www.tiandeitnews.com Open in urlscan Pro
2606:4700:3037::ac43:9a51 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://www.tiandeitnews.com/details.html?utm_source=masked&utm_medium=1&sid=masked
Effective URL:
https://www.tiandeitnews.com/two/9088.html?utm_source=masked&utm_medium=1&sid=masked
Submission: On December 23 via api (December 23rd 2023, 3:04:58 am UTC) from GB — Scanned from GB

Summary HTTP 137 Redirects Behaviour Indicators

Summary

This website contacted 22 IPs in 4 countries across 12 domains to perform 137 HTTP transactions. The main IP is 2606:4700:3037::ac43:9a51, located in United States and belongs to CLOUDFLARENET, US. The main domain is www.tiandeitnews.com.
TLS certificate: Issued by GTS CA 1P5 on December 3rd 2023. Valid for: 3 months.

This is the only time www.tiandeitnews.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
11	2606:4700:303... 2606:4700:3037::ac43:9a51	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	2a00:1450:400... 2a00:1450:4001:80f::2008	15169 (GOOGLE) (GOOGLE)
7	2a00:1450:400... 2a00:1450:4001:82f::2002	15169 (GOOGLE) (GOOGLE)
6	2001:4860:480... 2001:4860:4802:32::36	15169 (GOOGLE) (GOOGLE)
1	68.232.34.193 68.232.34.193	15133 (EDGECAST) (EDGECAST)
7	2a00:1450:400... 2a00:1450:4001:831::200e	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:808::2001	15169 (GOOGLE) (GOOGLE)
2	150.136.215.59 150.136.215.59	31898 (ORACLE-BM...) (ORACLE-BMC-31898)
1	2a00:1450:400... 2a00:1450:400c:c00::9a	15169 (GOOGLE) (GOOGLE)
22	2a00:1450:400... 2a00:1450:4001:80b::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:82b::2002	15169 (GOOGLE) (GOOGLE)
29	2a00:1450:400... 2a00:1450:4001:830::2006	15169 (GOOGLE) (GOOGLE)
16	2a00:1450:400... 2a00:1450:4001:829::2001	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:82a::2002	15169 (GOOGLE) (GOOGLE)
9 14	142.250.186.130 142.250.186.130	15169 (GOOGLE) (GOOGLE)
4 10	172.64.151.101 172.64.151.101	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4 7	37.252.171.85 37.252.171.85	29990 (ASN-APPNEX) (ASN-APPNEX)
1	2a00:1450:400... 2a00:1450:4001:802::2004	15169 (GOOGLE) (GOOGLE)
6	172.217.16.134 172.217.16.134	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:82a::200a	15169 (GOOGLE) (GOOGLE)
1 1	2a00:1450:400... 2a00:1450:4001:812::200e	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4009:e::6	15169 (GOOGLE) (GOOGLE)
137	22

11 2606:4700:3037::ac43:9a51 (United States)

ASN13335 (CLOUDFLARENET, US)

www.tiandeitnews.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:80f::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:82f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2001:4860:4802:32::36 (United States)

ASN15169 (GOOGLE, US)

region1.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 68.232.34.193 (United States)

ASN15133 (EDGECAST, US)

funnel-assets.startappservice.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:831::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:808::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

c9adeaae95a4301d142b2c8a3a1bd9bd.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 150.136.215.59 (Ashburn, United States)

ASN31898 (ORACLE-BMC-31898, US)

trackinstall.startappservice.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c00::9a (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

22 2a00:1450:4001:80b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

29 2a00:1450:4001:830::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

s0.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

16 2a00:1450:4001:829::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:82a::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 142.250.186.130 (United States) 9 redirects

ASN15169 (GOOGLE, US)
PTR: fra24s07-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 172.64.151.101 (United States) 4 redirects

ASN13335 (CLOUDFLARENET, US)

dsum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 37.252.171.85 (Frankfurt am Main, Germany) 4 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 1006.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:802::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 172.217.16.134 (United States)

ASN15169 (GOOGLE, US)
PTR: zrh04s06-in-f134.1e100.net

ad.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82a::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:812::200e (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

gcdn.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4009:e::6 (London, United Kingdom)

ASN15169 (GOOGLE, US)

r1---sn-aigl6nze.c.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
42	googlesyndication.com c9adeaae95a4301d142b2c8a3a1bd9bd.safeframe.googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 102 tpc.googlesyndication.com — Cisco Umbrella Rank: 148	267 KB
31	2mdn.net 1 redirects s0.2mdn.net — Cisco Umbrella Rank: 300 gcdn.2mdn.net — Cisco Umbrella Rank: 1193 r1---sn-aigl6nze.c.2mdn.net — Cisco Umbrella Rank: 254076	1 MB
29	doubleclick.net 9 redirects securepubads.g.doubleclick.net — Cisco Umbrella Rank: 196 stats.g.doubleclick.net — Cisco Umbrella Rank: 75 googleads.g.doubleclick.net — Cisco Umbrella Rank: 33 cm.g.doubleclick.net — Cisco Umbrella Rank: 219 ad.doubleclick.net — Cisco Umbrella Rank: 139	316 KB
13	google-analytics.com region1.google-analytics.com — Cisco Umbrella Rank: 2189 www.google-analytics.com — Cisco Umbrella Rank: 27	22 KB
11	tiandeitnews.com www.tiandeitnews.com	111 KB
10	casalemedia.com 4 redirects dsum-sec.casalemedia.com — Cisco Umbrella Rank: 578	7 KB
7	adnxs.com 4 redirects ib.adnxs.com — Cisco Umbrella Rank: 229	6 KB
4	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 36	297 KB
3	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 206	193 KB
3	startappservice.com funnel-assets.startappservice.com — Cisco Umbrella Rank: 97456 trackinstall.startappservice.com — Cisco Umbrella Rank: 950318	1 KB
1	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 29	1 KB
1	google.com www.google.com — Cisco Umbrella Rank: 2	1 KB
137	12

	Domain	Requested by
29	s0.2mdn.net	www.tiandeitnews.com s0.2mdn.net c9adeaae95a4301d142b2c8a3a1bd9bd.safeframe.googlesyndication.com
22	pagead2.googlesyndication.com	securepubads.g.doubleclick.net www.tiandeitnews.com c9adeaae95a4301d142b2c8a3a1bd9bd.safeframe.googlesyndication.com tpc.googlesyndication.com s0.2mdn.net www.googletagservices.com
16	tpc.googlesyndication.com	www.tiandeitnews.com c9adeaae95a4301d142b2c8a3a1bd9bd.safeframe.googlesyndication.com securepubads.g.doubleclick.net tpc.googlesyndication.com s0.2mdn.net
12	cm.g.doubleclick.net	9 redirects googleads.g.doubleclick.net
11	www.tiandeitnews.com	www.tiandeitnews.com
10	dsum-sec.casalemedia.com	4 redirects googleads.g.doubleclick.net
7	ib.adnxs.com	4 redirects googleads.g.doubleclick.net
7	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com www.tiandeitnews.com
7	securepubads.g.doubleclick.net	www.tiandeitnews.com securepubads.g.doubleclick.net
6	ad.doubleclick.net	www.tiandeitnews.com
6	region1.google-analytics.com	www.googletagmanager.com
4	c9adeaae95a4301d142b2c8a3a1bd9bd.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
4	www.googletagmanager.com	www.tiandeitnews.com www.googletagmanager.com
3	www.googletagservices.com	c9adeaae95a4301d142b2c8a3a1bd9bd.safeframe.googlesyndication.com
3	googleads.g.doubleclick.net	c9adeaae95a4301d142b2c8a3a1bd9bd.safeframe.googlesyndication.com
2	trackinstall.startappservice.com	www.tiandeitnews.com
1	r1---sn-aigl6nze.c.2mdn.net
1	gcdn.2mdn.net	1 redirects
1	fonts.googleapis.com	s0.2mdn.net
1	www.google.com	tpc.googlesyndication.com
1	stats.g.doubleclick.net	www.google-analytics.com
1	funnel-assets.startappservice.com	www.googletagmanager.com
137	22

This site contains no links.

Subject Issuer	Validity	Valid
tiandeitnews.com GTS CA 1P5	`2023-12-03` - `2024-03-02`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
*.startappservice.com Go Daddy Secure Certificate Authority - G2	`2023-06-12` - `2024-07-13`	a year	crt.sh
trackinstall.startappservice.com R3	`2023-12-04` - `2024-03-03`	3 months	crt.sh
*.doubleclick.net GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
www.google.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh

This page contains 16 frames:

Primary Page: https://www.tiandeitnews.com/two/9088.html?utm_source=masked&utm_medium=1&sid=masked
Frame ID: C52E6E94B5D60D87CC2EEC70793965CB
Requests: 42 HTTP requests in this frame

Frame: https://c9adeaae95a4301d142b2c8a3a1bd9bd.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 35982F0A68F286F0961D0C6DFE9EE8C5
Requests: 1 HTTP requests in this frame

Frame: https://c9adeaae95a4301d142b2c8a3a1bd9bd.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 19CF811169856D2407EAA57A82DBC73A
Requests: 11 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=COKFkAEQtf-UARjj963vATAB&v=APEucNXZBdWyl9cozuoeBT0KWw73cH9KLpyWGZTtDeK7_0UVQ6pLZGna-QZY6oT6qV1ubHUBoh9ip33v4NWgt-IozeRyRUad_7IbU12MyWgVEftE7Gb2mRYyncsZ-1PqGVQbSsWxY-1d2aRdFz3A-IM4ZRyWPFPgk-Ju3sVy8C-XGJcNq6TPYHw
Frame ID: A647C43FD86911DC3287E93FC240F76B
Requests: 5 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Frame ID: DCD816B070A4046A22215ABA55AD88D8
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 59E4030E51C56360389DBA6164B9A6FA
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: F8AB2B6096486699D80F18E6E767C8CE
Requests: 2 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/3794511120807493632/728x90-Pepperstone_InBanner_EN/index.html?e=69&leftOffset=0&topOffset=0&c=DnzLPNpz7V&t=1&renderingType=2&ev=01_250
Frame ID: D24D52139F28D1B445192462EF416786
Requests: 20 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js
Frame ID: 42674125AA51917B2BDABAEF0CB35C82
Requests: 1 HTTP requests in this frame

Frame: https://c9adeaae95a4301d142b2c8a3a1bd9bd.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 169B03BABBE700B5517A0CF9AF5B0ACA
Requests: 12 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CMmxzAIQvti-hwMYvofKgQIwAQ&v=APEucNVa3HfmlVnrWO1DD9BsPo_AwWxxjIfT-Y_7jOLUM2BXiDPlkz2Hz42ituqR8IbSNZykIadCSDAtqtRfsLcvDqXbbkrkNeFC4Hl1bSXE25goZfb88FkHsTsABuHUAuO8hNTICnlC2ZLB09J2SdPQUPp0eunVfF-KqJS9EJ6mdDumgsu1v4E
Frame ID: 1AAF1491E1F191080A14BDE528EC92E5
Requests: 5 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Frame ID: 1F758601DCA2C390F95F625EAB53AF08
Requests: 3 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/750554429848723805/index.html?ev=01_250
Frame ID: 1F3D1FC5819312173917E8049B64BD62
Requests: 10 HTTP requests in this frame

Frame: https://c9adeaae95a4301d142b2c8a3a1bd9bd.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: CB9E0E437FDC90901C12F74466C355A2
Requests: 13 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNyB0t8EEL3xy-AEGNSp9foBMAE&v=APEucNUJjRECipA25FKzf7rH7HBZVCAhIt5Vxk3XXt4DJ6WXPtsoZ2sNOiuDtZnqztSvb4g4uOPItInIxdHeufGRTZfharn3VTMlHEI09dHw0pIaxYRG2QAlCw99TTsnfFVSmr9nPoVXTezQOyQxJ6G7CVbgUD347JHag4DFl-0S3G2or47ihWg
Frame ID: 2F00B4041D41B0B49DB025DA077561A0
Requests: 5 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Frame ID: 5A357C2D5C46C19AEFF88B97B88F1187
Requests: 3 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Different Ways to Make Money on Amazon

Page URL History Show full URLs

https://www.tiandeitnews.com/details.html?utm_source=masked&utm_medium=1&sid=masked Page URL
https://www.tiandeitnews.com/two/9088.html?utm_source=masked&utm_medium=1&sid=masked Page URL

Detected technologies

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

DoubleClick Campaign Manager (DCM) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

2mdn\.net

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/
2mdn\.net

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

137
Requests

91 %
HTTPS

73 %
IPv6

12
Domains

22
Subdomains

22
IPs

4
Countries

2539 kB
Transfer

4993 kB
Size

14
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://www.tiandeitnews.com/details.html?utm_source=masked&utm_medium=1&sid=masked Page URL
https://www.tiandeitnews.com/two/9088.html?utm_source=masked&utm_medium=1&sid=masked Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 49

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEE4VGB73A1al0tQDj3AwMK8&google_cver=1

Request Chain 50

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZYZOVVpfqD9SRQ3RgGD1SQAA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEE4VGB73A1al0tQDj3AwMK8&google_cver=1

Request Chain 51

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
https://ib.adnxs.com/setuid?entity=101&code=CAESELL1vyz4N-i3IkAuPYVfLx4&google_cver=1

Request Chain 52

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MzczNTMzMDU1NTExOTgxOTY2MA%3D%3D

Request Chain 82

https://gcdn.2mdn.net/videoplayback/id/0a3f7daf4c7f6e02/itag/15/source/doubleclick/requiressl/yes/ratebypass/yes/mime/video%2Fmp4/ip/0.0.0.0/ipbits/0/expire/2144448000/sparams/ip,ipbits,expire,id,itag,source,requiressl,ratebypass,mime/signature/50CB39AB1E36D61A1EF7C489293FD73448D07237.BAF27FA1C11BCBC7DD05A3CAE54A06E3B5467B7D/key/ck2/file/file.mp4 HTTP 302
https://r1---sn-aigl6nze.c.2mdn.net/videoplayback/id/0a3f7daf4c7f6e02/itag/15/source/doubleclick/requiressl/yes/ratebypass/yes/mime/video%2Fmp4/ip/0.0.0.0/ipbits/0/expire/2144448000/sparams/expire,id,ip,ipbits,itag,mh,mime,mip,mm,mn,ms,mv,mvi,pl,ratebypass,requiressl,source/signature/040ADBE616C52F69A9FABBBDBF2CE520318B15D2.805C5469016E1469A49591AA4D9BDA3A60B58983/key/cms1/cms_redirect/yes/mh/vQ/mip/2001:ac8:21:e::7/mm/42/mn/sn-aigl6nze/ms/onc/mt/1703300205/mv/m/mvi/1/pl/48/file/file.mp4

Request Chain 99

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEE4VGB73A1al0tQDj3AwMK8&google_cver=1

Request Chain 100

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZYZOVVpfqD9SRQ3RgGD1SQAA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEE4VGB73A1al0tQDj3AwMK8&google_cver=1

Request Chain 101

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
https://ib.adnxs.com/setuid?entity=101&code=CAESELL1vyz4N-i3IkAuPYVfLx4&google_cver=1

Request Chain 102

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MzczNTMzMDU1NTExOTgxOTY2MA%3D%3D

Request Chain 129

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEE4VGB73A1al0tQDj3AwMK8&google_cver=1

Request Chain 130

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZYZOVVpfqD9SRQ3RgGD1SQAA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEE4VGB73A1al0tQDj3AwMK8&google_cver=1

Request Chain 131

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
https://ib.adnxs.com/setuid?entity=101&code=CAESELL1vyz4N-i3IkAuPYVfLx4&google_cver=1

Request Chain 132

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MzczNTMzMDU1NTExOTgxOTY2MA%3D%3D

137 HTTP transactions
2 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 details.html Show response
www.tiandeitnews.com/ 213 B
809 B 270ms
190ms Document
text/html 2606:4700:3037::ac43:9a51
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.tiandeitnews.com/details.html?utm_source=masked&utm_medium=1&sid=masked
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::ac43:9a51 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 668e7a11dadf41a8ca3e5b357031874eef1aa19d90d347031de4091dec4d787a

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 839d6129bd8876de-LHR
content-encoding: br
content-md5: gJr8YW3PDsUpaXggi4P1Lw==
content-type: text/html
date: Sat, 23 Dec 2023 03:04:51 GMT
last-modified: Tue, 22 Aug 2023 01:45:27 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=IZS%2BwYWaD5bIOjy5JCLobj4AvFqzfvI6T9NCO42H3otToNYUgKNnrvtTy%2FLYBXUXIMrCbNJR0eppbPcQoPyZxJO%2Fo0t1RtJg7F1xs3IoF9QzhshhoE62BCus%2FjVgp1IWsRa6TIiKbhLUD59BGOj9jk9DMg%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
x-oss-hash-crc64ecma: 2048328167392654334
x-oss-object-type: Normal
x-oss-request-id: 65864E5376EC4B3139971BFE
x-oss-server-time: 2
x-oss-storage-class: Standard
x-oss-version-id: CAEQYRiEgICBkdbr0BgiIDZkYzFiZmVhZGVmODRlODRhNmJlMDFiYjFkMTcwNDc0

GET
H2 200 details.js Show response
www.tiandeitnews.com/js/ 539 B
823 B 37ms
36ms Script
application/javascript 2606:4700:3037::ac43:9a51
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.tiandeitnews.com/js/details.js?timestamp=1692668698517
Requested by: Host: www.tiandeitnews.com
URL: https://www.tiandeitnews.com/details.html?utm_source=masked&utm_medium=1&sid=masked
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::ac43:9a51 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b5a3390bb3900a993de9440621e866b7eb107ef893a65aa90078749b5c4cd98e

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.tiandeitnews.com/details.html?utm_source=masked&utm_medium=1&sid=masked
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sat, 23 Dec 2023 03:04:51 GMT
content-encoding: br
x-oss-request-id: 6540F9115E5EEA3837449F2B
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-md5: B2qAbfKlhO9vkbrACM/7kQ==
age: 2734
cf-cache-status: HIT
alt-svc: h3=":443"; ma=86400
x-oss-object-type: Normal
last-modified: Tue, 22 Aug 2023 01:45:28 GMT
server: cloudflare
etag: W/"076A806DF2A584EF6F91BAC008CFFB91"
x-oss-version-id: CAEQYRiBgIDhktbr0BgiIGIzYmI4MWE4YmUxZDRmNTFiZDNmZDYzZDMzMjA4NGQ4
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5x7CPDJZQvn9ySGSbaD9Nyho5BYby9aY2sakWhypV3gUFOtm2i80vy7Q5sJ0Glp3q5WPvBJF%2FHem3uSsTZmnouKnNo3ERR7p414UyQhTGGKUeMpnp1RIRNZmoq5yaOvtTJD8GR7EW3C%2Bp3Sc84hA%2BYrEGA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
x-oss-storage-class: Standard
cf-ray: 839d612aee0576de-LHR
x-oss-hash-crc64ecma: 16692830345001727630
x-oss-server-time: 2

GET
H2 200 Primary Request 9088.html Show response
www.tiandeitnews.com/two/ 43 KB
8 KB 191ms
191ms Document
text/html 2606:4700:3037::ac43:9a51
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.tiandeitnews.com/two/9088.html?utm_source=masked&utm_medium=1&sid=masked
Requested by: Host: www.tiandeitnews.com
URL: https://www.tiandeitnews.com/js/details.js?timestamp=1692668698517
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::ac43:9a51 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1a8e1dc27e51c133f502aeb910c679d05201829644f1c864930e0a04de2e560e

Request headers

Referer: https://www.tiandeitnews.com/details.html?utm_source=masked&utm_medium=1&sid=masked
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 839d612b2e2176de-LHR
content-encoding: br
content-md5: l7CLQQfUCzakeeXueafeMg==
content-type: text/html
date: Sat, 23 Dec 2023 03:04:51 GMT
last-modified: Tue, 22 Aug 2023 01:45:28 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YOY1q33IbY1gOfgTnSrkVcmhfOCNyfnIknuUNnow7ueCRpkTU7ToLMleGa9nisvZpjmzEbeIVPqR3Eb3%2FMXLHC%2BeQhTHb0LxXaiPD01n2vVAmk%2F5oykAKF7i36uMHo%2BrVDhOD2XKoaIzqPIv0QhyWw503Q%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
x-oss-hash-crc64ecma: 14818602301877967708
x-oss-object-type: Normal
x-oss-request-id: 65864E5391795F33390C17F9
x-oss-server-time: 2
x-oss-storage-class: Standard
x-oss-version-id: CAEQYRiDgICElNbr0BgiIGM1MTJlYzY0ZGE5NTQ3ZjA5MGM0NjkyZjgzYmYyNmEy

GET
H3 200 commone.css
www.tiandeitnews.com/css/ 4 KB
2 KB 43ms
42ms Stylesheet
text/css 2606:4700:3037::ac43:9a51
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.tiandeitnews.com/css/commone.css
Requested by: Host: www.tiandeitnews.com
URL: https://www.tiandeitnews.com/two/9088.html?utm_source=masked&utm_medium=1&sid=masked
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::ac43:9a51 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ec66729d1916bb14558b21daf3cea47901df43a87660c2bf057207dbd3f23892

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.tiandeitnews.com/two/9088.html?utm_source=masked&utm_medium=1&sid=masked
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sat, 23 Dec 2023 03:04:51 GMT
content-encoding: br
x-oss-request-id: 6565D97C2CAF363532F80009
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-md5: 5fHY2YMrdNpv9IRoMQxjLQ==
age: 2973
cf-cache-status: HIT
alt-svc: h3=":443"; ma=86400
x-oss-object-type: Normal
last-modified: Tue, 22 Aug 2023 01:45:27 GMT
server: cloudflare
x-oss-version-id: CAEQYRiBgMCRkdbr0BgiIDQ2NzY3MjMwNWFhODRlM2Q5NDY4ZmNkM2U2NWZjYTg3
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=amTXWcHc5KLIk1dG%2BNftLqnysw7W9yYc6GayF0DAVwZS6jotEbbAiPT9fplfJtXSSPqbglI9xNzpMHf0kMPiYLD0nnwwWI95AUT2uqw27UfvI7zAFNJZ1zQYB78XDnXedkR55WRuhPAOpgaC%2B4Li9xSQvA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=14400
x-oss-storage-class: Standard
cf-ray: 839d612c5f4e4149-LHR
x-oss-hash-crc64ecma: 15954809381899720992
x-oss-server-time: 12

GET
H3 200 details.css
www.tiandeitnews.com/css/ 2 KB
1 KB 38ms
36ms Stylesheet
text/css 2606:4700:3037::ac43:9a51
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.tiandeitnews.com/css/details.css
Requested by: Host: www.tiandeitnews.com
URL: https://www.tiandeitnews.com/two/9088.html?utm_source=masked&utm_medium=1&sid=masked
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::ac43:9a51 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c372408853d7feee0c77d4abeab1136ddffb6c56babe32702d4d53606e1173e0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.tiandeitnews.com/two/9088.html?utm_source=masked&utm_medium=1&sid=masked
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sat, 23 Dec 2023 03:04:51 GMT
content-encoding: br
x-oss-request-id: 656724609E0E75313059E9F8
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-md5: JQ0QTdqexAt1GJ3+D9SZGA==
age: 2973
cf-cache-status: HIT
alt-svc: h3=":443"; ma=86400
x-oss-object-type: Normal
last-modified: Tue, 22 Aug 2023 01:45:27 GMT
server: cloudflare
x-oss-version-id: CAEQYRiBgICIkdbr0BgiIDlkNzZiMjU4MzY5ZTQ0MThiYTdkNmM4NDM4YjQ0OTg0
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=H4kMXbS7KR9Di99VOYJ122Sm2NhYBB1G%2FSr9vHyp0V%2BxqPc0cScZ%2B6inp7PklbEjjOWlxfLa7FEBLMXHZh8oxdBjGpoDvNIAVMRPb3XHu84zvYQndExz9Z8ACRK95FvNTtHeR0SKX%2BzKkhRR9WCDnAJhBQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=14400
x-oss-storage-class: Standard
cf-ray: 839d612c5f4f4149-LHR
x-oss-hash-crc64ecma: 10018781924348219438
x-oss-server-time: 22

GET
H3 200 iconfont.css
www.tiandeitnews.com/icon/ 531 B
972 B 41ms
40ms Stylesheet
text/css 2606:4700:3037::ac43:9a51
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.tiandeitnews.com/icon/iconfont.css
Requested by: Host: www.tiandeitnews.com
URL: https://www.tiandeitnews.com/two/9088.html?utm_source=masked&utm_medium=1&sid=masked
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::ac43:9a51 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5041045a6708a7c5e3dcc9278ce593bb15534860bc7f86ee7a10cfd88b97cebc

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.tiandeitnews.com/two/9088.html?utm_source=masked&utm_medium=1&sid=masked
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sat, 23 Dec 2023 03:04:51 GMT
content-encoding: br
x-oss-request-id: 6525AE3C12A71A3632283E13
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-md5: npo5OAospz8u1RMdUGkf/w==
age: 2973
cf-cache-status: HIT
alt-svc: h3=":443"; ma=86400
x-oss-object-type: Normal
last-modified: Tue, 22 Aug 2023 01:45:27 GMT
server: cloudflare
etag: W/"9E9A39380A2CA73F2ED5131D50691FFF"
x-oss-version-id: CAEQYRiEgMD.kNbr0BgiIGFhMzZkMTRkMGRjODRjZmY5YTZiM2VlYTUzYjYzZGIz
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ioLv%2B0NmgGl0buBXOXhIJd1pJBdAdC3EpJptFl5DMRVl9XvPKttucMwExPDqblmfe1VMDQlG%2BH9oUiJyyQXEzN06Y3tLiXO38l3Ynjd8ZrCTGYsOJEdjGHGKj8lpQe7o%2BgGNxs6eubLbvX1A0J9iA4NNdw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=14400
x-oss-storage-class: Standard
cf-ray: 839d612c5f504149-LHR
x-oss-hash-crc64ecma: 18194841494103587859
x-oss-server-time: 3

GET
H3 200 index.css
www.tiandeitnews.com/css/ 4 KB
2 KB 39ms
38ms Stylesheet
text/css 2606:4700:3037::ac43:9a51
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.tiandeitnews.com/css/index.css
Requested by: Host: www.tiandeitnews.com
URL: https://www.tiandeitnews.com/two/9088.html?utm_source=masked&utm_medium=1&sid=masked
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::ac43:9a51 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9331608fec6faf6e621376986f3cdea669faa912ec6aa2e58ffe83f3a2e4e5e0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.tiandeitnews.com/two/9088.html?utm_source=masked&utm_medium=1&sid=masked
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sat, 23 Dec 2023 03:04:51 GMT
content-encoding: br
x-oss-request-id: 64E4197A719F773931EFBA78
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-md5: v7deoeNzFFaid8MJUMTNYw==
age: 2973
cf-cache-status: HIT
alt-svc: h3=":443"; ma=86400
x-oss-object-type: Normal
last-modified: Tue, 22 Aug 2023 01:45:27 GMT
server: cloudflare
x-oss-version-id: CAEQYRiDgICAkdbr0BgiIGIzZjNlNWFmNzM4ODRmNGZiMmU2OTI2YmJkOTk4OGQ4
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=caGDvezWw8aQHEXwi9Hkanjy3M8Qfy%2FKO3sSy%2B6MIUlN%2FfgcL%2BcCVdtUW74EzEmR9s15pJoL2jeEuDFzrX0nH9CxgDMMNG%2BwFvYGqgfaOk1HAPhks2MD3iEEEo7eY%2BVQ5YGAO9A%2Fl1I8eAvz9eq%2FFY8p7w%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=14400
x-oss-storage-class: Standard
cf-ray: 839d612c5f514149-LHR
x-oss-hash-crc64ecma: 13102988705923226141
x-oss-server-time: 14

GET
H3 200 commone.js Show response
www.tiandeitnews.com/js/ 1 KB
1 KB 40ms
39ms Script
application/javascript 2606:4700:3037::ac43:9a51
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.tiandeitnews.com/js/commone.js
Requested by: Host: www.tiandeitnews.com
URL: https://www.tiandeitnews.com/two/9088.html?utm_source=masked&utm_medium=1&sid=masked
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::ac43:9a51 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 54e105c20a6d080468aa590a4e021c6beae4550fb82cce12e6f4244dba6ef6ca

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.tiandeitnews.com/two/9088.html?utm_source=masked&utm_medium=1&sid=masked
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sat, 23 Dec 2023 03:04:51 GMT
content-encoding: br
x-oss-request-id: 6540B23F719F77393738EF6F
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-md5: 1QVRcV8tHcsF/+P/ehmXeA==
age: 2973
cf-cache-status: HIT
alt-svc: h3=":443"; ma=86400
x-oss-object-type: Normal
last-modified: Tue, 22 Aug 2023 01:45:27 GMT
server: cloudflare
x-oss-version-id: CAEQYRiFgMDfktbr0BgiIDExY2Q0OWY1MGM5NzRhZWViYWNkZThiNTQyNTNkNmQ3
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=y1ttP79mzux93KL9Hfc22AX3Ra7eA8gfJ9bPHnLWDDH4FECzezvtlYpJ3KIIZNgB3zIQGpIe2OOnBEZtHw6SOlQgD99gcHDhpCOU5gW73hz0WWU0PNwiwvTZFxKPYsNObdsEd65IwX6XqfPaEsx4DnuHkw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
x-oss-storage-class: Standard
cf-ray: 839d612c5f524149-LHR
x-oss-hash-crc64ecma: 12443100578238726018
x-oss-server-time: 59

GET
H3 200 jquery-3.4.1.min.js Show response
www.tiandeitnews.com/js/ 86 KB
32 KB 43ms
42ms Script
application/javascript 2606:4700:3037::ac43:9a51
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.tiandeitnews.com/js/jquery-3.4.1.min.js
Requested by: Host: www.tiandeitnews.com
URL: https://www.tiandeitnews.com/two/9088.html?utm_source=masked&utm_medium=1&sid=masked
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::ac43:9a51 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 412b8ff9c5ab32b9019fcd84bcd4a54c0e265a14528474f4ee45b27a20abeaeb

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.tiandeitnews.com/two/9088.html?utm_source=masked&utm_medium=1&sid=masked
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sat, 23 Dec 2023 03:04:51 GMT
content-encoding: br
x-oss-request-id: 6540E5E7269C563235363973
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-md5: prY1DulKPqdFlcBly/WK8A==
age: 2973
cf-cache-status: HIT
alt-svc: h3=":443"; ma=86400
x-oss-object-type: Normal
last-modified: Tue, 22 Aug 2023 01:45:27 GMT
server: cloudflare
x-oss-version-id: CAEQYRiFgIDfktbr0BgiIGMyYmU4NTNlOGE0MDQ5MTliNWE4M2E1MzVlMzY3M2Vj
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OBdYs4CruNmNqcMl%2FNV8cqER70jnh8esReLeJ8g5Mv0xfYKqYIq%2FBUrF4rqZCObDIDn8eGzQd7%2BjcXcSsfkGgoI3UIejXElaev%2FZ9DYNu4nmq8U9hzVe9ZgD%2BeDumivmuRVthawmHD%2B9DCNxSq%2BkOPvg6g%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
x-oss-storage-class: Standard
cf-ray: 839d612c5f534149-LHR
x-oss-hash-crc64ecma: 13986161013320619420
x-oss-server-time: 32

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 264 KB
90 KB 137ms
49ms Script
application/javascript 2a00:1450:4001:80f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-PBTNY0436V

Requested by

Host: www.tiandeitnews.com
URL: https://www.tiandeitnews.com/two/9088.html?utm_source=masked&utm_medium=1&sid=masked

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

31c6f707909e37dc307c1f315b1678b5d63de9c2807759a632e25af29edf69df

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.tiandeitnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sat, 23 Dec 2023 03:04:52 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 91297
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Sat, 23 Dec 2023 03:04:52 GMT

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 89 KB
29 KB 183ms
88ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: www.tiandeitnews.com
URL: https://www.tiandeitnews.com/two/9088.html?utm_source=masked&utm_medium=1&sid=masked

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

cfab806f03d34f94db9cb7052cfdcf9adb7b9e3c01a17bf0cb724aa0443a266c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.tiandeitnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sat, 23 Dec 2023 03:04:52 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 29108
x-xss-protection: 0
server: cafe
etag: 724 / 19714 / m202312060101 / config-hash: 17400476758908410755
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
expires: Sat, 23 Dec 2023 03:04:52 GMT

GET
H3 200 1647947204725.jpeg
www.tiandeitnews.com/images/ 61 KB
62 KB 591ms
590ms Image
image/jpeg 2606:4700:3037::ac43:9a51
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.tiandeitnews.com/images/1647947204725.jpeg
Requested by: Host: www.tiandeitnews.com
URL: https://www.tiandeitnews.com/two/9088.html?utm_source=masked&utm_medium=1&sid=masked
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::ac43:9a51 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aa5e444c0dc37a4094f51daaf67930644711bdf3491f51bace3f7fbc0767c6f4

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.tiandeitnews.com/two/9088.html?utm_source=masked&utm_medium=1&sid=masked
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sat, 23 Dec 2023 03:04:52 GMT
x-oss-request-id: 6541EB8B8A32BA3633F06B89
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-md5: kWyQ4iXJo/Tq2/36hwht/w==
alt-svc: h3=":443"; ma=86400
content-length: 62470
x-oss-object-type: Normal
last-modified: Tue, 22 Aug 2023 01:45:27 GMT
server: cloudflare
etag: "916C90E225C9A3F4EADBFDFA87086DFF"
x-oss-version-id: CAEQYRiBgMDUktbr0BgiIDg5ZjQ1ZDMyZGM0NjRmODE4ZmQ4Yjc2ODUzOWM5NWQz
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=aJa9c9qHhREFWR7fQiz4K1Co%2FYJ0BOm0QzfHO%2FJRPbUcGextDCic5SAZHpOeNBZXJl33%2BNewVjj82lf33QZyXoD5DDT9AMuR0jJDVNQGWq5Nke%2BdKznRT%2BYCHzx40LC%2BlUY0uaFJe46WrNT3d%2BrLlFKfQw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=14400
x-oss-storage-class: Standard
accept-ranges: bytes
cf-ray: 839d612c5f544149-LHR
x-oss-hash-crc64ecma: 9380340261709906778
x-oss-server-time: 61

GET
H3 200 email-decode.min.js Show response
www.tiandeitnews.com/cdn-cgi/scripts/5c5dd728/cloudflare-static/ 1 KB
1 KB 33ms
33ms Script
application/javascript 2606:4700:3037::ac43:9a51
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.tiandeitnews.com/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js

Requested by

Host: www.tiandeitnews.com
URL: https://www.tiandeitnews.com/two/9088.html?utm_source=masked&utm_medium=1&sid=masked

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3037::ac43:9a51 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.tiandeitnews.com/two/9088.html?utm_source=masked&utm_medium=1&sid=masked
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sat, 23 Dec 2023 03:04:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 19 Dec 2023 14:09:38 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"6581a422-4d7"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HXZKBjcNvP9GlVg7Gs5BN53h5R3h%2FNAKRHGQ4AWkCgIpkynpwiVXpgyNx4wxFC5p6x3K6ndsFQyFjmVG46gxAWJvmlirMoPKx%2FdQZTCH8z51dqEl4co9xLz%2BEUFyTWJ8sYkUEU3DKawC4flK37LZ3U7SSw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
x-frame-options: DENY
cache-control: max-age=172800, public
cf-ray: 839d612c5f554149-LHR
expires: Mon, 25 Dec 2023 03:04:51 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 164 KB
60 KB 221ms
139ms Script
application/javascript 2a00:1450:4001:80f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-TKTLFT7

Requested by

Host: www.tiandeitnews.com
URL: https://www.tiandeitnews.com/two/9088.html?utm_source=masked&utm_medium=1&sid=masked

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

46b6cbf6e562de6d56e0b452f4b4f6167a98744a2c61951f75280b49f9ac93cc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.tiandeitnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sat, 23 Dec 2023 03:04:52 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 60889
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Sat, 23 Dec 2023 03:04:52 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 186 KB
68 KB 55ms
55ms Script
application/javascript 2a00:1450:4001:80f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-205063360-33&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-PBTNY0436V

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

94deddc0c79b2fdc2c311db9947e6c112095882a9adc7aab3b35d26ce125e8a5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.tiandeitnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sat, 23 Dec 2023 03:04:52 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 69019
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Sat, 23 Dec 2023 03:04:52 GMT

POST
H2 204 collect
region1.google-analytics.com/g/ 0
257 B 108ms
36ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-PBTNY0436V&gtm=45je3bt0v876237261&_p=1703300691987&gcd=11l1l1l1l1&dma=0&cid=505545217.1703300692&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1703300692&sct=1&seg=0&dl=https%3A%2F%2Fwww.tiandeitnews.com%2Ftwo%2F9088.html%3Futm_source%3Dmasked%26utm_medium%3D1%26sid%3Dmasked&dr=https%3A%2F%2Fwww.tiandeitnews.com%2Fdetails.html%3Futm_source%3Dmasked%26utm_medium%3D1%26sid%3Dmasked&dt=Different%20Ways%20to%20Make%20Money%20on%20Amazon&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1&tfd=543
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-PBTNY0436V
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.tiandeitnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 23 Dec 2023 03:04:52 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.tiandeitnews.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 pubads_impl.js Show response
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312060101/ 431 KB
135 KB 40ms
40ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312060101/pubads_impl.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

108cdb682e1d256ba58174d96775ec12fe2e9515ffa2ca7edfff49343a4d97ea

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.tiandeitnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Fri, 22 Dec 2023 20:47:13 GMT
content-encoding: br
x-content-type-options: nosniff
age: 22659
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 138180
x-xss-protection: 0
server: cafe
etag: 6854214708762155125
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
timing-allow-origin: *
expires: Sat, 21 Dec 2024 20:47:13 GMT

GET
H2 200 sio.gtm.wrapper.js Show response
funnel-assets.startappservice.com/tr/ 1 KB
987 B 124ms
26ms Script
text/javascript 68.232.34.193
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://funnel-assets.startappservice.com/tr/sio.gtm.wrapper.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TKTLFT7
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 68.232.34.193 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (mab/43B9) /
Resource Hash: c367e2b3cc091feafde4a7eb14a69a9aefe86789def55d1c0569bada6149394d

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.tiandeitnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sat, 23 Dec 2023 03:04:52 GMT
content-encoding: gzip
last-modified: Wed, 16 Aug 2023 09:39:31 GMT
server: ECAcc (mab/43B9)
age: 11121871
x-amz-request-id: 90MD61Q1Y7SNHB3N
etag: "60973e48d009c76c910a6895a6069a92+gzip"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: HIT
content-type: text/javascript
accept-ranges: bytes
content-length: 677
x-amz-id-2: 8UQ7KLeIHD1vaJ8kngp46eNDODpFtMJYYxl2kT3lry4xMXpCDYSvsnNnFqCyvoC3haUgwwRnLmE=

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 227 KB
80 KB 55ms
55ms Script
application/javascript 2a00:1450:4001:80f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-L319LPEF4Q&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-205063360-33&l=dataLayer&cx=c

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

92bc6032bfe6237f4ce497c05c8a87a599f53e82fb2ddaf75144d1e70e313fb0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.tiandeitnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sat, 23 Dec 2023 03:04:52 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 81745
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Sat, 23 Dec 2023 03:04:52 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 52 KB
21 KB 134ms
42ms Script
text/javascript 2a00:1450:4001:831::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-205063360-33&l=dataLayer&cx=c

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.tiandeitnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Sat, 23 Dec 2023 01:48:17 GMT
last-modified: Tue, 12 Dec 2023 18:09:08 GMT
server: Golfe2
age: 4595
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20994
expires: Sat, 23 Dec 2023 03:48:17 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 126 KB
49 KB 378ms
377ms Fetch
text/plain 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3220350543369119&correlator=3775294140329439&eid=31080120%2C31080115&output=ldjh&gdfp_req=1&vrg=202312060101&ptt=17&impl=fif&iu_parts=51912183%3A22443427747%2Ctiandeitnews.com_start.io_gii_9088_320x100_0809&enc_prev_ius=%2F0%2F1&prev_iu_szs=1x1&ifi=1&sfv=1-0-40&ists=1&fas=2&sc=1&cookie_enabled=1&abxe=1&dt=1703300692387&lmt=1692668728&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=-1&ucis=1&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Fwww.tiandeitnews.com%2Ftwo%2F9088.html%3Futm_source%3Dmasked%26utm_medium%3D1%26sid%3Dmasked&ref=https%3A%2F%2Fwww.tiandeitnews.com%2Fdetails.html%3Futm_source%3Dmasked%26utm_medium%3D1%26sid%3Dmasked&vis=1&psz=0x-1&msz=0x-1&fws=2&ohw=0&ga_vid=505545217.1703300692&ga_sid=1703300692&ga_hid=1046242706&ga_fc=true&dlt=1703300691882&idt=487&adks=2012121799&frm=20

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312060101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1971f9225869f5d06051ec34c41b10b24a1ccd07f0dc775341930197c2cc9705

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.tiandeitnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sat, 23 Dec 2023 03:04:52 GMT
content-encoding: br
x-content-type-options: nosniff
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 49874
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.tiandeitnews.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 661 B
326 B 993ms
993ms Fetch
text/plain 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3220350543369119&correlator=3775294140329439&eid=31080120%2C31080115&output=ldjh&gdfp_req=1&vrg=202312060101&ptt=17&impl=fif&iu_parts=51912183%3A22443427747%2Ctiandeitnews.com_start.io_gii_9088_300x250_0328_1&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x250&ifi=2&sfv=1-0-40&sc=1&cookie_enabled=1&abxe=1&dt=1703300692391&lmt=1692668728&adxs=650&adys=371&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=2&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Fwww.tiandeitnews.com%2Ftwo%2F9088.html%3Futm_source%3Dmasked%26utm_medium%3D1%26sid%3Dmasked&ref=https%3A%2F%2Fwww.tiandeitnews.com%2Fdetails.html%3Futm_source%3Dmasked%26utm_medium%3D1%26sid%3Dmasked&vis=1&psz=750x340&msz=300x250&fws=0&ohw=0&ga_vid=505545217.1703300692&ga_sid=1703300692&ga_hid=1046242706&ga_fc=true&dlt=1703300691882&idt=487&adks=2077910337&frm=20

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312060101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3d9fb803da0c16465b6414947bd0f037001662d934b7ae5d0891989e6a46bf66

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.tiandeitnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sat, 23 Dec 2023 03:04:53 GMT
content-encoding: br
x-content-type-options: nosniff
observe-browsing-topics: ?1
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 295
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.tiandeitnews.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 109 KB
44 KB 1241ms
1241ms Fetch
text/plain 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3220350543369119&correlator=3775294140329439&eid=31080120%2C31080115&output=ldjh&gdfp_req=1&vrg=202312060101&ptt=17&impl=fif&iu_parts=51912183%3A22443427747%2Ctiandeitnews.com_start.io_gii_9088_300x250_0328_2&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x250&ifi=3&sfv=1-0-40&sc=1&cookie_enabled=1&abxe=1&dt=1703300692393&lmt=1692668728&adxs=650&adys=7621&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=1&ucis=3&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Fwww.tiandeitnews.com%2Ftwo%2F9088.html%3Futm_source%3Dmasked%26utm_medium%3D1%26sid%3Dmasked&ref=https%3A%2F%2Fwww.tiandeitnews.com%2Fdetails.html%3Futm_source%3Dmasked%26utm_medium%3D1%26sid%3Dmasked&vis=1&psz=750x340&msz=300x250&fws=0&ohw=0&ga_vid=505545217.1703300692&ga_sid=1703300692&ga_hid=1046242706&ga_fc=true&dlt=1703300691882&idt=487&adks=3538545841&frm=20

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312060101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

924de56288fb925ce2670175dc18bcb05477967af49584f22dc73bf67cb5eace

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.tiandeitnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sat, 23 Dec 2023 03:04:53 GMT
content-encoding: br
x-content-type-options: nosniff
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 45016
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.tiandeitnews.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 92 KB
42 KB 1810ms
1810ms Fetch
text/plain 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3220350543369119&correlator=3775294140329439&eid=31080120%2C31080115&output=ldjh&gdfp_req=1&vrg=202312060101&ptt=17&impl=fif&iu_parts=51912183%3A22443427747%2Ctiandeitnews.com_start.io_gii_9088_320x50_0328_1&enc_prev_ius=%2F0%2F1&prev_iu_szs=320x50&ifi=4&sfv=1-0-40&sc=1&cookie_enabled=1&abxe=1&dt=1703300692394&lmt=1692668728&adxs=640&adys=1150&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=4&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Fwww.tiandeitnews.com%2Ftwo%2F9088.html%3Futm_source%3Dmasked%26utm_medium%3D1%26sid%3Dmasked&ref=https%3A%2F%2Fwww.tiandeitnews.com%2Fdetails.html%3Futm_source%3Dmasked%26utm_medium%3D1%26sid%3Dmasked&vis=1&psz=1600x-1&msz=320x-1&fws=512&ohw=0&ga_vid=505545217.1703300692&ga_sid=1703300692&ga_hid=1046242706&ga_fc=true&dlt=1703300691882&idt=487&adks=3691039652&frm=20

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312060101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

37fd47bd047d4d2d314d9b94b6475d25961713aa665683a318a22a4ca2bacda7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.tiandeitnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sat, 23 Dec 2023 03:04:54 GMT
content-encoding: br
x-content-type-options: nosniff
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43119
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.tiandeitnews.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html Show response
c9adeaae95a4301d142b2c8a3a1bd9bd.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 3598 6 KB
3 KB 229ms
48ms Document
text/html 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://c9adeaae95a4301d142b2c8a3a1bd9bd.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312060101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.tiandeitnews.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Sat, 23 Dec 2023 03:04:52 GMT
expires: Sun, 22 Dec 2024 03:04:52 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 pubads_impl_page_level_ads.js Show response
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312060101/ 39 KB
14 KB 42ms
42ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312060101/pubads_impl_page_level_ads.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312060101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

04d549a4f168546afdc3608bc6ef4ad67a16a2bf2baf8c6770f88f524c924d11

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.tiandeitnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Fri, 22 Dec 2023 13:07:51 GMT
content-encoding: br
x-content-type-options: nosniff
age: 50221
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13835
x-xss-protection: 0
server: cafe
etag: 9174524701941205614
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
timing-allow-origin: *
expires: Sat, 21 Dec 2024 13:07:51 GMT

GET
H2 200 startapp
trackinstall.startappservice.com/trackpostinstall/ 0
84 B 356ms
108ms Image
text/plain 150.136.215.59
ORACLE-BMC-31898

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://trackinstall.startappservice.com/trackpostinstall/startapp?d=masked&a=pageview

Requested by

Host: www.tiandeitnews.com
URL: https://www.tiandeitnews.com/two/9088.html?utm_source=masked&utm_medium=1&sid=masked

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

150.136.215.59 Ashburn, United States, ASN31898 (ORACLE-BMC-31898, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.tiandeitnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sat, 23 Dec 2023 03:04:52 GMT
strict-transport-security: max-age=15724800; includeSubDomains
content-length: 0

POST
H2 204 collect
region1.google-analytics.com/g/ 0
54 B 37ms
36ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-L319LPEF4Q&gtm=45je3bt0v9133943345&_p=1703300691987&gcd=11l1l1l1l1&dma=0&cid=505545217.1703300692&ul=en-us&sr=1600x1200&ir=1&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=EAAI&_s=1&sid=1703300692&sct=1&seg=0&dl=https%3A%2F%2Fwww.tiandeitnews.com%2Ftwo%2F9088.html%3Futm_source%3Dmasked%26utm_medium%3D1%26sid%3Dmasked&dr=https%3A%2F%2Fwww.tiandeitnews.com%2Fdetails.html%3Futm_source%3Dmasked%26utm_medium%3D1%26sid%3Dmasked&dt=Different%20Ways%20to%20Make%20Money%20on%20Amazon&en=page_view&_fv=1&_ss=1&tfd=738
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-L319LPEF4Q&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.tiandeitnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 23 Dec 2023 03:04:52 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.tiandeitnews.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
www.google-analytics.com/j/ 2 B
148 B 50ms
49ms XHR
text/plain 2a00:1450:4001:831::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&a=1046242706&t=pageview&_s=1&dl=https%3A%2F%2Fwww.tiandeitnews.com%2Ftwo%2F9088.html%3Futm_source%3Dmasked%26utm_medium%3D1%26sid%3Dmasked&ul=en-us&de=UTF-8&dt=Different%20Ways%20to%20Make%20Money%20on%20Amazon&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YADAAUABAAAAACAAI~&jid=1168046880&gjid=1502699566&cid=505545217.1703300692&tid=UA-205063360-33&_gid=262705625.1703300692&_r=1&gtm=457e3bt0z8876237261&gcd=11l1l1l1l1&dma=0&jsscut=1&z=1235132527

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.tiandeitnews.com/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sat, 23 Dec 2023 03:04:52 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.tiandeitnews.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 collect
www.google-analytics.com/ 35 B
194 B 43ms
43ms Image
image/gif 2a00:1450:4001:831::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j101&a=1046242706&t=event&_s=2&dl=https%3A%2F%2Fwww.tiandeitnews.com%2Ftwo%2F9088.html%3Futm_source%3Dmasked%26utm_medium%3D1%26sid%3Dmasked&ul=en-us&de=UTF-8&dt=Different%20Ways%20to%20Make%20Money%20on%20Amazon&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=general&ea=utm_source%3Dmasked%26utm_medium%3D1%26sid%3Dmasked&_u=YADAAUABAAAAACAAI~&jid=&gjid=&cid=505545217.1703300692&tid=UA-205063360-33&_gid=262705625.1703300692&gtm=457e3bt0&gcd=11l1l1l1l1&dma=0&jsscut=1&z=1075878875

Requested by

Host: www.tiandeitnews.com
URL: https://www.tiandeitnews.com/two/9088.html?utm_source=masked&utm_medium=1&sid=masked

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.tiandeitnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 22 Dec 2023 20:44:59 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 22793
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 collect
www.google-analytics.com/ 35 B
91 B 44ms
43ms Image
image/gif 2a00:1450:4001:831::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j101&a=1046242706&t=event&_s=3&dl=https%3A%2F%2Fwww.tiandeitnews.com%2Ftwo%2F9088.html%3Futm_source%3Dmasked%26utm_medium%3D1%26sid%3Dmasked&ul=en-us&de=UTF-8&dt=Different%20Ways%20to%20Make%20Money%20on%20Amazon&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=general&ea=https%3A%2F%2Fwww.tiandeitnews.com%2Ftwo%2F9088.html%3Futm_source%3Dmasked%26utm_medium%3D1%26sid%3Dmasked&_u=YADAAUABAAAAACAAI~&jid=&gjid=&cid=505545217.1703300692&tid=UA-205063360-33&_gid=262705625.1703300692&gtm=457e3bt0&gcd=11l1l1l1l1&dma=0&jsscut=1&z=1311454891

Requested by

Host: www.tiandeitnews.com
URL: https://www.tiandeitnews.com/two/9088.html?utm_source=masked&utm_medium=1&sid=masked

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.tiandeitnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 22 Dec 2023 20:44:59 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 22793
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 1 B
349 B 107ms
36ms XHR
text/plain 2a00:1450:400c:c00::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-205063360-33&cid=505545217.1703300692&jid=1168046880&gjid=1502699566&_gid=262705625.1703300692&_u=YADAAUAAAAAAACAAI~&z=2113364419

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c00::9a Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.tiandeitnews.com/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Sat, 23 Dec 2023 03:04:52 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.tiandeitnews.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 16 KB
12 KB 177ms
88ms XHR
application/json 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=m202312060101&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312060101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a586a126dc4c06ebafc0e48a58042082668c4e11f8b78294db10cc86764646d0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.tiandeitnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sat, 23 Dec 2023 03:04:52 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12188
x-xss-protection: 0

GET
H2 504 startapp
trackinstall.startappservice.com/trackpostinstall/ 0
148 B 3108ms
3107ms Image
text/plain 150.136.215.59
ORACLE-BMC-31898

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://trackinstall.startappservice.com/trackpostinstall/startapp?d=masked&a=adLoad

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

150.136.215.59 Ashburn, United States, ASN31898 (ORACLE-BMC-31898, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.tiandeitnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sat, 23 Dec 2023 03:04:55 GMT
strict-transport-security: max-age=15724800; includeSubDomains
l5d-proxy-connection: close
content-length: 0
l5d-proxy-error: HTTP Server service in fail-fast

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 41ms
40ms Image
image/gif 2a00:1450:4001:831::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j101&a=1046242706&t=event&_s=4&dl=https%3A%2F%2Fwww.tiandeitnews.com%2Ftwo%2F9088.html%3Futm_source%3Dmasked%26utm_medium%3D1%26sid%3Dmasked&ul=en-us&de=UTF-8&dt=Different%20Ways%20to%20Make%20Money%20on%20Amazon&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=general&ea=adLoad&_u=aADAAUABAAAAACAAI~&jid=&gjid=&cid=505545217.1703300692&tid=UA-205063360-33&_gid=262705625.1703300692&gtm=457e3bt0&gcd=11l1l1l1l1&dma=0&jsscut=1&z=1788175573

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.tiandeitnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 22 Dec 2023 21:38:26 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 19586
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 42ms
41ms Image
image/gif 2a00:1450:4001:831::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j101&a=1046242706&t=event&_s=5&dl=https%3A%2F%2Fwww.tiandeitnews.com%2Ftwo%2F9088.html%3Futm_source%3Dmasked%26utm_medium%3D1%26sid%3Dmasked&ul=en-us&de=UTF-8&dt=Different%20Ways%20to%20Make%20Money%20on%20Amazon&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=general&ea=adLoad&_u=aADAAUABAAAAACAAI~&jid=&gjid=&cid=505545217.1703300692&tid=UA-205063360-33&_gid=262705625.1703300692&gtm=457e3bt0&gcd=11l1l1l1l1&dma=0&jsscut=1&z=670885603

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.tiandeitnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 22 Dec 2023 21:38:26 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 19586
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 43ms
42ms Image
image/gif 2a00:1450:4001:831::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j101&a=1046242706&t=event&_s=6&dl=https%3A%2F%2Fwww.tiandeitnews.com%2Ftwo%2F9088.html%3Futm_source%3Dmasked%26utm_medium%3D1%26sid%3Dmasked&ul=en-us&de=UTF-8&dt=Different%20Ways%20to%20Make%20Money%20on%20Amazon&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=general&ea=adLoad&_u=aADAAUABAAAAACAAI~&jid=&gjid=&cid=505545217.1703300692&tid=UA-205063360-33&_gid=262705625.1703300692&gtm=457e3bt0&gcd=11l1l1l1l1&dma=0&jsscut=1&z=231862918

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.tiandeitnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 22 Dec 2023 21:38:26 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 19586
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html Show response
c9adeaae95a4301d142b2c8a3a1bd9bd.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 19CF 6 KB
3 KB 41ms
41ms Document
text/html 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://c9adeaae95a4301d142b2c8a3a1bd9bd.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312060101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.tiandeitnews.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

accept-ranges: bytes
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Sat, 23 Dec 2023 03:04:52 GMT
expires: Sun, 22 Dec 2024 03:04:52 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

POST
H3 204 collect
region1.google-analytics.com/g/ 0
17 B 40ms
40ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-PBTNY0436V&gtm=45je3bt0v876237261&_p=1703300691987&gcd=11l1l1l1l1&dma=0&cid=505545217.1703300692&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&sid=1703300692&sct=1&seg=0&dl=https%3A%2F%2Fwww.tiandeitnews.com%2Ftwo%2F9088.html%3Futm_source%3Dmasked%26utm_medium%3D1%26sid%3Dmasked&dr=https%3A%2F%2Fwww.tiandeitnews.com%2Fdetails.html%3Futm_source%3Dmasked%26utm_medium%3D1%26sid%3Dmasked&dt=Different%20Ways%20to%20Make%20Money%20on%20Amazon&_s=2&tfd=1136
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-PBTNY0436V
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.tiandeitnews.com/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Sat, 23 Dec 2023 03:04:52 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.tiandeitnews.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 collect
region1.google-analytics.com/g/ 0
17 B 43ms
43ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-L319LPEF4Q&gtm=45je3bt0v9133943345&_p=1703300691987&gcd=11l1l1l1l1&dma=0&cid=505545217.1703300692&ul=en-us&sr=1600x1200&ir=1&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=EAAI&sid=1703300692&sct=1&seg=0&dl=https%3A%2F%2Fwww.tiandeitnews.com%2Ftwo%2F9088.html%3Futm_source%3Dmasked%26utm_medium%3D1%26sid%3Dmasked&dr=https%3A%2F%2Fwww.tiandeitnews.com%2Fdetails.html%3Futm_source%3Dmasked%26utm_medium%3D1%26sid%3Dmasked&dt=Different%20Ways%20to%20Make%20Money%20on%20Amazon&_s=2&tfd=1139
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-L319LPEF4Q&l=dataLayer&cx=c
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.tiandeitnews.com/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Sat, 23 Dec 2023 03:04:52 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.tiandeitnews.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame A647 624 B
826 B 171ms
82ms Document
text/html 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=COKFkAEQtf-UARjj963vATAB&v=APEucNXZBdWyl9cozuoeBT0KWw73cH9KLpyWGZTtDeK7_0UVQ6pLZGna-QZY6oT6qV1ubHUBoh9ip33v4NWgt-IozeRyRUad_7IbU12MyWgVEftE7Gb2mRYyncsZ-1PqGVQbSsWxY-1d2aRdFz3A-IM4ZRyWPFPgk-Ju3sVy8C-XGJcNq6TPYHw

Requested by

Host: c9adeaae95a4301d142b2c8a3a1bd9bd.safeframe.googlesyndication.com
URL: https://c9adeaae95a4301d142b2c8a3a1bd9bd.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://c9adeaae95a4301d142b2c8a3a1bd9bd.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 222
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 23 Dec 2023 03:04:53 GMT
expires: Sat, 23 Dec 2023 03:04:53 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 html_inpage_rendering_lib_200_278.js Show response
s0.2mdn.net/879366/ Frame 19CF 172 KB
61 KB 135ms
43ms Script
text/javascript 2a00:1450:4001:830::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_278.js

Requested by

Host: www.tiandeitnews.com
URL: https://www.tiandeitnews.com/details.html?utm_source=masked&utm_medium=1&sid=masked

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a6d36aa3d742ccd6f1ca3c76dcf885af72f7bebe2fcc001ea011a7aea2f55678

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://c9adeaae95a4301d142b2c8a3a1bd9bd.safeframe.googlesyndication.com/
Origin: https://c9adeaae95a4301d142b2c8a3a1bd9bd.safeframe.googlesyndication.com
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Fri, 22 Dec 2023 23:49:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 11748
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 61485
x-xss-protection: 0
last-modified: Tue, 14 Mar 2023 18:43:57 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 23 Dec 2023 23:49:04 GMT

GET
H2 200 omrhp_fy2021.js Show response
pagead2.googlesyndication.com/pagead/js/r20231207/r20110914/elements/html/ Frame 19CF 7 KB
3 KB 135ms
43ms Script
text/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20231207/r20110914/elements/html/omrhp_fy2021.js

Requested by

Host: www.tiandeitnews.com
URL: https://www.tiandeitnews.com/details.html?utm_source=masked&utm_medium=1&sid=masked

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c4b813f7aa04eca20be469b259cca2779799f58e280d73488bd7386940d2d146

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://c9adeaae95a4301d142b2c8a3a1bd9bd.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sat, 23 Dec 2023 02:43:26 GMT
content-encoding: br
x-content-type-options: nosniff
age: 1286
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3071
x-xss-protection: 0
server: cafe
etag: 10674441169935035545
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 06 Jan 2024 02:43:26 GMT

GET
H2 200 abg_lite_fy2021.js Show response
pagead2.googlesyndication.com/pagead/js/r20231207/r20110914/ Frame 19CF 23 KB
9 KB 134ms
44ms Script
text/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20231207/r20110914/abg_lite_fy2021.js

Requested by

Host: www.tiandeitnews.com
URL: https://www.tiandeitnews.com/details.html?utm_source=masked&utm_medium=1&sid=masked

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9844337d0b1b36b45473c8fc27cba7d1c9f8aab2107e23e684b9e1a48e6066b5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://c9adeaae95a4301d142b2c8a3a1bd9bd.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Fri, 22 Dec 2023 20:43:00 GMT
content-encoding: br
x-content-type-options: nosniff
age: 22912
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9269
x-xss-protection: 0
server: cafe
etag: 11706523405290302210
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 05 Jan 2024 20:43:00 GMT

GET
H2 200 Q12zgMmT.js Show response
tpc.googlesyndication.com/sodar/ Frame 19CF 41 KB
14 KB 135ms
48ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Q12zgMmT.js

Requested by

Host: www.tiandeitnews.com
URL: https://www.tiandeitnews.com/details.html?utm_source=masked&utm_medium=1&sid=masked

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://c9adeaae95a4301d142b2c8a3a1bd9bd.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 19 Dec 2023 13:49:16 GMT
content-encoding: br
x-content-type-options: nosniff
age: 306936
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13937
x-xss-protection: 0
last-modified: Fri, 25 Aug 2023 23:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 18 Dec 2024 13:49:16 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/ Frame 19CF 3 KB
1 KB 133ms
47ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/window_focus_fy2021.js

Requested by

Host: c9adeaae95a4301d142b2c8a3a1bd9bd.safeframe.googlesyndication.com
URL: https://c9adeaae95a4301d142b2c8a3a1bd9bd.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://c9adeaae95a4301d142b2c8a3a1bd9bd.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Fri, 22 Dec 2023 13:10:41 GMT
content-encoding: br
x-content-type-options: nosniff
age: 50051
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 05 Jan 2024 13:10:41 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/ Frame 19CF 20 KB
9 KB 127ms
40ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: c9adeaae95a4301d142b2c8a3a1bd9bd.safeframe.googlesyndication.com
URL: https://c9adeaae95a4301d142b2c8a3a1bd9bd.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8d6679c1ce1ac8605f5c410f30d1b06713479732043b75e81130cbe21b60e579

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://c9adeaae95a4301d142b2c8a3a1bd9bd.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Fri, 22 Dec 2023 09:13:30 GMT
content-encoding: br
x-content-type-options: nosniff
age: 64282
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8571
x-xss-protection: 0
server: cafe
etag: 5853369240893788875
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 05 Jan 2024 09:13:30 GMT

GET
H2 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame 19CF 42 B
173 B 166ms
78ms Image
image/gif 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-CQJvwdoYBRY9n5GpkXU8Vg9J7J9JHnm0ELCyRXQOaBVO9zXQI876V6hVcoXmlc-BySjUlS-Ee2Gklgwu8EsqSEMDgzZaMcr2Cg3H09pDRoqoXdbxc

Requested by

Host: c9adeaae95a4301d142b2c8a3a1bd9bd.safeframe.googlesyndication.com
URL: https://c9adeaae95a4301d142b2c8a3a1bd9bd.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://c9adeaae95a4301d142b2c8a3a1bd9bd.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 23 Dec 2023 03:04:53 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ufs_web_display.js Show response
www.googletagservices.com/activeview/js/current/ Frame 19CF 203 KB
65 KB 164ms
51ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Requested by

Host: c9adeaae95a4301d142b2c8a3a1bd9bd.safeframe.googlesyndication.com
URL: https://c9adeaae95a4301d142b2c8a3a1bd9bd.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

566012676f5d43acfea4dc0bc5d9bb2c0805d8775fcdd081b1c895310956829a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://c9adeaae95a4301d142b2c8a3a1bd9bd.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sat, 23 Dec 2023 03:04:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 65731
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1702472459035717"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 23 Dec 2023 03:04:53 GMT

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 96ms
82ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312060101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.tiandeitnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sat, 23 Dec 2023 03:04:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sat, 23 Dec 2023 03:04:52 GMT

GET
H3

200

rum
dsum-sec.casalemedia.com/ Frame A647
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEE4VGB73A1al0tQDj3AwMK8&google_cver=1

43 B
770 B

50ms
48ms

Image
image/gif

172.64.151.101
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEE4VGB73A1al0tQDj3AwMK8&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=COKFkAEQtf-UARjj963vATAB&v=APEucNXZBdWyl9cozuoeBT0KWw73cH9KLpyWGZTtDeK7_0UVQ6pLZGna-QZY6oT6qV1ubHUBoh9ip33v4NWgt-IozeRyRUad_7IbU12MyWgVEftE7Gb2mRYyncsZ-1PqGVQbSsWxY-1d2aRdFz3A-IM4ZRyWPFPgk-Ju3sVy8C-XGJcNq6TPYHw
Protocol: H3
Server: 172.64.151.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 23 Dec 2023 03:04:53 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2rbF02hmvwOmFX4Ja1Yt4a0shTQa8q7nACuL5Ukiyd6wOeO6v8o5SLxYjWdODAqNUOiqeQ%2BvwOAXPfuBYVp5DGqXgki%2BjOOLdLvhYImCYaZ5nulenD4AG3WoHN8xlbW8%2BUMbOkH78g%2FQmg%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 839d61348b8c6aae-MAN
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Sat, 23 Dec 2023 03:04:53 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEE4VGB73A1al0tQDj3AwMK8&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

rum
dsum-sec.casalemedia.com/ Frame A647
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZYZOVVpfqD9SRQ3RgGD1SQAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEE4VGB73A1al0tQDj3AwMK8&google_cver=1

43 B
734 B

46ms
45ms

Image
image/gif

172.64.151.101
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEE4VGB73A1al0tQDj3AwMK8&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=COKFkAEQtf-UARjj963vATAB&v=APEucNXZBdWyl9cozuoeBT0KWw73cH9KLpyWGZTtDeK7_0UVQ6pLZGna-QZY6oT6qV1ubHUBoh9ip33v4NWgt-IozeRyRUad_7IbU12MyWgVEftE7Gb2mRYyncsZ-1PqGVQbSsWxY-1d2aRdFz3A-IM4ZRyWPFPgk-Ju3sVy8C-XGJcNq6TPYHw
Protocol: H3
Server: 172.64.151.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 23 Dec 2023 03:04:53 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ac9%2F0EQu%2BYTNDtlLOglV1nRBjAAHrL5mneIqiKLCcFP3SmeyiJ%2FEJ2oNN1GtdYt6UqsjfexZK5WbR2f8m6CE%2BSs6rAUNSu0qTzt8qwFUVdPWx3J5RAh8UxNbAUHceqOqRFZvOkIemhDuCw%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 839d61350be16aae-MAN
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Sat, 23 Dec 2023 03:04:53 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEE4VGB73A1al0tQDj3AwMK8&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

setuid
ib.adnxs.com/ Frame A647
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
https://ib.adnxs.com/setuid?entity=101&code=CAESELL1vyz4N-i3IkAuPYVfLx4&google_cver=1

43 B
845 B

42ms
42ms

Image
image/gif

37.252.171.85
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/setuid?entity=101&code=CAESELL1vyz4N-i3IkAuPYVfLx4&google_cver=1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=COKFkAEQtf-UARjj963vATAB&v=APEucNXZBdWyl9cozuoeBT0KWw73cH9KLpyWGZTtDeK7_0UVQ6pLZGna-QZY6oT6qV1ubHUBoh9ip33v4NWgt-IozeRyRUad_7IbU12MyWgVEftE7Gb2mRYyncsZ-1PqGVQbSsWxY-1d2aRdFz3A-IM4ZRyWPFPgk-Ju3sVy8C-XGJcNq6TPYHw

Protocol

Server

37.252.171.85 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

1006.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.23.4 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 23 Dec 2023 03:04:53 GMT
an-x-request-uuid: a89965af-00a2-4050-8dd4-ce869d43e1e3
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: image/gif
cache-control: no-store, no-cache, private
x-proxy-origin: 217.138.196.100; 217.138.196.100; 1006.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length: 43
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Sat, 23 Dec 2023 03:04:53 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://ib.adnxs.com/setuid?entity=101&code=CAESELL1vyz4N-i3IkAuPYVfLx4&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 290
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame A647
Redirect Chain

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MzczNTMzMDU1NTExOTgxOTY2MA%3D%3D

170 B
243 B

51ms
50ms

Image
image/png

142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MzczNTMzMDU1NTExOTgxOTY2MA%3D%3D

Requested by

Protocol

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 23 Dec 2023 03:04:53 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Sat, 23 Dec 2023 03:04:53 GMT
an-x-request-uuid: a27deff7-3c60-4078-bd1f-6ede565a8c99
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
location: https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MzczNTMzMDU1NTExOTgxOTY2MA%3D%3D
x-proxy-origin: 217.138.196.100; 217.138.196.100; 1006.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 62bHydCX.html Show response
tpc.googlesyndication.com/sodar/ Frame DCD8 38 KB
13 KB 40ms
40ms Document
text/html 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/62bHydCX.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Q12zgMmT.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://c9adeaae95a4301d142b2c8a3a1bd9bd.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

accept-ranges: bytes
age: 305054
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: br
content-length: 13045
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Tue, 19 Dec 2023 14:20:39 GMT
expires: Wed, 18 Dec 2024 14:20:39 GMT
last-modified: Fri, 25 Aug 2023 23:48:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 59E4 13 KB
5 KB 42ms
42ms Document
text/html 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.tiandeitnews.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

accept-ranges: bytes
age: 59516
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 22 Dec 2023 10:32:57 GMT
expires: Sat, 21 Dec 2024 10:32:57 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame F8AB 829 B
1 KB 137ms
49ms Document
text/html 2a00:1450:4001:802::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

b8ceaec7dcc1126a87d2fdab2136e9f7d93b6b3b8744010c1c270e50d68a6d84

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-leXTNadFp8cTjrdSmNMi1Q' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.tiandeitnews.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-leXTNadFp8cTjrdSmNMi1Q' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Sat, 23 Dec 2023 03:04:53 GMT
expires: Sat, 23 Dec 2023 03:04:53 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 index.html Show response
s0.2mdn.net/sadbundle/3794511120807493632/728x90-Pepperstone_InBanner_EN/ Frame D24D 14 KB
4 KB 136ms
51ms Document
text/html 2a00:1450:4001:830::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/3794511120807493632/728x90-Pepperstone_InBanner_EN/index.html?e=69&leftOffset=0&topOffset=0&c=DnzLPNpz7V&t=1&renderingType=2&ev=01_250

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_278.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

310e16dac19f59365d25e60868f3b2fba1596cbf06f2377219336c409ce4d80b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://c9adeaae95a4301d142b2c8a3a1bd9bd.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
allow-fenced-frame-automatic-beacons: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 4006
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy: cross-origin
date: Sat, 23 Dec 2023 03:04:53 GMT
expires: Sun, 22 Dec 2024 03:04:53 GMT
last-modified: Mon, 09 Oct 2023 08:35:12 GMT
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-dns-prefetch-control: off
x-xss-protection: 0

GET
H2 200 view
ad.doubleclick.net/pcs/ Frame 19CF 0
0 202ms
85ms Fetch
image/gif 172.217.16.134
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ad.doubleclick.net/pcs/view?xai=AKAOjst9l0rdnvlTXn3Gn3lNQUqtASjdGFyVr-q2qLeBBuLsJqdlUa6mcFPUZUMMhH74zswX0_uA4tn8-lT8vOj1e-RIhjQ2_4boY1g1Qgg9TwnEhplKCzV3RgOwsxa_-2vx-uDAbGYGV7kxWVafOODLQxnu2TYNGrHzq8gPdyr85aFA-wiQlJECvzTD4BaHO5vcS0IUaU0WNusECLnXrjdY9I6eKGncf_sMotKN0x4kjrCLwMEgPUcDbChIWKb81M4fgzIhHC5AtFN597ptFMxLCkgUqO1nTvBkeDXvEgNJNt5RKHWMB2Hl9mu9eY1wJ-kre5nsSVuLARnwIZDOKf8ZQZBn_qIUKhUQ6HsiTGUJ8z0dhNiEPGILyMviaz0CXXk8siFEIVLUEk1mWRAg8LTbmsfutppAwj8-GawI4XKo3zKdSHh_oxxU-WREgsoOpUf7dqxF0hL9iLl_1DTRLzEkh9gikNtfwyLz8srMWkKjZL9GhC3wyr8krF1eh_wP58E301Lrxk2Jcd64ZSQ9qEnPNWk3oajN3pi26ozSSswWIn3iAOgKYJtHPWGTeIB0t82VrcZL_H_xMQCz0VcHt1C_qy8iV66PG2yVyeJctThnq4TKZxPZwU_lpx5acEj12sXRvD6ack1L77FosRABLtKTzxKThfgzfIkBtlPmsHT4ttoJf4bjm9cUp4Obof4yl0AKQC0d1wIm8mmFy7iMqCbFfSY4dt8TLuj_K74Oi3gtCbuReorLkP8Z8UaaTcM8dcNqs1f355NTLk9qEGwUOoISRkA4FZEJUGAKe3hrCVi5eeAvz5858jCy5Urz_ioYYdG0gLfDWCUV-Y8-U3Z-feb1YqiyKkj6MYRjZ8Vb2I5YmrHqlgxEclNP5QZeA4wuBXu5nqJuqe5-NAtFJmsnXR0E_A2UwepuXupVZmxrbm5feFH3mPc_lUA_v6Lc-rmZEsz_lUYXscR5XtLEGztLdXn631DoeolI3ogtz9PXvLQZiUpwA7Fpa-cdHln1UToEJlEvrspdgRuaugFX2W7MfKuJRWVBvdNjfTqJz9sh_qXcTo1xzVbpKc7Kp834-iGEJy3oQqhIlFemCdrYVfRJZZdyI1UldHkPpBvqfJoKv0M4f9aec9ZOD2aQGd2pTHTVFtdK-DE9cbAT0gSZdXg9tnqbQINXtWpsbLJNHqNG0lpGxQpGoJCjtKy5Jo6w-u18Y2EVwa1S6qwwoYZmtu4RAmd01iErl2_FrItvgtQMVXGqWGqHqyTzc8_ZMOkY3DLYXhLnI89F9D5q7ykV_QuG92a6I30nvsQseM1JW80m6lXjLIO5MYNiTeYZ9G4kTedX3GlY221Nwis9nPu4_WV_J67W2Yx5gCBYWtsHwBqV6KQ631yYOKMjEYML8arqTmC_DzRvUINHy1BjTFMDFsUrbX8OwGEQrRk2T6pcu5hYMK-lilBVzvG3_sZCVIlw3wHrNZUt&sai=AMfl-YRt3wF5oPmUE73_6vpktAXcPd48jveqcakeERkBIA5HHjick6_XcsRmh1iDS1y-ExnXOT89eB_FJriVKLbPGbDB01adTz6eHzPtQskARsDblhdez156jC6jJUf-I3OoUOUdtMYmvL-JDAReRESm9GpUl8SyqJnEd9iP4pF3pMfYJsqV_GCAlBqVep5SEV4BnL739UecmAeVLTsjU6JlwgYm4iQ8Aat0t8FcdLu1Yn97ocCg7YHyN2l9UDkT2DcnF0HrZ3vLvtksqeV2w3MUdM2ffVink2YTTxzCxlDlXGgr-npnZpzadQx0gENl9juyg8Aor320JtBabtaFTzlQJTYiCYbZ5aM5HzscuDvvCkk_Zrm3yb5GBNoUhU3zJaFyldUHA8RACPwHHpU6Pe3zFoPa8hxnQlQf5t2t4qKLuZFOMnpt9QLbgJYgWrBFoLTiauCnLy1sWL-Q1ExdDzTmleNuSXCloSG13-YrTQp0B7sI71y-AUqOmL_JVA_KyzUJ7J4Cxg&sig=Cg0ArKJSzAHMUnYpaxL4EAE&uach_m=%5BUACH%5D&pr=missingexchangepricemacro&crd=aHR0cHM6Ly9wZXBwZXJzdG9uZS5jb20&fbs_aeid=%5Bgw_fbsaeid%5D&urlfix=1&omid=0&rm=1&ctpt=220&cbvp=1&cstd=214&cisv=r20231207.71355&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&arae=0&ftch=1&adurl=

Requested by

Host: www.tiandeitnews.com
URL: https://www.tiandeitnews.com/details.html?utm_source=masked&utm_medium=1&sid=masked

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.134 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

zrh04s06-in-f134.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://c9adeaae95a4301d142b2c8a3a1bd9bd.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Sat, 23 Dec 2023 03:04:53 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
content-type: image/gif
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H2 200 Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js Show response
pagead2.googlesyndication.com/bg/ Frame DCD8 39 KB
15 KB 43ms
42ms Script
text/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/62bHydCX.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0edb7ff8b4775b1a73c15d06b1c7edab503f0f5a30b2dbf1a139d65a1c18e0ec

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Fri, 22 Dec 2023 20:41:59 GMT
content-encoding: br
x-content-type-options: nosniff
age: 22974
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15165
x-xss-protection: 0
last-modified: Tue, 28 Nov 2023 18:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 21 Dec 2024 20:41:59 GMT

GET
H2 200 Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js Show response
pagead2.googlesyndication.com/bg/ Frame 59E4 39 KB
15 KB 50ms
50ms Script
text/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0edb7ff8b4775b1a73c15d06b1c7edab503f0f5a30b2dbf1a139d65a1c18e0ec

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Fri, 22 Dec 2023 20:41:59 GMT
content-encoding: br
x-content-type-options: nosniff
age: 22974
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15165
x-xss-protection: 0
last-modified: Tue, 28 Nov 2023 18:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 21 Dec 2024 20:41:59 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame F8AB 0
0 78ms
78ms Image
text/html 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_m202312060101&jk=3220350543369119&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 59E4 0
10 B 42ms
42ms Image
text/plain 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?eomZMQ
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sat, 23 Dec 2023 03:04:53 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H3 200 adlib.css
s0.2mdn.net/sadbundle/3794511120807493632/728x90-Pepperstone_InBanner_EN/ Frame D24D 5 KB
2 KB 43ms
43ms Stylesheet
text/css 2a00:1450:4001:830::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/3794511120807493632/728x90-Pepperstone_InBanner_EN/adlib.css

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/3794511120807493632/728x90-Pepperstone_InBanner_EN/index.html?e=69&leftOffset=0&topOffset=0&c=DnzLPNpz7V&t=1&renderingType=2&ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cac583d6cbbaee17012c24a561ef042fd04eb34cf91842624b478421ac23af00

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://s0.2mdn.net/sadbundle/3794511120807493632/728x90-Pepperstone_InBanner_EN/index.html?e=69&leftOffset=0&topOffset=0&c=DnzLPNpz7V&t=1&renderingType=2&ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

expires: Fri, 20 Dec 2024 13:04:42 GMT
date: Thu, 21 Dec 2023 13:04:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 136811
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1904
x-xss-protection: 0
last-modified: Mon, 09 Oct 2023 08:35:12 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons: true

GET
H3 200 adStyle.css
s0.2mdn.net/sadbundle/3794511120807493632/728x90-Pepperstone_InBanner_EN/ Frame D24D 3 KB
792 B 48ms
46ms Stylesheet
text/css 2a00:1450:4001:830::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/3794511120807493632/728x90-Pepperstone_InBanner_EN/adStyle.css

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/3794511120807493632/728x90-Pepperstone_InBanner_EN/index.html?e=69&leftOffset=0&topOffset=0&c=DnzLPNpz7V&t=1&renderingType=2&ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

618f4c537e8642232fc6047c1f4adb476b606ee65662729aac3cbf8ce71fb3b8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://s0.2mdn.net/sadbundle/3794511120807493632/728x90-Pepperstone_InBanner_EN/index.html?e=69&leftOffset=0&topOffset=0&c=DnzLPNpz7V&t=1&renderingType=2&ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

expires: Sun, 15 Dec 2024 22:29:39 GMT
date: Sat, 16 Dec 2023 22:29:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 534914
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 762
x-xss-protection: 0
last-modified: Mon, 09 Oct 2023 08:35:12 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons: true

GET
H3 200 PlusJakartaSansBold.woff
s0.2mdn.net/sadbundle/3794511120807493632/728x90-Pepperstone_InBanner_EN/ Frame D24D 52 KB
52 KB 51ms
49ms Font
font/woff 2a00:1450:4001:830::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/3794511120807493632/728x90-Pepperstone_InBanner_EN/PlusJakartaSansBold.woff

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/3794511120807493632/728x90-Pepperstone_InBanner_EN/index.html?e=69&leftOffset=0&topOffset=0&c=DnzLPNpz7V&t=1&renderingType=2&ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c35135cb4e8e6a4d1c9cc60ff9b0e8fb23d5568cc69272ee6df455afef52e2a1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/sadbundle/3794511120807493632/728x90-Pepperstone_InBanner_EN/index.html?e=69&leftOffset=0&topOffset=0&c=DnzLPNpz7V&t=1&renderingType=2&ev=01_250
Origin: https://s0.2mdn.net
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

expires: Wed, 18 Dec 2024 06:12:01 GMT
date: Tue, 19 Dec 2023 06:12:01 GMT
x-content-type-options: nosniff
age: 334372
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 52956
x-xss-protection: 0
last-modified: Mon, 09 Oct 2023 08:35:12 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: font/woff
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons: true

GET
H3 200 PlusJakartaSansMedium.woff
s0.2mdn.net/sadbundle/3794511120807493632/728x90-Pepperstone_InBanner_EN/ Frame D24D 52 KB
52 KB 66ms
65ms Font
font/woff 2a00:1450:4001:830::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/3794511120807493632/728x90-Pepperstone_InBanner_EN/PlusJakartaSansMedium.woff

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/3794511120807493632/728x90-Pepperstone_InBanner_EN/index.html?e=69&leftOffset=0&topOffset=0&c=DnzLPNpz7V&t=1&renderingType=2&ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8e95246891091131d753fb3af619af7404a96b8f0f251a4f1178a0f5df99fdcc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/sadbundle/3794511120807493632/728x90-Pepperstone_InBanner_EN/index.html?e=69&leftOffset=0&topOffset=0&c=DnzLPNpz7V&t=1&renderingType=2&ev=01_250
Origin: https://s0.2mdn.net
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

expires: Fri, 20 Dec 2024 13:04:42 GMT
date: Thu, 21 Dec 2023 13:04:42 GMT
x-content-type-options: nosniff
age: 136811
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 52996
x-xss-protection: 0
last-modified: Mon, 09 Oct 2023 08:35:12 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: font/woff
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons: true

GET
H3 200 RobotoBold.woff
s0.2mdn.net/sadbundle/3794511120807493632/728x90-Pepperstone_InBanner_EN/ Frame D24D 92 KB
92 KB 123ms
122ms Font
font/woff 2a00:1450:4001:830::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/3794511120807493632/728x90-Pepperstone_InBanner_EN/RobotoBold.woff

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/3794511120807493632/728x90-Pepperstone_InBanner_EN/index.html?e=69&leftOffset=0&topOffset=0&c=DnzLPNpz7V&t=1&renderingType=2&ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9591e031449880d287eb6289f7580e8328c0889056c396778b03b249b64ae2a7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/sadbundle/3794511120807493632/728x90-Pepperstone_InBanner_EN/index.html?e=69&leftOffset=0&topOffset=0&c=DnzLPNpz7V&t=1&renderingType=2&ev=01_250
Origin: https://s0.2mdn.net
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

expires: Fri, 20 Dec 2024 13:04:42 GMT
date: Thu, 21 Dec 2023 13:04:42 GMT
x-content-type-options: nosniff
age: 136811
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 94040
x-xss-protection: 0
last-modified: Mon, 09 Oct 2023 08:35:12 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: font/woff
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons: true

GET
H3 200 RobotoRegular.woff
s0.2mdn.net/sadbundle/3794511120807493632/728x90-Pepperstone_InBanner_EN/ Frame D24D 92 KB
92 KB 107ms
106ms Font
font/woff 2a00:1450:4001:830::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/3794511120807493632/728x90-Pepperstone_InBanner_EN/RobotoRegular.woff

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/3794511120807493632/728x90-Pepperstone_InBanner_EN/index.html?e=69&leftOffset=0&topOffset=0&c=DnzLPNpz7V&t=1&renderingType=2&ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b746587b04bfd7e4d1011a6ac3d5e967a2d9df351d43137f6ece6a3a452d1dd0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/sadbundle/3794511120807493632/728x90-Pepperstone_InBanner_EN/index.html?e=69&leftOffset=0&topOffset=0&c=DnzLPNpz7V&t=1&renderingType=2&ev=01_250
Origin: https://s0.2mdn.net
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

expires: Fri, 20 Dec 2024 13:04:42 GMT
date: Thu, 21 Dec 2023 13:04:42 GMT
x-content-type-options: nosniff
age: 136811
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 93784
x-xss-protection: 0
last-modified: Mon, 09 Oct 2023 08:35:12 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: font/woff
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons: true

GET
H3 200 TitilliumWebBold.woff
s0.2mdn.net/sadbundle/3794511120807493632/728x90-Pepperstone_InBanner_EN/ Frame D24D 30 KB
30 KB 140ms
139ms Font
font/woff 2a00:1450:4001:830::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/3794511120807493632/728x90-Pepperstone_InBanner_EN/TitilliumWebBold.woff

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/3794511120807493632/728x90-Pepperstone_InBanner_EN/index.html?e=69&leftOffset=0&topOffset=0&c=DnzLPNpz7V&t=1&renderingType=2&ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0ea3a6ac5a11f7b18f9d644b89d495c42d4b59b4af2e1197050f610e62c40c1c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/sadbundle/3794511120807493632/728x90-Pepperstone_InBanner_EN/index.html?e=69&leftOffset=0&topOffset=0&c=DnzLPNpz7V&t=1&renderingType=2&ev=01_250
Origin: https://s0.2mdn.net
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

expires: Sun, 22 Dec 2024 02:08:23 GMT
date: Sat, 23 Dec 2023 02:08:23 GMT
x-content-type-options: nosniff
age: 3390
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 30520
x-xss-protection: 0
last-modified: Mon, 09 Oct 2023 08:35:12 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: font/woff
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons: true

GET
H3 200 TitilliumWebRegular.woff
s0.2mdn.net/sadbundle/3794511120807493632/728x90-Pepperstone_InBanner_EN/ Frame D24D 32 KB
32 KB 133ms
132ms Font
font/woff 2a00:1450:4001:830::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/3794511120807493632/728x90-Pepperstone_InBanner_EN/TitilliumWebRegular.woff

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/3794511120807493632/728x90-Pepperstone_InBanner_EN/index.html?e=69&leftOffset=0&topOffset=0&c=DnzLPNpz7V&t=1&renderingType=2&ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f0ef7ee8e55facd721d2f1e68ad4304b0418a3d36e141ae54876ecad4e6c5466

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/sadbundle/3794511120807493632/728x90-Pepperstone_InBanner_EN/index.html?e=69&leftOffset=0&topOffset=0&c=DnzLPNpz7V&t=1&renderingType=2&ev=01_250
Origin: https://s0.2mdn.net
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

expires: Fri, 20 Dec 2024 13:04:42 GMT
date: Thu, 21 Dec 2023 13:04:42 GMT
x-content-type-options: nosniff
age: 136811
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 32644
x-xss-protection: 0
last-modified: Mon, 09 Oct 2023 08:35:12 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: font/woff
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons: true

GET
H2 200 css2
fonts.googleapis.com/ Frame D24D 3 KB
1 KB 145ms
52ms Stylesheet
text/css 2a00:1450:4001:82a::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Roboto&family=Titillium+Web:wght@700&display=swap

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/3794511120807493632/728x90-Pepperstone_InBanner_EN/index.html?e=69&leftOffset=0&topOffset=0&c=DnzLPNpz7V&t=1&renderingType=2&ev=01_250

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

a6dedd8665ac8d1d39fef59c871ae333d69bbf3e9de13584663c8ec64e050119

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sat, 23 Dec 2023 03:04:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Sat, 23 Dec 2023 03:04:53 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sat, 23 Dec 2023 03:04:53 GMT

GET
H3 200 Enabler_01_250.js Show response
s0.2mdn.net/879366/ Frame D24D 120 KB
41 KB 91ms
90ms Script
text/javascript 2a00:1450:4001:830::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/Enabler_01_250.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/3794511120807493632/728x90-Pepperstone_InBanner_EN/index.html?e=69&leftOffset=0&topOffset=0&c=DnzLPNpz7V&t=1&renderingType=2&ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

31d02f43dd0c7fc5c0d95db087a23f1c2d729c93f10450884c8da6b415f7839b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://s0.2mdn.net/sadbundle/3794511120807493632/728x90-Pepperstone_InBanner_EN/index.html?e=69&leftOffset=0&topOffset=0&c=DnzLPNpz7V&t=1&renderingType=2&ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Fri, 22 Dec 2023 12:23:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 52884
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42247
x-xss-protection: 0
last-modified: Tue, 14 Mar 2023 21:28:42 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 23 Dec 2023 12:23:29 GMT

GET
H3 200 gsap_3.2.4_min.js Show response
s0.2mdn.net/ads/studio/cached_libs/ Frame D24D 57 KB
23 KB 189ms
188ms Script
text/javascript 2a00:1450:4001:830::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/ads/studio/cached_libs/gsap_3.2.4_min.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/3794511120807493632/728x90-Pepperstone_InBanner_EN/index.html?e=69&leftOffset=0&topOffset=0&c=DnzLPNpz7V&t=1&renderingType=2&ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e8403779d45a9590b43c0ecf984ebe11e75fd2982630d658390a6001a6768770

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://s0.2mdn.net/sadbundle/3794511120807493632/728x90-Pepperstone_InBanner_EN/index.html?e=69&leftOffset=0&topOffset=0&c=DnzLPNpz7V&t=1&renderingType=2&ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sat, 23 Dec 2023 03:04:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 23276
x-xss-protection: 0
last-modified: Thu, 05 Mar 2020 03:53:22 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=0
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 23 Dec 2023 03:04:53 GMT

GET
H3 200 SplitText.min.js Show response
s0.2mdn.net/sadbundle/3794511120807493632/728x90-Pepperstone_InBanner_EN/ Frame D24D 9 KB
4 KB 132ms
131ms Script
application/x-javascript 2a00:1450:4001:830::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/3794511120807493632/728x90-Pepperstone_InBanner_EN/SplitText.min.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/3794511120807493632/728x90-Pepperstone_InBanner_EN/index.html?e=69&leftOffset=0&topOffset=0&c=DnzLPNpz7V&t=1&renderingType=2&ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9803885ef1504babd3030a5fe4ccc0f199edf3f9e7d8511ef38254688be6378a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://s0.2mdn.net/sadbundle/3794511120807493632/728x90-Pepperstone_InBanner_EN/index.html?e=69&leftOffset=0&topOffset=0&c=DnzLPNpz7V&t=1&renderingType=2&ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

expires: Fri, 20 Dec 2024 13:04:42 GMT
date: Thu, 21 Dec 2023 13:04:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 136811
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3818
x-xss-protection: 0
last-modified: Mon, 09 Oct 2023 08:35:12 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons: true

GET
H3 200 adlibUtils-v3.js Show response
s0.2mdn.net/sadbundle/3794511120807493632/728x90-Pepperstone_InBanner_EN/ Frame D24D 28 KB
11 KB 80ms
79ms Script
application/x-javascript 2a00:1450:4001:830::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/3794511120807493632/728x90-Pepperstone_InBanner_EN/adlibUtils-v3.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/3794511120807493632/728x90-Pepperstone_InBanner_EN/index.html?e=69&leftOffset=0&topOffset=0&c=DnzLPNpz7V&t=1&renderingType=2&ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0adce1c9ca35fb661329721cf6e1fc3f660f022f2c33c03b6df44fedbc255ba7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://s0.2mdn.net/sadbundle/3794511120807493632/728x90-Pepperstone_InBanner_EN/index.html?e=69&leftOffset=0&topOffset=0&c=DnzLPNpz7V&t=1&renderingType=2&ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

expires: Sun, 22 Dec 2024 02:08:23 GMT
date: Sat, 23 Dec 2023 02:08:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 3390
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11285
x-xss-protection: 0
last-modified: Mon, 09 Oct 2023 08:35:12 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons: true

GET
H3 200 animation.js Show response
s0.2mdn.net/sadbundle/3794511120807493632/728x90-Pepperstone_InBanner_EN/ Frame D24D 7 KB
2 KB 121ms
121ms Script
application/x-javascript 2a00:1450:4001:830::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/3794511120807493632/728x90-Pepperstone_InBanner_EN/animation.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/3794511120807493632/728x90-Pepperstone_InBanner_EN/index.html?e=69&leftOffset=0&topOffset=0&c=DnzLPNpz7V&t=1&renderingType=2&ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

04d4e3d019c17ed9efb5110cd9a525d53172d86c3d260731d8d1224bd3c774f8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://s0.2mdn.net/sadbundle/3794511120807493632/728x90-Pepperstone_InBanner_EN/index.html?e=69&leftOffset=0&topOffset=0&c=DnzLPNpz7V&t=1&renderingType=2&ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

expires: Fri, 20 Dec 2024 13:04:42 GMT
date: Thu, 21 Dec 2023 13:04:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 136811
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1802
x-xss-protection: 0
last-modified: Mon, 09 Oct 2023 08:35:12 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons: true

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame DCD8 0
20 B 80ms
80ms Image
image/gif 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=44&t=2&bgai=BNcKmVE6GZemCG6SM1PIP58qU6AgAAAAAOAHgBAI&bg=!CQqlCkXNAAY3kmNgF5I7ADQBe5WfOO3fM8YtyEoUyYwnVv-2LgL7tYSI9EMUNwWOEU4DH2V1mik33sDaChdqjaGqez8yAgAAAHRSAAAAAWgBB5kDOHFecyJP0AnOXjFSH8QjqDQZD3rC3NKVZ2nNVbXNtc-YC2byrsBIMa5hCMQ2FlxEPzWD6JUbT3duRhNVjoUF-ZmL1wpFfhMoI0rIE3tiFUbAFnp5fmakJ6Y2fgSHERYQgWoM9X0vRkTtNovgQNIZqwHY8-J9vGwQTBl3wv8O7eggFk4O3RrSZopE-sFkYvEXkNu5Rg34WQX2fv225zL5tmbNK3ap4tJJjYd9EOSIc-DcNv2pnq0VqE9rTQ7a23Ni4LnSXjHrTUzhjIOwSRWhUv_MPy0dO72z0ikyExEo3LV2yQu1lPpwHTXCz5RtueZWxN1Bk86fjww_orUj69LOjJDYcyAecDTtbmKsWMX_KOwkuMg9jAocm5WJoj5pKow5RAHeYkXe0liM5_VbBdDnSI0pgI3WdU7HnVc5sBhHqE5PAsk6eFJknS0lIf5CsvBjpD4nSqmLDdMcBEMrzVuE6s7qNbqeYxeF9owvQbiDdKEPtogrpQbpOfZoWIhGTF8ZSawCFU2M8QyTGc--pXfBODZy64T4duis3qnYlzAGvxa_D5oQLVINNyZ1EgmD2ezVdmZ3kRdJ2Ni3KgTV5qa3LOz6LBMaJlixCmtA-hIqEKGWSTzI5GfktE2iY8v7zVzJnJby5dxYEjpm40Ns4l2N3l6R98T8kIL_pueDvvf88x-660AvTld3SgbV5Mj6YSkGAtfW9Kf7YKznNo39jrrGk9ubXw-sNUPkdj4mobi8aOg2gCewFOiDCiJa87di5nmG9NQelsX7AbtuDPQaI0Zujig7S_VP1ZB5YcYX9W_A7X_t-29CCErPJWFRNRJwD8tPJx6wzCwkJdTHlxJ-0_j4WWeLfeLDYSCcg3YHJ2UAxf0zOO5KfMcvclzu4beF6PY_F7PV6HWAmRCjW-xCs9JKgTpr1oIm6Vp088LlDDc-8y0Jw8l2ppsZxsHyDmwpJXdQ2sPNm0R-Qu0etMbYh0w1byF7Tp3kJvUBLweJLYvmEGblJxREz_6ZSLoCw8Aqntxsj-DcQkOeY1bWeakMdBvf6arWxsq0ZYNrl_1bceYIHABxbCOqvn_k1ulgeJsumr4iHayFULCmq7oB

Requested by

Host: c9adeaae95a4301d142b2c8a3a1bd9bd.safeframe.googlesyndication.com
URL: https://c9adeaae95a4301d142b2c8a3a1bd9bd.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 23 Dec 2023 03:04:53 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 view
ad.doubleclick.net/pcs/ Frame 19CF 0
0 78ms
78ms Fetch
image/gif 172.217.16.134
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ad.doubleclick.net/pcs/view?xai=AKAOjst9l0rdnvlTXn3Gn3lNQUqtASjdGFyVr-q2qLeBBuLsJqdlUa6mcFPUZUMMhH74zswX0_uA4tn8-lT8vOj1e-RIhjQ2_4boY1g1Qgg9TwnEhplKCzV3RgOwsxa_-2vx-uDAbGYGV7kxWVafOODLQxnu2TYNGrHzq8gPdyr85aFA-wiQlJECvzTD4BaHO5vcS0IUaU0WNusECLnXrjdY9I6eKGncf_sMotKN0x4kjrCLwMEgPUcDbChIWKb81M4fgzIhHC5AtFN597ptFMxLCkgUqO1nTvBkeDXvEgNJNt5RKHWMB2Hl9mu9eY1wJ-kre5nsSVuLARnwIZDOKf8ZQZBn_qIUKhUQ6HsiTGUJ8z0dhNiEPGILyMviaz0CXXk8siFEIVLUEk1mWRAg8LTbmsfutppAwj8-GawI4XKo3zKdSHh_oxxU-WREgsoOpUf7dqxF0hL9iLl_1DTRLzEkh9gikNtfwyLz8srMWkKjZL9GhC3wyr8krF1eh_wP58E301Lrxk2Jcd64ZSQ9qEnPNWk3oajN3pi26ozSSswWIn3iAOgKYJtHPWGTeIB0t82VrcZL_H_xMQCz0VcHt1C_qy8iV66PG2yVyeJctThnq4TKZxPZwU_lpx5acEj12sXRvD6ack1L77FosRABLtKTzxKThfgzfIkBtlPmsHT4ttoJf4bjm9cUp4Obof4yl0AKQC0d1wIm8mmFy7iMqCbFfSY4dt8TLuj_K74Oi3gtCbuReorLkP8Z8UaaTcM8dcNqs1f355NTLk9qEGwUOoISRkA4FZEJUGAKe3hrCVi5eeAvz5858jCy5Urz_ioYYdG0gLfDWCUV-Y8-U3Z-feb1YqiyKkj6MYRjZ8Vb2I5YmrHqlgxEclNP5QZeA4wuBXu5nqJuqe5-NAtFJmsnXR0E_A2UwepuXupVZmxrbm5feFH3mPc_lUA_v6Lc-rmZEsz_lUYXscR5XtLEGztLdXn631DoeolI3ogtz9PXvLQZiUpwA7Fpa-cdHln1UToEJlEvrspdgRuaugFX2W7MfKuJRWVBvdNjfTqJz9sh_qXcTo1xzVbpKc7Kp834-iGEJy3oQqhIlFemCdrYVfRJZZdyI1UldHkPpBvqfJoKv0M4f9aec9ZOD2aQGd2pTHTVFtdK-DE9cbAT0gSZdXg9tnqbQINXtWpsbLJNHqNG0lpGxQpGoJCjtKy5Jo6w-u18Y2EVwa1S6qwwoYZmtu4RAmd01iErl2_FrItvgtQMVXGqWGqHqyTzc8_ZMOkY3DLYXhLnI89F9D5q7ykV_QuG92a6I30nvsQseM1JW80m6lXjLIO5MYNiTeYZ9G4kTedX3GlY221Nwis9nPu4_WV_J67W2Yx5gCBYWtsHwBqV6KQ631yYOKMjEYML8arqTmC_DzRvUINHy1BjTFMDFsUrbX8OwGEQrRk2T6pcu5hYMK-lilBVzvG3_sZCVIlw3wHrNZUt&sai=AMfl-YRt3wF5oPmUE73_6vpktAXcPd48jveqcakeERkBIA5HHjick6_XcsRmh1iDS1y-ExnXOT89eB_FJriVKLbPGbDB01adTz6eHzPtQskARsDblhdez156jC6jJUf-I3OoUOUdtMYmvL-JDAReRESm9GpUl8SyqJnEd9iP4pF3pMfYJsqV_GCAlBqVep5SEV4BnL739UecmAeVLTsjU6JlwgYm4iQ8Aat0t8FcdLu1Yn97ocCg7YHyN2l9UDkT2DcnF0HrZ3vLvtksqeV2w3MUdM2ffVink2YTTxzCxlDlXGgr-npnZpzadQx0gENl9juyg8Aor320JtBabtaFTzlQJTYiCYbZ5aM5HzscuDvvCkk_Zrm3yb5GBNoUhU3zJaFyldUHA8RACPwHHpU6Pe3zFoPa8hxnQlQf5t2t4qKLuZFOMnpt9QLbgJYgWrBFoLTiauCnLy1sWL-Q1ExdDzTmleNuSXCloSG13-YrTQp0B7sI71y-AUqOmL_JVA_KyzUJ7J4Cxg&sig=Cg0ArKJSzAHMUnYpaxL4EAE&uach_m=%5BUACH%5D&pr=missingexchangepricemacro&crd=aHR0cHM6Ly9wZXBwZXJzdG9uZS5jb20&fbs_aeid=%5Bgw_fbsaeid%5D&urlfix=1&omid=0&rm=1&ctpt=591&vt=11&dtpt=371&dett=3&cstd=214&cisv=r20231207.71355&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&arae=0&ftch=1&adurl=

Requested by

Host: www.tiandeitnews.com
URL: https://www.tiandeitnews.com/details.html?utm_source=masked&utm_medium=1&sid=masked

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.134 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

zrh04s06-in-f134.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://c9adeaae95a4301d142b2c8a3a1bd9bd.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sat, 23 Dec 2023 03:04:53 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame D24D 8 KB
6 KB 82ms
82ms XHR
application/json 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=xfad&tv=01_250&st=int

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/Enabler_01_250.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e121ab87fa48b08e75b7ddf771d9b7e3c81c105e23aa8357cccfa2c04769df78

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sat, 23 Dec 2023 03:04:53 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 5885
x-xss-protection: 0

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame D24D 17 KB
6 KB 60ms
60ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/Enabler_01_250.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sat, 23 Dec 2023 03:04:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sat, 23 Dec 2023 03:04:53 GMT

GET
H3 200 prod_studio_01_250_videomodule.js Show response
s0.2mdn.net/879366/ Frame D24D 13 KB
5 KB 43ms
43ms Script
text/javascript 2a00:1450:4001:830::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/prod_studio_01_250_videomodule.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/Enabler_01_250.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

03656ff565d2cc90c3b8f2c1963c5804304e5d9dc796e920db21a6db906a942d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://s0.2mdn.net/sadbundle/3794511120807493632/728x90-Pepperstone_InBanner_EN/index.html?e=69&leftOffset=0&topOffset=0&c=DnzLPNpz7V&t=1&renderingType=2&ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sat, 23 Dec 2023 02:12:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 3118
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4955
x-xss-protection: 0
last-modified: Tue, 14 Mar 2023 21:28:43 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sun, 24 Dec 2023 02:12:55 GMT

GET
H3 200 logo-blue.png_1689495349205_logo-blue.png
s0.2mdn.net/dynamic/2/11099137/cdn.ad-lib.io/v2/partners/606eed45cda012000629ab8d/assets/concepts/61e65f198a3fbc3b1a968030/templates/6334dbc9690e354610907093/content/ Frame D24D 7 KB
7 KB 43ms
43ms Image
image/png 2a00:1450:4001:830::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/dynamic/2/11099137/cdn.ad-lib.io/v2/partners/606eed45cda012000629ab8d/assets/concepts/61e65f198a3fbc3b1a968030/templates/6334dbc9690e354610907093/content/logo-blue.png_1689495349205_logo-blue.png

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3c7766cb470fdb8e95be7572ce2a63b18dbd24108a39b719e170cf852057b2da

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://s0.2mdn.net/sadbundle/3794511120807493632/728x90-Pepperstone_InBanner_EN/index.html?e=69&leftOffset=0&topOffset=0&c=DnzLPNpz7V&t=1&renderingType=2&ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 19 Dec 2023 07:25:12 GMT
x-content-type-options: nosniff
age: 329981
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-programmable
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6986
x-xss-protection: 0
last-modified: Sun, 16 Jul 2023 08:15:53 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-programmable"
report-to: {"group":"ads-programmable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-programmable"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 18 Dec 2024 07:25:12 GMT

GET
H/1.1

206
Partial Content

file.mp4
r1---sn-aigl6nze.c.2mdn.net/videoplayback/id/0a3f7daf4c7f6e02/itag/15/source/doubleclick/requiressl/yes/ratebypass/yes/mime/video%2Fmp4/ip/0.0.0.0/ipbits/0/expire/2144448000/sparams/expire,id,ip,ip... Frame D24D
Redirect Chain

https://gcdn.2mdn.net/videoplayback/id/0a3f7daf4c7f6e02/itag/15/source/doubleclick/requiressl/yes/ratebypass/yes/mime/video%2Fmp4/ip/0.0.0.0/ipbits/0/expire/2144448000/sparams/ip,ipbits,expire,id,i...
https://r1---sn-aigl6nze.c.2mdn.net/videoplayback/id/0a3f7daf4c7f6e02/itag/15/source/doubleclick/requiressl/yes/ratebypass/yes/mime/video%2Fmp4/ip/0.0.0.0/ipbits/0/expire/2144448000/sparams/expire,...

626 KB
627 KB

132ms
29ms

Media
video/mp4

2a00:1450:4009:e::6
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://r1---sn-aigl6nze.c.2mdn.net/videoplayback/id/0a3f7daf4c7f6e02/itag/15/source/doubleclick/requiressl/yes/ratebypass/yes/mime/video%2Fmp4/ip/0.0.0.0/ipbits/0/expire/2144448000/sparams/expire,id,ip,ipbits,itag,mh,mime,mip,mm,mn,ms,mv,mvi,pl,ratebypass,requiressl,source/signature/040ADBE616C52F69A9FABBBDBF2CE520318B15D2.805C5469016E1469A49591AA4D9BDA3A60B58983/key/cms1/cms_redirect/yes/mh/vQ/mip/2001:ac8:21:e::7/mm/42/mn/sn-aigl6nze/ms/onc/mt/1703300205/mv/m/mvi/1/pl/48/file/file.mp4

Protocol

HTTP/1.1

Server

2a00:1450:4009:e::6 London, United Kingdom, ASN15169 (GOOGLE, US),

Reverse DNS

Software

gvs 1.0 /

Resource Hash

d530abbd89684de89046427ce5b0bb2c7fe3c1f6ea4019fb07f22c6f6b36aa68

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Date: Sat, 23 Dec 2023 03:04:53 GMT
X-Content-Type-Options: nosniff
Last-Modified: Fri, 12 May 2023 03:33:39 GMT
Server: gvs 1.0
Vary: Origin
Content-Type: video/mp4
Content-Range: bytes 0-641339/641340
Cache-Control: private, max-age=86400
Connection: close
Accept-Ranges: bytes
Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,quic=":443"; ma=2592000; v="46"
Content-Length: 641340
Expires: Sat, 23 Dec 2023 03:04:53 GMT

Redirect headers

pragma: no-cache
date: Sat, 23 Dec 2023 03:04:53 GMT
x-content-type-options: nosniff
server: ClientMapServer
x-frame-options: SAMEORIGIN
content-type: text/html; charset=UTF-8
location: https://r1---sn-aigl6nze.c.2mdn.net/videoplayback/id/0a3f7daf4c7f6e02/itag/15/source/doubleclick/requiressl/yes/ratebypass/yes/mime/video%2Fmp4/ip/0.0.0.0/ipbits/0/expire/2144448000/sparams/expire,id,ip,ipbits,itag,mh,mime,mip,mm,mn,ms,mv,mvi,pl,ratebypass,requiressl,source/signature/040ADBE616C52F69A9FABBBDBF2CE520318B15D2.805C5469016E1469A49591AA4D9BDA3A60B58983/key/cms1/cms_redirect/yes/mh/vQ/mip/2001:ac8:21:e::7/mm/42/mn/sn-aigl6nze/ms/onc/mt/1703300205/mv/m/mvi/1/pl/48/file/file.mp4
cache-control: no-cache, must-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 689
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js Show response
pagead2.googlesyndication.com/bg/ Frame 4267 39 KB
15 KB 43ms
42ms Script
text/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0edb7ff8b4775b1a73c15d06b1c7edab503f0f5a30b2dbf1a139d65a1c18e0ec

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Fri, 22 Dec 2023 20:41:59 GMT
content-encoding: br
x-content-type-options: nosniff
age: 22974
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15165
x-xss-protection: 0
last-modified: Tue, 28 Nov 2023 18:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 21 Dec 2024 20:41:59 GMT

GET
H3 200 container.html Show response
c9adeaae95a4301d142b2c8a3a1bd9bd.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 169B 6 KB
3 KB 43ms
43ms Document
text/html 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://c9adeaae95a4301d142b2c8a3a1bd9bd.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312060101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.tiandeitnews.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

accept-ranges: bytes
age: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Sat, 23 Dec 2023 03:04:52 GMT
expires: Sun, 22 Dec 2024 03:04:52 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame 1AAF 624 B
245 B 80ms
80ms Document
text/html 142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CMmxzAIQvti-hwMYvofKgQIwAQ&v=APEucNVa3HfmlVnrWO1DD9BsPo_AwWxxjIfT-Y_7jOLUM2BXiDPlkz2Hz42ituqR8IbSNZykIadCSDAtqtRfsLcvDqXbbkrkNeFC4Hl1bSXE25goZfb88FkHsTsABuHUAuO8hNTICnlC2ZLB09J2SdPQUPp0eunVfF-KqJS9EJ6mdDumgsu1v4E

Requested by

Host: c9adeaae95a4301d142b2c8a3a1bd9bd.safeframe.googlesyndication.com
URL: https://c9adeaae95a4301d142b2c8a3a1bd9bd.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

cafe /

Resource Hash

9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://c9adeaae95a4301d142b2c8a3a1bd9bd.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 222
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 23 Dec 2023 03:04:53 GMT
expires: Sat, 23 Dec 2023 03:04:53 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 express_html_inpage_rendering_lib_200_278.js Show response
s0.2mdn.net/879366/ Frame 169B 111 KB
39 KB 43ms
42ms Script
text/javascript 2a00:1450:4001:830::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_278.js

Requested by

Host: www.tiandeitnews.com
URL: https://www.tiandeitnews.com/details.html?utm_source=masked&utm_medium=1&sid=masked

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1642dd5dc126df4feff2255cba0988528507973d842d0a73331a5873f6b9d4e5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://c9adeaae95a4301d142b2c8a3a1bd9bd.safeframe.googlesyndication.com/
Origin: https://c9adeaae95a4301d142b2c8a3a1bd9bd.safeframe.googlesyndication.com
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Fri, 22 Dec 2023 20:46:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 22695
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 39806
x-xss-protection: 0
last-modified: Tue, 14 Mar 2023 18:44:05 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 23 Dec 2023 20:46:38 GMT

GET
H3 200 omrhp_fy2021.js Show response
pagead2.googlesyndication.com/pagead/js/r20231207/r20110914/elements/html/ Frame 169B 7 KB
3 KB 43ms
42ms Script
text/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20231207/r20110914/elements/html/omrhp_fy2021.js

Requested by

Host: www.tiandeitnews.com
URL: https://www.tiandeitnews.com/details.html?utm_source=masked&utm_medium=1&sid=masked

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c4b813f7aa04eca20be469b259cca2779799f58e280d73488bd7386940d2d146

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://c9adeaae95a4301d142b2c8a3a1bd9bd.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sat, 23 Dec 2023 02:43:26 GMT
content-encoding: br
x-content-type-options: nosniff
age: 1287
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3071
x-xss-protection: 0
server: cafe
etag: 10674441169935035545
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 06 Jan 2024 02:43:26 GMT

GET
H3 200 abg_lite_fy2021.js Show response
pagead2.googlesyndication.com/pagead/js/r20231207/r20110914/ Frame 169B 23 KB
9 KB 42ms
42ms Script
text/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20231207/r20110914/abg_lite_fy2021.js

Requested by

Host: www.tiandeitnews.com
URL: https://www.tiandeitnews.com/details.html?utm_source=masked&utm_medium=1&sid=masked

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9844337d0b1b36b45473c8fc27cba7d1c9f8aab2107e23e684b9e1a48e6066b5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://c9adeaae95a4301d142b2c8a3a1bd9bd.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Fri, 22 Dec 2023 20:43:00 GMT
content-encoding: br
x-content-type-options: nosniff
age: 22913
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9269
x-xss-protection: 0
server: cafe
etag: 11706523405290302210
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 05 Jan 2024 20:43:00 GMT

GET
H3 200 Q12zgMmT.js Show response
tpc.googlesyndication.com/sodar/ Frame 169B 41 KB
14 KB 43ms
42ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Q12zgMmT.js

Requested by

Host: www.tiandeitnews.com
URL: https://www.tiandeitnews.com/details.html?utm_source=masked&utm_medium=1&sid=masked

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://c9adeaae95a4301d142b2c8a3a1bd9bd.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 19 Dec 2023 13:49:16 GMT
content-encoding: br
x-content-type-options: nosniff
age: 306937
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13937
x-xss-protection: 0
last-modified: Fri, 25 Aug 2023 23:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 18 Dec 2024 13:49:16 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/ Frame 169B 3 KB
1 KB 53ms
52ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/window_focus_fy2021.js

Requested by

Host: c9adeaae95a4301d142b2c8a3a1bd9bd.safeframe.googlesyndication.com
URL: https://c9adeaae95a4301d142b2c8a3a1bd9bd.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://c9adeaae95a4301d142b2c8a3a1bd9bd.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Fri, 22 Dec 2023 13:10:41 GMT
content-encoding: br
x-content-type-options: nosniff
age: 50052
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 05 Jan 2024 13:10:41 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/ Frame 169B 20 KB
8 KB 44ms
44ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: c9adeaae95a4301d142b2c8a3a1bd9bd.safeframe.googlesyndication.com
URL: https://c9adeaae95a4301d142b2c8a3a1bd9bd.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8d6679c1ce1ac8605f5c410f30d1b06713479732043b75e81130cbe21b60e579

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://c9adeaae95a4301d142b2c8a3a1bd9bd.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Fri, 22 Dec 2023 09:13:30 GMT
content-encoding: br
x-content-type-options: nosniff
age: 64283
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8571
x-xss-protection: 0
server: cafe
etag: 5853369240893788875
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 05 Jan 2024 09:13:30 GMT

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame 169B 42 B
63 B 77ms
76ms Image
image/gif 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-CLTLQXJTIQRFCIbzJFJ9ICQXltoqLpyryyo39OqxDbOomMIb4uD5fAWGVBF3HyewhFt8iJ-oYTaPTH8L6wmlu9xYKYv6AO8uGJXob-StOqbd5PsCc

Requested by

Host: c9adeaae95a4301d142b2c8a3a1bd9bd.safeframe.googlesyndication.com
URL: https://c9adeaae95a4301d142b2c8a3a1bd9bd.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://c9adeaae95a4301d142b2c8a3a1bd9bd.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 23 Dec 2023 03:04:53 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ufs_web_display.js Show response
www.googletagservices.com/activeview/js/current/ Frame 169B 203 KB
64 KB 59ms
58ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Requested by

Host: c9adeaae95a4301d142b2c8a3a1bd9bd.safeframe.googlesyndication.com
URL: https://c9adeaae95a4301d142b2c8a3a1bd9bd.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

566012676f5d43acfea4dc0bc5d9bb2c0805d8775fcdd081b1c895310956829a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://c9adeaae95a4301d142b2c8a3a1bd9bd.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sat, 23 Dec 2023 03:04:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 65731
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1702472459035717"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 23 Dec 2023 03:04:53 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 79ms
79ms Image
text/html 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_m202312060101&jk=3220350543369119&bg=!iIuli8TNAAY3kmNgF5I7ADQBe5WfOMQx5lmSqMAKVeQH5FBrvwOe1Gunx5JKNkWiemBdDH03L7SM-b6gjl8hrp4Nc0-1AgAAAC9SAAAAAWgBB5kC8hvR1ipFi4NFrQz_YXLhttYfGM9G3ddDSukNgik6qnGrUZskIuSE-MydoVf1omFyvlRiNK7-XPzpdlQZcPAaOuJxiyY_IRNz7YF7XCg6QBbcX_LqtwB4iDQGJz8jIvG-AlwwVqHyte5_CSbpRKdV1ZRUgDhuF9SHoF7tAZfAVXLUNUjc_k2P3Fmxarajd62y0LuTVtgtKpybI7FM9vASpRZJMwVxZgCwu2daOYoL2twUATYmP10M2iYfME9O69BT1ThxnsNwAyaLD8dv_5PolbN2Ft6fLfQnrxE0vD62HVRRieoq7OxoSSA8s2l3-hwRvG4DhWpDvqYrjbwBONzZMr5zDEJ2gw7oYrRlo6mrx0fErz49Z_zvhk_7qDgW8QLdyxnA_efQ0idNf3D-djLyP_8K9iQTinbEgyKplbhg9zLcubnv9WcnS945735nqICJWtAwFM52824idSCAoqNUUNodLv8gPHDtN31iYJw4sYKT-Aeo-yHvK9vp1dmwKjDx1cZvx-qewa2pUQQafbNYVAnblQFVWLxfZW6QfQV91-cP090HB57SGWCKEfbxS0eqKXrUKE6pzos8HXFzBPoDkHOik4fmxGlgi1sdlpwFYNWXqb3O29vRDrtjuLV9EUXJp6S9fyL3vEgYwxJVt4m8ZQyw7dzjhY1Xh54yVkneszBwTKqydN4vc53Hd6ZicUenZlkKdmUmMLrKPL73XrF3ziIg8wGfX_tdvloQWvg4wAWjtPj0ALOPyvQZ5-LJ0k7vog4GwDKgWCui5i7XtAowQ791o0zxT77Z4iuz30vhoeLIkSvOq3nPOE0J9DXzIPBsnHuJATUJUckHs9e6idwkI8E9kV3SjEzz33Y1PgSEr_utXqu_IbHBdmjmMQyR-TgKn5d3awM9pm8ztPLqLCWZNhXgzLkvnEMu9DiPaJ1BCtOgr3dZ-8TauQA1d7LB8gDyDiEqeg-qEFSrT1ACcVVM-gYwfram6_qW-BXtKRD5Vs4dEvE
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.tiandeitnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

GET
H3 200 62bHydCX.html Show response
tpc.googlesyndication.com/sodar/ Frame 1F75 38 KB
13 KB 43ms
43ms Document
text/html 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/62bHydCX.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Q12zgMmT.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://c9adeaae95a4301d142b2c8a3a1bd9bd.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

accept-ranges: bytes
age: 305054
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: br
content-length: 13045
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Tue, 19 Dec 2023 14:20:39 GMT
expires: Wed, 18 Dec 2024 14:20:39 GMT
last-modified: Fri, 25 Aug 2023 23:48:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 index.html Show response
s0.2mdn.net/sadbundle/750554429848723805/ Frame 1F3D 18 KB
7 KB 43ms
43ms Document
text/html 2a00:1450:4001:830::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/750554429848723805/index.html?ev=01_250

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_278.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cdc8fc3e84893020d41775092d094468874bcdaef92e795ad621f2af577ac56d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://c9adeaae95a4301d142b2c8a3a1bd9bd.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 386716
allow-fenced-frame-automatic-beacons: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 7129
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy: cross-origin
date: Mon, 18 Dec 2023 15:39:37 GMT
expires: Tue, 17 Dec 2024 15:39:37 GMT
last-modified: Fri, 15 Dec 2023 12:44:23 GMT
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-dns-prefetch-control: off
x-xss-protection: 0

GET
H3 200 view
ad.doubleclick.net/pcs/ Frame 169B 0
0 86ms
85ms Fetch
image/gif 172.217.16.134
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ad.doubleclick.net/pcs/view?xai=AKAOjstVmwn4Coeze2MKoSr0i6Z5EHMZ_rERfvuxhhe2Fc5LPTobYC3c1eHHOUgD2011ZlFPUZimlpxuKuAoMtdnXh5KaDfwhQZKw2x2dU79VASF-O64z_oRGWaCsl6vHBK0svK-cANM7NX9P15mhq0DHx6-98FYQgazZyLib2X_VPokQyzImZS_JwJQy-wB9oHizN51Xf5PLlca0fh-smzrJMVSc5DLoHWqY7mri43oBYlF76VLGzMkKjnLG5Mpd2vXvep4LCTlRGDw5Z6orLxHPUVZgGhAxN64wCoETP0DHr5Wi5tAjy54dlSD--FqKGBKPiDpbYm4LOm3wJuMJ46_2hUBChChPQiJFOMvJ7NQaOUKjr2HKjshH5HKs-_o8wi0yc3w4aBfePuM4lOCV1prybWdHO_d43T1Z6xqKro7BlMtuU_CKrWwG68nkRBqAM2p8Tk7kavXADNgKe14iPA7XU2LRxP72jbKVR3ZJnn6Ob7Q3SI94IUktFNj_KYu6eiRowA1reUUtQd2Ijh1_0Tl6YSwypTjlrAUyOvPbdjHY0T7drH99eddmBVBi8qGACLa2X81QssHERwqQ3eL4Zueaf4fsv6jOd2jVqRzD8d2YyLQoVLDKDC3GocRwR9QfRplXXy9-3k-nKWp-N2oHUbmoNwLuSZKmPKlNBihadYRZHMj8IOb-m81GZnLCLrkKKEYOwJXjmCD5XNhhr7P7AkQFOAyhuomCWq9F-L3FJL5n4VKx_zgZ43gRR8cuV-bGCD5eJzyLxjbjVD1JUReFRpK2V_uTNUMuv3HKAIoPeENi8jnvgPDgpxLVuZgEtjATzrA-wBPApaSQiVl-n5S1mzSiMJCsAnNGy0IxgHUpkVgdmno1oeJIwkL3fYfAfw4CC5cFvFEB40UtSkdPbpEXSkLGhB3-I-pIwCjIRPLrbsX30kTwRpq4CNq8sql9cj1J-Jpra3p3jE3QgVPKNsrstZ75sAnBy8rLzjTCLY6X-eDf2inVw0pK8Vx4Qz_tO9V6OoSZSh0o4nxg4YJq6-NRk1x4x8v8KtHTVkOj982tkRnuSFocnicRpaDGrJWSzOwEWg1h2zoEEBtbpL7gYQE6vtvGnWphOcPv0ux7rD-rVYJtj6LEkrr6l6xMyjQM4Aj8D7MpYYSz4d6V3N-6YlkwfjidDea3jwLi0BGpSewjoCzJNsHoy1p4bJfjIbT4IsBv-pxoz0HJJfLTlZbKsl353QCD-omDi1l6c9HhFTFHyp7-EVp9tVyDU7ZrxlmjcjbcpRKkhoObmAqxC8CEFOm_qhAiO8SoyDZiJOcNauV9f-lPpfNgKPmE6Pk1h8SN_oIj43FfNyQEUmVQlYlR5DUvX_BusTwk4rZNd-hreVnthckBLfq6_APKGbb38oy_r7rlvsNfaUU-kgqTtxE3_m32U3FLjEW2_dVaW0qTzLgaDjR5uO7KQPE6aNII6k-2J9S-i0&sai=AMfl-YTEhFk2xWBZYDCXYRFzqC8m34mo5ex1Gu2SYJ1B96SYkBxIYRJo93bLs4FRb7SbYMPTGN-2Z4SNY016gmBnch1SgSmyscLSfqFAAZwEvaGjHqgF_KMlFU7Iwse26cLfoDwG4jOeGRAcZXuAmhcS1SDr8ujeNWjP9V_YK5A-3EgJfnFNa3wXdMBvBuQhOPmPkY6UarQgO6nt-mJf40cHj8CYCfoPriuE9drzfttvSQF0RoZhHTw-cP7mUwQYt2t_pVwLHqSdN3jxegMOJgEyZSkoaJ6VAbQIZQ2tQKlqfK9B3_OKxGQTI5FMQ47EKkxTcTgbG86z2JMzXvZPug1TCEtIYjxKGYtozu7iEfiXEbWwiezZoQoEGBXP3HE9w1xDg1zoeNLKPr56dKxzzpc4atXWMJwuP0G-YBvW66W1lkDc1aSE6qpSULbdxhGw60Gpo62EobqLi2C_BHEPdicU2jO83kN4oFrwqplPtQvcOtEBRODvI4_79SLNaBfBKLuoBHQQEvDFW-RlOw&sig=Cg0ArKJSzIsS52TQvCxOEAE&uach_m=%5BUACH%5D&pr=missingexchangepricemacro&crd=aHR0cHM6Ly9wb2xlc3Rhci5jb20&fbs_aeid=%5Bgw_fbsaeid%5D&urlfix=1&omid=0&rm=1&ctpt=68&cbvp=1&cstd=66&cisv=r20231207.41438&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&arae=0&ftch=1&adurl=

Requested by

Host: www.tiandeitnews.com
URL: https://www.tiandeitnews.com/details.html?utm_source=masked&utm_medium=1&sid=masked

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.16.134 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

zrh04s06-in-f134.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://c9adeaae95a4301d142b2c8a3a1bd9bd.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Sat, 23 Dec 2023 03:04:53 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
content-type: image/gif
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame 169B 210 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 571f59d599f0b8353528303d9bc7848668a16dca66411636acfeae6a9510e0ce

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Content-Type: image/png

GET
H3

200

rum
dsum-sec.casalemedia.com/ Frame 1AAF
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEE4VGB73A1al0tQDj3AwMK8&google_cver=1

43 B
733 B

48ms
48ms

Image
image/gif

172.64.151.101
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEE4VGB73A1al0tQDj3AwMK8&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CMmxzAIQvti-hwMYvofKgQIwAQ&v=APEucNVa3HfmlVnrWO1DD9BsPo_AwWxxjIfT-Y_7jOLUM2BXiDPlkz2Hz42ituqR8IbSNZykIadCSDAtqtRfsLcvDqXbbkrkNeFC4Hl1bSXE25goZfb88FkHsTsABuHUAuO8hNTICnlC2ZLB09J2SdPQUPp0eunVfF-KqJS9EJ6mdDumgsu1v4E
Protocol: H3
Server: 172.64.151.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 23 Dec 2023 03:04:53 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RHd%2FTyl3kLikq75gi1KJeZ21OtHmqGaeBALqCpW2fQLBgXdJmChwOdTF89mrizdm2tyjGBVldAI7rl9G7%2FojycnNPZfi5moqhwrDUdfAjBB4TP%2FcYQHaoqnGLwO8wjjbXTsyP6ewCQNmTQ%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 839d6138adf76aae-MAN
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Sat, 23 Dec 2023 03:04:53 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEE4VGB73A1al0tQDj3AwMK8&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

rum
dsum-sec.casalemedia.com/ Frame 1AAF
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZYZOVVpfqD9SRQ3RgGD1SQAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEE4VGB73A1al0tQDj3AwMK8&google_cver=1

43 B
733 B

48ms
48ms

Image
image/gif

172.64.151.101
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEE4VGB73A1al0tQDj3AwMK8&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CMmxzAIQvti-hwMYvofKgQIwAQ&v=APEucNVa3HfmlVnrWO1DD9BsPo_AwWxxjIfT-Y_7jOLUM2BXiDPlkz2Hz42ituqR8IbSNZykIadCSDAtqtRfsLcvDqXbbkrkNeFC4Hl1bSXE25goZfb88FkHsTsABuHUAuO8hNTICnlC2ZLB09J2SdPQUPp0eunVfF-KqJS9EJ6mdDumgsu1v4E
Protocol: H3
Server: 172.64.151.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 23 Dec 2023 03:04:53 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=969cuH33GBn6c3rNrMxIj%2BskuJP%2FTtY4iR8cFV4433T0%2FJcTPhQOdU2cIvXvwqZSNNxnH4qdO7Cbesxt3ZZj7EOc5trPlnvWUjEUWkBWI0Q0BH8i2sWjZgi9vsZVt8vRyVZn1kuV0TnCfA%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 839d61391e216aae-MAN
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Sat, 23 Dec 2023 03:04:53 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEE4VGB73A1al0tQDj3AwMK8&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

setuid
ib.adnxs.com/ Frame 1AAF
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
https://ib.adnxs.com/setuid?entity=101&code=CAESELL1vyz4N-i3IkAuPYVfLx4&google_cver=1

43 B
845 B

41ms
41ms

Image
image/gif

37.252.171.85
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/setuid?entity=101&code=CAESELL1vyz4N-i3IkAuPYVfLx4&google_cver=1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CMmxzAIQvti-hwMYvofKgQIwAQ&v=APEucNVa3HfmlVnrWO1DD9BsPo_AwWxxjIfT-Y_7jOLUM2BXiDPlkz2Hz42ituqR8IbSNZykIadCSDAtqtRfsLcvDqXbbkrkNeFC4Hl1bSXE25goZfb88FkHsTsABuHUAuO8hNTICnlC2ZLB09J2SdPQUPp0eunVfF-KqJS9EJ6mdDumgsu1v4E

Protocol

Server

37.252.171.85 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

1006.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.23.4 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 23 Dec 2023 03:04:53 GMT
an-x-request-uuid: 519c4c17-c1a3-4f23-87fb-6fa5f642302b
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: image/gif
cache-control: no-store, no-cache, private
x-proxy-origin: 217.138.196.100; 217.138.196.100; 1006.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length: 43
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Sat, 23 Dec 2023 03:04:53 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://ib.adnxs.com/setuid?entity=101&code=CAESELL1vyz4N-i3IkAuPYVfLx4&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 290
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 1AAF
Redirect Chain

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MzczNTMzMDU1NTExOTgxOTY2MA%3D%3D

170 B
188 B

50ms
50ms

Image
image/png

142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MzczNTMzMDU1NTExOTgxOTY2MA%3D%3D

Requested by

Protocol

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 23 Dec 2023 03:04:53 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Sat, 23 Dec 2023 03:04:53 GMT
an-x-request-uuid: 8b9feee1-55f6-4303-8d75-bc4c7fdc865c
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
location: https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MzczNTMzMDU1NTExOTgxOTY2MA%3D%3D
x-proxy-origin: 217.138.196.100; 217.138.196.100; 1006.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3 200 adltl.js Show response
s0.2mdn.net/sadbundle/750554429848723805/ Frame 1F3D 30 KB
11 KB 45ms
45ms Script
application/x-javascript 2a00:1450:4001:830::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/750554429848723805/adltl.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/750554429848723805/index.html?ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

11961a36e2d6b42254abd7d1486669ee9272eecdbf729e8991cbc869dc66f977

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://s0.2mdn.net/sadbundle/750554429848723805/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

expires: Tue, 17 Dec 2024 15:39:37 GMT
date: Mon, 18 Dec 2023 15:39:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 386716
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 10853
x-xss-protection: 0
last-modified: Fri, 15 Dec 2023 12:44:23 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons: true

GET
H3 200 adl.css
s0.2mdn.net/sadbundle/750554429848723805/ Frame 1F3D 3 KB
990 B 43ms
43ms Stylesheet
text/css 2a00:1450:4001:830::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/750554429848723805/adl.css

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/750554429848723805/index.html?ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6f63063b6c9e82340f97b4dd83bb62762fa129eb451032083d872a1194f6c74a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://s0.2mdn.net/sadbundle/750554429848723805/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

expires: Tue, 17 Dec 2024 15:39:37 GMT
date: Mon, 18 Dec 2023 15:39:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 386716
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 956
x-xss-protection: 0
last-modified: Fri, 15 Dec 2023 12:44:23 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons: true

GET
H3 200 Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js Show response
pagead2.googlesyndication.com/bg/ Frame 1F75 39 KB
15 KB 43ms
43ms Script
text/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/62bHydCX.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0edb7ff8b4775b1a73c15d06b1c7edab503f0f5a30b2dbf1a139d65a1c18e0ec

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Fri, 22 Dec 2023 20:41:59 GMT
content-encoding: br
x-content-type-options: nosniff
age: 22974
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15165
x-xss-protection: 0
last-modified: Tue, 28 Nov 2023 18:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 21 Dec 2024 20:41:59 GMT

GET
H3 200 1125_1702644249476.woff
s0.2mdn.net/sadbundle/750554429848723805/ Frame 1F3D 5 KB
5 KB 43ms
42ms Font
font/woff 2a00:1450:4001:830::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/750554429848723805/1125_1702644249476.woff

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/750554429848723805/index.html?ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5fdbcaf037183759c6cc29cc5a53904446aba120ffcd320226c575f3d0e4692c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/sadbundle/750554429848723805/index.html?ev=01_250
Origin: https://s0.2mdn.net
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

expires: Tue, 17 Dec 2024 15:39:37 GMT
date: Mon, 18 Dec 2023 15:39:37 GMT
x-content-type-options: nosniff
age: 386716
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 5016
x-xss-protection: 0
last-modified: Fri, 15 Dec 2023 12:44:23 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: font/woff
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons: true

GET
H3 200 423_de7d21414e678d09e48a6b8a74f7d012a50dfd6c_q62_1698176022.8034.jpg
s0.2mdn.net/sadbundle/750554429848723805/ Frame 1F3D 96 KB
96 KB 44ms
44ms Image
image/jpeg 2a00:1450:4001:830::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/750554429848723805/423_de7d21414e678d09e48a6b8a74f7d012a50dfd6c_q62_1698176022.8034.jpg

Requested by

Host: c9adeaae95a4301d142b2c8a3a1bd9bd.safeframe.googlesyndication.com
URL: https://c9adeaae95a4301d142b2c8a3a1bd9bd.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d9e9849278dc66cf10bab27a83fedae03540b515bc4c89153f9d8d2f3483f3f7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://s0.2mdn.net/sadbundle/750554429848723805/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

expires: Tue, 17 Dec 2024 15:39:37 GMT
date: Mon, 18 Dec 2023 15:39:37 GMT
x-content-type-options: nosniff
age: 386716
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 98093
x-xss-protection: 0
last-modified: Fri, 15 Dec 2023 12:44:23 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons: true

GET
H3 200 1622636136.4958.svg
s0.2mdn.net/sadbundle/750554429848723805/ Frame 1F3D 417 B
345 B 46ms
45ms Image
image/svg+xml 2a00:1450:4001:830::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/750554429848723805/1622636136.4958.svg

Requested by

Host: c9adeaae95a4301d142b2c8a3a1bd9bd.safeframe.googlesyndication.com
URL: https://c9adeaae95a4301d142b2c8a3a1bd9bd.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

33ba8700fdd425748533bf1ee4ccd89d4012dfebcd7b61d54f87d0d0e952b8b6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://s0.2mdn.net/sadbundle/750554429848723805/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

expires: Tue, 17 Dec 2024 15:39:37 GMT
date: Mon, 18 Dec 2023 15:39:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 386716
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 309
x-xss-protection: 0
last-modified: Fri, 15 Dec 2023 12:44:23 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons: true

GET
H3 200 1622636136.5185.svg
s0.2mdn.net/sadbundle/750554429848723805/ Frame 1F3D 420 B
345 B 51ms
50ms Image
image/svg+xml 2a00:1450:4001:830::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/750554429848723805/1622636136.5185.svg

Requested by

Host: c9adeaae95a4301d142b2c8a3a1bd9bd.safeframe.googlesyndication.com
URL: https://c9adeaae95a4301d142b2c8a3a1bd9bd.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ef04ebd34f9d837413d0e44f7d8d778bf95a76119dfa0cd85d646306c531d430

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://s0.2mdn.net/sadbundle/750554429848723805/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

expires: Tue, 17 Dec 2024 15:39:37 GMT
date: Mon, 18 Dec 2023 15:39:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 386716
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 309
x-xss-protection: 0
last-modified: Fri, 15 Dec 2023 12:44:23 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons: true

GET
H3 200 1622636136.4741.svg
s0.2mdn.net/sadbundle/750554429848723805/ Frame 1F3D 483 B
392 B 49ms
49ms Image
image/svg+xml 2a00:1450:4001:830::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/750554429848723805/1622636136.4741.svg

Requested by

Host: c9adeaae95a4301d142b2c8a3a1bd9bd.safeframe.googlesyndication.com
URL: https://c9adeaae95a4301d142b2c8a3a1bd9bd.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4a9650564960002c3a6b463e0c895f6faa3c65690a9870ea8cfa8c3811a6b2ee

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://s0.2mdn.net/sadbundle/750554429848723805/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

expires: Tue, 17 Dec 2024 15:39:38 GMT
date: Mon, 18 Dec 2023 15:39:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 386715
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 353
x-xss-protection: 0
last-modified: Fri, 15 Dec 2023 12:44:23 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons: true

GET
H3 200 1622636275.7439.svg
s0.2mdn.net/sadbundle/750554429848723805/ Frame 1F3D 486 B
395 B 48ms
47ms Image
image/svg+xml 2a00:1450:4001:830::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/750554429848723805/1622636275.7439.svg

Requested by

Host: c9adeaae95a4301d142b2c8a3a1bd9bd.safeframe.googlesyndication.com
URL: https://c9adeaae95a4301d142b2c8a3a1bd9bd.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a7dcc07d397d0bf3aa1a918b78217d7ec794a40d776abd2286a77864d23c8f41

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://s0.2mdn.net/sadbundle/750554429848723805/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

expires: Tue, 17 Dec 2024 15:39:38 GMT
date: Mon, 18 Dec 2023 15:39:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 386715
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 356
x-xss-protection: 0
last-modified: Fri, 15 Dec 2023 12:44:23 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons: true

GET
H3 200 1624967331.2899.png
s0.2mdn.net/sadbundle/750554429848723805/ Frame 1F3D 359 B
395 B 48ms
48ms Image
image/png 2a00:1450:4001:830::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/750554429848723805/1624967331.2899.png

Requested by

Host: c9adeaae95a4301d142b2c8a3a1bd9bd.safeframe.googlesyndication.com
URL: https://c9adeaae95a4301d142b2c8a3a1bd9bd.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ad3a066b1a0b92bf88b1ecbb2fbbfcabcc30574a2992ff8e0d0dafdd6e8067a2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://s0.2mdn.net/sadbundle/750554429848723805/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

expires: Tue, 17 Dec 2024 15:39:38 GMT
date: Mon, 18 Dec 2023 15:39:38 GMT
x-content-type-options: nosniff
age: 386715
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 359
x-xss-protection: 0
last-modified: Fri, 15 Dec 2023 12:44:23 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons: true

GET
H3 200 view
ad.doubleclick.net/pcs/ Frame 169B 0
0 78ms
77ms Fetch
image/gif 172.217.16.134
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ad.doubleclick.net/pcs/view?xai=AKAOjstVmwn4Coeze2MKoSr0i6Z5EHMZ_rERfvuxhhe2Fc5LPTobYC3c1eHHOUgD2011ZlFPUZimlpxuKuAoMtdnXh5KaDfwhQZKw2x2dU79VASF-O64z_oRGWaCsl6vHBK0svK-cANM7NX9P15mhq0DHx6-98FYQgazZyLib2X_VPokQyzImZS_JwJQy-wB9oHizN51Xf5PLlca0fh-smzrJMVSc5DLoHWqY7mri43oBYlF76VLGzMkKjnLG5Mpd2vXvep4LCTlRGDw5Z6orLxHPUVZgGhAxN64wCoETP0DHr5Wi5tAjy54dlSD--FqKGBKPiDpbYm4LOm3wJuMJ46_2hUBChChPQiJFOMvJ7NQaOUKjr2HKjshH5HKs-_o8wi0yc3w4aBfePuM4lOCV1prybWdHO_d43T1Z6xqKro7BlMtuU_CKrWwG68nkRBqAM2p8Tk7kavXADNgKe14iPA7XU2LRxP72jbKVR3ZJnn6Ob7Q3SI94IUktFNj_KYu6eiRowA1reUUtQd2Ijh1_0Tl6YSwypTjlrAUyOvPbdjHY0T7drH99eddmBVBi8qGACLa2X81QssHERwqQ3eL4Zueaf4fsv6jOd2jVqRzD8d2YyLQoVLDKDC3GocRwR9QfRplXXy9-3k-nKWp-N2oHUbmoNwLuSZKmPKlNBihadYRZHMj8IOb-m81GZnLCLrkKKEYOwJXjmCD5XNhhr7P7AkQFOAyhuomCWq9F-L3FJL5n4VKx_zgZ43gRR8cuV-bGCD5eJzyLxjbjVD1JUReFRpK2V_uTNUMuv3HKAIoPeENi8jnvgPDgpxLVuZgEtjATzrA-wBPApaSQiVl-n5S1mzSiMJCsAnNGy0IxgHUpkVgdmno1oeJIwkL3fYfAfw4CC5cFvFEB40UtSkdPbpEXSkLGhB3-I-pIwCjIRPLrbsX30kTwRpq4CNq8sql9cj1J-Jpra3p3jE3QgVPKNsrstZ75sAnBy8rLzjTCLY6X-eDf2inVw0pK8Vx4Qz_tO9V6OoSZSh0o4nxg4YJq6-NRk1x4x8v8KtHTVkOj982tkRnuSFocnicRpaDGrJWSzOwEWg1h2zoEEBtbpL7gYQE6vtvGnWphOcPv0ux7rD-rVYJtj6LEkrr6l6xMyjQM4Aj8D7MpYYSz4d6V3N-6YlkwfjidDea3jwLi0BGpSewjoCzJNsHoy1p4bJfjIbT4IsBv-pxoz0HJJfLTlZbKsl353QCD-omDi1l6c9HhFTFHyp7-EVp9tVyDU7ZrxlmjcjbcpRKkhoObmAqxC8CEFOm_qhAiO8SoyDZiJOcNauV9f-lPpfNgKPmE6Pk1h8SN_oIj43FfNyQEUmVQlYlR5DUvX_BusTwk4rZNd-hreVnthckBLfq6_APKGbb38oy_r7rlvsNfaUU-kgqTtxE3_m32U3FLjEW2_dVaW0qTzLgaDjR5uO7KQPE6aNII6k-2J9S-i0&sai=AMfl-YTEhFk2xWBZYDCXYRFzqC8m34mo5ex1Gu2SYJ1B96SYkBxIYRJo93bLs4FRb7SbYMPTGN-2Z4SNY016gmBnch1SgSmyscLSfqFAAZwEvaGjHqgF_KMlFU7Iwse26cLfoDwG4jOeGRAcZXuAmhcS1SDr8ujeNWjP9V_YK5A-3EgJfnFNa3wXdMBvBuQhOPmPkY6UarQgO6nt-mJf40cHj8CYCfoPriuE9drzfttvSQF0RoZhHTw-cP7mUwQYt2t_pVwLHqSdN3jxegMOJgEyZSkoaJ6VAbQIZQ2tQKlqfK9B3_OKxGQTI5FMQ47EKkxTcTgbG86z2JMzXvZPug1TCEtIYjxKGYtozu7iEfiXEbWwiezZoQoEGBXP3HE9w1xDg1zoeNLKPr56dKxzzpc4atXWMJwuP0G-YBvW66W1lkDc1aSE6qpSULbdxhGw60Gpo62EobqLi2C_BHEPdicU2jO83kN4oFrwqplPtQvcOtEBRODvI4_79SLNaBfBKLuoBHQQEvDFW-RlOw&sig=Cg0ArKJSzIsS52TQvCxOEAE&uach_m=%5BUACH%5D&pr=missingexchangepricemacro&crd=aHR0cHM6Ly9wb2xlc3Rhci5jb20&fbs_aeid=%5Bgw_fbsaeid%5D&urlfix=1&omid=0&rm=1&ctpt=214&vt=11&dtpt=146&dett=3&cstd=66&cisv=r20231207.41438&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&arae=0&ftch=1&adurl=

Requested by

Host: www.tiandeitnews.com
URL: https://www.tiandeitnews.com/details.html?utm_source=masked&utm_medium=1&sid=masked

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.16.134 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

zrh04s06-in-f134.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://c9adeaae95a4301d142b2c8a3a1bd9bd.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sat, 23 Dec 2023 03:04:53 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 1F75 0
20 B 80ms
80ms Image
image/gif 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=44&t=2&bgai=BJcFCVU6GZeCSFqOFx_AP2u-qmA0AAAAAOAHgBAI&bg=!BwSlBEvNAAY3kmNgF5I7ADQBe5WfOHcrLwX0B_Bi1Xc9dAI14I0olQcsbPzEPAucsO6ksJCFPgNTuYuWkMrgd8ONNXd0AgAAAC9SAAAAAmgBB5kDUTo7tooSYUYrh2cFXP2i-0miZjHvAzl5MVeo7_u5hbw6S4-vwdohGtyg8iB0PewcHJQa5P-cf2LZHSijf3y5nFTDz5OCPHNb-YS-NtaFy-Icpor_t93-AwJPoPAN9IdGN54VT3KgUzJoQ3VYFivZ8dhF2efY-Rs1B7sjAY6a6MGS2PDJ6YW0JCG5m7L9DvswNmSd44mtULpq2l0bdhq7JtD4TQ7FRepXztuvvxcfnjYhFHOH6QlRsK9dVPv2vExlbEwhf4TyT3WwIpydTPhKoMpfM8wQ3HJG6fFYsPbk9vomXjUvKfK4msGE9BsoVt8G-0zlnkZEvuDO3RxFv2WDJSQUIULdPICzfMeycY5KIfi5NAsPcZ4MMzG9XJpg1joUxkznjjuFxVKmb9Vq029Rpn37xe7QFCW5QDmxai73N9iDYW8CQGS6RzDJ4XqDDtKWq_CBorBSf6I7PoIJ4lNTv9f_71QOQl4crwT2OhFgVAbmoNIgzxZPZ0WWfwUf-TXV9ZXPMdyn7Nh9CcoS7omjdzuzD2BZURVtE8czvejPjHYtkVOJUVLCGrJDShEgdwZWhG7bL5BS7Vi_mgqRV_PxonpeJ9jCSVo69uQRymiBjbULE1DKdASClDJdmErl-L-6QRMRC3SvbcQg9nBTGzFmzKUsc9HhM1whnZUgkkZR3RBbH3eu-Wstf2uvL9d91X-VpSVLV9BTk_6jbClWAqh_izDNmLb5O0KhVfaul1jXNPHlf9JvnFeAai6zrlujDncvx5UXZ_jvJL8Fz1B_T_xULc_wCuijWJslEqfXFoWH6rBTrPUSD8wGOxaE2N-AYnpSADkOTp2XUxfdER_V4HDDWvcRPIwMgFV90lTeSVNtEJVTqmv_jDhrM61NiJFECP4UN4ntJvplW3YIFED1jNLTXVhmO8NTrFeQQ-Mu81uBNjBehlS6IEKEtyu8Hju--EN1Y7xq9aLfxUklwx5-CBKENnoRBpEeYxJVn86MHzxL6vL8-oTWUs6s9NGhe05vEWeiLYFigkIRtij6h9PvG3CiivSoOYkcSIRVIYNKbqVS2v7yP6bPTdN5-rFpTtds5i_mhAklKTTdck_a-hil5yoRQxcNj9cftBIIiPb7ujT3JWL5eA

Requested by

Host: c9adeaae95a4301d142b2c8a3a1bd9bd.safeframe.googlesyndication.com
URL: https://c9adeaae95a4301d142b2c8a3a1bd9bd.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 23 Dec 2023 03:04:54 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 container.html Show response
c9adeaae95a4301d142b2c8a3a1bd9bd.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame CB9E 6 KB
3 KB 43ms
42ms Document
text/html 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://c9adeaae95a4301d142b2c8a3a1bd9bd.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312060101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.tiandeitnews.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

accept-ranges: bytes
age: 2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Sat, 23 Dec 2023 03:04:52 GMT
expires: Sun, 22 Dec 2024 03:04:52 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame 2F00 624 B
245 B 80ms
80ms Document
text/html 142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CNyB0t8EEL3xy-AEGNSp9foBMAE&v=APEucNUJjRECipA25FKzf7rH7HBZVCAhIt5Vxk3XXt4DJ6WXPtsoZ2sNOiuDtZnqztSvb4g4uOPItInIxdHeufGRTZfharn3VTMlHEI09dHw0pIaxYRG2QAlCw99TTsnfFVSmr9nPoVXTezQOyQxJ6G7CVbgUD347JHag4DFl-0S3G2or47ihWg

Requested by

Host: c9adeaae95a4301d142b2c8a3a1bd9bd.safeframe.googlesyndication.com
URL: https://c9adeaae95a4301d142b2c8a3a1bd9bd.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

cafe /

Resource Hash

9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://c9adeaae95a4301d142b2c8a3a1bd9bd.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 222
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 23 Dec 2023 03:04:54 GMT
expires: Sat, 23 Dec 2023 03:04:54 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 abg_lite_fy2021.js Show response
pagead2.googlesyndication.com/pagead/js/r20231207/r20110914/ Frame CB9E 23 KB
9 KB 42ms
42ms Script
text/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20231207/r20110914/abg_lite_fy2021.js

Requested by

Host: www.tiandeitnews.com
URL: https://www.tiandeitnews.com/details.html?utm_source=masked&utm_medium=1&sid=masked

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9844337d0b1b36b45473c8fc27cba7d1c9f8aab2107e23e684b9e1a48e6066b5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://c9adeaae95a4301d142b2c8a3a1bd9bd.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Fri, 22 Dec 2023 20:43:00 GMT
content-encoding: br
x-content-type-options: nosniff
age: 22914
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9269
x-xss-protection: 0
server: cafe
etag: 11706523405290302210
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 05 Jan 2024 20:43:00 GMT

GET
H3 200 omrhp_fy2021.js Show response
pagead2.googlesyndication.com/pagead/js/r20231207/r20110914/elements/html/ Frame CB9E 7 KB
3 KB 43ms
43ms Script
text/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20231207/r20110914/elements/html/omrhp_fy2021.js

Requested by

Host: www.tiandeitnews.com
URL: https://www.tiandeitnews.com/details.html?utm_source=masked&utm_medium=1&sid=masked

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c4b813f7aa04eca20be469b259cca2779799f58e280d73488bd7386940d2d146

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://c9adeaae95a4301d142b2c8a3a1bd9bd.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sat, 23 Dec 2023 02:43:26 GMT
content-encoding: br
x-content-type-options: nosniff
age: 1288
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3071
x-xss-protection: 0
server: cafe
etag: 10674441169935035545
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 06 Jan 2024 02:43:26 GMT

GET
H3 200 view
ad.doubleclick.net/pcs/ Frame CB9E 0
0 86ms
85ms Fetch
image/gif 172.217.16.134
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ad.doubleclick.net/pcs/view?xai=AKAOjsu2efRnW1-I9qfxd3f0DPn8lbT2A-qJVLQNnYL18TmR3Whk-nlPCaiAT5EMXd0chS87fWX549N1x2vJgfIVNN_qouZoE90YZEEwJ2-Yhp7xhKI7J2cfSpb0YEmGkPm2eEHukPR6DjQZoguLulTRjRDXYfurxFz2jAjE4NVeb6BfV_dzC463rbAdRH1a32ZfUafJOCecr9wQiTpqbZjxR0bBPpxV3YgIie2rg8TLliVnHNjt2oNptP4-q32KE2eYYzjyKY3eFO-QN_7t2hi8cwwIMX5XQT9IqGtj2YPPLg6ZEjI1Lcuj6gDlXK2snIb-wm74VZRZU4VMCT_Gc7Wyn2_7EXdHpThHRkIEpDh8Rqqk9dB1qiqfGDn5KindPKl_Mx_CgVtsWoxODEx2p35ZXQlJWdGoRGnof-ZVsh8r0RirgvyKd5lWikcunDGP9iLi9aSFOHqgKjHiqRz9PbEhWLU3pTuc_DEmPAhrCyH3byx4UpOeAho9dONy9Ggo1Ba8d4oGqKP31kQovagYeMVXTFJbpAIEYs-AHkVXN1aJbiXBLHhFoZivphwXHVRWGaxDchHSygZ7pOlX8x1KeGM7rKEiBCtFPWN6PjufIvTBVjhdfBHMvaG7jR57DnU5m4hPw0uPqazV2Z7s4mtMWOaswsZvWvdlpjJPsxLLMJqbxK4zcVfbtYB_kBa6HjhIqVQWrIY7PELS9TWGP1191jacyi089KH78I5zWscuO1jJewKGDHlXgy3LQGiylTCZVnIc8K-RkxljaFiIdvT6cahP0Ie0J9MdfL_qKvWt64ij3EczeBaIdfeKg6TenHWLKeUO6BHRzpJaGdIn0Ps9EG22mBZ3vPMkosLgUj1iamN1l5cMlV9a3nO1SKENS3XiOnW92s-_9qdaAxDiz78cd7GhSJ-h8hMu_3FSmzPDp07NLhRO4sCsPQEpfG1vlIA4paWN0IxeKVzGGos0QNMqdpxDtK9i2nhzoNM7xxwDNzUHcPmII28Kvsh0M2gkdADSxxHwnYEe_ob4uQwCUI3DiCGhwCR8VIL2X_beO8EC8PNWET9TH8voy5z1nmMD3yFrU4coz_lDwVygufJnhIic95NUBQHKlWHDVDsR4T1KJuXYia8AHPg5mdPP6nHH4QRSO6bwi-A8AmrT8l6pXemOR2uEzvpSHBcsUFJFZS_7ytMEORCStIQC8JMo3OTVC5HusIUaIzR6XoArIeRaPntGfASAVgR3QYm6M6v4unvOSzLHp4r6Twxm3pyUi-ZEGosPiJQNkaJqrW8WshjzugCFnSyqmhHeCjl9Jprp6GsZuqZJ17tUWLVFmIxrxuIrhBqreMZGyy1IaIBykphbmM4few2Rs9OwyaFbl5-GYl0sARmZiYDLv96YKf0qEg8gqbRSU-JkvqJcJe4QPpFPAjMEkrx03kqlPsdKo-DRP28lG6giE_jFYsjRv6sg0R1NPnZus8hfDErvJJoJIQ&sai=AMfl-YQT9EeQcYwiVerRKyLzkxtF3a1fiDTxftZ9SxvSk98L0IdXTWg8PL8kFrYsm9mlRO-0G0x2_QXBM87ChfMj0DTQBtrFxzK_X1nsS1EK-YE-IyNmw3Mde-IevJr9OrohScSNAq3TEgZuXo1pi9oyquVekCF_uH6v6W8EqnoeXpNmdCBEAHeMFiE8GztavL0siEBvxqQWSJNe1WqLaJujLQ_QcFMbElZzi3RNfXnVt0pzmk9vwYupN4xBo4pntUrMCVUZw0oeU21SQDJChhUkcdVaPZcABfVASC0hVrDoj3htucd_6xgUQ5iVQpS7ceZO4vynIT0V6piOPraxW-BkARMdFowoaMnDbxcFeMRCSiYVUIhxbzQ5VAo20muEnB_pNczq0IhdYNxSbdpKTmBm41xc2jzyxiQ7YW4WcDNQd17z-fQj_wdVDTUvZ-I9pLf8EOfACeRtxoTA0DYya_pzfcDsDcYMs5PkfH13jJEAhe9bHDaVEHC6rSgmus7gyU17gYMK7-XbcN5eBA&sig=Cg0ArKJSzJgL_3QkSDNXEAE&uach_m=%5BUACH%5D&pr=missingexchangepricemacro&crd=aHR0cHM6Ly9sZWljYS1jYW1lcmEuY29t&fbs_aeid=%5Bgw_fbsaeid%5D&urlfix=1&omid=0&rm=1&ctpt=1&cbvp=1&cstd=0&cisv=r20231207.90123&arae=0&ftch=1&adurl=

Requested by

Host: www.tiandeitnews.com
URL: https://www.tiandeitnews.com/details.html?utm_source=masked&utm_medium=1&sid=masked

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.16.134 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

zrh04s06-in-f134.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://c9adeaae95a4301d142b2c8a3a1bd9bd.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Sat, 23 Dec 2023 03:04:54 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
content-type: image/gif
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 Q12zgMmT.js Show response
tpc.googlesyndication.com/sodar/ Frame CB9E 41 KB
14 KB 43ms
42ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Q12zgMmT.js

Requested by

Host: www.tiandeitnews.com
URL: https://www.tiandeitnews.com/details.html?utm_source=masked&utm_medium=1&sid=masked

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://c9adeaae95a4301d142b2c8a3a1bd9bd.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 19 Dec 2023 13:49:16 GMT
content-encoding: br
x-content-type-options: nosniff
age: 306938
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13937
x-xss-protection: 0
last-modified: Fri, 25 Aug 2023 23:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 18 Dec 2024 13:49:16 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/ Frame CB9E 3 KB
1 KB 51ms
50ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/window_focus_fy2021.js

Requested by

Host: c9adeaae95a4301d142b2c8a3a1bd9bd.safeframe.googlesyndication.com
URL: https://c9adeaae95a4301d142b2c8a3a1bd9bd.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://c9adeaae95a4301d142b2c8a3a1bd9bd.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Fri, 22 Dec 2023 13:10:41 GMT
content-encoding: br
x-content-type-options: nosniff
age: 50053
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 05 Jan 2024 13:10:41 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/ Frame CB9E 20 KB
8 KB 45ms
45ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: c9adeaae95a4301d142b2c8a3a1bd9bd.safeframe.googlesyndication.com
URL: https://c9adeaae95a4301d142b2c8a3a1bd9bd.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8d6679c1ce1ac8605f5c410f30d1b06713479732043b75e81130cbe21b60e579

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://c9adeaae95a4301d142b2c8a3a1bd9bd.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Fri, 22 Dec 2023 09:13:30 GMT
content-encoding: br
x-content-type-options: nosniff
age: 64284
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8571
x-xss-protection: 0
server: cafe
etag: 5853369240893788875
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 05 Jan 2024 09:13:30 GMT

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame CB9E 42 B
63 B 76ms
76ms Image
image/gif 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-DqVn57HOzkaT5UbhcJPpPyf1fYDg9C_nlTcnd1C-PHE2WlZbktEwMhDgFotLJLBHCJjDOoU35fV9FZbYliPsvmFa-qyfPQhrIy3CHBuJkAy7RUafs

Requested by

Host: c9adeaae95a4301d142b2c8a3a1bd9bd.safeframe.googlesyndication.com
URL: https://c9adeaae95a4301d142b2c8a3a1bd9bd.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://c9adeaae95a4301d142b2c8a3a1bd9bd.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 23 Dec 2023 03:04:54 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ufs_web_display.js Show response
www.googletagservices.com/activeview/js/current/ Frame CB9E 203 KB
64 KB 66ms
66ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Requested by

Host: c9adeaae95a4301d142b2c8a3a1bd9bd.safeframe.googlesyndication.com
URL: https://c9adeaae95a4301d142b2c8a3a1bd9bd.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

566012676f5d43acfea4dc0bc5d9bb2c0805d8775fcdd081b1c895310956829a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://c9adeaae95a4301d142b2c8a3a1bd9bd.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sat, 23 Dec 2023 03:04:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 65731
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1702472459035717"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 23 Dec 2023 03:04:54 GMT

GET
H3 200 8128216176723262004
s0.2mdn.net/simgad/ Frame CB9E 28 KB
28 KB 43ms
43ms Image
image/jpeg 2a00:1450:4001:830::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/simgad/8128216176723262004

Requested by

Host: c9adeaae95a4301d142b2c8a3a1bd9bd.safeframe.googlesyndication.com
URL: https://c9adeaae95a4301d142b2c8a3a1bd9bd.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2c13ea2d33a57e786034ac8ba907c1356250c7c4530c9d1e0278cdee38952aca

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://c9adeaae95a4301d142b2c8a3a1bd9bd.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

expires: Thu, 19 Dec 2024 11:34:23 GMT
date: Wed, 20 Dec 2023 11:34:23 GMT
x-content-type-options: nosniff
age: 228631
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 28686
x-xss-protection: 0
last-modified: Fri, 20 Oct 2023 23:36:24 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons: true

GET
H3 200 view
ad.doubleclick.net/pcs/ Frame CB9E 0
0 79ms
78ms Fetch
image/gif 172.217.16.134
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ad.doubleclick.net/pcs/view?xai=AKAOjsu2efRnW1-I9qfxd3f0DPn8lbT2A-qJVLQNnYL18TmR3Whk-nlPCaiAT5EMXd0chS87fWX549N1x2vJgfIVNN_qouZoE90YZEEwJ2-Yhp7xhKI7J2cfSpb0YEmGkPm2eEHukPR6DjQZoguLulTRjRDXYfurxFz2jAjE4NVeb6BfV_dzC463rbAdRH1a32ZfUafJOCecr9wQiTpqbZjxR0bBPpxV3YgIie2rg8TLliVnHNjt2oNptP4-q32KE2eYYzjyKY3eFO-QN_7t2hi8cwwIMX5XQT9IqGtj2YPPLg6ZEjI1Lcuj6gDlXK2snIb-wm74VZRZU4VMCT_Gc7Wyn2_7EXdHpThHRkIEpDh8Rqqk9dB1qiqfGDn5KindPKl_Mx_CgVtsWoxODEx2p35ZXQlJWdGoRGnof-ZVsh8r0RirgvyKd5lWikcunDGP9iLi9aSFOHqgKjHiqRz9PbEhWLU3pTuc_DEmPAhrCyH3byx4UpOeAho9dONy9Ggo1Ba8d4oGqKP31kQovagYeMVXTFJbpAIEYs-AHkVXN1aJbiXBLHhFoZivphwXHVRWGaxDchHSygZ7pOlX8x1KeGM7rKEiBCtFPWN6PjufIvTBVjhdfBHMvaG7jR57DnU5m4hPw0uPqazV2Z7s4mtMWOaswsZvWvdlpjJPsxLLMJqbxK4zcVfbtYB_kBa6HjhIqVQWrIY7PELS9TWGP1191jacyi089KH78I5zWscuO1jJewKGDHlXgy3LQGiylTCZVnIc8K-RkxljaFiIdvT6cahP0Ie0J9MdfL_qKvWt64ij3EczeBaIdfeKg6TenHWLKeUO6BHRzpJaGdIn0Ps9EG22mBZ3vPMkosLgUj1iamN1l5cMlV9a3nO1SKENS3XiOnW92s-_9qdaAxDiz78cd7GhSJ-h8hMu_3FSmzPDp07NLhRO4sCsPQEpfG1vlIA4paWN0IxeKVzGGos0QNMqdpxDtK9i2nhzoNM7xxwDNzUHcPmII28Kvsh0M2gkdADSxxHwnYEe_ob4uQwCUI3DiCGhwCR8VIL2X_beO8EC8PNWET9TH8voy5z1nmMD3yFrU4coz_lDwVygufJnhIic95NUBQHKlWHDVDsR4T1KJuXYia8AHPg5mdPP6nHH4QRSO6bwi-A8AmrT8l6pXemOR2uEzvpSHBcsUFJFZS_7ytMEORCStIQC8JMo3OTVC5HusIUaIzR6XoArIeRaPntGfASAVgR3QYm6M6v4unvOSzLHp4r6Twxm3pyUi-ZEGosPiJQNkaJqrW8WshjzugCFnSyqmhHeCjl9Jprp6GsZuqZJ17tUWLVFmIxrxuIrhBqreMZGyy1IaIBykphbmM4few2Rs9OwyaFbl5-GYl0sARmZiYDLv96YKf0qEg8gqbRSU-JkvqJcJe4QPpFPAjMEkrx03kqlPsdKo-DRP28lG6giE_jFYsjRv6sg0R1NPnZus8hfDErvJJoJIQ&sai=AMfl-YQT9EeQcYwiVerRKyLzkxtF3a1fiDTxftZ9SxvSk98L0IdXTWg8PL8kFrYsm9mlRO-0G0x2_QXBM87ChfMj0DTQBtrFxzK_X1nsS1EK-YE-IyNmw3Mde-IevJr9OrohScSNAq3TEgZuXo1pi9oyquVekCF_uH6v6W8EqnoeXpNmdCBEAHeMFiE8GztavL0siEBvxqQWSJNe1WqLaJujLQ_QcFMbElZzi3RNfXnVt0pzmk9vwYupN4xBo4pntUrMCVUZw0oeU21SQDJChhUkcdVaPZcABfVASC0hVrDoj3htucd_6xgUQ5iVQpS7ceZO4vynIT0V6piOPraxW-BkARMdFowoaMnDbxcFeMRCSiYVUIhxbzQ5VAo20muEnB_pNczq0IhdYNxSbdpKTmBm41xc2jzyxiQ7YW4WcDNQd17z-fQj_wdVDTUvZ-I9pLf8EOfACeRtxoTA0DYya_pzfcDsDcYMs5PkfH13jJEAhe9bHDaVEHC6rSgmus7gyU17gYMK7-XbcN5eBA&sig=Cg0ArKJSzJgL_3QkSDNXEAE&uach_m=%5BUACH%5D&pr=missingexchangepricemacro&crd=aHR0cHM6Ly9sZWljYS1jYW1lcmEuY29t&fbs_aeid=%5Bgw_fbsaeid%5D&urlfix=1&omid=0&rm=1&ctpt=48&vt=11&dtpt=47&dett=2&cstd=0&cisv=r20231207.90123&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&arae=0&ftch=1&adurl=

Requested by

Host: www.tiandeitnews.com
URL: https://www.tiandeitnews.com/details.html?utm_source=masked&utm_medium=1&sid=masked

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.16.134 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

zrh04s06-in-f134.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://c9adeaae95a4301d142b2c8a3a1bd9bd.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sat, 23 Dec 2023 03:04:54 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 62bHydCX.html Show response
tpc.googlesyndication.com/sodar/ Frame 5A35 38 KB
13 KB 42ms
42ms Document
text/html 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/62bHydCX.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Q12zgMmT.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://c9adeaae95a4301d142b2c8a3a1bd9bd.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

accept-ranges: bytes
age: 305055
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: br
content-length: 13045
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Tue, 19 Dec 2023 14:20:39 GMT
expires: Wed, 18 Dec 2024 14:20:39 GMT
last-modified: Fri, 25 Aug 2023 23:48:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame CB9E 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 2c0890fc6478cf95602558d5639cf9378319d2ce43a1cfcacccd3141c496bb56

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Content-Type: image/png

GET
H3

200

rum
dsum-sec.casalemedia.com/ Frame 2F00
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEE4VGB73A1al0tQDj3AwMK8&google_cver=1

43 B
732 B

48ms
47ms

Image
image/gif

172.64.151.101
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEE4VGB73A1al0tQDj3AwMK8&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNyB0t8EEL3xy-AEGNSp9foBMAE&v=APEucNUJjRECipA25FKzf7rH7HBZVCAhIt5Vxk3XXt4DJ6WXPtsoZ2sNOiuDtZnqztSvb4g4uOPItInIxdHeufGRTZfharn3VTMlHEI09dHw0pIaxYRG2QAlCw99TTsnfFVSmr9nPoVXTezQOyQxJ6G7CVbgUD347JHag4DFl-0S3G2or47ihWg
Protocol: H3
Server: 172.64.151.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 23 Dec 2023 03:04:54 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SZ5wLj3k0XUQI3i7EE9zNa116MAhr6evom5QLGN7MIHjtGs0nA%2B8JYZ%2Bx8UjlW9fJsMyjHCpq2Z6UuRJxxp1sYjjsRq1AkOPbYTBgazMi3DF4TXDbkWw5IdomnSIP4UdrbR99oSDeBOMVA%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 839d613c2fe66aae-MAN
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Sat, 23 Dec 2023 03:04:54 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEE4VGB73A1al0tQDj3AwMK8&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

rum
dsum-sec.casalemedia.com/ Frame 2F00
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZYZOVVpfqD9SRQ3RgGD1SQAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEE4VGB73A1al0tQDj3AwMK8&google_cver=1

43 B
729 B

47ms
47ms

Image
image/gif

172.64.151.101
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEE4VGB73A1al0tQDj3AwMK8&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNyB0t8EEL3xy-AEGNSp9foBMAE&v=APEucNUJjRECipA25FKzf7rH7HBZVCAhIt5Vxk3XXt4DJ6WXPtsoZ2sNOiuDtZnqztSvb4g4uOPItInIxdHeufGRTZfharn3VTMlHEI09dHw0pIaxYRG2QAlCw99TTsnfFVSmr9nPoVXTezQOyQxJ6G7CVbgUD347JHag4DFl-0S3G2or47ihWg
Protocol: H3
Server: 172.64.151.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 23 Dec 2023 03:04:54 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=k3JVnhPk3oceFlBsjmfx2KOjP9AxqzK81WDw329lsaWZsf0z8vLblYET6i45Pj%2BB9iTbjZhWNgz0Oq9JJBS7zNYq7WAAYldzVVc8t4oepEk3lQeonUW3KEIO58qcOnPsdOqsrCdH91fy4w%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 839d613c68066aae-MAN
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Sat, 23 Dec 2023 03:04:54 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEE4VGB73A1al0tQDj3AwMK8&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

setuid
ib.adnxs.com/ Frame 2F00
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
https://ib.adnxs.com/setuid?entity=101&code=CAESELL1vyz4N-i3IkAuPYVfLx4&google_cver=1

43 B
843 B

41ms
40ms

Image
image/gif

37.252.171.85
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/setuid?entity=101&code=CAESELL1vyz4N-i3IkAuPYVfLx4&google_cver=1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNyB0t8EEL3xy-AEGNSp9foBMAE&v=APEucNUJjRECipA25FKzf7rH7HBZVCAhIt5Vxk3XXt4DJ6WXPtsoZ2sNOiuDtZnqztSvb4g4uOPItInIxdHeufGRTZfharn3VTMlHEI09dHw0pIaxYRG2QAlCw99TTsnfFVSmr9nPoVXTezQOyQxJ6G7CVbgUD347JHag4DFl-0S3G2or47ihWg

Protocol

Server

37.252.171.85 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

1006.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.23.4 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 23 Dec 2023 03:04:54 GMT
an-x-request-uuid: c43e25cb-6c63-42ab-9601-e31c67aace9c
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: image/gif
cache-control: no-store, no-cache, private
x-proxy-origin: 217.138.196.100; 217.138.196.100; 1006.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length: 43
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Sat, 23 Dec 2023 03:04:54 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://ib.adnxs.com/setuid?entity=101&code=CAESELL1vyz4N-i3IkAuPYVfLx4&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 290
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 2F00
Redirect Chain

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MzczNTMzMDU1NTExOTgxOTY2MA%3D%3D

170 B
188 B

50ms
50ms

Image
image/png

142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MzczNTMzMDU1NTExOTgxOTY2MA%3D%3D

Requested by

Protocol

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 23 Dec 2023 03:04:54 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Sat, 23 Dec 2023 03:04:54 GMT
an-x-request-uuid: c98ec3e5-bc4b-4de5-a9db-1505c7e0daa3
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
location: https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MzczNTMzMDU1NTExOTgxOTY2MA%3D%3D
x-proxy-origin: 217.138.196.100; 217.138.196.100; 1006.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3 200 Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js Show response
pagead2.googlesyndication.com/bg/ Frame 5A35 39 KB
15 KB 42ms
42ms Script
text/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/62bHydCX.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0edb7ff8b4775b1a73c15d06b1c7edab503f0f5a30b2dbf1a139d65a1c18e0ec

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Fri, 22 Dec 2023 20:41:59 GMT
content-encoding: br
x-content-type-options: nosniff
age: 22975
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15165
x-xss-protection: 0
last-modified: Tue, 28 Nov 2023 18:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 21 Dec 2024 20:41:59 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 5A35 0
20 B 79ms
79ms Image
image/gif 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=44&t=2&bgai=BAKWLVU6GZb2TJJSe1PIPhuOtkAIAAAAAOAHgBAI&bg=!tLelt_jNAAY3kmNgF5I7ADQBe5WfOCi0pyPSKyuCjzrgj50ZoDXAB4UZgxM4MdR9LGRPtpcKjlkrBfQRN9Cbr_OY1U-aAgAAADFSAAAAAmgBB5kDPPveYPHREUAi3N-otXhDFxuUnxlnluMdVjDdiY0mEQH7174IKtnygUXfVWyBLrWE9FL8_MT-31uzQxFRoQhmAI5ZTCW5RobMfSJTY3zjWS-bfrVEwCIo5t4az7HshzfcM2HzSjpO_6xDZTxcSwJJFU9E2eE0L04HwAY-AE12P7OJBTm2EnZNDZsSgW_pBqNs07u82nbJqsYKTQgfhOsl5dKRgfoZ-IpCxAMniAggMU1Q3K4_FUXs8dR8mqz_8Nh0WCY3CGCE0CZ__NJ-baCy7NFA285IpdBqEfhivDN9ANwSiUmHZ5_RUOYF1Cs6ZDE0mqAgO6gaFKJr7fIhj5w_JRh0-40Sc7DPFa7Zd2w3En6SEQ58f_nA-8OzlqkQLknaMh20mcF7BekRYTzEFyJj6RJAq_9e-je222qBGDZhqd2iS4YoP6EkCPjmTDrHb9wjphEOqOOsWlCmQ09u-6j4HgXNGFYhoz2_jpn_wYlLtLkrhrRIo4rmXnMazXBI_pwLQjzIODRZ_LXUQR_t9LM0sbm2w9iNoNzY20f-sl64NB0vAR6pLCWloId8wxJOa0_DlUHE5_mUL7NDUp4GUVNjTPzVfwSDDkFDTRg1YFBArMB0kYdwXaA2VvZcv-UmoqBOGQzgI8W4SBtpwLZ6vmyVmcgSxETx1Vu5dbzNeMgvYuLaJCS0o3gerxpIWhstXKZkEsA1FOhjq7WxJh54ykcPPiX02SryNW689JryUPJd4golc2SX_37dPlLpC3sSzZzdCAwsLgKh_gV2Ao0dBdOQVUYgtiap8li-rR1TmBfDUnv-TiYvP86_2iIHywF9a0bUazvXmJ5_VbdHnW_PBJdSoRoQyq3XAQLklg-wt2DjuvwKOBgrYTtmkSV-VcghtPJHPKOh9g12qIMQR7FMLYGrEYa7RyeYQYAa1gPUy5EsG1zo1_Vxhe9rx277N7rDI1SwfpMgJjOiddIQKV3Iojkdk0nkIEqOJq6A-7DHXATECVe6tnosqSrmyNUzf9f0x3RZuTo-xN2nXK0UkI1C6VnDANu6xjU6nprZqrw1hz6GiAKY-LtxXuheOD5P3JJvWynr23jaMWE16Kj80dfbpw

Requested by

Host: c9adeaae95a4301d142b2c8a3a1bd9bd.safeframe.googlesyndication.com
URL: https://c9adeaae95a4301d142b2c8a3a1bd9bd.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 23 Dec 2023 03:04:54 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame CB9E 42 B
64 B 80ms
80ms Fetch
image/gif 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssOuSVBsAlNk97-E6CNxEv_jnAi0NK1-UMKv1djDB0mDZjDGghVsAC9TZcFxYm7L_QS_O_QddnILubYVlVNjqOyZtjIB3uO9w7Kuqtm4hdNd-wJZlB3aTvKilYEA1kuZEW3tcnovZLiZHVi3rwtFyU-2cCEvNc&sai=AMfl-YS7Jbmr27H4wRsKr0zE-1MnLltRcQn8qIiMrbcW2YwG6tP5I_awMz7AFodDY67Dzo2nUe1dPBltlZygUYIdtdQxWIevc4Ax0X_W-CS4iYiDSUI3B-ngJhtNfULX2Zaf-o8PySokW5vqS4v8CSO7gg&sig=Cg0ArKJSzEYanb9jON4aEAE&cid=CAQSTwAvHhf_C0NXqrNApFPBZDOHMY3PKO_s_cPdNKsAFuIsLNZhScePvYOF2CyX4B7bqYuZCQE_RotkKMEkbPjq9ZSBB7vr4XQlhadBe8fjiTkYAQ&id=lidar2&mcvt=1001&p=1150,640,1200,960&mtos=1001,1001,1001,1001,1001&tos=1001,0,0,0,0&v=20231213&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=3691039652&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&rst=1703300694225&rpt=198&isd=0&lsd=0&met=ie&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://c9adeaae95a4301d142b2c8a3a1bd9bd.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 23 Dec 2023 03:04:55 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 collect
region1.google-analytics.com/g/ 0
17 B 45ms
45ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-PBTNY0436V&gtm=45je3bt0v876237261z89133943345&_p=1703300691987&gcd=11l1l1l1l1&dma=0&cid=505545217.1703300692&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=AEI&sid=1703300692&sct=1&seg=0&dl=https%3A%2F%2Fwww.tiandeitnews.com%2Ftwo%2F9088.html%3Futm_source%3Dmasked%26utm_medium%3D1%26sid%3Dmasked&dr=https%3A%2F%2Fwww.tiandeitnews.com%2Fdetails.html%3Futm_source%3Dmasked%26utm_medium%3D1%26sid%3Dmasked&dt=Different%20Ways%20to%20Make%20Money%20on%20Amazon&_s=3&tfd=6137
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-PBTNY0436V
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.tiandeitnews.com/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Sat, 23 Dec 2023 03:04:57 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.tiandeitnews.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 collect
region1.google-analytics.com/g/ 0
17 B 47ms
47ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-L319LPEF4Q&gtm=45je3bt0v9133943345&_p=1703300691987&gcd=11l1l1l1l1&dma=0&cid=505545217.1703300692&ul=en-us&sr=1600x1200&ir=1&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=EEII&sid=1703300692&sct=1&seg=0&dl=https%3A%2F%2Fwww.tiandeitnews.com%2Ftwo%2F9088.html%3Futm_source%3Dmasked%26utm_medium%3D1%26sid%3Dmasked&dr=https%3A%2F%2Fwww.tiandeitnews.com%2Fdetails.html%3Futm_source%3Dmasked%26utm_medium%3D1%26sid%3Dmasked&dt=Different%20Ways%20to%20Make%20Money%20on%20Amazon&_s=3&tfd=6141
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-L319LPEF4Q&l=dataLayer&cx=c
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.tiandeitnews.com/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Sat, 23 Dec 2023 03:04:57 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.tiandeitnews.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

39 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

14 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.tiandeitnews.com/	1970-01-21 02:44:20	Name: _ga Value: GA1.2.505545217.1703300692
.tiandeitnews.com/	1970-01-20 17:09:47	Name: _gid Value: GA1.2.262705625.1703300692
.tiandeitnews.com/	1970-01-20 17:08:20	Name: _gat_gtag_UA_205063360_33 Value: 1
.doubleclick.net/	1970-01-21 02:29:56	Name: IDE Value: AHWqTUlJVv9Km_sUrTVEK5lSkF0suF30Y5Sxly8wWR1-8CmB3DvDo5uiwsCaD54R
.casalemedia.com/	1970-01-21 01:53:56	Name: CMID Value: ZYZOVVpfqD9SRQ3RgGD1SQAA
.casalemedia.com/	1970-01-20 19:17:56	Name: CMPS Value: 1875
.casalemedia.com/	1970-01-20 19:17:56	Name: CMPRO Value: 1875
.adnxs.com/	1970-01-21 02:44:20	Name: XANDR_PANID Value: 1E-kUbFbrWMbvRQu1s4waksdcZQYnB5hRLIYjwAyog-svj3yYOp3YmCL3F53rP35PmVszqWse6DyBQSCLOy8aiZuHYuDgrT7irnhBkHVL64.
.adnxs.com/	1970-01-20 19:17:56	Name: uuid2 Value: 3735330555119819660
.tiandeitnews.com/	1970-01-21 02:29:56	Name: __gads Value: ID=db04de110145d12a:T=1703300692:RT=1703300692:S=ALNI_MYkSrH90p5t4bU_Y97o9yE94-4VwA
.tiandeitnews.com/	1970-01-21 02:29:56	Name: __gpi Value: UID=00000d2760760abd:T=1703300692:RT=1703300692:S=ALNI_MbkJCxTOX-k0pDVfJa67CBzLE53BA
.tiandeitnews.com/	1970-01-21 02:44:20	Name: _ga_PBTNY0436V Value: GS1.1.1703300692.1.0.1703300694.0.0.0
.tiandeitnews.com/	1970-01-21 02:44:20	Name: _ga_L319LPEF4Q Value: GS1.1.1703300692.1.0.1703300694.0.0.0
.adnxs.com/	1970-01-20 19:17:56	Name: anj Value: dTM7k!M41.D>6NRF']wIg2GU#pKF4a!]tb[8i_iqf!oN/@E'zz<Z0Q.!<H.fxs(mm.ZB+GwfyWfOVPs%8:z.JZVeTD._*PlZ[C[-kX-5ys)`

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://trackinstall.startappservice.com/trackpostinstall/startapp?d=masked&a=adLoad Message: Failed to load resource: the server responded with a status of 504 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ad.doubleclick.net
c9adeaae95a4301d142b2c8a3a1bd9bd.safeframe.googlesyndication.com
cm.g.doubleclick.net
dsum-sec.casalemedia.com
fonts.googleapis.com
funnel-assets.startappservice.com
gcdn.2mdn.net
googleads.g.doubleclick.net
ib.adnxs.com
pagead2.googlesyndication.com
r1---sn-aigl6nze.c.2mdn.net
region1.google-analytics.com
s0.2mdn.net
securepubads.g.doubleclick.net
stats.g.doubleclick.net
tpc.googlesyndication.com
trackinstall.startappservice.com
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.googletagservices.com
www.tiandeitnews.com
142.250.186.130
150.136.215.59
172.217.16.134
172.64.151.101
2001:4860:4802:32::36
2606:4700:3037::ac43:9a51
2a00:1450:4001:802::2004
2a00:1450:4001:808::2001
2a00:1450:4001:80b::2002
2a00:1450:4001:80f::2008
2a00:1450:4001:812::200e
2a00:1450:4001:829::2001
2a00:1450:4001:82a::2002
2a00:1450:4001:82a::200a
2a00:1450:4001:82b::2002
2a00:1450:4001:82f::2002
2a00:1450:4001:830::2006
2a00:1450:4001:831::200e
2a00:1450:4009:e::6
2a00:1450:400c:c00::9a
37.252.171.85
68.232.34.193
03656ff565d2cc90c3b8f2c1963c5804304e5d9dc796e920db21a6db906a942d
04d4e3d019c17ed9efb5110cd9a525d53172d86c3d260731d8d1224bd3c774f8
04d549a4f168546afdc3608bc6ef4ad67a16a2bf2baf8c6770f88f524c924d11
0adce1c9ca35fb661329721cf6e1fc3f660f022f2c33c03b6df44fedbc255ba7
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0ea3a6ac5a11f7b18f9d644b89d495c42d4b59b4af2e1197050f610e62c40c1c
0edb7ff8b4775b1a73c15d06b1c7edab503f0f5a30b2dbf1a139d65a1c18e0ec
108cdb682e1d256ba58174d96775ec12fe2e9515ffa2ca7edfff49343a4d97ea
11961a36e2d6b42254abd7d1486669ee9272eecdbf729e8991cbc869dc66f977
1642dd5dc126df4feff2255cba0988528507973d842d0a73331a5873f6b9d4e5
1971f9225869f5d06051ec34c41b10b24a1ccd07f0dc775341930197c2cc9705
1a8e1dc27e51c133f502aeb910c679d05201829644f1c864930e0a04de2e560e
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
2c0890fc6478cf95602558d5639cf9378319d2ce43a1cfcacccd3141c496bb56
2c13ea2d33a57e786034ac8ba907c1356250c7c4530c9d1e0278cdee38952aca
310e16dac19f59365d25e60868f3b2fba1596cbf06f2377219336c409ce4d80b
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
31c6f707909e37dc307c1f315b1678b5d63de9c2807759a632e25af29edf69df
31d02f43dd0c7fc5c0d95db087a23f1c2d729c93f10450884c8da6b415f7839b
33ba8700fdd425748533bf1ee4ccd89d4012dfebcd7b61d54f87d0d0e952b8b6
37fd47bd047d4d2d314d9b94b6475d25961713aa665683a318a22a4ca2bacda7
3c7766cb470fdb8e95be7572ce2a63b18dbd24108a39b719e170cf852057b2da
3d9fb803da0c16465b6414947bd0f037001662d934b7ae5d0891989e6a46bf66
412b8ff9c5ab32b9019fcd84bcd4a54c0e265a14528474f4ee45b27a20abeaeb
435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
46b6cbf6e562de6d56e0b452f4b4f6167a98744a2c61951f75280b49f9ac93cc
4a9650564960002c3a6b463e0c895f6faa3c65690a9870ea8cfa8c3811a6b2ee
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
5041045a6708a7c5e3dcc9278ce593bb15534860bc7f86ee7a10cfd88b97cebc
54e105c20a6d080468aa590a4e021c6beae4550fb82cce12e6f4244dba6ef6ca
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
566012676f5d43acfea4dc0bc5d9bb2c0805d8775fcdd081b1c895310956829a
571f59d599f0b8353528303d9bc7848668a16dca66411636acfeae6a9510e0ce
5fdbcaf037183759c6cc29cc5a53904446aba120ffcd320226c575f3d0e4692c
618f4c537e8642232fc6047c1f4adb476b606ee65662729aac3cbf8ce71fb3b8
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
668e7a11dadf41a8ca3e5b357031874eef1aa19d90d347031de4091dec4d787a
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6f63063b6c9e82340f97b4dd83bb62762fa129eb451032083d872a1194f6c74a
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
8d6679c1ce1ac8605f5c410f30d1b06713479732043b75e81130cbe21b60e579
8e95246891091131d753fb3af619af7404a96b8f0f251a4f1178a0f5df99fdcc
924de56288fb925ce2670175dc18bcb05477967af49584f22dc73bf67cb5eace
92bc6032bfe6237f4ce497c05c8a87a599f53e82fb2ddaf75144d1e70e313fb0
9331608fec6faf6e621376986f3cdea669faa912ec6aa2e58ffe83f3a2e4e5e0
94deddc0c79b2fdc2c311db9947e6c112095882a9adc7aab3b35d26ce125e8a5
9591e031449880d287eb6289f7580e8328c0889056c396778b03b249b64ae2a7
9803885ef1504babd3030a5fe4ccc0f199edf3f9e7d8511ef38254688be6378a
9844337d0b1b36b45473c8fc27cba7d1c9f8aab2107e23e684b9e1a48e6066b5
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
a586a126dc4c06ebafc0e48a58042082668c4e11f8b78294db10cc86764646d0
a6d36aa3d742ccd6f1ca3c76dcf885af72f7bebe2fcc001ea011a7aea2f55678
a6dedd8665ac8d1d39fef59c871ae333d69bbf3e9de13584663c8ec64e050119
a7dcc07d397d0bf3aa1a918b78217d7ec794a40d776abd2286a77864d23c8f41
aa5e444c0dc37a4094f51daaf67930644711bdf3491f51bace3f7fbc0767c6f4
ad3a066b1a0b92bf88b1ecbb2fbbfcabcc30574a2992ff8e0d0dafdd6e8067a2
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b5a3390bb3900a993de9440621e866b7eb107ef893a65aa90078749b5c4cd98e
b746587b04bfd7e4d1011a6ac3d5e967a2d9df351d43137f6ece6a3a452d1dd0
b8ceaec7dcc1126a87d2fdab2136e9f7d93b6b3b8744010c1c270e50d68a6d84
c35135cb4e8e6a4d1c9cc60ff9b0e8fb23d5568cc69272ee6df455afef52e2a1
c367e2b3cc091feafde4a7eb14a69a9aefe86789def55d1c0569bada6149394d
c372408853d7feee0c77d4abeab1136ddffb6c56babe32702d4d53606e1173e0
c4b813f7aa04eca20be469b259cca2779799f58e280d73488bd7386940d2d146
cac583d6cbbaee17012c24a561ef042fd04eb34cf91842624b478421ac23af00
cdc8fc3e84893020d41775092d094468874bcdaef92e795ad621f2af577ac56d
cfab806f03d34f94db9cb7052cfdcf9adb7b9e3c01a17bf0cb724aa0443a266c
d530abbd89684de89046427ce5b0bb2c7fe3c1f6ea4019fb07f22c6f6b36aa68
d9e9849278dc66cf10bab27a83fedae03540b515bc4c89153f9d8d2f3483f3f7
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
e121ab87fa48b08e75b7ddf771d9b7e3c81c105e23aa8357cccfa2c04769df78
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e8403779d45a9590b43c0ecf984ebe11e75fd2982630d658390a6001a6768770
eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987
ec66729d1916bb14558b21daf3cea47901df43a87660c2bf057207dbd3f23892
ef04ebd34f9d837413d0e44f7d8d778bf95a76119dfa0cd85d646306c531d430
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f0ef7ee8e55facd721d2f1e68ad4304b0418a3d36e141ae54876ecad4e6c5466

www.tiandeitnews.com Open in urlscan Pro 2606:4700:3037::ac43:9a51 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

137 Requests

91 %HTTPS

73 %IPv6

12 Domains

22 Subdomains

22 IPs

4 Countries

2539 kBTransfer

4993 kBSize

14 Cookies

0 Outgoing links

Page URL History

Redirected requests

137 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 2 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

www.tiandeitnews.com Open in urlscan Pro
2606:4700:3037::ac43:9a51 Public Scan

Screenshot
Live screenshot

Full Image

137
Requests

91 %
HTTPS

73 %
IPv6

12
Domains

22
Subdomains

22
IPs

4
Countries

2539 kB
Transfer

4993 kB
Size

14
Cookies

137 HTTP transactions
2 data transactions