frame 1A95 		0
101 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://server-204.lkqd.net/pixel.jpg?adSource=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.205.28.1 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx/1.21.0 / Express
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; preload

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 09 Nov 2021 04:55:56 GMT
server
nginx/1.21.0
x-powered-by
Express
strict-transport-security
max-age=2592000; preload
t
t.lkqd.net/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://t.lkqd.net/t
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.128.190 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type
Origin
https://www.nyasatimes.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

server
nginx
date
Tue, 09 Nov 2021 04:55:56 GMT
content-type
text/plain; charset=UTF-8
content-length
0
access-control-allow-credentials
true
access-control-expose-headers
Content-Type, Content-Disposition
access-control-allow-headers
Content-Type
access-control-allow-methods
GET, OPTIONS, POST
cache-control
max-age=300
access-control-max-age
300
access-control-allow-origin
https://www.nyasatimes.com
p2
sb.scorecardresearch.com/ Frame 1A95
Redirect Chain
  • https://sb.scorecardresearch.com/p?C1=1&C2=23229166&C3=platform&C5=01&C7=https://www.nyasatimes.com/
  • https://sb.scorecardresearch.com/p2?C1=1&C2=23229166&C3=platform&C5=01&C7=https%3A%2F%2Fwww.nyasatimes.com%2F
64 B
330 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sb.scorecardresearch.com/p2?C1=1&C2=23229166&C3=platform&C5=01&C7=https%3A%2F%2Fwww.nyasatimes.com%2F
Protocol
H2
Server
143.204.98.125 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-98-125.fra50.r.cloudfront.net
Software
/
Resource Hash
831b0d6cde4541d363bb7a67eb49010fc5fd717dda4b9c3187dd3207b1da56cd

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 09 Nov 2021 04:55:56 GMT
via
1.1 c6702f5f3b6e77da6f394e67ef1a6aab.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA50-C1
etag
W/"40-jHLN3x5dWpBzaQm4lkBmDWvrjrg"
x-cache
Miss from cloudfront
content-type
image/gif; charset=utf-8
content-length
64
x-amz-cf-id
iT-bGx_AR9reafUAVqRph9ruwECN6aqY6BLRq8H2Ml6JOk1eoZHrEQ==

Redirect headers

date
Tue, 09 Nov 2021 04:55:56 GMT
via
1.1 c6702f5f3b6e77da6f394e67ef1a6aab.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA50-C1
vary
Accept
x-cache
Miss from cloudfront
content-type
text/plain; charset=utf-8
location
https://sb.scorecardresearch.com/p2?C1=1&C2=23229166&C3=platform&C5=01&C7=https%3A%2F%2Fwww.nyasatimes.com%2F
content-length
131
x-amz-cf-id
ba1E0ouJ2555ORampzpe_5UwpOH21Zhr9Lp-GuSef7lGJ1b0is1zvQ==
p2
sb.scorecardresearch.com/ Frame 1A95
Redirect Chain
  • https://sb.scorecardresearch.com/p?c1=2&c2=23229166&c3=platform&ns_ap_sv=2.1511.10&ns_type=hidden&ns_st_it=a&ns_st_sv=4.0.0&ns_st_ad=1&ns_st_sq=1&ns_st_id=1636433756&ns_st_ec=1&ns_st_cn=1&ns_st_ev=...
  • https://sb.scorecardresearch.com/p2?c1=2&c2=23229166&c3=platform&ns_ap_sv=2.1511.10&ns_type=hidden&ns_st_it=a&ns_st_sv=4.0.0&ns_st_ad=1&ns_st_sq=1&ns_st_id=1636433756&ns_st_ec=1&ns_st_cn=1&ns_st_ev...
64 B
330 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sb.scorecardresearch.com/p2?c1=2&c2=23229166&c3=platform&ns_ap_sv=2.1511.10&ns_type=hidden&ns_st_it=a&ns_st_sv=4.0.0&ns_st_ad=1&ns_st_sq=1&ns_st_id=1636433756&ns_st_ec=1&ns_st_cn=1&ns_st_ev=play&ns_st_ct=va&ns_st_cl=15000&ns_st_pt=0&ns_ts=1636433756
Protocol
H2
Server
143.204.98.125 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-98-125.fra50.r.cloudfront.net
Software
/
Resource Hash
831b0d6cde4541d363bb7a67eb49010fc5fd717dda4b9c3187dd3207b1da56cd

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 09 Nov 2021 04:55:56 GMT
via
1.1 c6702f5f3b6e77da6f394e67ef1a6aab.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA50-C1
etag
W/"40-jHLN3x5dWpBzaQm4lkBmDWvrjrg"
x-cache
Miss from cloudfront
content-type
image/gif; charset=utf-8
content-length
64
x-amz-cf-id
AfMCGOrK-iSpalkb1CKqyDDMddHVJWhmEJVqv1aXp8BA7tYp0nrWYQ==

Redirect headers

date
Tue, 09 Nov 2021 04:55:56 GMT
via
1.1 c6702f5f3b6e77da6f394e67ef1a6aab.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA50-C1
vary
Accept
x-cache
Miss from cloudfront
content-type
text/plain; charset=utf-8
location
https://sb.scorecardresearch.com/p2?c1=2&c2=23229166&c3=platform&ns_ap_sv=2.1511.10&ns_type=hidden&ns_st_it=a&ns_st_sv=4.0.0&ns_st_ad=1&ns_st_sq=1&ns_st_id=1636433756&ns_st_ec=1&ns_st_cn=1&ns_st_ev=play&ns_st_ct=va&ns_st_cl=15000&ns_st_pt=0&ns_ts=1636433756
content-length
279
x-amz-cf-id
wfpsxnU1tPCx1jh00Waq-adjKPE7leJS_n5hmK5EqxS0gzn_5C-aXg==
bg.jpg
s0.2mdn.net/8243461/1635517596078/dis_dbm_2111_ohne-euch-sind-es-nur-moebel_reach_fp_banner_728x90_esszimmer/images/ Frame 0A64 		29 KB
29 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/8243461/1635517596078/dis_dbm_2111_ohne-euch-sind-es-nur-moebel_reach_fp_banner_728x90_esszimmer/images/bg.jpg
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/8243461/1635517596078/dis_dbm_2111_ohne-euch-sind-es-nur-moebel_reach_fp_banner_728x90_esszimmer/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a37da40dabd3be0226a7f201691d6ddc8c85aac380ae40503e93967cba448c81
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/8243461/1635517596078/dis_dbm_2111_ohne-euch-sind-es-nur-moebel_reach_fp_banner_728x90_esszimmer/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Mon, 08 Nov 2021 14:23:54 GMT
x-content-type-options
nosniff
age
52322
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
29967
x-xss-protection
0
last-modified
Fri, 29 Oct 2021 14:26:36 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 09 Nov 2021 14:23:54 GMT
content_1.png
s0.2mdn.net/8243461/1635517596078/dis_dbm_2111_ohne-euch-sind-es-nur-moebel_reach_fp_banner_728x90_esszimmer/images/ Frame 0A64 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/8243461/1635517596078/dis_dbm_2111_ohne-euch-sind-es-nur-moebel_reach_fp_banner_728x90_esszimmer/images/content_1.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/8243461/1635517596078/dis_dbm_2111_ohne-euch-sind-es-nur-moebel_reach_fp_banner_728x90_esszimmer/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6112d5eb4afffc449d90da6aa62c18da1d874c8608b8f6cce8724c1dd7d1f037
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/8243461/1635517596078/dis_dbm_2111_ohne-euch-sind-es-nur-moebel_reach_fp_banner_728x90_esszimmer/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Mon, 08 Nov 2021 16:53:26 GMT
x-content-type-options
nosniff
age
43350
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2269
x-xss-protection
0
last-modified
Fri, 29 Oct 2021 14:26:36 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 09 Nov 2021 16:53:26 GMT
content_2.png
s0.2mdn.net/8243461/1635517596078/dis_dbm_2111_ohne-euch-sind-es-nur-moebel_reach_fp_banner_728x90_esszimmer/images/ Frame 0A64 		15 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/8243461/1635517596078/dis_dbm_2111_ohne-euch-sind-es-nur-moebel_reach_fp_banner_728x90_esszimmer/images/content_2.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/8243461/1635517596078/dis_dbm_2111_ohne-euch-sind-es-nur-moebel_reach_fp_banner_728x90_esszimmer/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
04fef9fcaaf58528afc6c99dc04176325d10f353b2594e08184636c316bd7896
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/8243461/1635517596078/dis_dbm_2111_ohne-euch-sind-es-nur-moebel_reach_fp_banner_728x90_esszimmer/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Mon, 08 Nov 2021 14:23:54 GMT
x-content-type-options
nosniff
age
52322
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
14966
x-xss-protection
0
last-modified
Fri, 29 Oct 2021 14:26:36 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 09 Nov 2021 14:23:54 GMT
content_3.png
s0.2mdn.net/8243461/1635517596078/dis_dbm_2111_ohne-euch-sind-es-nur-moebel_reach_fp_banner_728x90_esszimmer/images/ Frame 0A64 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/8243461/1635517596078/dis_dbm_2111_ohne-euch-sind-es-nur-moebel_reach_fp_banner_728x90_esszimmer/images/content_3.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/8243461/1635517596078/dis_dbm_2111_ohne-euch-sind-es-nur-moebel_reach_fp_banner_728x90_esszimmer/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e31d5a659fdfb2053682630304b9ae1645deacd877ae8211e233d40a733f25bd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/8243461/1635517596078/dis_dbm_2111_ohne-euch-sind-es-nur-moebel_reach_fp_banner_728x90_esszimmer/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Mon, 08 Nov 2021 16:53:26 GMT
x-content-type-options
nosniff
age
43350
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4044
x-xss-protection
0
last-modified
Fri, 29 Oct 2021 14:26:36 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 09 Nov 2021 16:53:26 GMT
cta.png
s0.2mdn.net/8243461/1635517596078/dis_dbm_2111_ohne-euch-sind-es-nur-moebel_reach_fp_banner_728x90_esszimmer/images/ Frame 0A64 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/8243461/1635517596078/dis_dbm_2111_ohne-euch-sind-es-nur-moebel_reach_fp_banner_728x90_esszimmer/images/cta.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/8243461/1635517596078/dis_dbm_2111_ohne-euch-sind-es-nur-moebel_reach_fp_banner_728x90_esszimmer/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
84d236d37eb9739dad295d0b8e4762a2c9d574121163582e42f6ae101a6d30fe
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/8243461/1635517596078/dis_dbm_2111_ohne-euch-sind-es-nur-moebel_reach_fp_banner_728x90_esszimmer/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Mon, 08 Nov 2021 14:23:54 GMT
x-content-type-options
nosniff
age
52322
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3043
x-xss-protection
0
last-modified
Fri, 29 Oct 2021 14:26:36 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 09 Nov 2021 14:23:54 GMT
dv-measurements1800.js
cdn.doubleverify.com/ Frame B6EB 		495 KB
90 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.doubleverify.com/dv-measurements1800.js
Requested by
Host: www.nyasatimes.com
URL: https://www.nyasatimes.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00:286::4469 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
3c2c5e8ce71da5f920b37260c35faad806880a17d60b6b93e35e1200763a6733

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date
Tue, 09 Nov 2021 04:55:56 GMT
Content-Encoding
gzip
Last-Modified
Wed, 06 Oct 2021 09:46:20 GMT
Server
Microsoft-IIS/10.0
ETag
"0fef5397bad71:0"
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
max-age=946080900
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
91601
visit.js
tps.doubleverify.com/ Frame B6EB 		7 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tps.doubleverify.com/visit.js?gdpr=&gdpr_consent=&ttmms=50&ttfrms=28&brid=3&brver=95.0.4638.54&bridua=3&bds=1&tstype=2&eparams=DC4FC%3Dl9EEADTbpTauTauHHH%5D%3FJ2D2E%3A%3E6D%5D4%40%3ETauU2%3F4r92%3A%3Fl9EEADTbpTauTauHHH%5D%3FJ2D2E%3A%3E6D%5D4%40%3ETar23%40FETbpTauTau&srcurlD=0&aUrlD=0&ssl=https:&prplyd=1&dfs=8&ddur=59&uid=1636433756559652&jsCallback=dvCallback_1636433756559524&dvtagver=6.1.src&navUa=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F95.0.4638.54%20Safari%2F537.36&htmlmsging=1&chro=1&hist=2&winh=1200&winw=1600&wouh=1200&wouw=1600&scah=1200&scaw=1600&jsver=1800&tgjsver=1800&lvvn=28&m1=13&refD=1&referrer=about%3Ablank&fwc=9&fcl=433&flt=0&fec=1547&fcifrms=29&brh=2&sdf=2&dvp_epl=139&noc=4&ctx=21728770&cmp=DV485761&sid=Verve&plc=Verve-IQM_20210404001_VidJS&adsrv=0&advid=3891363&tagtype=video&turl=https%3A%2F%2Fwww.nyasatimes.com%2F&isdvvid=1&errorURL=https://tps.doubleverify.com/visit.jpg&ppid=302&mib=0&DVP_PP_IMP_ID=2689063147895070768&DVP_DV_TT=1&DVP_DV_CT=2&DVP_PUB=430&DVP_SITE=1151941&DVP_CRT=1062085&DVPX_PP_AUCTION_UA=Mozilla%252F5.0%2520%2528Windows%2520NT%252010.0%253B%2520Win64%253B%2520x64%2529%2520AppleWebKit%252F537.36%2520%2528KHTML%252C%2520like%2520Gecko%2529%2520Chrome%252F95.0.4638.54%2520Safari%252F537.36&dvp_rcp=2&dvp_htec=2&dvp_seem=2&dvp_tuk=1&dvp_sukv=136664210642.13075&dvp_tukv=258352493.37926045&dvp_uuid=23497072927.37486&dvp_tuid=60329885743
Requested by
Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dv-measurements1800.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
213.254.244.20 , United States, ASN36062 (DOUBLE-VERIFY, US),
Reverse DNS
Software
/
Resource Hash
550ae0aec02409dd4ee928a4ec2e3f05245927cf5856da2707dabd37ffc11110

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 09 Nov 2021 04:55:56 GMT
Content-Encoding
gzip
Vary
Accept-Encoding
Content-Type
text/javascript; charset=utf-8
Cache-Control
max-age=0
Transfer-Encoding
chunked
Expires
11/8/2021 4:55:56 AM
t
t.lkqd.net/ Frame 2330 		0
166 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://t.lkqd.net/t
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.128.190 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
application/json

Response headers

access-control-allow-origin
https://www.nyasatimes.com
date
Tue, 09 Nov 2021 04:55:56 GMT
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
server
nginx
content-length
0
content-type
text/plain; charset=UTF-8
t
t.lkqd.net/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://t.lkqd.net/t
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.128.190 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type
Origin
https://www.nyasatimes.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

server
nginx
date
Tue, 09 Nov 2021 04:55:56 GMT
content-type
text/plain; charset=UTF-8
content-length
0
access-control-allow-credentials
true
access-control-expose-headers
Content-Type, Content-Disposition
access-control-allow-headers
Content-Type
access-control-allow-methods
GET, OPTIONS, POST
cache-control
max-age=300
access-control-max-age
300
access-control-allow-origin
https://www.nyasatimes.com
t
t.lkqd.net/ Frame 2330 		0
166 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://t.lkqd.net/t
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.128.190 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
application/json

Response headers

access-control-allow-origin
https://www.nyasatimes.com
date
Tue, 09 Nov 2021 04:55:56 GMT
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
server
nginx
content-length
0
content-type
text/plain; charset=UTF-8
t
t.lkqd.net/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://t.lkqd.net/t
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.128.190 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type
Origin
https://www.nyasatimes.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

server
nginx
date
Tue, 09 Nov 2021 04:55:56 GMT
content-type
text/plain; charset=UTF-8
content-length
0
access-control-allow-credentials
true
access-control-expose-headers
Content-Type, Content-Disposition
access-control-allow-headers
Content-Type
access-control-allow-methods
GET, OPTIONS, POST
cache-control
max-age=300
access-control-max-age
300
access-control-allow-origin
https://www.nyasatimes.com
runner.html
tpc.googlesyndication.com/sodar/sodar2/224/ Frame 136C 		12 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4fa0156d693856f79289525c8e4db988a188d55ce0283351c96d811c7ce3e2c3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://40c08bcac5bf885dbd447c370f4f6d6d.safeframe.googlesyndication.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy-report-only
same-origin; report-to="adspam-signals-scs"
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-length
5029
date
Mon, 08 Nov 2021 19:53:47 GMT
expires
Tue, 08 Nov 2022 19:53:47 GMT
last-modified
Wed, 02 Jun 2021 17:09:45 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, max-age=31536000
age
32530
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
aframe
www.google.com/recaptcha/api2/ Frame 3D55 		783 B
536 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
628836fc372e7998a50a99e0133e15f2fef48bbd257ffeb10e32c9c5989bb0ac
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-Zd8/fOUB32SR5PCxnBcGYw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://40c08bcac5bf885dbd447c370f4f6d6d.safeframe.googlesyndication.com/

Response headers

cross-origin-resource-policy
cross-origin
cross-origin-embedder-policy
require-corp
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
expires
Tue, 09 Nov 2021 04:55:57 GMT
date
Tue, 09 Nov 2021 04:55:57 GMT
cache-control
private, max-age=300
content-type
text/html; charset=utf-8
content-security-policy
script-src 'report-sample' 'nonce-Zd8/fOUB32SR5PCxnBcGYw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding
gzip
x-content-type-options
nosniff
x-xss-protection
1; mode=block
content-length
514
server
GSE
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
sodar
pagead2.googlesyndication.com/pagead/ Frame 3D55 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=224&li=gda_r20211103&jk=1907843007424657&rc=
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/aframe
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers
view
googleads4.g.doubleclick.net/pcs/ Frame 3C29 		0
23 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjstdK00ea_3OHKQGJQJSSAjhEkNldlt3MU2hD42Ar2Cw7vZmchK0dLlF2HJ-xfXGkZpj-aVCysLT8mzk3briyDScHO8sJbdaFg5twtiOj0TGGGrB9FhbfUP_c51PRGHfLHRXws2e_cggLAW_FzT3eXn0baHqupEGt4p1F7v59z9mbrba62LaLGScRs9lnYP31qssFdAiWqvkQOvIRBOnh01Fc-i3QMl4I_1chi0ioP9Td7CowGk_NBOH9LHHidWNEXHbvQdJytU9OEIObLjGIsVVNKAUVbmU9i1aa2564c55atV6IzwIQu1nLLoKqkQMH_2_w4Tid7KUs9tcsJ1_CenAGsHdqXIgKF8kb6xQAgx-3_LnzcAkJ3PV9pNIVCk3u3iQInFhMEidiklIfTSSs_KftM6FhnoOL50drXb1H58cmykJZ5WSo4lkP3tMW3Ukmn5svOofIObG3aAeG6zgpVsIbSFe-WThDm7R2xkWtgcm7614H2f__aEg6CRqlaDE8m484edNcJ21VP8B0979giMPQF_RR0zxslzB43_WsAzwLHIfi26vRysGHTxjmyT2Zsr2Jvc4RxpU-UgyCMoOKnIPfEt6aP5UWZUnrVxdQkiXRM1BYj6hu63JYE0HTzRhXKWUXIcGdLoI7hZX4xUXu8DgiVC6_rlEgOj2N_aokHaenBi3_aMEXT9vROmV-IivbuKwQppbtkq98b_ViydQfNz5uWyUykvYVgO4D9Yt2JNBzy0XYVtGWDoPah4uQs4plDWHKKSZLUuwAbAsQiMJqGnf_HffbndZd2N7pePBsc8-VsOrLjDrb3DPTIGgGAh4S6NAyKmTE0gE1Fa1iKUU750ovXRIOgm2UMvfOuUY10-Pan3W1Rvp9JoJbt5YUk1liiF2JRmpRWASwfLfgFE8z0K0t5xRWXH5C6sczQH6aYckQF7Vkpdv-GRuj1XCnhLW9sD4P2ej5RN1Tbz3Zpp0IZ19UxQQrUci7-3ahYjpXuVP8JFGaqgASTEBlUvKmw0FfEuicDB6OrFZAZw1cfqgu43I-F3GOOPGPSWqokTbzl238pSsmec1V9L9f5KRXMjOMRwvfkQAnru9_wINvKiM7-AatNmEjxqe6VDSIDaRDL7B-ePsVNSxCAhKpdqw6QzsCX0BuVjEfroQIjE_Enamq2-wMiTByEpY7sbLDjpSQkbtBKCTyqpxswuaB4YN8bJqVeau_Fku7RAtj3GAtL3l6Ym9PmZxyEBzWW4Tnw&sai=AMfl-YQGD77DIF2UZn0udaGgQU7LXL0SxxMEhsE4YrFxDjruvQ4nBI1NkRM64yomgfm9dzf8ahH9iaK-hBHIWJK8ltaN_86LcyvrBeWQCsWbdSnAYIwaztRPy_EV_MzRAFXXBjFqhyp7-89bvmH8wS8P3hjyzgCjw8uuJls-LAw&sig=Cg0ArKJSzGNkkGqPWxXZEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=19611&vt=11&dtpt=1413&dett=3&cstd=18194&cisv=r20211103.38681&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&adurl=
Requested by
Host: www.nyasatimes.com
URL: https://www.nyasatimes.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.74.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s02-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://40c08bcac5bf885dbd447c370f4f6d6d.safeframe.googlesyndication.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

timing-allow-origin
*
date
Tue, 09 Nov 2021 04:55:57 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
zcxQrsBjZtkA-sIi55aDcbNRce-W4yNq16DL4AdK1J0.js
pagead2.googlesyndication.com/bg/ Frame 136C 		35 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/zcxQrsBjZtkA-sIi55aDcbNRce-W4yNq16DL4AdK1J0.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
cdcc50aec06366d900fac222e7968371b35171ef96e3236ad7a0cbe0074ad49d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Mon, 08 Nov 2021 20:02:57 GMT
content-encoding
br
x-content-type-options
nosniff
age
31980
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13399
x-xss-protection
0
last-modified
Fri, 29 Oct 2021 13:38:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Tue, 08 Nov 2022 20:02:57 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 40B1 		0
28 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=224&t=2&li=gda_r20211103&jk=1907843007424657&bg=!cnGlcTXNAAYH3anuB907ACkAdvg8WkPTsU9yOqVd7Za6uZamYdLj2e9gVuAotYBG9QTZId7rwgEF1gIAAABlUgAAAAxoAQeZAvs05UsvEKQc0lNUfJODNcWlgtcGvVxNq-L6cqBmYDZ21EHC_Zqll01b-OqOtcLfegAU_nQHtMnlqCzazY8WaM0YlQ3dXFg_NLPlpsgNNsb57JL1wd0OL8lIJk8uDJEyNTXoMsED6of1t5IRX3pRIOCut-p5mRVtSaejnCa-r6yNDonju2pudLLZ9CsLg_L_sr8XSgmzycR_ruh3GapXV1OmzqaKk0_qpMrWeeTwlUKxOJdjgDcDYeUuUDCRSZ0kkUikTkrlMpHaVHeJFnM9wBSOGCtGuAzYHyieo4T6bS_QmjiFs8W4VilAmxU5c9FIv0NqOK18qJTsCAGAi7hFowQfUMs2HsH2VVqQYuIqzpncJRweFtnJNRy2cGgR_tjdYgQddeBon6v0xQypr6KoC_mZ4gDlec2pfy9g2_NaWKTg2_BqDFGwe3EAuzM6iifiqABHFtZYflzwvzD3u0AwfpDMi9fme4oaHuOXa0XCo7rgaf-bVnMTU7QvxtCfGPEH7991AAiMcL2tDIUCX-UcqGWJWQnAovEbpc00-odLimaReSW0wUzHmZs79E0_ZEPMqbV2ycuzIrk_9bskvbulhOIhFrRykp3Dr4b6SRTXCGkEQ1P2y5jrPX95WxIFe2_dILWe-gd9UJ2Po5n_v7M-VOta5buGHYy-aNRIKtdLalyzoe4iNGKrgE6EAn-2a0JHqH9gqk4L023-zOECl6n0B_hbXUKBATXXZEDXKhPKfsqH3vXrPw7COPXH9zsGye62safkYbw-k-_ZUVGKZGc5AaZlBnZ7aVbV3BYYX7QiubxPRFJWUklAl331dCdV5CZnZFe5MrdWpbM7I24nX2nxB7pV8vgTUEb87SIHiN8K_YZnbf2OXPkdMazdxO8KBPUprCk_UH-X2cl0tZNyKiD4T9hNEZdVGDcHy-_PXAy76_R93PgML6cpSAB-URzKEVt2cOVe9FeHFOUWt2YFTRLB5CmAMJ1A_n_DMQw7xbF7RB3CXsCwNU3yZjydgVJ_
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://40c08bcac5bf885dbd447c370f4f6d6d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 09 Nov 2021 04:55:57 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sodar2.js
tpc.googlesyndication.com/sodar/ Frame 6C8C 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202111040101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-6272874513322487&plah=40c08bcac5bf885dbd447c370f4f6d6d.safeframe.googlesyndication.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a5ead9037af4a0e749e217f63b25a25493a7705e17d98f04b336ab1370a353db
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://40c08bcac5bf885dbd447c370f4f6d6d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 09 Nov 2021 04:55:58 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1624308425655142"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6467
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="adspam-signals-scs"
expires
Tue, 09 Nov 2021 04:55:58 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/224/ Frame CE9E 		12 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4fa0156d693856f79289525c8e4db988a188d55ce0283351c96d811c7ce3e2c3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://40c08bcac5bf885dbd447c370f4f6d6d.safeframe.googlesyndication.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy-report-only
same-origin; report-to="adspam-signals-scs"
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-length
5029
date
Mon, 08 Nov 2021 19:53:47 GMT
expires
Tue, 08 Nov 2022 19:53:47 GMT
last-modified
Wed, 02 Jun 2021 17:09:45 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, max-age=31536000
age
32531
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
aframe
www.google.com/recaptcha/api2/ Frame 61C6 		783 B
535 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
389e7dabb1ecb51d97f9025d3f48c719d7526ae0234afd678a49afc5792e27aa
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-K48s2td5V68YLxfQtucHhA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://40c08bcac5bf885dbd447c370f4f6d6d.safeframe.googlesyndication.com/

Response headers

cross-origin-resource-policy
cross-origin
cross-origin-embedder-policy
require-corp
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
expires
Tue, 09 Nov 2021 04:55:58 GMT
date
Tue, 09 Nov 2021 04:55:58 GMT
cache-control
private, max-age=300
content-type
text/html; charset=utf-8
content-security-policy
script-src 'report-sample' 'nonce-K48s2td5V68YLxfQtucHhA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding
gzip
x-content-type-options
nosniff
x-xss-protection
1; mode=block
content-length
513
server
GSE
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
zcxQrsBjZtkA-sIi55aDcbNRce-W4yNq16DL4AdK1J0.js
pagead2.googlesyndication.com/bg/ Frame CE9E 		35 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/zcxQrsBjZtkA-sIi55aDcbNRce-W4yNq16DL4AdK1J0.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
cdcc50aec06366d900fac222e7968371b35171ef96e3236ad7a0cbe0074ad49d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Mon, 08 Nov 2021 20:02:57 GMT
content-encoding
br
x-content-type-options
nosniff
age
31981
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13399
x-xss-protection
0
last-modified
Fri, 29 Oct 2021 13:38:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Tue, 08 Nov 2022 20:02:57 GMT
event.png
tps20243.doubleverify.com/ Frame B6EB 		67 B
418 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://tps20243.doubleverify.com/event.png?impid=7a893906acf64ceeb9138a345d70c32e&gdpr=&gdpr_consent=&dvp_vperr=Failed%20to%20get%20adid&vdur=101&eoid=9&msrjs=1800&pltfrm=Linux%20x86_64&dvp_ac_version=0511&dvp_acibv=&bsigr=34359738497&sdf=2&vit=0&isvelg=0&tltms=59&tetms=9&msltms=20&vltms=101&sei=292&vetms=6&engms=1&engisel=0&ttfurm=2134&cbust=1636433758669736
Requested by
Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dv-measurements1800.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
213.254.244.20 , United States, ASN36062 (DOUBLE-VERIFY, US),
Reverse DNS
Software
/
Resource Hash
ebf4f635a17d10d6eb46ba680b70142419aa3220f228001a036d311a22ee9d2a

Request headers

Referer
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Pragma
no-cache
Date
Tue, 09 Nov 2021 04:55:58 GMT
Content-Encoding
gzip
Vary
Accept-Encoding
Content-Type
image/png
Access-Control-Allow-Origin
https://www.nyasatimes.com
Cache-Control
max-age=0
Access-Control-Allow-Credentials
true
Content-Length
98
Expires
11/8/2021 4:55:58 AM
sodar
pagead2.googlesyndication.com/pagead/ Frame 61C6 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=224&li=gda_r20211103&jk=3587062973168272&rc=
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/aframe
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers
t
t.lkqd.net/ Frame 2330 		0
166 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://t.lkqd.net/t
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.128.190 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
application/json

Response headers

access-control-allow-origin
https://www.nyasatimes.com
date
Tue, 09 Nov 2021 04:55:58 GMT
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
server
nginx
content-length
0
content-type
text/plain; charset=UTF-8
t
t.lkqd.net/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://t.lkqd.net/t
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.128.190 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type
Origin
https://www.nyasatimes.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

server
nginx
date
Tue, 09 Nov 2021 04:55:58 GMT
content-type
text/plain; charset=UTF-8
content-length
0
access-control-allow-credentials
true
access-control-expose-headers
Content-Type, Content-Disposition
access-control-allow-headers
Content-Type
access-control-allow-methods
GET, OPTIONS, POST
cache-control
max-age=300
access-control-max-age
300
access-control-allow-origin
https://www.nyasatimes.com
gen_204
pagead2.googlesyndication.com/pagead/ Frame 6C8C 		0
28 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=224&t=2&li=gda_r20211103&jk=3587062973168272&bg=!kZKlktbNAAYH3anuB907ACkAdvg8WoGrISllxuKRtcfVZztNcOF0dQMNfPMu4-RfAjKLXOb7Z2TxXgIAAABbUgAAAApoAQcKAHV68rhJoa6A9F6esMaJZN-xR4SWXbXEpPZQTb9JZ_kV1jWulA1INnaVOWeiHN5PVETYjyD9R1b0GQyndGMtVBjntp4WIYkseP7RQnrpS0nWsLsKArhQ298pWR9GIO50f1W-M0VpMlfHz3mLLDpgdQGJsEU2KSGZAv2E-CFGfPpJGljz67QTESMDO-A41EiTKjInaPCU7qlqbmef8U-5qCUPP5ND_qfo19VxQobLA0JMUcrZFZzaDuLMPS8gTrr4u026b8FqSS1yjFkHTnQ5x7KSBEJMv9Y6Xr1zwfoXfRAWjIK0I4C5RuFxqKslUzXyQc0H2SaPQqYHbfbztJkxo1RstmVWXmXS5x0OTjxqKuvn2g__f51FLfxy1LeMcwrWHUIcRN66uApdxlNbg3QeEUwlwQCMmxztbk7Dm6uPhscIhjlixIqPGhJiOXa1stcPGMV6xjce1OGq9wKzNdIIRT4N8_bEBECYPlKptdJT2lbkILMVqabrf35XZYwpwq34RqtHbqEns4B_0rKocG8O1A5jugnJrrgvI-uvOw0r6cpjSzsZVz7uGz3lin8QQzvaiS8xHXLP6L0J_8VWVoFbddGtm2CrJ4-lSYtkcz3Q_eSl3MAwmvBVVPhxYyTMWAHEFxBnEuWu4D0zjBZqWM3GuNxuT039_aayEVgB_GBEWDuFaLxo3vPVMJEoQzDEWsqSr5BjcYK3pa2we4e1Q69a3lA9nljbCaTh8mg7k18QHj2zCUJclinoc6v2wJni0xao5bM0qrllHu35HhfEtT3KWoIzyGHv_-bGFpnls79U_jdTRAE2GK5r8BBc6R6Sx3t_ESQJr7b82dfkd0NbTvB1wqpvj_BmCMyYyY5807yZXBdtVRwW-1iV_s7ucsta-MuMrWPf32V32S_N5SX21Ah8TQ2s40AVmFw60ASAM7vShs4QX3CsNtrqwMAkAKAJc5n3gjjBENchoTDKt8AYE69u8cGjWO2_SwYm6koCrTvidlxihtE9dzDSgm_p0Po7PJ6j7Sk-kROgEpAWpDahkPBpEDvSba6aL_-alVmDe7ugify99PG6FXCDPdgq2VHPqTM1SN2-4K2N2r8MDYUCCYqWSrRwLHIe9vLwntIMc5XhnEVeCxi-ceuFkg5QRxZI0HPk-U-BYfOuxNeanRu3HjPCkQd7-Ed2hCA
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://40c08bcac5bf885dbd447c370f4f6d6d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 09 Nov 2021 04:55:59 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
t
t.lkqd.net/ Frame 2330 		0
166 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://t.lkqd.net/t
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.128.190 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
application/json

Response headers

access-control-allow-origin
https://www.nyasatimes.com
date
Tue, 09 Nov 2021 04:56:00 GMT
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
server
nginx
content-length
0
content-type
text/plain; charset=UTF-8
t
t.lkqd.net/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://t.lkqd.net/t
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.128.190 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type
Origin
https://www.nyasatimes.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

server
nginx
date
Tue, 09 Nov 2021 04:56:00 GMT
content-type
text/plain; charset=UTF-8
content-length
0
access-control-allow-credentials
true
access-control-expose-headers
Content-Type, Content-Disposition
access-control-allow-headers
Content-Type
access-control-allow-methods
GET, OPTIONS, POST
cache-control
max-age=300
access-control-max-age
300
access-control-allow-origin
https://www.nyasatimes.com
6.gif
p4-fuszz6cmgm5pa-whplufyift7qeelh-762194-i1-v6exp3.ds.metric.gstatic.com/v6exp3/ Frame FE68 		0
0
6.gif
p4-fuszz6cmgm5pa-whplufyift7qeelh-762194-i2-v6exp3.v4.metric.gstatic.com/v6exp3/ Frame FE68 		35 B
583 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://p4-fuszz6cmgm5pa-whplufyift7qeelh-762194-i2-v6exp3.v4.metric.gstatic.com/v6exp3/6.gif
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.184.242 -, , ASN (),
Reverse DNS
Software
sffe /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://p4-fuszz6cmgm5pa-whplufyift7qeelh-if-v6exp3-v4.metric.gstatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 09 Nov 2021 04:56:02 GMT
x-content-type-options
nosniff
last-modified
Thu, 03 Oct 2019 10:15:00 GMT
server
sffe
report-to
{"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type
image/gif
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="static-on-bigtable"
expires
Fri, 01 Jan 1990 00:00:00 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
www.google.com
URL
http://www.google.com/cse/query_renderer.js
Domain
www.google.com
URL
http://www.google.com/cse/query_renderer.js
Domain
t.lkqd.net
URL
https://t.lkqd.net/t
Domain
www.google.com
URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaQLTCjQcv2h1aIL1dvfgDyBXQZRGeARSAFvUSn8SiSvMrtcdJTLILVj7H2wmDEg9eUc0r0Kyqvj0e4vwY2Or9BUt-DfUQ
Domain
www.google.com
URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaTxXaE2syTHkDmh9C_h8Y6woxjZcx9PqzUhkZ_I7BYhhzWILBcO5njdHiKSPFePEf7uuLpA2JpAPsxBHQh9vfnzc5NESQ
Domain
www.google.com
URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaRTknhul5rbBcyVG1F6SYAKRtWhvL5OexsA1Cu4vSGfmaNTDPA5lYa8coh29P87w6bTmBnElrxM5YzHF5c4C9xeEy9okA
Domain
www.google.com
URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaSaxh_exz3awl50DLHBfYjnVlYMg6PzOBQTx_RQqNX10Gdp1CMvILuLgSSpDsg9sY2ueUr0WGgyBzuLmRRJHlp0hggqVQ
Domain
pixel.onaudience.com
URL
https://pixel.onaudience.com/?partner=104&icm&cver&mapped=3ecc42ef4dd5082f9e07e941e157487f
Domain
bh.contextweb.com
URL
https://bh.contextweb.com/bh/rtset?do=add&pid=558502&ev=AAHwWE7DE_8AABP6esANPw&rurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fbee_sync_partners%3Dsas%252Cpm%26bee_sync_current_partner%3Dpp%26bee_sync_initiator%3Dadx%26bee_sync_hop_count%3D2
Domain
match.adsby.bidtheatre.com
URL
https://match.adsby.bidtheatre.com/pubmaticmatch?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=
Domain
adservice.google.de
URL
https://adservice.google.de/adsid/integrator.js?domain=www.nyasatimes.com
Domain
cm.g.doubleclick.net
URL
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YYn_SUCgsvsSfCCgq-TDfQAABHMAAAIB&google_cver=1&google_push=AYg5qPL_ZsP67ecl-o9s9yMB46nGFKQL-1fu2nHdCpWD8ySSw9uTaPkqbT99ltiC5KARcAdH9uKeYP6v8KWK8Ljxngn8dw0tLOA&google_gid=CAESEFYa9KjnHEidbuFn8KIVKR4
Domain
cm.g.doubleclick.net
URL
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YYn_SUCgsvsSfCCgq-TDfQAABHMAAAIB&google_cver=1&google_gid=CAESEFYa9KjnHEidbuFn8KIVKR4&google_push=AYg5qPIltg-H-rBGexldh1XgwYFOHZ4JFzzbxlg0wClPC83H_kjvhFM82mM0zh0pY30TcOwPe5hnR4B4t8mV0nkX5n5Hk4VMiwIZ
Domain
p4-fuszz6cmgm5pa-whplufyift7qeelh-762194-i1-v6exp3.ds.metric.gstatic.com
URL
https://p4-fuszz6cmgm5pa-whplufyift7qeelh-762194-i1-v6exp3.ds.metric.gstatic.com/v6exp3/6.gif

Verdicts & Comments Add Verdict or Comment

202 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 object| 9 object| 10 object| 11 object| 12 object| 13 object| 14 object| 15 object| 16 object| 17 object| 18 object| 19 object| 20 object| 21 object| 22 object| 23 object| 24 object| 25 object| 26 object| 27 object| 28 object| onbeforexrselect function| reportError boolean| originAgentCluster object| scheduler object| Eager object| CloudflareApps string| GoogleAnalyticsObject function| ga object| __cfQR object| CleverCore undefined| sentryScript number| CleverCoreRegistryLoaded object| google_tag_data object| gaplugins object| gaGlobal object| gaData object| _wpemojiSettings function| admiral object| googletag function| $ function| jQuery object| _taboola string| image_save_msg string| no_menu_msg function| disableCTRL function| disableselect function| disableselect_ie function| reEnable function| disablecmenu object| _mN object| _mNSrv function| setup string| _mN_Idf undefined| _mN_ctr string| _mN_ctrM object| mnjs object| _mNDetails function| _cmL1Require function| _cmL1Define undefined| _mNE object| _mNHandle object| google_js_reporting_queue number| google_srt object| google_logging_queue object| google_ad_modifications object| ggeac boolean| google_measure_js_timing object| google_reactive_ads_global_state object| adsbygoogle boolean| _gfp_a_ object| google_sa_queue object| google_sl_win function| google_process_slots object| google_persistent_state_async function| google_spfd number| google_unique_id object| google_sv_map function| eHost string| va string| vb string| vc string| vd string| ve string| vf string| vg string| vh string| vi string| vj string| vk string| vl string| vm string| vn function| callPlayers function| __tcfapi_8928924878912 object| lkqdSettings object| vpaidLoader string| google_user_agent_client_hint object| bootstrap object| twemoji object| wp function| Popper object| lazySizesConfig object| lazySizes object| WebFont object| mailoptin_globals object| emailL10n object| pollsL10n object| pp_ajax_form object| megamenu function| AdBlockEnabled boolean| __cfRLUnblockHandlers object| TRC object| _tblConsole undefined| msg object| wpp_params object| WordPressPopularPosts number| email_p number| email_pageid string| email_yourname string| email_youremail string| email_yourremarks string| email_friendname string| email_friendemail string| email_friendnames string| email_friendemails string| email_imageverify function| validate_email_form function| isEmpty function| is_valid_name function| is_valid_email function| is_valid_remarks function| email_popup function| email_form function| poll_vote function| poll_process function| poll_result function| poll_booth function| poll_process_success function| flatpickr function| Sly function| moFormRecaptchaLoadCallback function| ppFormRecaptchaLoadCallback object| FB function| __trcCopyProps function| __trcFromError function| __trcClientTimestamp function| __trcLog function| __trcError function| __trcDebug function| __trcInfo function| __trcWarn function| __trcWarnUsingBeacon function| __trcDOMWalker function| __trcJSONify function| __trcUnJSONify function| __trcTrim function| __trcGetElementsByClass function| __trcToArray function| __trcObjectCreate function| PageManager function| addHashParam number| trc_debug_level string| trc_article_id object| TRCImpl number| taboola_view_id string| prop object| googleToken object| googleIMState function| processGoogleToken object| placementData function| 4dm1r11545242527 object| _tfa object| lkqd object| mobile_blocked_mfs function| lkqd_http_response object| __gcse object| GoogleGcLKhOms object| ampInaboxIframes object| ampInaboxPendingMessages object| ampInaboxPositionObserver object| ampInaboxFrameOverlayManager object| ___grecaptcha_cfg object| grecaptcha string| __recaptcha_api boolean| __google_recaptcha_client object| recaptcha object| google_image_requests function| google_sa_impl boolean| _gfp_p_ number| google_global_correlator object| google_prev_clients object| google_llp number| google_lpabyc

131 Cookies

Domain/Path Name / Value
.media.net/ Name: gdpr_status
Value: 1
.clevernt.com/ Name: hstpv4user
Value: eyJJRCI6IjI0NjE3OTA0d2FuNjE4OWZmNDVlNjI1MSIsIkNUUiI6IkRFIiwiUmVnaW9uIjpudWxsLCJCcm93c2VyIjoiQ2hyb21lIiwiUGxhdGZvcm0iOiJXaW5kb3dzIiwiTW9iaWxlIjowLCJCb3QiOjAsInJlbW90ZV9hZGRyIjoiMzExNzc4Mzk3MyIsIkxhc3RVcGRhdGUiOjE2MzY0MzM3MzN9
www.nyasatimes.com/ Name: clever-last-tracker-34090
Value: 1
www.nyasatimes.com/ Name: clever-counter-34090
Value: 0-1
.nyasatimes.com/ Name: _ga
Value: GA1.2.1514767491.1636433735
.nyasatimes.com/ Name: _gid
Value: GA1.2.645207223.1636433735
.nyasatimes.com/ Name: _gat
Value: 1
ads.stickyadstv.com/ Name: UID
Value: e3e990807828c98881acba30c141d56
ads.stickyadstv.com/ Name: sessionId
Value: f0e2551428de721e940ef73a21641e7
.bidswitch.net/ Name: tuuid
Value: db823f7b-313a-4551-a5a4-d28b8d688688
.bidswitch.net/ Name: c
Value: 1636433735
.bidswitch.net/ Name: tuuid_lu
Value: 1636433735
www.nyasatimes.com/ Name: trc_cookie_storage
Value: taboola%2520global%253Auser-id%3Db9ea6933-2c9e-4db0-b8a1-d6409e449de9-tuct88384c7
.taptapnetworks.com/ Name: SONATA_ID
Value: csonata_f31f1a10-01cc-42ca-acc1-2e503e6d082f
.vidoomy.com/ Name: vidoomy-uids
Value: eyJ1aWRzIjp7IkJTIjp7InVpZCI6ImRiODIzZjdiLTMxM2EtNDU1MS1hNWE0LWQyOGI4ZDY4ODY4OCIsImV4cGlyZXMiOjE2MzkwMjU3MzZ9LCJDRU4iOnsidWlkIjoibm8tY29uc2VudCIsImV4cGlyZXMiOjE2MzkwMjU3MzV9fX0=
.turn.com/ Name: uid
Value: 2910766924132551182
.spotxchange.com/ Name: audience
Value: 474c627a-4119-11ec-b496-13b80d860006
ads.stickyadstv.com/ Name: pxId
Value: 7169
.nyasatimes.com/ Name: __gads
Value: ID=794056464356ba8c-22ee49fb40cb0076:T=1636433736:S=ALNI_MZxGv2IOQA2RS0JcD_TPrlKHt_CvA
.doubleclick.net/ Name: IDE
Value: AHWqTUlIUUCyiXP-owIuntBCHQQaikakwgQQyG5CTvPTrcFMPx3BlY9kGvyJK1C21w0
.pubmatic.com/ Name: KADUSERCOOKIE
Value: AAFDB41B-E8AC-4A9F-A422-22410BCE2BD1
.adnxs.com/ Name: uuid2
Value: 6956644907051674345
.adform.net/ Name: C
Value: 1
.simpli.fi/ Name: suid
Value: 5B494D62A10C4AC6B237AE512971C575
.adform.net/ Name: uid
Value: 64795979698098495
.mathtag.com/ Name: uuid
Value: f2636189-ff49-4300-a8a8-3c29f45d21f7
.quantserve.com/ Name: mc
Value: 6189ff49-4b76e-6ab58-4d12e
.pubmatic.com/ Name: KRTBCOOKIE_57
Value: 22776-6956644907051674345
.pubmatic.com/ Name: PUBMDCID
Value: 3
.pubmatic.com/ Name: KRTBCOOKIE_153
Value: 19420-lC0ZNcR6FTWPKEM7lHkMOsN-FDSPKEU9kHnftxCo&KRTB&22979-lC0ZNcR6FTWPKEM7lHkMOsN-FDSPKEU9kHnftxCo
.de17a.com/ Name: guid2
Value: 1.5649455818980043838
.pubmatic.com/ Name: KRTBCOOKIE_391
Value: 22924-64795979698098495&KRTB&23263-64795979698098495
.pubmatic.com/ Name: KRTBCOOKIE_27
Value: 16735-uid:f2636189-ff49-4300-a8a8-3c29f45d21f7&KRTB&16736-uid:f2636189-ff49-4300-a8a8-3c29f45d21f7&KRTB&23019-uid:f2636189-ff49-4300-a8a8-3c29f45d21f7&KRTB&23114-uid:f2636189-ff49-4300-a8a8-3c29f45d21f7
.pubmatic.com/ Name: KRTBCOOKIE_336
Value: 5844-5649455818980043838
.pubmatic.com/ Name: KRTBCOOKIE_80
Value: 22987-CAESELU8enLxENvw5QujXWiAYE4&KRTB&16514-CAESELU8enLxENvw5QujXWiAYE4&KRTB&23025-CAESELU8enLxENvw5QujXWiAYE4
.adsrvr.org/ Name: TDID
Value: d698b73d-77bd-436e-abfb-366d9d32e243
.onaudience.com/ Name: cookie
Value: 7f83e22e8eaaec69
.onaudience.com/ Name: done_redirects104
Value: 1
.pubmatic.com/ Name: KRTBCOOKIE_377
Value: 6810-d698b73d-77bd-436e-abfb-366d9d32e243&KRTB&22918-d698b73d-77bd-436e-abfb-366d9d32e243&KRTB&23031-d698b73d-77bd-436e-abfb-366d9d32e243
.crwdcntrl.net/ Name: _cc_dc
Value: 1
.crwdcntrl.net/ Name: _cc_id
Value: 3ecc42ef4dd5082f9e07e941e157487f
.crwdcntrl.net/ Name: _cc_cc
Value: "ACZ4XmNQME5NTjYxSk0zSUkxNbAwSrNMNTBPtTQxTDU0NTexME9jAILEzv%2BeIBoKAGSECyY%3D"
.crwdcntrl.net/ Name: _cc_aud
Value: "ABR4XmNgYGBI7PzvCaSgAAAbbAIz"
.pubmatic.com/ Name: pp
Value: 156498
.pubmatic.com/ Name: PMDTSHR
Value: cat:
.casalemedia.com/ Name: CMID
Value: YYn-SUCgsvsSfCCgq.TDfQAA
.casalemedia.com/ Name: CMPS
Value: 3270
.casalemedia.com/ Name: CMPRO
Value: 1139
.openx.net/ Name: i
Value: f33266f8-d5bb-43b0-bcf3-e64abcaea677|1636433737
.casalemedia.com/ Name: CMRUM3
Value: 2d6189ff492760CAESEBRQ_HcAipZ3skpVH4jRWEo
.adnxs.com/ Name: anj
Value: dTM7k!M41.D>6NRF']wIg2C'!s.ime!]tbPl1M>e)ZlrFUfJ+tGXxpO_$9:BT^pZT<[qR->S2*_X@]X-c?1oCgFvpj*bpRz*qF1`*b_Bi*!qua
.pubmatic.com/ Name: DPSync3
Value: 1637625600%3A221_226_227_235_201_197_219%7C1636502400%3A174
.adfarm1.adition.com/ Name: UserID1
Value: 7028429386789025937
.pubmatic.com/ Name: KRTBCOOKIE_22
Value: 14911-2910766924132551182
.pubmatic.com/ Name: KRTBCOOKIE_188
Value: 3189-no-consent
.zeotap.com/ Name: zc
Value: 5a869625-485c-4b47-5c41-db263d388459
.rqtrk.eu/ Name: browser_id
Value: 1:edf5e2ad-3fb6-426f-8f75-7b0c71efacd0
.pubmatic.com/ Name: KRTBCOOKIE_1101
Value: 23040-7028429386789025937
.fiftyt.com/ Name: fifid
Value: 923424f8-37c1-40d8-7721-14ce8acd94da
.fiftyt.com/ Name: cs
Value: MTYzNjQzMzczOHxEdi1CQkFFQ180SUFBUkFCRUFBQUJQLUNBQUE9fLFJzlb0f2eM1JZ1gnuUD-PvOIjEe_3IGjzcI_KaqMCA
.analytics.yahoo.com/ Name: IDSYNC
Value: 18z8~21fg
.pubmatic.com/ Name: KRTBCOOKIE_466
Value: 16530-db823f7b-313a-4551-a5a4-d28b8d688688
.fiftyt.com/ Name: fppm
Value: 20211109045538
.pubmatic.com/ Name: SPugT
Value: 1636433737
.everesttech.net/ Name: everest_g_v2
Value: g_surferid~YYn-SgADLMrjmAAz
.bidr.io/ Name: bito
Value: AAHwWE7DE_8AABP6esANPw
.bidr.io/ Name: bitoIsSecure
Value: ok
.pubmatic.com/ Name: KRTBCOOKIE_218
Value: 4056-YYn-SgADLMrjmAAz&KRTB&22978-YYn-SgADLMrjmAAz&KRTB&23194-YYn-SgADLMrjmAAz&KRTB&23209-YYn-SgADLMrjmAAz
.semasio.net/ Name: SEUNCY
Value: B8A08603E37B402
.redintelligence.net/ Name: 8lcfmzhxc8d6_uid
Value: fdae6d12477815d9
.awin1.com/ Name: awpv11524
Value: 296283|1636433739|48a3e090-4119-11ec-8d3b-22325fa92e16
trf.greatviews.de/ Name: ads_si
Value: a%3A3%3A%7Bs%3A2%3A%22si%22%3Bs%3A36%3A%2248ab18ba-4119-11ec-82f1-00155d255900%22%3Bs%3A3%3A%22sit%22%3Bi%3A1636520139%3Bs%3A6%3A%22expire%22%3Bi%3A0%3B%7D
trf.greatviews.de/ Name: cjcookie
Value: a%3A2%3A%7Bs%3A2%3A%22id%22%3Bs%3A38%3A%22cj48ab3426-4119-11ec-82f1-00155d255900%22%3Bs%3A6%3A%22expire%22%3Bi%3A1699505739%3B%7D
trf.greatviews.de/ Name: mcookie
Value: a%3A3%3A%7Bs%3A4%3A%22m316%22%3Bs%3A36%3A%2248ab1860-4119-11ec-82f1-00155d255900%22%3Bs%3A11%3A%22click_12771%22%3Bs%3A57%3A%221636433739%25%255503284%25%2548ab17ac-4119-11ec-82f1-00155d255900%22%3Bs%3A6%3A%22expire%22%3Bi%3A1651985739%3B%7D
trf.greatviews.de/ Name: ads_pu
Value: a%3A2%3A%7Bs%3A4%3A%22seen%22%3Bi%3A1%3Bs%3A6%3A%22expire%22%3Bi%3A1637038539%3B%7D
trf.greatviews.de/ Name: ads_ps
Value: a%3A2%3A%7Bs%3A4%3A%22seen%22%3Bi%3A1%3Bs%3A6%3A%22expire%22%3Bi%3A0%3B%7D
.audrte.com/ Name: arcki2
Value: 409LFHCQALvTMK37tbAjgE-dw!20210804!1636433739105
.singles.parship.de/ Name: __cf_bm
Value: 2_GsB0N2uKtnC3gpfoBnBXB9DMFMZyxLfvCbar9ur3o-1636433739-0-AQ8skmqr7oksJRCK6Ht+Dzk4D8r0TlmqGUh1Pn8T2I2IiY1vCIyktT1dBKoRGQ79ftJRFZRCvYtxnCkoFGziyq0=
pb.media01.eu/ Name: ASP.NET_SessionId
Value: d05etmslzec4n2kk4ndqdyh5
pb.media01.eu/ Name: DTU
Value: 328A19715EF3683D409ED549C96F9C27
.parship.de/ Name: NVI_LC2
Value: 01_100_60078_1026_0001_0001_empty_AF00ID_GV1636433739.5503284.48ab17ac-4119-11ec-82f1-00155d255900ID_TS%3A1636433739
.parship.de/ Name: NVI_FC
Value: 01_100_60078_1026_0001_0001_empty_AF00ID_GV1636433739.5503284.48ab17ac-4119-11ec-82f1-00155d255900ID_TS%3A1636433739
.taboola.com/ Name: t_gid
Value: 84e54cc0-0f5b-40ac-a93b-e207a6b04de3-tuct88384cb
.adsrvr.org/ Name: TDCPM
Value: CAESFwoIcHVibWF0aWMSCwjwqpHE5tGROhAFGAEgASgCMgsIxtfog_3RkToQBTgBWgthZGNvbmR1Y3RvcmAC
.1rx.io/ Name: _rxuuid
Value: %7B%22rx_uuid%22%3A%22RX-7acde18c-f6c6-4d6a-bf33-3329d6889aec-003%22%7D
ads.playground.xyz/ Name: connect.sid
Value: s%3AgnbByMMV4UdH2wDY6D-w-7v0PjCT83tJ.JovTvveJl4T7Bg6vdpXuidA9RrTFZrB8T7vEFUf93nA
.iprom.net/ Name: UID
Value: 10141410113735
.pubmatic.com/ Name: KRTBCOOKIE_1277
Value: 23327-uid:10141410113735
.targeting.unrulymedia.com/ Name: _rxuuid
Value: %7B%22rx_uuid%22%3A%22RX-7acde18c-f6c6-4d6a-bf33-3329d6889aec-003%22%7D
.pubmatic.com/ Name: KRTBCOOKIE_594
Value: 17107-RX-7acde18c-f6c6-4d6a-bf33-3329d6889aec-003
.doubleclick.net/ Name: DSID
Value: NO_DATA
.tribalfusion.com/ Name: ANON_ID
Value: agnseFSkTsfAutomjtpjCPL5jcOQRxcFg9tTZaZdgSgZaDWU8VrQZcKDS6qILybKPBvDNZatQQqM5MdQ5B8AZaIDgV
.pubmatic.com/ Name: SyncRTB3
Value: 1637712000%3A35%7C1641600000%3A69%7C1637625600%3A222_55_104_204_3_189_165_8_88_22_230_161_99_238_166_21_13_54_233_81_71_231_5_234_176_56_57_220_7%7C1637280000%3A63%7C1639008000%3A203%7C1637020800%3A2_15_223
.w55c.net/ Name: wfivefivec
Value: 4C5nLrAO1MKjaA5
.w55c.net/ Name: matchpubmatic
Value: 5
.erne.co/ Name: u
Value: XzC0w1dATbi0qnhrI2GqXyVn
.pubmatic.com/ Name: KRTBCOOKIE_107
Value: 1471-uid:4C5nLrAO1MKjaA5
.pubmatic.com/ Name: KRTBCOOKIE_409
Value: 22966-XzC0w1dATbi0qnhrI2GqXyVn
sync.srv.stackadapt.com/ Name: sa-user-id
Value: s%3A0-0549a663-381b-4df6-436e-65e2cac7e20a.m44YT1SqOn00vCO0yPl%2B64t%2FPBp3WcnNWVDTCJ5lDtw
.srv.stackadapt.com/ Name: sa-user-id-v2
Value: s%3A0-0549a663-381b-4df6-436e-65e2cac7e20a%24ip%24185.213.155.165.qaZjPAqAepmiuxKV%2Bh5st6wP5wvvj3vJvmQVEh%2BS9DU
.pubmatic.com/ Name: KRTBCOOKIE_860
Value: 16335-BUmmYzgbTfZDbmXiysfiCrnVm6U
.ipredictive.com/ Name: cu
Value: 49ea1cb4-4119-11ec-9dfb-3f0efd89842f|1636433741171
.pubmatic.com/ Name: KRTBCOOKIE_279
Value: 22890-49ea1cb4-4119-11ec-9dfb-3f0efd89842f&KRTB&23011-49ea1cb4-4119-11ec-9dfb-3f0efd89842f
.pubmatic.com/ Name: PugT
Value: 1636433741
.nyasatimes.com/ Name: _awl
Value: 2.1636433741.0.4-d04b0458-12b0a1b36aebf2b88d66c25ceed626f0-6763652d6575726f70652d7765737431-6189ff48-0
.pubmatic.com/ Name: chkChromeAb67Sec
Value: 5
.ads.pubmatic.com/ Name: pubsyncexp
Value: 1636455342842
.quantserve.com/ Name: d
Value: EKsBDgHXJIEO-TA
.casalemedia.com/ Name: CMST
Value: YYn-SWGJ-1MA
.rlcdn.com/ Name: pxrc
Value: CNP+p4wGEgUI6AcQABIGCOndKhAA
.innovid.com/ Name: uuid
Value: e5c1687f-8026-4fef-ae40-a70402e2ce6d-20211108 23:55:47
.yahoo.com/ Name: A3
Value: d=AQABBEr_iWECEPIMFYFbpDisAmFCpjrPTQIFEgEBAQFQi2GTYQAAAAAA_eMAAA&S=AQAAAqHfn06IU1dfrurO8r2tcCw
.e.dlx.addthis.com/ Name: na_tc
Value: Y
.addthis.com/ Name: na_id
Value: 2021110904555200018442616921
.addthis.com/ Name: na_tc
Value: Y
.addthis.com/ Name: uid
Value: 6189ff580fcf240f
.addthis.com/ Name: ouid
Value: 6189ff5800013c30cce4f7d7f0c980e47901a0d2424f7f416873
.dlx.addthis.com/ Name: na_sr
Value: 20211109
.dlx.addthis.com/ Name: na_srp
Value: 3614
.adnxs.com/ Name: icu
Value: ChgI1dN1EAoYCCAIKAgw2P6njAY4CEAISAgQ2P6njAYYBw..
.agkn.com/ Name: ab
Value: 0001%3A2YOwG79xIXKtvxvHn6%2FPLiHclYSn49br
.agkn.com/ Name: u
Value: C|0CEApHLvYKRy72AAAAAAAAQ13AQCAAQpAAAAAAA
.medialead.de/ Name: trscj
Value: MTYzNjQzMzc1M3xMM1J5WTJzdlpYQjJMMlU1T1dGaFkyVTVOR1UyWlRVNE56TTRPREZrTXpRd01EazVNMlV4WlRkbFAzTjFZbWxrUFRNek5UQTJOREF3TURFME5UWXdNakF3TnpFd05qRXlNREV4Tnpjek1ERTVKblE5YUhSc2NBPT18YUhSMGNITTZMeTluYjI5bmJHVmhaSE11Wnk1a2IzVmliR1ZqYkdsamF5NXVaWFF2
.awin1.com/ Name: awpv14098
Value: 296283|1636433753|5188a420-4119-11ec-a957-2261a0e7f687
.awin1.com/ Name: awpv18332
Value: 296283|1636433753|518b1520-4119-11ec-beb1-223071fe7256
.awin1.com/ Name: AWSESS
Value: 376776:2601051
.rlcdn.com/ Name: rlas3
Value: TUZzB/8A0S1JMX2ltwD/diNLuy3wBR+3ov55VdqGmIc=
.openx.net/ Name: pd
Value: v2|1636433751.3|gu.vN
.dlx.addthis.com/ Name: na_rn
Value: 2
.dlx.addthis.com/ Name: na_sc_e
Value: 2
.scorecardresearch.com/ Name: UID
Value: 1WFPSXNU1TPCX1JH00WAQAg1636433756

11 Console Messages

Source Level URL
Text
security error URL: https://www.nyasatimes.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Message:
Mixed Content: The page at 'https://www.nyasatimes.com/' was loaded over HTTPS, but requested an insecure script 'http://www.google.com/cse/query_renderer.js'. This request has been blocked; the content must be served over HTTPS.
security error URL: https://www.nyasatimes.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Message:
Mixed Content: The page at 'https://www.nyasatimes.com/' was loaded over HTTPS, but requested an insecure script 'http://www.google.com/cse/query_renderer.js'. This request has been blocked; the content must be served over HTTPS.
other error URL: chrome-error://chromewebdata/
Message:
Refused to display 'https://22bet.com/' in a frame because it set 'X-Frame-Options' to 'sameorigin'.
other error URL: chrome-error://chromewebdata/
Message:
Refused to display 'https://www.facebook.com/' in a frame because it set 'X-Frame-Options' to 'deny'.
other warning URL: https://cdn.ampproject.org/rtv/012110042008000/v0/amp-ad-exit-0.1.mjs(Line 2)
Message:
Unrecognized feature: 'attribution-reporting'.
javascript warning URL: https://www.nyasatimes.com/
Message:
The resource https://www.nyasatimes.com/wp-content/plugins/social-pug/assets/dist/style-frontend-pro.1.19.1.css?ver=1.19.1 was preloaded using link preload but not used within a few seconds from the window's load event. Please make sure it has an appropriate `as` value and it is preloaded intentionally.
network error URL: https://ad4m.at/ad/dpe?b=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjkmdGw9MTI5NjAw&piggybackCookie=$UID
Message:
Failed to load resource: the server responded with a status of 404 ()
network error URL: https://v.lkqd.net/ad?pid=430&sid=1151941&formats=true&output=vastvpaid&support=html5&execution=outstream&placement=slider&playinit=auto&volume=0&width=400&height=225&gdpr=0&gdprcs=&pageurl=https%3A%2F%2Fwww.nyasatimes.com%2F&dnt=0&c1=&c2=0&c3=1.0%2C1!vidoomy.com%2C62144%2C1%2C&c5=&c6=62144&rnd=81169085&m=
Message:
Failed to load resource: the server responded with a status of 400 ()
network error URL: https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YYn_SUCgsvsSfCCgq-TDfQAABHMAAAIB&google_cver=1&google_push=AYg5qPL_ZsP67ecl-o9s9yMB46nGFKQL-1fu2nHdCpWD8ySSw9uTaPkqbT99ltiC5KARcAdH9uKeYP6v8KWK8Ljxngn8dw0tLOA&google_gid=CAESEFYa9KjnHEidbuFn8KIVKR4
Message:
Failed to load resource: net::ERR_TOO_MANY_REDIRECTS
network error URL: https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YYn_SUCgsvsSfCCgq-TDfQAABHMAAAIB&google_cver=1&google_gid=CAESEFYa9KjnHEidbuFn8KIVKR4&google_push=AYg5qPIltg-H-rBGexldh1XgwYFOHZ4JFzzbxlg0wClPC83H_kjvhFM82mM0zh0pY30TcOwPe5hnR4B4t8mV0nkX5n5Hk4VMiwIZ
Message:
Failed to load resource: net::ERR_TOO_MANY_REDIRECTS
javascript warning URL: https://googleads.g.doubleclick.net/pagead/html/r20211103/r20110914/zrt_lookup.html?fsb=1#RS-1-&adk=1812271801&client=ca-pub-6272874513322487&fa=1&ifi=24&uci=a!o&btvi=1
Message:
The resource https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500 was preloaded using link preload but not used within a few seconds from the window's load event. Please make sure it has an appropriate `as` value and it is preloaded intentionally.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

22bet.com
3e58xg3iuaa84csjh2769ipd-wpengine.netdna-ssl.com
40c08bcac5bf885dbd447c370f4f6d6d.safeframe.googlesyndication.com
8019191.fls.doubleclick.net
a.audrte.com
a.tribalfusion.com
a.vidoomy.com
acdn.adnxs.com
ad-server.eu
ad.lkqd.net
ad.turn.com
ad4m.at
ads.adaptv.advertising.com
ads.playground.xyz
ads.pubmatic.com
ads.stickyadstv.com
ads.vidoomy.com
ads.yahoo.com
adservice.google.com
adservice.google.de
adx.adform.net
ag.innovid.com
ajax.googleapis.com
aktrack.pubmatic.com
analytics.webgains.io
api.webgains.io
aud.pubmatic.com
bh.contextweb.com
c1.adform.net
cdn.ampproject.org
cdn.doubleverify.com
cdn.taboola.com
cdnjs.cloudflare.com
cds.taboola.com
cm.adgrx.com
cm.g.doubleclick.net
cms.quantserve.com
connect.facebook.net
contextual.media.net
core.iprom.net
creative.lkqd.net
cs.lkqd.net
cse.google.com
csync.loopme.me
d.agkn.com
d5p.de17a.com
dis.criteo.com
dsp.adfarm1.adition.com
dsum-sec.casalemedia.com
e.dlx.addthis.com
eum-eu-west-1.instana.io
eum.instana.io
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
googlecm.hit.gemius.pl
green.erne.co
hal9000.redintelligence.net
hal900019.redintelligence.net
hal900022.redintelligence.net
ib.adnxs.com
id.rlcdn.com
image2.pubmatic.com
image4.pubmatic.com
image6.pubmatic.com
images.taboola.com
links22.com
lp.cleverwebserver.com
match.adsby.bidtheatre.com
match.adsrvr.org
match.bnmla.com
match.deepintent.com
match.taboola.com
maxcdn.bootstrapcdn.com
medialead.de
mwzeom.zeotap.com
nyasatimes.com
odr.mookie1.com
p4-fuszz6cmgm5pa-whplufyift7qeelh-762194-i1-v6exp3.ds.metric.gstatic.com
p4-fuszz6cmgm5pa-whplufyift7qeelh-762194-i2-v6exp3.v4.metric.gstatic.com
p4-fuszz6cmgm5pa-whplufyift7qeelh-if-v6exp3-v4.metric.gstatic.com
pagead2.googlesyndication.com
partner.googleadservices.com
pb.media01.eu
pips.taboola.com
pixel-sync.sitescout.com
pixel.everesttech.net
pixel.onaudience.com
pixel.quantserve.com
pixel.rubiconproject.com
pm.w55c.net
pr-bh.ybp.yahoo.com
pubmatic-match.dotomi.com
pv.medialead.de
refpasrasw.world
rtb.gumgum.com
rtb.openx.net
s.tribalfusion.com
s0.2mdn.net
sb.scorecardresearch.com
scripts.cleverwebserver.com
search.spotxchange.com
secure.adnxs.com
securepubads.g.doubleclick.net
sender.clevernt.com
server-204.lkqd.net
simage2.pubmatic.com
singles.parship.de
sonata-notifications.taptapnetworks.com
static.adsafeprotected.com
static.cloudflareinsights.com
steadfastsystem.com
sync-tm.everesttech.net
sync.1rx.io
sync.ipredictive.com
sync.mathtag.com
sync.search.spotxchange.com
sync.srv.stackadapt.com
sync.targeting.unrulymedia.com
sync.teads.tv
t.lkqd.net
token.rubiconproject.com
tpc.googlesyndication.com
tps.doubleverify.com
tps20243.doubleverify.com
track.webgains.com
trc.taboola.com
trf.greatviews.de
ui.cleverwebserver.com
uipglob.semasio.net
um.simpli.fi
ups.analytics.yahoo.com
us-u.openx.net
use.fontawesome.com
v.lkqd.net
vid-io-cle.springserve.com
vid.pubmatic.com
visitor.fiftyt.com
vpaid.pubmatic.com
vpaid.springserve.com
ws.rqtrk.eu
www.awin1.com
www.facebook.com
www.google-analytics.com
www.google.com
www.googletagservices.com
www.gstatic.com
www.nyasatimes.com
x.bidswitch.net
adservice.google.de
bh.contextweb.com
cm.g.doubleclick.net
match.adsby.bidtheatre.com
p4-fuszz6cmgm5pa-whplufyift7qeelh-762194-i1-v6exp3.ds.metric.gstatic.com
pixel.onaudience.com
t.lkqd.net
www.google.com
104.111.215.191
104.111.239.217
104.111.242.245
108.128.44.193
138.201.135.164
141.226.224.32
142.250.181.226
142.250.184.227
142.250.184.242
142.250.185.195
142.250.185.97
142.250.186.102
142.250.186.130
142.250.186.142
142.250.186.161
142.250.186.65
142.250.186.98
142.250.74.194
143.204.98.125
143.204.98.5
144.76.104.53
145.239.193.130
146.20.128.151
146.20.128.190
146.20.132.196
148.69.64.76
151.101.193.108
151.101.193.44
151.101.194.49
151.139.128.11
159.122.14.34
162.55.6.212
169.197.150.7
172.217.16.130
178.250.0.163
178.253.54.48
18.156.0.31
18.158.22.228
18.196.159.27
185.29.134.248
185.33.220.243
185.33.221.53
185.64.189.110
185.64.189.111
185.64.189.229
185.64.190.78
185.64.190.80
185.94.180.123
185.94.180.126
195.5.165.20
198.47.127.20
2.18.233.180
2.18.234.21
2.18.234.233
2.18.235.93
2001:678:cb4:bbbb::11
213.155.156.166
213.19.147.45
213.254.244.20
217.182.200.29
2600:9000:2156:7800:8:48e:53c0:93a1
2600:9000:2156:7a00:15:6f6c:b180:93a1
2606:4700:10::6816:1857
2606:4700:10::6816:4d5b
2606:4700:20::ac43:4681
2606:4700:20::ac43:4a81
2606:4700:3031::ac43:d645
2606:4700::6810:135e
2606:4700::6810:5f41
2606:4700::6810:9df3
2606:4700::6812:bcf
2606:4700::6812:d05
2606:4700::6813:ba79
2620:116:800d:21:51e4:db4b:4436:b305
2a00:1288:80:800::7001
2a00:1450:4001:801::2006
2a00:1450:4001:803::2002
2a00:1450:4001:808::2003
2a00:1450:4001:80f::2001
2a00:1450:4001:80f::2002
2a00:1450:4001:80f::200a
2a00:1450:4001:811::200a
2a00:1450:4001:829::2002
2a00:1450:4001:82a::2002
2a00:1450:4001:82a::2004
2a00:1450:4001:82b::200e
2a02:26f0:6c00:286::4469
2a02:fa8:8806:12::1370
2a03:2880:f01c:8012:face:b00c:0:3
2a03:2880:f11c:8183:face:b00c:0:25de
2a04:4e42::300
2a05:d018:d29:3602:583a:9407:39a3:79c8
2a05:d01c:1d8:8100:f976:bfd0:751d:6023
3.120.169.248
3.127.92.82
3.129.250.65
3.139.192.142
3.70.38.61
34.192.120.237
34.98.107.212
34.98.67.61
35.156.156.223
35.186.253.211
35.190.90.202
35.201.96.126
35.244.159.8
35.244.174.68
35.71.131.137
37.157.2.237
38.27.122.158
45.135.122.42
46.236.13.147
51.75.146.160
52.202.13.238
52.208.210.171
52.215.101.139
54.175.198.118
54.76.176.197
63.32.201.39
66.155.71.25
69.173.144.139
69.173.144.165
72.251.245.179
74.205.28.1
77.243.60.138
78.46.90.238
83.147.204.132
85.114.159.118
85.239.105.10
87.98.242.60
88.198.250.30
94.23.99.218
94.31.29.96
01f62119d738e56887c7298650396be3edc28f9bd4b64af4c496048183172630
024bf58839434bcdbb669f44e683ecbb58be25cde0d0e721d68031a67a40dd40
027239683299b958917a3fc724a39775affa54709b897edae6b0ba4b1a9428f0
0497a8d2a9bde7db8c0466fae73e347a3258192811ed1108e3e096d5f34ac0e8
04fef9fcaaf58528afc6c99dc04176325d10f353b2594e08184636c316bd7896
06c0b9cd46f53c57c3ebc3531be56f50ca25c2bd7bb672eaa8b033c134957c6e
07975904915c3b0c84a5c7accac1f5613fa6f047781872c0ce1ac068212c6324
08406d1c32022b50005b99660d841d8a5b5cdc835de1e91cc05524ae7c362158
09343d3b3473e1c994b2d603c99feb8a0f63fbd3ff20be7432ff18b973dbe651
097ee9cf7679385b826098b24be6ed2e5c6b660342513932a8018203cc0497bc
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0bcac89d72d5f0b2bef20f815406384ff05489e4294acee57409060c2eccffc5
0caaba09f3ab99cc64db125b3fcb1b1cadf232b1d9ca47fbf0f40c6681dc6a6b
0ecdc6188a4b2ec48e2ebf84a2a6584e78473f1216d7119832b5dc109bec7492
11926ef0ee1fb16028ad4290035a7c1ededeb5de6c81f4303f00200afd0a459a
11ee782d8f2847e83d0aaf7489c0305c67076a0b10b26b7715e8cd36bddf4ee8
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
14d0ad63d02d3bd3fea8c8c317e4ee3387f7849aff8c8b9a4b9628cf11e9e53b
172d1c6efeb1b1a92c0dbb2f09f3f36d6a71295c62c6f644fa383eb0c9add23d
184290078a24baa7e14ebe5b363ef81ee19438641c12f17128f3c8cc6a691c15
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002
18b3bd5064e97764c244353b1dd81639218ecf33c3d04312518b6969d6618144
18d214ae6b0494252c90f14f9823fc13effe5464e02bb1ef33474147ede9c70c
1b4e852fde612daeb72f1f4cca801a99cc2730875048c5ac3faa9f5ca5854155
1bd00b2681ba5cf15016290fb3c65a7d1868a7b890a4c544847ee207999d5e80
1c0790065c5ca7fbbd2f08bb508e0f79bee3d0ce2e74a1d2213a1a18ab50d339
1d4bf3a31fe934300b0714df8b06ae0571ebcf116eac943f718bd347cf114ea4
1da9e15814a2704f91c84e357989a65e797ae245b8added64673b88c27638add
1e7cd2bde1c04e5a5db40673bdeb4c711a140792878ba1f1c967783f04793ba7
215f500ae1db630213530e7682c7bc7c64a72a85b8e3e51c9b56a97436d9e05e
21c0ae20fc96494f08d1077e4459826f8dc837e64d700140f801530fbdb9b3b9
241155907faff3ddf6df02126069a4fc7f05f77454acef7e1cbd49d8395ea556
2830fa9807b2f57b27b92525e11d4d5e25aa07fb5056453bfa69717ce84c94a1
291437ea71e62b1c35d4ec5d3c5ad02cfa930343b41b1472fba70243089c8bbe
2967b69b0c5f3bf0717742cb2d1c420c7fec6b1dba9081ca4787a8103fa04f94
2a30ee5663693b43b5a46c0810c2a99f2bbb0affff9a40d149e29d004f882067
2a6184b6a38bda06bcfec605b4585b4129838276a06670aa0294d188541f68c4
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11
2c60b0d0f8276d4bc045cd7242d126a03d27a57ac4026c95448949c1fa61bcdb
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
309fcbd049e701f4b1759286ec9d58f6bf0f3ce913623f3a57518219e964e63e
314b1f34c440e490a4b19a2ae99a0a4a9d27fc4406f1be3544a067e8a37840f1
31df1e69ea3aece8a8bae5c08bcb7f5e977cb76f886897b301355359b66a48ec
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7
32b5c88160bab78ae20a39de4a8abe015f4f4c5d48be8300a6686d32a570ccfb
33b9cfaf63abe61231d2d8583a7e386351c573af15338dfc422c3065d38bc8b6
340e679e8d5c6044e58c372406f4ac3be7cd3479c0adf7b0ac7586db37e0ebda
34141e57b1afc6233de17f6fc96ef59921c1c2b4b4a22abb5b2abb8471903078
346e4da8750273e0fb681009166c52e197d2b79bc26f72cdd86dd64d3980c2bf
35643c3796f1608e5a24b85cba988d72ce4c74e9fa64db6b90bec3353f1cfd69
35c90cc37f55a66b2e533dac9185aefaf626af03b058ed68f9d8db36db10ed82
36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1
36a9e7f1c95b82ffb99743e0c5c4ce95d83c9a430aac59f84ef3cbfab6145068
36ae762191d24727fbba21272ea14872bb7824188961282001d50e67f7b1881c
389e7dabb1ecb51d97f9025d3f48c719d7526ae0234afd678a49afc5792e27aa
38e656377a45f557236ec4ad663f83221afdb207487805e384b52694973ac9d8
3ab859f6883b80f0d98aa4c62bf0cb98c696efe3a3858fdb92c0bda3db2c57f5
3b1186c5d0eb667f54a8a52c0c4083cd1191fae972356a4b74af7302f88d6227
3bfd0c3e905ba53870f039a5764f10011366b69cd3e9c2b5249b2213a7f0ce33
3c2c5e8ce71da5f920b37260c35faad806880a17d60b6b93e35e1200763a6733
3c8a3709888f956cc29b6f9ea66500d9ee6bbca1085a6411e54864271d757042
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
400d415e25e3c2b6d990376f5b1b73e91a4ada0f82098f11b71b644773528907
40e0abb4ea1c6939f435018be2ed0eb094e125d72897af16e089acf3602f8f88
42b976597a2d977d0e300f6d06bc903db389e5c112d33c1c8c249690a522d9f2
436a0bfb30895463fa4ee57941ecee6ca3738f93f0dcd735f0ee1fc912f3d4ef
4492dbb85aac3d9fa10fab609cb334d52fa62ee89fc1d252109ad580e565c5a8
45fa735c6df15f15a1293a9cb3125033408874bf284280e8bcac23f95ad8feac
4695dd13af6c56cad7ea6cec23fc24f86935ddadb048108bfaf468abfdeedd9d
47266e1987dae930dd3396fba6ed7cadd69b708cd8eee635d4bc291c9bb58679
481a0574246e281316ffa0e15399bf5388bb81ae550ce0401a0353b6bb2d1e5a
48605412d3fb49e8c7e9b30905facc795c8ac91ae8911025d20c407a8ab1c4a0
486f645df3c6d9049478f9fdbf363f21e63e2bb9b43669ea63c019fe4d75b4c8
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
4a85bbd945d370b499409eeca2ac0a1ca75110c514373441b77a8ec397c4d7db
4a8d4f63025198366db263f67c81ef5c294be5c2b7448ddfef7aaf7f512ec98d
4a9b502470b6793cbf3c545a1a68d76828bfc03ce252c727ac6b5b167b79d22d
4af635698cb6488a8df86b99febedbc979c76e04f675f3a9cdc66f7b4d86aff6
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4bc5807c442efc249fdd0a03b31bf38062101c18c15997167cdeccf276c0da84
4c1355d27b14881a055e00a4a2afa4608b452c9780ac5c61e1b8f9fd55fa3e1e
4c9d68e6fcd7df4461d8628656db38b9b67c9f193e49fdd74e0ab213c56e3581
4cb35cbd51b850ff4f6466dc26a3a2d8b5c32638e0e41beeb66ef407edf47fd7
4cb7722de1dbe3e35aa5fd3f5e32ec08eb624b946a9188bde0fdda969f24002c
4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840
4d714d19b1d25c8b52ee9c9a28ef664bee70840ae7fdf529c99991639048045a
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4f49e616d278a16d9cd55a6d5fe19c99ebd37d7d3848d14422190618b67011e0
4fa0156d693856f79289525c8e4db988a188d55ce0283351c96d811c7ce3e2c3
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
5068c5121ca30ccd6317e24406c8390b8bd008338fd30f93106e0abd46f1a944
52895bdcfd2f2089508c6e5fd4cb4ceafd797d67c4cb183e93764c1476b1a483
5292e677fe712c80863414e9e73f3678d86d409f751392b6803b70a949fc1017
53ae14fc5dcb8260cf6b52e08f41218f774301005574bf7526bb7d09d2441776
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
5499db61e4f6f271d822a1a8d5c85e5545fd47ecb2e4b143c36203b39275a5d5
54c576210d6bf2015a3956e456d0c1a3a79fa31d658a79fffd73dcf418e3c077
550ae0aec02409dd4ee928a4ec2e3f05245927cf5856da2707dabd37ffc11110
56a891645535c936ef835703d0683570f99c8fb1a33adf440b72a117656f929f
5755144f0dce959dc794da1dfdc2acaebcf06d9b48532cb75dc972c33600f26d
57e8451654a9e4668a66491c8fed9b2df1c65c8441fb45de7017a40f38c9ef53
583eda12fed77c078f7391866e53eedd80aec5b9b178a3537a3c4c3b09575485
59b3f6cd77bbd2411b6d0eff2c593dbee8ea40152bdf25d8c745ee6e3d828d27
59ca76951ded049f3b6f7b6cd5b91f99d1294ad46af9b465b5d401c072fa1562
5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b
5dd139490465c0d5b42eb905451078a5ee84b5c220d6af5b143af49247a8ecf5
5e2065c627e8fd3c379338adc7c7786f5921c0ea1e4e0119d31baff60ddff3fe
5e6b349b7db53d0428848d070b899d5d77af153abb8217d24d6e1966d5557d0b
5e6eccb66445643438a1cc22004f474446c8001bfd3ab2ac604b75d118d744df
5ed4c20498ac853bf62cc34c3eb6c9ef0ad4235375846a158ba66a23f90f7c9c
5f0e66691f615622835fa31b03f6a5bcb578c4725d7b8ecf9c1b2b2bef329ffc
6112d5eb4afffc449d90da6aa62c18da1d874c8608b8f6cce8724c1dd7d1f037
62070f46392f3179495c0878266b57a419ff3a1e9c58f4a140c78ad9501dec51
628836fc372e7998a50a99e0133e15f2fef48bbd257ffeb10e32c9c5989bb0ac
6462f59072e92f77915cfb30aebb3c3e1813ce7e502476d9b567900fb65e968b
650f0d2335d42d32ea27c7ab432d665bea3e73f3461ee6ea58096237cd97d11c
65a99de98c3b21af6d7f91b28b9f72d8a6f002bd894e4ac44b8017a10e6e4d93
65cb5cd5882c666a22bf188d80f04fe01f56fbb3428e29d74aa24e3d9b1c783b
661ff67f331d063bd112283b929493a35e3e617468bfcc0a0b9d49e4756c353b
66f418a10ab0a13e15f4f1cab0fdcef351b489557938d218b7ae258a5b8f54ce
68d35695ba7205d3f898ff5deed87aa8e03c5fda7e69d27a4b55d21dec6352b9
69a051355ad02c286b388a0013340d02657eb3f463d628f7fc1069c40ab8a7e5
6a111b8ffceaa622f173dc7133289c6c92bbb51def7bb5aec5dbc81616deb1de
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6c138576e7381d3ab0aa7b511adc3a7cbb7fe3a3d33768bad05577f5dfc60cad
6ef8f450e55451de3da1e6ec1d6a883e42112841adcdedbb2d6da5d926b67c8b
73cb5c19a798c855997b0a6e9f336eee9ed6436b4cb180c1f8db839079f5c815
77c0d53ad7a44dadf518e9960ec49dd00fa3859ecbaf646bb215d33e0b5f4658
7888a75eac5f8b9dc4c448f10e8dc9030fcae612cb236f1a9e9700d56ae6ef34
78e958d620d6e40a19e424eee3a9b23932cd9bfa4d7f736442048777d203052d
79079035ef85018e365005353caff57c4797c437cb07f6460e77bf6477cd3805
7b52e3c4c37ea20ba19251a2d6a41793d3cf0a84a612a0618dbdba55fc555e9e
7c5568b0b56499e58e2beebe55f286c9e5ddd22b9f3e9cb5a3cd7ed79ffa8138
7cfe458faed6fe5c3094bd51f1f10174604be983739ade9d828b0aad190043e5
7efcab275e51aa6e9cc922e21ee3b718623130d872ba4a8275737752def952e4
7faef21187e15aefd3d8a5a585ca32c66358f597a97f5abd276517eaea1057d3
7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b
7ffe586addccf18e03d73707710f8447910a27fedef92caa3c624cbfbdc05202
808d2a3ff1668e29cc40f1b2c047b9d33752ec4e95c03ff1f4fb483877019d31
80d93d1c7646923d44963a0418715b693c6b7e0f9c71f851e7556f15095f6c95
81016ac6be850b72df5d4faa0c3cec8e2c1b0ba0045712144a6766adfad40bee
81b4b620739e7a15c3ef161b6a9d7025e65415add7b7e05cf29e2bd7a9691ea7
81fe6ecafb7561bb6d3c764522fe2ce0273f1a2f9ffaa90e5bf5c832b1a1cebb
82b43e02283b76764dedb64db39f51a20c8432659eb367835ecd16e7fcc8a1ed
831b0d6cde4541d363bb7a67eb49010fc5fd717dda4b9c3187dd3207b1da56cd
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
84d236d37eb9739dad295d0b8e4762a2c9d574121163582e42f6ae101a6d30fe
87a14face76ffb6903e0a1783236a8492347748e7a122dc16e375bed078a8ac4
87c5f2e18cbbef40eeba16c0e6a15aaa697faabff8dbb9e7e8e2f0499fcc7fbd
88915cdc03fc5b9a20aec966fe93ee38aa3fd76bfef296e41d305271b3541c96
88b91cc699d3f46b6b354cdb6a2c4f35b73ed27b2d935354d7f3efb93a9ef987
88e03f37d35232ca4b0f97e30ff63132372cc2235dbb60bc1141fa97a112c64d
8934ab02c09dd3393787c8ebd631f1a57367e3406dd174afb7e83dbfc7aee662
8b532cfa4638bb3fae52654079210c96bc6cb02a446d86704635e8549c4211cf
8f74be2d5bc8fec5bce07f8532723baaaaf957677894aa39eabd3238019cae68
8fe2f1cb7bc41c640ad3ea24449cfa1ba5291e16dbbbab0ef61bfe43f3212910
90252ef0aa9e3d36c861bbeaa1bd57b7f855333edf2957ab9473838a52e2dd7f
92d168e4d70f1f23515b66007b28a6c63ff88baf3c57acea6c7867def3b3565f
92f75b3d52eb22fd4d5af5352dc0bb43e5d0bc979f274783e7cd17884221b72e
932060b34fe451f1cb994f3da257f6d2d0f281e1e286e9f3f0e2da63e862fec6
934f312b17cb31382e8b4579ba27ae58936e6521abfa1b68779f145adb68b586
93ae7d494fad0fb30cbf3ae746a39c4bc7a0f8bbf87fbb587a3f3c01f3c5ce20
93cf91407923a2c77bdf11879b36b1c7507ae277f5538fd727b4114b15948c70
94e4cb19c22e935d07b372642b91d6ef04fa8a8c61aed1bc5b17a5e79cdb6a54
958245880c3e5c2a4b1267e2fca012beb3a31bdb3a27d0f0e319d051312da7ea
958cb8992e75141f60d67383af5df25397e04446753f027dd317be9d51136ab0
963cab849b7c9ee9c161e4d6e74340069884f362d7cdacae5cdec3d4f6b8a122
96aa2acbfb9ec3b71048be25528935f8d9508d8498e67e545ff0e7690d2313ae
96f11db0e8e9a6853db4be032b404295ede3b41430a3c291ad48086960880f5a
99464ceb71bc9bbdcc72275faefe44f98eb5cbb6b5d8ee665b87b35376f1a96e
996741ec4a987b31627a2015017ffe1b02146067d03e0578e48975d3aea1f196
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9c1521286e7dd2d6f8c2262b15bca8867bcae973a83879accdd00e1cb9831e5f
9db8a678d1681c1c4a3f15e1769c3f54d96f126db4a7b00cea65127c820a7763
9e2e8b21291e43020488ce60525106da68a40a2983a768cee99f40651b9f81bc
9ea21905a7edfa4ceda705f977891d5e100f9709318836cfacbab47ad3321ff1
9eff6646bd5b958b49a066b9670a4a1c63e704294c5d0981ae7fb408387ded38
9f172dd6356e55de434501a92869aa7fcef9628e7de6bb20adb931e1787ace3e
9f1b709da2be9a270c5d027fa0dc80ca552cea41f4f0308aad85c9158dd46fda
9f312aead73c7059dc22bbff1a38210eaacd5e2d7beaaec586a32575c54bc35a
9f789f4e4c5ac64ca2066bee1563d7689159da96483df1206b61e2bfdeb5c085
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
a048e640908046be06e00eab37742b5d5ff80964af58cfd22f7cb2de4dfe375f
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a098436a5df97c9e10e0870b603556e804b32b071c16c335b7689471c338df0e
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a23e44d9d02a2a9641a9bd3b47693656054c00b71890aed2fa7fc90151750f73
a2ffd1d025cd9ebe848e26777f7f72a90c636fbc775b34efa8e7021493a05acb
a324dc96faa573de36a262d7928faac4a6ae30ff784a958d356af5d4d064d262
a37da40dabd3be0226a7f201691d6ddc8c85aac380ae40503e93967cba448c81
a49bb4e090ec41a6c49f8a62f97d9793bbeb179536e61a01c9a33b3132d159dd
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a551f5b31132be14d4c38234239a6d1efde22844860665cb93fdc96aab90a081
a5bbeaa469787c9f0bd267485542f77b2177afd4167475b96c18c71c9aff59f8
a5ead9037af4a0e749e217f63b25a25493a7705e17d98f04b336ab1370a353db
a6cbceea7eda0e507f3a2c7633c052eb79d59890a93ad1bc6f3b9a0638e57ae0
a6e541472551caa8d2c620d2438679f08bef67374293fda859177346886f988f
a71702232a771b558b12f8c0012a15f5652b500fd2e33464d283406cee36754d
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
a7ae4f4e313e150000175511c29ca19ae2948eb663987253d19a9372cc20e3fe
a7e5500431c24168010ba54cbe85905df1e2e63b47f431f944e69675ea2b8d3c
a9950fa5ca9cf47072770900d259bcf6778aa1119652d2e706d5eb92df254199
a99f6b2462822621ce4a1f66108316ac9cb8f6fff3a6c9e1fefea2065d72fa7d
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22
aa1f30dfc95db43d4b547a851004ce7f16dfe22290c1f0aab7b40bc4be0a1e67
aaf0feabc8ee4333a21f396ddb102bd77de04e83504d24120c0edc7bba4de188
ab2393b8736c6628c492115497ffce0397645a473a6de15e541ea23946ed45aa
ab7475d461d9f613ef90faa375ec3387987dd7536af23c13cacd6be9c0c0e370
acd89c8dd5cc9cf47ee574302ec883993c33d419da8840ddb05763b857f1f09f
ada75a176eacbb4f522b140e678f32b609036bedb8aa53f492ac888a2a96f565
adcac19da1b816e1e7936fcc0dac230a7e080da98b3d84d1bd91d3a29ba96ebb
ae052538c77b3ad803c527650dc40dcfc81f3585654906cec5c6957c538a883d
ae8fc06de3bf41915d227c897a89b47a0f32a3a75c09dde8d39ea1dc27d95318
af3e5cfbec7a3ad4f4f5ae7f38bd6e857fb46b79a4851ed6084f32adcd327363
af8d1de3ef8c9404ae46573a4d16368841714c0c16d2a6a805840b0a0144e79c
b0fcd4baa7c4597d8c207f5e0253ea6252c5b11f57ea271a0e2bafd98bb842aa
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b18e90729452c8796f604d2f022f8b1e259a28e648c8ce9b7e06dbab25ad3eb8
b1ea339daaa89b586a011d5bd1950ac69401da87ac9b364d631847cf3e2cd7ca
b307c4ae27381c0bc19983833f7bc324bb100468b4f22bdd7594b179c836aa4a
b3bc188ffa450c649d95d661372fddb6bbdf17e7d63578d499ab98b984da8381
b46d5f663781cd06f6de358326e376dd342ea2a2667cb418e403c8ef3203bda3
b4d84fb440d969558097fb06b14316f727e502d6659d98baaad89273fe763586
b69967c0d0795c59adbf5770fb6891760d3b8e2d0934aa54a165ae44de87447b
b6e53c942b19db58c2d7f74fd56324abaaa5624df6aa559aaab50c56d13c69f1
b6ff02c733394664dbb2178c88a0d8ab1292602aaad412e44ee83c3ab7943faf
b772df7ba96adfcb6e5a28d11a68d0f5755b9e31e5b7049932dcac04a21eeef9
b89b553ceaa23e0fd2f6766d52859a7344ebb76f535d3f941acdcded5ea86e85
b8ff2d5c080028c4213654ba9d568ea66f26cbd6707ef56b9ec3de439a2a2ba0
bcead286ac01e0fdf1298573ad010dd6b548659d041ca44101a71bcf26061ebe
bd4de6a3fc0fb68d6f76ba7b93514b96a92e585c295b5351c31ad92a4b0777ea
bda5faeee736e63949f23b0111cc7b93ee6323933619a6ad677c489d79151df5
bddc2f1ed7e3c0d5dcf460ee3fd0d7f4445a3e7840e40483e005a109ded7afe5
be32eb2045a4d0a5eeb1fbe7a87ec822ba313b1f8c5f3faf2f31ee8235dd3486
bef7de7b0ce6240de4bab1fb4b9b6d800eb7d8fd1b1c2c31cc8c98dd9d1bcdbf
c0e4badd8ff89f4b5bcee03a203fbfa3a60d8d79451062d08ce9b058bcd2cba0
c21e5a2b32c47bc5f9d9efc97bc0e29fd081946d1d3ebffc5621cfafb1d3960e
c2a05bda128bd86f40100b8588b3b3bf55275b8927a69fcc7536ed45da91b366
c44ca7391f96d8aa150adda160f75da94e3310fdac055df6d43afc32a94fcff5
c4fada4accfa24704b54248bc5ce84acac50b6a059828b7714fe3006786c80c1
c5a17d46976d471cf060c5a0e25749a323d6ab20cf0910f40afed81047ba21ef
c5cd690c34dc291f07ea7788f0843ea73171c8bd1518906114c2f510e913c560
c6420ab9ec6ebff1cd61333dade6ba9ac879d3617a59334148672dee6af12fec
c6ce2b47cde7cf913a3c34ddce355fa9c75012577dd34c35928add8676cb7fa0
c72041f82ca5e57e8cded65e46305bd7fd2606d53d9d280db0c20a09048fba0c
c84a6ae821ae828041a000d3e1dd0d14490d718a6cd449aa740b11e8199776a0
c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97
cb3d98bb8f688da1e74ca59b2f4c8f10abdfeee40f67b2365f945f31b892498d
ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142
cd985f03c9f87649112b373b06ac45d718c00afe0d4e40c3c6fded0c077190bb
cdcc50aec06366d900fac222e7968371b35171ef96e3236ad7a0cbe0074ad49d
ce264c6adce1673d25264e01b96689bf38b0644db3818a2777196b1916fb3be1
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d0e8821e889280c3b745b859e6b3971924723a4562bac65ba8aa0fe44bfc83b2
d30819ce1c019dde9d9cb87b4a43a0cd31cfea58de21091758329dc5d88583dd
d3e699b6f190e46ca23cee1bb2a76726329d04de23028d01e4a57bb56ad6e953
d54cfdbe1e3f7eff119abf96ff0bab1321b58a166fa906d3c4e692b92779c473
d66696a11951b5cd3c52f3f53bb7a8553eb20dcbd69c8b36a76c6944016f56fe
d72fe48350b82bd31bd6c6b8e90811d971f483c9722af13005cb7539a0c0a2fa
d7a6c57be84a2088f7cdfd0d3a289ced1e5097cc8a6ced0de0185d4943267f52
d7ccdbeeef496b6070db7d13dc69669cbc6041d914c32f3ab4ecf3e01823e38f
d952b355779a8499cb0c700081b3ab5edd35c988c2ce9f77c6e1e0efb829cc97
da1c6567cc193bc82d8712e9382afba88eaad8ed7721dcff7cfe09fdcccfa549
da863df7f387c13d9498c3e7136bd464f2d179de2f11548a7a6d80b4ed882095
daa795332e5dbcf893adf2d5f3349f02b8c1cb957ff3b5f4c11b742e33c3376f
daf501ed0c9d8b2dd239692524ddd1e30e1158df99dc06202dd0adf6efc5ae20
ddd0010a6f9f8edd8b545aa47b63a3ace7f81621e62c8b2b9e5453e326946576
dec0ca17089aa84805576b6f139762d3c808b2d086326fc4f44a99c03e1b2379
def5de6254be138b8b35d680d1fdd8b07827d03b8626daebfeeb4157ec330ea7
dfb1fa3ea344a2eed9ba9dc4c1317bae4ce5630e8e09d0d59c002286554d55e1
e0fe644f6147b02ef6d63d75e9e89764bc09fb65b8c37293605cdfdcb7286edf
e2643009f7263a2cc8e069d89771f44f723bb615262aed3eb26dae41023edd92
e2cdec10db9a0a224e9f5e49b6f004c5426564fb8d857ad3df480e9c916bafe6
e2d85b58e10843eb579127a6827ab12a184ef95517c31d89c27386a9a490eb49
e31d5a659fdfb2053682630304b9ae1645deacd877ae8211e233d40a733f25bd
e39be1ecc66a9b505fd72ff6e6dcffdc08c362c9c4c9e30db06f486043227e84
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e
e751e48f4e7ea27901a50cce0a3e5b695ede7cab50058c4cc51c4a7435d02b7d
e84a512a5847981fd67330bb0ecb081f3d93d3ea11de93d8f5c9f6a438229123
e9d1ed41d979c9ee7a526fdff3b7c448ef682a7b55d158818b6483fc4f6e6647
e9ff798ed2c556ac8cb142ab26ac60986ecda39403602245bda4bfe276852366
eae50574ea0a56447a194b3b9b6f1c5b351bc2839e59a8faed20d1c93ca6e651
eb1b5b489f5a7ea6bed2f96fc0b1ab2ce988165232678aa8355ce4a119e4c950
ebf4f635a17d10d6eb46ba680b70142419aa3220f228001a036d311a22ee9d2a
ecafecffa0db9b7f76734f0bcab9c4646954668aebd3e86dc38cdbe162d3f250
ecd1add1790844329ee5df6d91e99e7f9d50ef9dbb1cdb7e0b851f80ae7fed62
edc812c34046a0951b7d3a30248a93557654dc642ee72012132aa4ab9576d367
eed474a49bdbf745c19e463f070e67977c1ab27835603eb749d9e5c249cf81f8
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
efacc9a3f56697c01f1ea5df01fb10f57339c266482602a7f72c6974b6facf34
efb3cdc5e4582fd67dffab6fc6e5062074ce3f8c51747346af944e97749dc309
f0f6a8b6c19b0c4d1cab075ab2f4f755cfef747424837668e65f431410f816e8
f1d988860ae8336d6f7e4ad07b3c11e038a6c6c01a445029ef4ca55cbfea77ed
f3d3a396d62c2ea67bef71b2316d7d7e1000b096c0c31486eaa001225c81a1d9
f419ad7a4477f36ce73c74a23dce784150ca38fa5075a8e06109709cbb716903
f64601e60de6ab3c4515edee4ba981182966c386c2fa61b6c5c05b897212a4d4
f68019eb4b4e5933301d4ee75969e0cb94ed8333bf514630fa749eb9c3e483c9
f737634f15fe825ba0861a18a364196da85273b6de65b120e2a877d3fe86b7c0
f861e6867b352476bb1266770ca67d64e80c0dec0f860eb9c9dcc53c4df46b76
f8957910f9a887e298f5c082685e139255d095ec819e8b8cc6469b0006ef204b
f8b20328615335252d0a3d19d57f2ae87a4325694c247a864a1f90d52559bb35
f8ce0d868b04686994caae0a66bb97f3975040018ea07d497fe89cca2f88d366
f987277481bdb5e15f013fbb0e7036478e6f820c0a6220f68e4726779ca883dd
f9a8536bd32bcd9ecba5f08463ea344cfbcf4a2e0c1af51ce14089dcd4dbac51
fa20f0c13e954d34f92457488a06ff69c4c118d4bb330ef1e20d0192beaab443
fa9fe1b309d3dd1e996d1c09c0971a68676dd7ac4ed3a47bda490a5ef31722aa
fb480801f1b09a821681a2b2258c5cbd44157ff75d3fb4f70aaacee9033cf93b
fdd3b7a9d7513226208fcf544105497b89ad561b2fb9e86a6df5b9f6aa1de4cc