www.onenewspage.com Open in urlscan Pro
2606:4700:3033::ac43:938a Public Scan

Go To Rescan
Add Verdict Report

URL:
https://www.onenewspage.com/video/20220806/14729083/Max-Igan-Shift-is-Happening!.htm
Submission: On September 04 via api (September 4th 2022, 2:16:33 pm UTC) from US — Scanned from DE

Summary HTTP 170 Redirects Links 20 Behaviour Indicators

Summary

This website contacted 31 IPs in 5 countries across 23 domains to perform 170 HTTP transactions. The main IP is 2606:4700:3033::ac43:938a, located in United States and belongs to CLOUDFLARENET, US. The main domain is www.onenewspage.com. The Cisco Umbrella rank of the primary domain is 606903.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on May 9th 2022. Valid for: a year.

This is the only time www.onenewspage.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
23	2606:4700:303... 2606:4700:3033::ac43:938a	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700:303... 2606:4700:3032::6815:5c0f	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a00:1450:400... 2a00:1450:4001:82f::2008	15169 (GOOGLE) (GOOGLE)
10	2a00:1450:400... 2a00:1450:4001:80b::2002	15169 (GOOGLE) (GOOGLE)
1	2606:4700:440... 2606:4700:440e::6812:2fe6	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	172.98.59.21 172.98.59.21	399647 (RUMBLE) (RUMBLE)
23	151.101.65.44 151.101.65.44	54113 (FASTLY) (FASTLY)
5	2a00:1450:400... 2a00:1450:4001:812::200e	15169 (GOOGLE) (GOOGLE)
2	13.32.121.37 13.32.121.37	16509 (AMAZON-02) (AMAZON-02)
1	2001:4860:480... 2001:4860:4802:34::36	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:400c:c07::9d	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:80f::2003	15169 (GOOGLE) (GOOGLE)
9	2a00:1450:400... 2a00:1450:4001:803::2002	15169 (GOOGLE) (GOOGLE)
2	151.139.128.11 151.139.128.11	20446 (STACKPATH...) (STACKPATH-CDN)
3	2a00:1450:400... 2a00:1450:4001:831::2004	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:80e::200a	15169 (GOOGLE) (GOOGLE)
14	2a00:1450:400... 2a00:1450:4001:827::200e	15169 (GOOGLE) (GOOGLE)
20	141.226.228.48 141.226.228.48	200478 (TABOOLA-AS) (TABOOLA-AS)
1	2a00:1450:400... 2a00:1450:4001:831::2006	15169 (GOOGLE) (GOOGLE)
1	142.250.181.226 142.250.181.226	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:82a::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:800::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:812::200a	15169 (GOOGLE) (GOOGLE)
18	2a00:1450:400... 2a00:1450:4001:80e::2001	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:810::2002	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:812::2003	15169 (GOOGLE) (GOOGLE)
3	2600:1f18:612... 2600:1f18:612b:4264:562f:45f1:d263:2a9f	14618 (AMAZON-AES) (AMAZON-AES)
3	15.197.193.217 15.197.193.217	16509 (AMAZON-02) (AMAZON-02)
5 5	185.94.180.126 185.94.180.126	35220 (SPOTX-AMS) (SPOTX-AMS)
5 5	18.156.0.31 18.156.0.31	16509 (AMAZON-02) (AMAZON-02)
3	52.57.12.251 52.57.12.251	16509 (AMAZON-02) (AMAZON-02)
3	2a00:1450:400... 2a00:1450:4001:803::2003	15169 (GOOGLE) (GOOGLE)
170	31

23 2606:4700:3033::ac43:938a (United States)

ASN13335 (CLOUDFLARENET, US)

www.onenewspage.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3032::6815:5c0f (United States)

ASN13335 (CLOUDFLARENET, US)

video.newsserve.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82f::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2a00:1450:4001:80b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:440e::6812:2fe6 (United States)

ASN13335 (CLOUDFLARENET, US)

static.cloudflareinsights.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 172.98.59.21 (Canada)

ASN399647 (RUMBLE, CA)

rumble.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

23 151.101.65.44 (United States)

ASN54113 (FASTLY, US)

cdn.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
trc.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
15.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
images.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
vidstat.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
imprammp.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
wf.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
vidstatb.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:812::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 13.32.121.37 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-121-37.fra60.r.cloudfront.net

sb.scorecardresearch.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)

region1.analytics.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:400c:c07::9d (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:80f::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2a00:1450:4001:803::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 151.139.128.11 (United States)

ASN20446 (STACKPATH-CDN, US)

sp.rmbl.ws	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:831::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:80e::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

imasdk.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 2a00:1450:4001:827::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fundingchoicesmessages.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

20 141.226.228.48 (Netherlands)

ASN200478 (TABOOLA-AS, IL)

trc-events.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
am-trc-events.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
am-match.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
am-vid-events.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
sync-t1.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
sync.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:831::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

s0.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.181.226 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s56-in-f2.1e100.net

partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82a::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:800::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:812::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

18 2a00:1450:4001:80e::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:810::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:812::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2600:1f18:612b:4264:562f:45f1:d263:2a9f (Ashburn, United States)

ASN14618 (AMAZON-AES, US)

taboola-supply-partners.tremorhub.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 15.197.193.217 (United States)

ASN16509 (AMAZON-02, US)
PTR: a12b7a488abeaa9e4.awsglobalaccelerator.com

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 185.94.180.126 (Amsterdam, Netherlands) 5 redirects

ASN35220 (SPOTX-AMS, US)

sync.search.spotxchange.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 18.156.0.31 (Frankfurt am Main, Germany) 5 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-18-156-0-31.eu-central-1.compute.amazonaws.com

ups.analytics.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 52.57.12.251 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-57-12-251.eu-central-1.compute.amazonaws.com

x.bidswitch.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:803::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
43	taboola.com cdn.taboola.com — Cisco Umbrella Rank: 971 trc.taboola.com — Cisco Umbrella Rank: 705 trc-events.taboola.com — Cisco Umbrella Rank: 1566 15.taboola.com — Cisco Umbrella Rank: 6809 am-trc-events.taboola.com — Cisco Umbrella Rank: 16799 images.taboola.com — Cisco Umbrella Rank: 1704 vidstat.taboola.com — Cisco Umbrella Rank: 2376 imprammp.taboola.com — Cisco Umbrella Rank: 13248 am-match.taboola.com — Cisco Umbrella Rank: 13000 wf.taboola.com — Cisco Umbrella Rank: 2542 am-vid-events.taboola.com — Cisco Umbrella Rank: 12269 sync-t1.taboola.com — Cisco Umbrella Rank: 1253 sync.taboola.com — Cisco Umbrella Rank: 979 vidstatb.taboola.com — Cisco Umbrella Rank: 4320	584 KB
28	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 112 tpc.googlesyndication.com — Cisco Umbrella Rank: 145	403 KB
23	onenewspage.com www.onenewspage.com — Cisco Umbrella Rank: 606903	480 KB
19	google.com region1.analytics.google.com — Cisco Umbrella Rank: 6141 www.google.com — Cisco Umbrella Rank: 2 fundingchoicesmessages.google.com — Cisco Umbrella Rank: 2277 adservice.google.com — Cisco Umbrella Rank: 78	51 KB
12	doubleclick.net stats.g.doubleclick.net — Cisco Umbrella Rank: 85 googleads.g.doubleclick.net — Cisco Umbrella Rank: 44	160 KB
7	gstatic.com www.gstatic.com fonts.gstatic.com	100 KB
5	yahoo.com 5 redirects ups.analytics.yahoo.com — Cisco Umbrella Rank: 270	859 B
5	spotxchange.com 5 redirects sync.search.spotxchange.com — Cisco Umbrella Rank: 526	3 KB
5	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 37	40 KB
4	googleapis.com imasdk.googleapis.com — Cisco Umbrella Rank: 424 fonts.googleapis.com — Cisco Umbrella Rank: 43	334 KB
4	google.de www.google.de — Cisco Umbrella Rank: 6487 adservice.google.de — Cisco Umbrella Rank: 9270	1 KB
3	bidswitch.net x.bidswitch.net — Cisco Umbrella Rank: 288	660 B
3	adsrvr.org match.adsrvr.org — Cisco Umbrella Rank: 336	793 B
3	tremorhub.com taboola-supply-partners.tremorhub.com — Cisco Umbrella Rank: 3196	547 B
3	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 192	132 KB
3	rumble.com rumble.com — Cisco Umbrella Rank: 18435	35 KB
2	rmbl.ws sp.rmbl.ws — Cisco Umbrella Rank: 24874	53 KB
2	scorecardresearch.com sb.scorecardresearch.com — Cisco Umbrella Rank: 152	2 KB
2	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 66	115 KB
1	googleadservices.com partner.googleadservices.com — Cisco Umbrella Rank: 872	647 B
1	2mdn.net s0.2mdn.net — Cisco Umbrella Rank: 264	17 KB
1	cloudflareinsights.com static.cloudflareinsights.com — Cisco Umbrella Rank: 1058	5 KB
1	newsserve.net video.newsserve.net — Cisco Umbrella Rank: 757472	110 KB
170	23

	Domain	Requested by
23	www.onenewspage.com	www.onenewspage.com static.cloudflareinsights.com
18	tpc.googlesyndication.com	googleads.g.doubleclick.net pagead2.googlesyndication.com tpc.googlesyndication.com
14	fundingchoicesmessages.google.com	pagead2.googlesyndication.com
10	am-trc-events.taboola.com	www.onenewspage.com cdn.taboola.com
10	pagead2.googlesyndication.com	www.onenewspage.com pagead2.googlesyndication.com googleads.g.doubleclick.net tpc.googlesyndication.com www.googletagservices.com
9	googleads.g.doubleclick.net	pagead2.googlesyndication.com googleads.g.doubleclick.net
6	images.taboola.com	www.onenewspage.com
6	cdn.taboola.com	www.onenewspage.com cdn.taboola.com
5	ups.analytics.yahoo.com	5 redirects
5	sync.search.spotxchange.com	5 redirects
5	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com rumble.com
4	www.gstatic.com	googleads.g.doubleclick.net
4	vidstat.taboola.com	cdn.taboola.com vidstat.taboola.com
3	fonts.gstatic.com	fonts.googleapis.com
3	x.bidswitch.net	imprammp.taboola.com am-match.taboola.com
3	sync.taboola.com	imprammp.taboola.com am-match.taboola.com
3	sync-t1.taboola.com	imprammp.taboola.com am-match.taboola.com
3	match.adsrvr.org	imprammp.taboola.com am-match.taboola.com
3	taboola-supply-partners.tremorhub.com	imprammp.taboola.com am-match.taboola.com
3	www.googletagservices.com	googleads.g.doubleclick.net
3	www.google.com	www.onenewspage.com rumble.com tpc.googlesyndication.com
3	www.google.de	www.onenewspage.com rumble.com
3	stats.g.doubleclick.net	www.googletagmanager.com www.google-analytics.com
3	rumble.com	www.onenewspage.com rumble.com
2	fonts.googleapis.com	googleads.g.doubleclick.net
2	wf.taboola.com	vidstat.taboola.com
2	am-match.taboola.com	vidstat.taboola.com
2	imasdk.googleapis.com	rumble.com imasdk.googleapis.com
2	trc.taboola.com	cdn.taboola.com
2	sp.rmbl.ws	rumble.com
2	sb.scorecardresearch.com	cdn.taboola.com www.onenewspage.com
2	www.googletagmanager.com	www.onenewspage.com www.googletagmanager.com
1	vidstatb.taboola.com	www.onenewspage.com
1	am-vid-events.taboola.com	www.onenewspage.com
1	imprammp.taboola.com	vidstat.taboola.com
1	adservice.google.com	pagead2.googlesyndication.com
1	adservice.google.de	pagead2.googlesyndication.com
1	partner.googleadservices.com	pagead2.googlesyndication.com
1	s0.2mdn.net	imasdk.googleapis.com
1	15.taboola.com	cdn.taboola.com
1	trc-events.taboola.com	cdn.taboola.com
1	region1.analytics.google.com	www.googletagmanager.com
1	static.cloudflareinsights.com	www.onenewspage.com
1	video.newsserve.net
170	44

This site contains links to these domains. Also see Links.

Domain
www.onenewspage.co.uk
www.newsr.in
www.facebook.com
www.twitter.com
www.linkedin.com
www.reddit.com
pinterest.com
shefence-citional.com
pro-verbraucher.info
as.ad4m.at
trc.taboola.com
safesly.com
www.flossbachvonstorch.de
popup.taboola.com
twitter.com
linkedin.com

Subject Issuer	Validity	Valid
onenewspage.com Cloudflare Inc ECC CA-3	`2022-05-09` - `2023-05-09`	a year	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-06-06` - `2023-06-05`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2022-08-15` - `2022-11-07`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2022-08-15` - `2022-11-07`	3 months	crt.sh
*.rumble.com DigiCert TLS RSA SHA256 2020 CA1	`2021-11-11` - `2022-12-07`	a year	crt.sh
*.taboola.com DigiCert TLS RSA SHA256 2020 CA1	`2021-11-28` - `2022-12-29`	a year	crt.sh
*.scorecardresearch.com Amazon	`2022-01-29` - `2023-02-27`	a year	crt.sh
www.google.de GTS CA 1C3	`2022-08-15` - `2022-11-07`	3 months	crt.sh
sp.rmbl.ws R3	`2022-07-31` - `2022-10-29`	3 months	crt.sh
www.google.com GTS CA 1C3	`2022-08-15` - `2022-11-07`	3 months	crt.sh
*.google.de GTS CA 1C3	`2022-08-15` - `2022-11-07`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2022-08-15` - `2022-11-07`	3 months	crt.sh
*.google.com GTS CA 1C3	`2022-08-15` - `2022-11-07`	3 months	crt.sh
*.doubleclick.net GTS CA 1C3	`2022-08-15` - `2022-11-07`	3 months	crt.sh
*.googleadservices.com GTS CA 1C3	`2022-08-15` - `2022-11-07`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2022-08-15` - `2022-11-07`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2022-08-15` - `2022-11-07`	3 months	crt.sh
*.tremorhub.com Amazon	`2022-03-24` - `2023-04-22`	a year	crt.sh
*.adsrvr.org GlobalSign GCC R3 DV TLS CA 2020	`2022-03-31` - `2023-05-02`	a year	crt.sh
*.bidswitch.net Sectigo RSA Domain Validation Secure Server CA	`2022-04-05` - `2023-05-04`	a year	crt.sh

This page contains 16 frames:

Primary Page: https://www.onenewspage.com/video/20220806/14729083/Max-Igan-Shift-is-Happening!.htm
Frame ID: BD0EA6A7735AFF1A69FAC94A4ADDECC5
Requests: 91 HTTP requests in this frame

Frame: https://rumble.com/embed/v1cc8m1?pub=75zn/?autoplay=false
Frame ID: 28E55224A8395EBA9E4671E880065458
Requests: 13 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20220831/r20190131/zrt_lookup.html
Frame ID: B0B292978421BEDBF593BD8094AB74BC
Requests: 1 HTTP requests in this frame

Frame: https://www.onenewspage.com/cdn-cgi/challenge-platform/h/g/scripts/alpha/invisible.js?ts=1662292800
Frame ID: 55C12B72067086F15DAC2B2495E246E5
Requests: 3 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.528.0_en.html
Frame ID: FA8BE46BE18144C7CC114A680FBD0713
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?us_privacy=1---&client=ca-pub-4985447070160925&output=html&h=280&slotname=8886206350&adk=2616170555&adf=1236709610&pi=t.ma~as.8886206350&w=750&fwrn=4&fwrnh=100&lmt=1662300982&rafmt=1&psa=0&format=750x280&url=https%3A%2F%2Fwww.onenewspage.com%2Fvideo%2F20220806%2F14729083%2FMax-Igan-Shift-is-Happening!.htm&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1662300983414&bpp=4&bdt=375&idt=760&shv=r20220831&mjsv=m202208300101&ptt=9&saldr=aa&abxe=1&correlator=4536277881758&frm=20&pv=2&ga_vid=1952181317.1662300983&ga_sid=1662300985&ga_hid=508319689&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=230&ady=2376&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44761793%2C44770880&oid=2&pvsid=1489802935848688&tmod=541642836&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&btvi=1&fsb=1&xpc=f0sWoWgDPL&p=https%3A//www.onenewspage.com&dtd=1188
Frame ID: 4401D7DE756616CAF1B9B61B18E495DF
Requests: 14 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?us_privacy=1---&client=ca-pub-4985447070160925&output=html&h=280&slotname=8987803811&adk=1915398834&adf=4050863620&pi=t.ma~as.8987803811&w=345&fwrn=1&fwrnh=100&lmt=1662300982&rafmt=1&psa=0&format=345x280&url=https%3A%2F%2Fwww.onenewspage.com%2Fvideo%2F20220806%2F14729083%2FMax-Igan-Shift-is-Happening!.htm&fwr=0&fwrattr=false&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1662300983414&bpp=1&bdt=375&idt=810&shv=r20220831&mjsv=m202208300101&ptt=9&saldr=aa&abxe=1&prev_fmts=750x280&correlator=4536277881758&frm=20&pv=1&ga_vid=1952181317.1662300983&ga_sid=1662300985&ga_hid=508319689&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1025&ady=932&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44761793%2C44770880&oid=2&pvsid=1489802935848688&tmod=541642836&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpEe%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=M3bgEHGOE3&p=https%3A//www.onenewspage.com&dtd=1194
Frame ID: 869B2FB550E962A438EB38ABD0E8D9FA
Requests: 15 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?us_privacy=1---&client=ca-pub-4985447070160925&output=html&h=1069&slotname=4684115771&adk=2369831491&adf=1915577481&pi=t.ma~as.4684115771&w=345&cr_col=1&cr_row=4&lmt=1662300982&rafmt=9&psa=0&format=345x1069&url=https%3A%2F%2Fwww.onenewspage.com%2Fvideo%2F20220806%2F14729083%2FMax-Igan-Shift-is-Happening!.htm&crui=pub_control_image_card_stacked&fwrattr=false&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1662300983414&bpp=1&bdt=374&idt=812&shv=r20220831&mjsv=m202208300101&ptt=9&saldr=aa&abxe=1&prev_fmts=750x280%2C345x280&correlator=4536277881758&frm=20&pv=1&ga_vid=1952181317.1662300983&ga_sid=1662300985&ga_hid=508319689&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1025&ady=2162&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44761793%2C44770880&oid=2&pvsid=1489802935848688&tmod=541642836&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpEebr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=2H1iP2yTvX&p=https%3A//www.onenewspage.com&dtd=1198
Frame ID: 81F68B031DC47FEB60327439566D3E5A
Requests: 12 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?us_privacy=1---&client=ca-pub-4985447070160925&output=html&adk=1812271804&adf=3025194257&lmt=1662300982&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A34635776%2C32%3A32&format=0x0&url=https%3A%2F%2Fwww.onenewspage.com%2Fvideo%2F20220806%2F14729083%2FMax-Igan-Shift-is-Happening!.htm&ea=0&pra=7&wgl=1&easpf=1&easpi=0&asntp=0&asntpv=0&asntpl=0&asntpm=0&asntpc=0&asna=0&asnd=0&asnp=0&asns=0&asmat=1&asptt=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1662300983414&bpp=2&bdt=374&idt=814&shv=r20220831&mjsv=m202208300101&ptt=9&saldr=aa&abxe=1&prev_fmts=750x280%2C345x280%2C345x1069&nras=1&correlator=4536277881758&frm=20&pv=1&ga_vid=1952181317.1662300983&ga_sid=1662300985&ga_hid=508319689&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44761793%2C44770880&oid=2&pvsid=1489802935848688&tmod=541642836&uas=0&nvt=1&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=4&uci=a!4&fsb=1&dtd=1201
Frame ID: 802814C9D55FB3DC58C93F0F7DCCC69E
Requests: 1 HTTP requests in this frame

Frame: https://imprammp.taboola.com/st?cijs=convusmp&ttype=0&cisd=convusmp&cipid=66256635&crid=5895835&dast=V7m6gCFgOnWK7GEN8VrwSnWK7GEN8VrwUAAAAGBuIHJDgZrgYj32itsRgXa9FyslkrF57FWjharFzGhWc2nLmMQCIzy2o4HG7WuuVu5RbNfCu3crWyrWW-iXHmmLlmC4dzCg3E8nxNf8Nb9jS5_G6gQtPp8Lnu9brf7663u-wu3-fw8LnsGr_bL3uaXH6_ZDCZDIaD2V4x2k2Wg-Fmr2YY30qew-7WFJ0201vpeQsZhsPL7rT7HHKh6W0HAAAAgAeALPtNiB9AAIAIAAAAAAkAAAAAioCKfwuBCwAAAAAMgAOZJA0AKI6Ddt09p5flHwAADw8gAAACGCQABIL7JQAj1j0nAAAAAAAAAAAs_____zED8v77MgP3Xpc9AA8-AA9EBaNFjAAAAACCNxwUjiZ1QmVRBQBAkG4FcAUAEDCIwE0hFwYAAEAwtkAPi99vdtg1frfLAAAAAAAAAADM_s_-0YSerhXSgOhR7NV-AQEA1n4BAQDYwg0A4E0ALugIWjEYrC4gZgcAAABw9____68HkpuFwzBbDQe7lWtkmjmXK89yZJmNVqPRcjjZmLzHRDtlK5G77NTXQCzP1_Q3vGVPk8tvvwlbjFaTyWY5nC0Xk8FwNByN9jcQg9UAJ2KwXE4mi8luNVqNNsPdaDZYoEAMJkjRosFkNRpNFpPhajRZzZaL3W6DFK1azUabwXA1m8x2u9VwMFyORjhhi9FqMtksh7PlYjIYjoaj0RBhZLEa-WY241rlsdjcosXEshaubI61YDXYTDYe02qwsa1Fr4_pYVh5hhPjFgUDpvYiuEgnervL7vJ9Dg-fy623u-wu3-fw8LksYonmZJFOZJd9c7NwGGar4WC3co1MM-dy5VmOLLPRajRaDicbk7-yWI18M5txrfJYbG7RYmJZC1c2x1qwGmwmG49pNdjY1qLXx_QwrDzDiXHfmM0mm8FgORztG7PZZDMYLIejfYfO8F19zkZjTnTx6Dy2cc3wvTkMCpfB4v1JTItpd3bw_H5Hp079UhZ1RuHle_QaFJ6DRzW8Lpfh6XHxbf4MCsfBoIglgtNFOpE9TS6_RSyRPC3SiXK2GXk2tuHEtpt5HJ6VyeacOTwL18gx2Fg8M-NELFGaLtKJXvY0ufx-yWAyGQwHs71itJssB8PNXu0wvpU-h92tOTptprfS8xY6DIeX3Wn3OeRC09ui_iNDLDdzyW6uGM0Vg1UCAAAAAAAAAFjCnHkTAAAAgNNAlqvZbrVcgAgWKt2f1a-sLCr1tt38PHTPjzJ76eLGjy_e7rK7fJ_Dw-dy6-0uu8v3OTx8LisDRKSAMW_2TBBrtVrWAAAAAtgAAAAB3Lp5Cwiz5PaBqCzNzMzMzPgJcLNaDA!&cmcv=&pix=undefined&cb=1662300984882&uv=3221&tms=1662300984882&abt=inc_all_video_vA!Noappq22_vC!t45!tvrReverse1_vB!ufm&ft=0&unm=WIDGET_ITEM&aure=false&agl=1&cirid=82850d74-cb81-4923-9a31-841ee8a368fe&excid=e22lLINE_ITEM_ID_WILL_BE_HERE_ON_SERVINGc&tst=1&docw=0&cs=true&cias=1
Frame ID: B2F14BF700292B63B8CB5D11F5ECBA22
Requests: 6 HTTP requests in this frame

Frame: https://am-match.taboola.com/sync?dast=V7m6gCFgOnWK7GEN8VrwSnWK7GEN8VrwUAAAAGBuIHJDgZrgYj32itsRgXa9FyslkrF57FWjharFzGhWc2nLmMQCIzy2o4HG7WuuVu5RbNfCu3crWyrWW-iXHmmLlmC4dzCg3E8nxNf8Nb9jS5_G6gQtPp8Lnu9brf7663u-wu3-fw8LnsGr_bL3uaXH6_ZDCZDIaD2V4x2k2Wg-Fmr2YY30qew-7WFJ0201vpeQsZhsPL7rT7HHKh6W0HAAAAgAeALPtNiB9AAIAIAAAAAAkAAAAAioCKfwuBCwAAAAAMgAOZJA0AKI6Ddt09p5flHwAADw8gAAACGCQABIL7JQAj1j0nAAAAAAAAAAAs_____zED8v77MgP3Xpc9AA8-AA9EBaNFjAAAAACCNxwUjiZ1QmVRBQBAkG4FcAUAEDCIwE0hFwYAAEAwtkAPi99vdtg1frfLAAAAAAAAAADM_s_-0YSerhXSgOhR7NV-AQEA1n4BAQDYwg0A4E0ALugIWjEYrC4gZgcAAABw9____68HkpuFwzBbDQe7lWtkmjmXK89yZJmNVqPRcjjZmLzHRDtlK5G77NTXQCzP1_Q3vGVPk8tvvwlbjFaTyWY5nC0Xk8FwNByN9jcQg9UAJ2KwXE4mi8luNVqNNsPdaDZYoEAMJkjRosFkNRpNFpPhajRZzZaL3W6DFK1azUabwXA1m8x2u9VwMFyORjhhi9FqMtksh7PlYjIYjoaj0RBhZLEa-WY241rlsdjcosXEshaubI61YDXYTDYe02qwsa1Fr4_pYVh5hhPjFgUDpvYiuEgnervL7vJ9Dg-fy623u-wu3-fw8LksYonmZJFOZJd9c7NwGGar4WC3co1MM-dy5VmOLLPRajRaDicbk7-yWI18M5txrfJYbG7RYmJZC1c2x1qwGmwmG49pNdjY1qLXx_QwrDzDiXHfmM0mm8FgORztG7PZZDMYLIejfYfO8F19zkZjTnTx6Dy2cc3wvTkMCpfB4v1JTItpd3bw_H5Hp079UhZ1RuHle_QaFJ6DRzW8Lpfh6XHxbf4MCsfBoIglgtNFOpE9TS6_RSyRPC3SiXK2GXk2tuHEtpt5HJ6VyeacOTwL18gx2Fg8M-NELFGaLtKJXvY0ufx-yWAyGQwHs71itJssB8PNXu0wvpU-h92tOTptprfS8xY6DIeX3Wn3OeRC09ui_iNDLDdzyW6uGM0Vg1UCAAAAAAAAAFjCnHkTAAAAgNNAlqvZbrVcgAgWKt2f1a-sLCr1tt38PHTPjzJ76eLGjy_e7rK7fJ_Dw-dy6-0uu8v3OTx8LisDRKSAMW_2TBBrtVrWAAAAAtgAAAAB3Lp5Cwiz5PaBqCzNzMzMzPgJcLNaDA!&excid=22&docw=0&cijs=1&nlb=true
Frame ID: 3FD42A07328026CB2664B3965B9F3645
Requests: 6 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/CgETvhyXIYksjpVuZOiCWYZFr3TNicAtz6hsjYVMHCQ.js
Frame ID: 60F7C5B35695EF34146E35546AB8BF6A
Requests: 1 HTTP requests in this frame

Frame: https://am-match.taboola.com/sync?dast=V7m6gCFgOnWK7GEN8VrwSnWK7GEN8VrwUAAAAGBuIHJDgZrgYj32itsRgXa9FyslkrF57FWjharFzGhWc2nLmMQCIzy2o4HG7WuuVu5RbNfCu3crWyrWW-iXHmmLlmC4dzCg3E8nxNf8Nb9jS5_G6gQtPp8Lnu9brf7663u-wu3-fw8LnsGr_bL3uaXH6_ZDCZDIaD2V4x2k2Wg-Fmr2YY30qew-7WFJ0201vpeQsZhsPL7rT7HHKh6W0HAAAAgAeALPtNiB9AAIAIAAAAAAkAAAAAioCKfwuBCwAAAAAMgAOZJA0AKI6Ddt09p5flHwAADw8gAAACGCQABIL7JQAj1j0nAAAAAAAAAAAs_____zED8v77MgP3Xpc9AA8-AA9EBaNFjAAAAACCNxwUjiZ1QmVRBQBAkG4FcAUAEDCIwE0hFwYAAEAwtkAPi99vdtg1frfLAAAAAAAAAADM_s_-0YSerhXSgOhR7NV-AQEA1n4BAQDYwg0A4E0ALugIWjEYrC4gZgcAAABw9____68HkpuFwzBbDQe7lWtkmjmXK89yZJmNVqPRcjjZmLzHRDtlK5G77NTXQCzP1_Q3vGVPk8tvvwlbjFaTyWY5nC0Xk8FwNByN9jcQg9UAJ2KwXE4mi8luNVqNNsPdaDZYoEAMJkjRosFkNRpNFpPhajRZzZaL3W6DFK1azUabwXA1m8x2u9VwMFyORjhhi9FqMtksh7PlYjIYjoaj0RBhZLEa-WY241rlsdjcosXEshaubI61YDXYTDYe02qwsa1Fr4_pYVh5hhPjFgUDpvYiuEgnervL7vJ9Dg-fy623u-wu3-fw8LksYonmZJFOZJd9c7NwGGar4WC3co1MM-dy5VmOLLPRajRaDicbk7-yWI18M5txrfJYbG7RYmJZC1c2x1qwGmwmG49pNdjY1qLXx_QwrDzDiXHfmM0mm8FgORztG7PZZDMYLIejfYfO8F19zkZjTnTx6Dy2cc3wvTkMCpfB4v1JTItpd3bw_H5Hp079UhZ1RuHle_QaFJ6DRzW8Lpfh6XHxbf4MCsfBoIglgtNFOpE9TS6_RSyRPC3SiXK2GXk2tuHEtpt5HJ6VyeacOTwL18gx2Fg8M-NELFGaLtKJXvY0ufx-yWAyGQwHs71itJssB8PNXu0wvpU-h92tOTptprfS8xY6DIeX3Wn3OeRC09ui_iNDLDdzyW6uGM0Vg1UCAAAAAAAAAFjCnHkTAAAAgNNAlqvZbrVcgAgWKt2f1a-sLCr1tt38PHTPjzJ76eLGjy_e7rK7fJ_Dw-dy6-0uu8v3OTx8LisDRKSAMW_2TBBrtVrWAAAAAtgAAAAB3Lp5Cwiz5PaBqCzNzMzMzPgJcLNaDA!&excid=22&docw=0&cijs=1&nlb=true
Frame ID: 60506B4C74F9ECE29A422AC18BCE55A7
Requests: 6 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/CgETvhyXIYksjpVuZOiCWYZFr3TNicAtz6hsjYVMHCQ.js
Frame ID: A52DD3BE975A72446C0B0C53D3A2B0C6
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: F2A8FAD4DA7BDF171912E241D324ACFD
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: A88958427B0841F22A3306994D275BBC
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Max Igan: A Shift is Happening! - One News Page VIDEO

Detected technologies

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

Cloudflare Browser Insights (Analytics) Expand

Overall confidence: 100%
Detected patterns

static\.cloudflareinsights\.com/beacon(?:\.min)?\.js

DoubleClick Campaign Manager (DCM) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

2mdn\.net

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/
2mdn\.net

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

OWL Carousel (Widgets) Expand

Overall confidence: 100%
Detected patterns

owl\.carousel.*\.js

comScore (Analytics) Expand

Overall confidence: 100%
Detected patterns

<iframe[^>]* (?:id="comscore"|scr=[^>]+comscore)|\.scorecardresearch\.com/beacon\.js|COMSCORE\.beacon
\.scorecardresearch\.com/beacon\.js|COMSCORE\.beacon

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

170
Requests

96 %
HTTPS

69 %
IPv6

23
Domains

44
Subdomains

31
IPs

5
Countries

2624 kB
Transfer

13360 kB
Size

16
Cookies

20 Outgoing links

These are links going to different origins than the main page.

URL: https://www.onenewspage.co.uk/
Title: United Kingdom

Search URL Search Domain Scan URL

URL: https://www.newsr.in/
Title: India

Search URL Search Domain Scan URL

URL: https://www.facebook.com/sharer.php?u=https://www.onenewspage.com/video/20220806/14729083/Max-Igan-Shift-is-Happening!.htm
Title: Facebook

Search URL Search Domain Scan URL

URL: https://www.twitter.com/share?url=https://www.onenewspage.com/video/20220806/14729083/Max-Igan-Shift-is-Happening!.htm
Title: Twitter

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/shareArticle?mini=true&url=https://www.onenewspage.com/video/20220806/14729083/Max-Igan-Shift-is-Happening!.htm
Title: LinkedIn

Search URL Search Domain Scan URL

URL: https://www.reddit.com/submit?url=https://www.onenewspage.com/video/20220806/14729083/Max-Igan-Shift-is-Happening!.htm
Title: Reddit

Search URL Search Domain Scan URL

URL: https://pinterest.com/pin/create/button/?url=https://www.onenewspage.com/video/20220806/14729083/Max-Igan-Shift-is-Happening!.htm
Title: Pinterest

Search URL Search Domain Scan URL

URL: https://shefence-citional.com/7d579126-4d18-4d00-912f-43f83ac27ee6?utm_source=tb&utm_campaign=de_dk&utm_term=onenewspage-onenewspage&utm_content=3040702647&t=GiBErKMGy_aDPySgVnNI0qfcwB4kk4P07qEwldbNHm2ncSDOplMouJnaqOuc4rCZAQ&dt=tb&tblci=GiBErKMGy_aDPySgVnNI0qfcwB4kk4P07qEwldbNHm2ncSDOplMouJnaqOuc4rCZAQ#tblciGiBErKMGy_aDPySgVnNI0qfcwB4kk4P07qEwldbNHm2ncSDOplMouJnaqOuc4rCZAQ
Title: NutraFlex Nahrungsergänzungsmittel

Search URL Search Domain Scan URL

URL: https://pro-verbraucher.info/kostenlose-beerdigung-tb-l2t/?utm_source=taboola&utm_medium=display&utm_campaign=2592_pSGVE_D-PRO-Lead-Outbound-Taboola2_wac8294743_wmid592188347699433472&utm_term=onenewspage.com&utm_content=1949-1982+geboren%3F+Sie+haben+Anspruch+auf+diesen+Bestattungsschutz&publisher=onenewspage-onenewspage&tblci=GiBErKMGy_aDPySgVnNI0qfcwB4kk4P07qEwldbNHm2ncSCm0U8o8-i2-7mDjqwW#tblciGiBErKMGy_aDPySgVnNI0qfcwB4kk4P07qEwldbNHm2ncSCm0U8o8-i2-7mDjqwW
Title: Pro Verbraucher

Search URL Search Domain Scan URL

URL: https://as.ad4m.at/ad/tac?a=158504&b=3&c=3&d=1&e=775&f=&g=tabnat_allnet&h=&gdpr=$%7BGDPR%7D&gdpr_consent=$%7BGDPR_CONSENT_195%7D&gdpr_pd=&utm_source=taboola&utm_medium=referral&tblci=GiBErKMGy_aDPySgVnNI0qfcwB4kk4P07qEwldbNHm2ncSClg0gog8jQ4ZyCq60g#tblciGiBErKMGy_aDPySgVnNI0qfcwB4kk4P07qEwldbNHm2ncSClg0gog8jQ4ZyCq60g
Title: Blau

Search URL Search Domain Scan URL

URL: https://trc.taboola.com/onenewspage-onenewspage/log/3/click?pi=%2Fvideo%2F20220806%2F14729083%2Fmax-igan-shift-is-happening!.htm&ri=963d3c68b67fca3edf9fa3a5d10cb3f8&sd=v2_93aa065807e5d4f99e39d264544982cd_215d7ff8-ecbf-41b2-8ef1-05032cc450c6-tucta0e38b8_1662300984_1662300984_CNawjgYQ1NhEGNGm8MawMCABKAEwODib4wlAgooQSNzK2QNQpewQWABgAGjpur2xtqb7sOABcAA&ui=215d7ff8-ecbf-41b2-8ef1-05032cc450c6-tucta0e38b8&it=text&ii=~~V1~~3639762653397954882~~s7bQDhfW3zU5T0YBihEJWvzXh5y3a7_nrGoDtNcNdWnTxvAnL2wqac4MyzR7uD46gj3kUkbS3FhelBtnsiJV6MhkDZRZzzIqDobN6rWmCPA3hYz5D3PLat6nhIftiT1lStQk6jaQcGGDUiGnTk93_4FS8qr-f53vDbiQQMMys27ysvgqrbHGIkmG3J38zm-P9wrMuvPNrYIweDrWBe3xhSBoBRiF2IDtIEjrYOqV1spuDjNX9vRW5OCNYp1krjap941iqms7ijqeOroijBfa_Rly8LEt35FraQTwNLCyOKKOs4a_7qIOhgu9DqiwHekR&pt=video&li=rbox-v2m&sig=ea26905b2300f42ffbeed10dc3eae32d47558bf84e2d&redir=https%3A%2F%2Fas.ad4m.at%2Fad%2Ftac%3Fa%3D158504%26b%3D3%26c%3D3%26d%3D1%26e%3D775%26f%3D%26g%3Dtabnat_allnet%26h%3D%26gdpr%3D%24%257BGDPR%257D%26gdpr_consent%3D%24%257BGDPR_CONSENT_195%257D%26gdpr_pd%3D%26utm_source%3Dtaboola%26utm_medium%3Dreferral%26tblci%3DGiBErKMGy_aDPySgVnNI0qfcwB4kk4P07qEwldbNHm2ncSClg0gog8jQ4ZyCq60g%23tblciGiBErKMGy_aDPySgVnNI0qfcwB4kk4P07qEwldbNHm2ncSClg0gog8jQ4ZyCq60g&vi=1662300984145&p=advancedaudience-sc&r=38&lti=html_metrics_3_ctrl&ppb=CKIC&cpb=EhMyMDIyMDkwMS0xOC1SRUxFQVNFGAEgnP__________ASoZYW0udGFib29sYXN5bmRpY2F0aW9uLmNvbTIIdHJjNDAyMjM4gJzsiAxAm-MJSIKKEFDcytkDWKXsEGMI3v__________ARDe__________8BGCJkYwiMMRCfQRgyZGMI1xYQ1R8YI2RjCNwKEKAQGBZkYwjSAxDgBhgIZGMIlhQQnRwYGGRjCO8DEIoHGAlkYwiRMhDDQhgKZGMI6yQQ5DcYHWRjCPQUEJ4dGB9kYwikJxCDNRgvZHgBgAECiAG56s_QAZABHA&cta=true
Title: Weiterlesen

Search URL Search Domain Scan URL

URL: https://safesly.com/82e7ba4c-089d-413e-9f12-576bbd531f1f?site=onenewspage-onenewspage&title=Deutsche+mit+Pflegegrad+erhalten+zuzahlungsfreie+FFP2-Masken+mit+diesem+Trick&thumbnail=http%3A%2F%2Fcdn.taboola.com%2Flibtrc%2Fstatic%2Fthumbnails%2F5b0442c7891b88f1955ea4c6f8c6e4a9.jpg&campaign=DE_Satiata_Pflegebox_Desktop_v1&utm_content=3552191663&conversionname=6H_Sale&click_id=GiBErKMGy_aDPySgVnNI0qfcwB4kk4P07qEwldbNHm2ncSC11U8ozNjCho_Ln7pS&tblci=GiBErKMGy_aDPySgVnNI0qfcwB4kk4P07qEwldbNHm2ncSC11U8ozNjCho_Ln7pS#tblciGiBErKMGy_aDPySgVnNI0qfcwB4kk4P07qEwldbNHm2ncSC11U8ozNjCho_Ln7pS
Title: Verbraucher Hilfe

Search URL Search Domain Scan URL

URL: https://www.flossbachvonstorch.de/de/news/die-boerse-ist-kein-sparbuch/?utm_medium=native&utm_source=taboola&utm_campaign=de.native.kp.me.brand.blog.&utm_content=blog.&utm_term=taboola.220706&tblci=GiBErKMGy_aDPySgVnNI0qfcwB4kk4P07qEwldbNHm2ncSDOr0oo0ZTz1Y-U5pimAQ#tblciGiBErKMGy_aDPySgVnNI0qfcwB4kk4P07qEwldbNHm2ncSDOr0oo0ZTz1Y-U5pimAQ
Title: Flossbach von Storch

Search URL Search Domain Scan URL

URL: https://safesly.com/9597750f-4070-4a54-9822-830513702ebe?site=onenewspage-onenewspage&title=Aufgepasst%21+Deutsche+mit+Pflegegrad+bekommen+jetzt+jeden+Monat+40%E2%82%AC+Hilfsmittel&thumbnail=http%3A%2F%2Fcdn.taboola.com%2Flibtrc%2Fstatic%2Fthumbnails%2Fe27aa15ac648da7e527a65b6933a77ad.jpg&campaign=6H_201109_Purchase_desk2b&utm_content=3494608412&conversionname=6H&click_id=GiBErKMGy_aDPySgVnNI0qfcwB4kk4P07qEwldbNHm2ncSDC8E0ovb_zieyThsPzAQ&tblci=GiBErKMGy_aDPySgVnNI0qfcwB4kk4P07qEwldbNHm2ncSDC8E0ovb_zieyThsPzAQ#tblciGiBErKMGy_aDPySgVnNI0qfcwB4kk4P07qEwldbNHm2ncSDC8E0ovb_zieyThsPzAQ
Title: Pflege-Ratgeber24

Search URL Search Domain Scan URL

URL: https://popup.taboola.com/en/?template=colorbox&utm_source=onenewspage-onenewspage&utm_medium=referral&utm_content=desktop-video:Desktop-video:
Title: by Taboola

Search URL Search Domain Scan URL

URL: https://www.facebook.com/OneNewsPage
Title: Facebook

Search URL Search Domain Scan URL

URL: https://twitter.com/one_news_page
Title: Twitter

Search URL Search Domain Scan URL

URL: https://linkedin.com/company/onenewspage
Title: LinkedIn

Search URL Search Domain Scan URL

URL: https://twitter.com/One_News_Page

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/company/onenewspage

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 101

https://sync.search.spotxchange.com/partner?gdpr=1&adv_id=8532&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fspotx-rtb-network%2F1%2Frtb-h%3Ftaboola_hm%3D%24SPOTX_USER_ID%26orig%3Dvideo%26us_privacy%3D1---gdpr%3D1%26 HTTP 302
https://sync.search.spotxchange.com/partner?gdpr=1&adv_id=8532&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fspotx-rtb-network%2F1%2Frtb-h%3Ftaboola_hm%3D%24SPOTX_USER_ID%26orig%3Dvideo%26us_privacy%3D1---gdpr%3D1%26&__user_check__=1&sync_id=28e858ce-2c5c-11ed-9643-1eddb0c50306 HTTP 302
https://sync-t1.taboola.com/sg/spotx-rtb-network/1/rtb-h?taboola_hm=28e8584d-2c5c-11ed-9643-1eddb0c50306&orig=video&us_privacy=1---gdpr=1&

Request Chain 102

https://ups.analytics.yahoo.com/ups/58534/occ HTTP 302
https://ups.analytics.yahoo.com/ups/58534/occ?verify=true HTTP 302
https://sync.taboola.com/sg/yahoosspus-network/1/rtb-h/?taboola_hm=y-TH8pgq5E2uHpbuLsdtDQnDbdlzJU6mu9Al.yB.I-~A

Request Chain 116

https://sync.search.spotxchange.com/partner?gdpr=1&adv_id=8532&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fspotx-rtb-network%2F1%2Frtb-h%3Ftaboola_hm%3D%24SPOTX_USER_ID%26orig%3Dvideo%26us_privacy%3D1---gdpr%3D1%26 HTTP 302
https://sync.search.spotxchange.com/partner?gdpr=1&adv_id=8532&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fspotx-rtb-network%2F1%2Frtb-h%3Ftaboola_hm%3D%24SPOTX_USER_ID%26orig%3Dvideo%26us_privacy%3D1---gdpr%3D1%26&__user_check__=1&sync_id=28f3c3aa-2c5c-11ed-8180-1bf9ad920206 HTTP 302
https://sync-t1.taboola.com/sg/spotx-rtb-network/1/rtb-h?taboola_hm=28f3c2e2-2c5c-11ed-8180-1bf9ad920206&orig=video&us_privacy=1---gdpr=1&

Request Chain 118

https://ups.analytics.yahoo.com/ups/58534/occ HTTP 302
https://ups.analytics.yahoo.com/ups/58534/occ?verify=true HTTP 302
https://sync.taboola.com/sg/yahoosspus-network/1/rtb-h/?taboola_hm=y-F_93_zBE2uEBFdlyf0MjLNf9UO8rIiZXi0w8EZk-~A

Request Chain 147

https://sync.search.spotxchange.com/partner?gdpr=1&adv_id=8532&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fspotx-rtb-network%2F1%2Frtb-h%3Ftaboola_hm%3D%24SPOTX_USER_ID%26orig%3Dvideo%26us_privacy%3D1---gdpr%3D1%26 HTTP 302
https://sync-t1.taboola.com/sg/spotx-rtb-network/1/rtb-h?taboola_hm=28f3c2e2-2c5c-11ed-8180-1bf9ad920206&orig=video&us_privacy=1---gdpr=1&

Request Chain 149

https://ups.analytics.yahoo.com/ups/58534/occ HTTP 302
https://sync.taboola.com/sg/yahoosspus-network/1/rtb-h/?taboola_hm=y-TH8pgq5E2uHpbuLsdtDQnDbdlzJU6mu9Al.yB.I-~A

170 HTTP transactions
6 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request Max-Igan-Shift-is-Happening!.htm Show response
www.onenewspage.com/video/20220806/14729083/ 73 KB
14 KB 517ms
451ms Document
text/html 2606:4700:3033::ac43:938a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.onenewspage.com/video/20220806/14729083/Max-Igan-Shift-is-Happening!.htm

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3033::ac43:938a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5629aebfa220435bc1b51a9b18af8d487cc13e3892ea459b64a0186af6ca64ea

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Frame-Options	DENY

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-origin: *
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: public, max-age=3700, s-maxage=3600, stale-while-revalidate=60, stale-if-error=31536000, max-age=60
cf-cache-status: MISS
cf-ray: 745757b54a4cbafa-MXP
content-encoding: br
content-type: text/html; charset=utf-8
date: Sun, 04 Sep 2022 14:16:23 GMT
expires: Sun, 04 Sep 2022 14:17:22 GMT
last-modified: Sun, 04 Sep 2022 14:16:22 GMT
link: <https://video.newsserve.net/v/20220806/1659775221-Max-Igan-Shift-is-Happening!_hires.jpg>; rel=preload; as=image; nopush, <https://www.onenewspage.com/js/jquery-3.5.1.min.js>; rel=preload; as=script; nopush, <https://www.onenewspage.com/js/bootstrap.min.js>; rel=preload; as=script; nopush, <https://www.onenewspage.com/js/sticky-kit.min.js>; rel=preload; as=script; nopush, <https://www.onenewspage.com/js/owl.carousel.min.js>; rel=preload; as=script; nopush, <https://www.onenewspage.com/js/lazyload.min.js>; rel=preload; as=script; nopush, <https://www.onenewspage.com/js/SmoothScroll.js>; rel=preload; as=script; nopush, <https://www.onenewspage.com/js/20201231onp.js>; rel=preload; as=script; nopush, <https://www.onenewspage.com/js/timeago.min.js>; rel=preload; as=script; nopush, <https://www.onenewspage.com/fonts/fontawesome-free/css/20210419.min.css>; rel=preload; as=style; nopush, <https://www.onenewspage.com/css/20210601onp.css>; rel=preload; as=style; nopush, <https://www.onenewspage.com/images/2021_onp_logo_212x212.png>; rel=preload; as=image; nopush, <https://cdn.newsserve.net>; rel=preconnect , <https://video.newsserve.net>; rel=preconnect , <https://pagead2.googlesyndication.com>; rel=preconnect , <https://stats.g.doubleclick.net>; rel=preconnect , <https://bh.contextweb.com>; rel=preconnect , <https://www.gstatic.com>; rel=preconnect , <https://fonts.googleapis.com>; rel=preconnect , <https://securepubads.g.doubleclick.net>; rel=preconnect , <https://fonts.gstatic.com>; rel=preconnect , <https://googleads.g.doubleclick.net>; rel=preconnect
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nwFp3AMlxF3qkDgiNbPQYtVJhyb%2FS9DcWnTK69AUkwOQAYsMDeb0alMfG%2Ffi13gqihRmGztgoo9cSDf%2FjFeTgXV7WlaCANqb8QFFkTMu3%2BbMP5QElx8vwdsIrb6ak6X71HyDCLm%2BlRkjalqZd%2BmuvKM%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
strict-transport-security: max-age=31536000; includeSubDomains
vary: Accept-Encoding
x-frame-options: DENY

GET
H2 200 1659775221-Max-Igan-Shift-is-Happening!_hires.jpg
video.newsserve.net/v/20220806/ 110 KB
110 KB 672ms
594ms Image
image/jpeg 2606:4700:3032::6815:5c0f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://video.newsserve.net/v/20220806/1659775221-Max-Igan-Shift-is-Happening!_hires.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::6815:5c0f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0176092cab47e7b4a4998bfdaec0ebd46f9d93eed1e932a02aff6987834ea2ac

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.onenewspage.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Sun, 04 Sep 2022 14:16:23 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 112143
last-modified: Sat, 06 Aug 2022 08:40:47 GMT
server: cloudflare
etag: "13b674a-1b60f-5e58e8a031d84"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CYPFwwSF9acAsjHPRz6%2BTdbMw%2BfTyYRD5fDFTGE1IRvk17lNPfptzjGAk8d14biSz9hCNuVatQt7QGhjaUvKg%2FCaFcPD76vdhSvpQyGZTk0RVe3guP0WurLsQaF4k9dFYuza91iyFiNzPIy%2BD6exG9u%2B"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 745757b89c7159c5-MXP
expires: Mon, 04 Sep 2023 14:16:23 GMT

GET
H2 200 jquery-3.5.1.min.js Show response
www.onenewspage.com/js/ 87 KB
32 KB 85ms
82ms Script
text/javascript 2606:4700:3033::ac43:938a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.onenewspage.com/js/jquery-3.5.1.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3033::ac43:938a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.onenewspage.com/video/20220806/14729083/Max-Igan-Shift-is-Happening!.htm
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Sun, 04 Sep 2022 14:16:23 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2623963
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Mon, 04 May 2020 23:02:39 GMT
server: cloudflare
etag: W/"22a62-15d84-5a4da870aa1c0"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6IOKkhN75kCgV8T2lZ07aPo6PiOwOKAl%2BQfRxhmna0Zz2F3wJ0mrhHPOjxOtwAYn3eLpQYThAhTWWI5HZfEvalryFZK3WNGuaGwmKEEvk90ozDNy4Lb5%2BUWP22zlTMJ8apRBYmOfw85bod1HqXHQC0s%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=31536000
cf-ray: 745757b829c9bafa-MXP
expires: Sat, 05 Aug 2023 05:23:40 GMT

GET
H2 200 bootstrap.min.js Show response
www.onenewspage.com/js/ 59 KB
15 KB 57ms
54ms Script
text/javascript 2606:4700:3033::ac43:938a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.onenewspage.com/js/bootstrap.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3033::ac43:938a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 79c599dd760cec0c1621a1af49d9a2a49da5d45e1b37d4575bace0a5e0226582

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.onenewspage.com/video/20220806/14729083/Max-Igan-Shift-is-Happening!.htm
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Sun, 04 Sep 2022 14:16:23 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2623963
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Thu, 06 Aug 2020 14:22:42 GMT
server: cloudflare
etag: W/"22fb6-ea8c-5ac3638a37080"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BJUp1zG5AN7Onp8glwAjYykxatoVzcxFAtf81xM0nPH2LVHJtVvmyI3CxQGX6EDFBnup4Q7PBn8lKuo%2FPcIvL4%2FvqohG3p2NgI%2BlVO0vBi5setoyVMfuezC9ja7iU6%2BPoG8qrQTZ5A99RKjtHDxjO6w%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=31536000
cf-ray: 745757b829cfbafa-MXP
expires: Sat, 05 Aug 2023 05:23:40 GMT

GET
H2 200 sticky-kit.min.js Show response
www.onenewspage.com/js/ 3 KB
2 KB 58ms
56ms Script
text/javascript 2606:4700:3033::ac43:938a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.onenewspage.com/js/sticky-kit.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3033::ac43:938a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 738465a35668cea4cf13644bbaf6eeb18dfe494d6941a242d138ee87280c8a9c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.onenewspage.com/video/20220806/14729083/Max-Igan-Shift-is-Happening!.htm
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Sun, 04 Sep 2022 14:16:23 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2623963
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Sun, 31 Mar 2019 04:22:16 GMT
server: cloudflare
etag: W/"22e23-cd3-5855c3fb70e00"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dL6nsiFg79pHCfR1ioldjqrRlGojbgZBYmSea0vfD465cdLf5CXG%2Fnx3aXpnVQ3VXxRMKRg92V7LWCLilW0Kg80DYq6QX%2Fv8Tyz7S6UXFXEBNPG%2FpPflyUnowr%2F2upSY9MWnOIqGtPpr4tQ31z6EWNQ%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=31536000
cf-ray: 745757b829d3bafa-MXP
expires: Sat, 05 Aug 2023 05:23:40 GMT

GET
H2 200 owl.carousel.min.js Show response
www.onenewspage.com/js/ 43 KB
12 KB 54ms
52ms Script
text/javascript 2606:4700:3033::ac43:938a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.onenewspage.com/js/owl.carousel.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3033::ac43:938a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a53c43f834b32309b084ea9314df8307e9c78cee2202c6e07f216ae4ae5b704d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.onenewspage.com/video/20220806/14729083/Max-Igan-Shift-is-Happening!.htm
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Sun, 04 Sep 2022 14:16:23 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2623963
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Sun, 31 Mar 2019 04:22:10 GMT
server: cloudflare
etag: W/"23043-ad36-5855c3f5b8080"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qH%2B00vh4N%2FYzkdyeMBI5XK4BQwXRGOfdn%2BHl4pNIFUwOvSJHknFBcqn500jIChBSvjQDFAQcMSnRvuzzaxCS7ZruIhnL%2FBxn2tN2UWaXaQ9ldYl9rYrR4dXRjwIDXHnn%2BnvBhkyfK2QrtDDyHMA1b9o%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=31536000
cf-ray: 745757b829d4bafa-MXP
expires: Sat, 05 Aug 2023 05:23:40 GMT

GET
H2 200 lazyload.min.js Show response
www.onenewspage.com/js/ 6 KB
3 KB 50ms
49ms Script
text/javascript 2606:4700:3033::ac43:938a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.onenewspage.com/js/lazyload.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3033::ac43:938a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0be502b9446e16b338d36ccadac232f4a68ab74655f98fec415ccdbbccbf5729

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.onenewspage.com/video/20220806/14729083/Max-Igan-Shift-is-Happening!.htm
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Sun, 04 Sep 2022 14:16:23 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2623963
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Mon, 25 Nov 2019 13:19:46 GMT
server: cloudflare
etag: W/"21f3b-1926-5982b9e09a080"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uE3mhTTB%2BRO3Yt54LQOZtBvpPIClCt6D%2BIuqg5fiY6BdxrAADaaqJio2QKSL%2B%2FYSolXmTMToAPFDfTWAeE1NGcwt5TIzDzjx8OCsWXonRNzmA2XkI0TEsQ5Ofd7czQJQT3%2FDNK5eoF7VLuDkAQXPttw%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=31536000
cf-ray: 745757b829d9bafa-MXP
expires: Sat, 05 Aug 2023 05:23:40 GMT

GET
H2 200 SmoothScroll.js Show response
www.onenewspage.com/js/ 12 KB
5 KB 83ms
81ms Script
text/javascript 2606:4700:3033::ac43:938a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.onenewspage.com/js/SmoothScroll.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3033::ac43:938a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7d73df125b6991b7a8b208099692eca05b549d0fb7ad9546fe3823749ca6fbaf

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.onenewspage.com/video/20220806/14729083/Max-Igan-Shift-is-Happening!.htm
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Sun, 04 Sep 2022 14:16:23 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2623963
cf-polished: origSize=23315
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Fri, 19 Apr 2019 12:54:42 GMT
server: cloudflare
etag: W/"22a63-5b13-586e19f4de880"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=es7nwkJo3nQCgSwSviw9qIAVi2px3eXOiS3FSrRuXmbAo5nEC1LM6jz17SNg5dPSF0o4kfifDqMEL7eDYlJSoqFXkaOXzvvDH5Sz5V8CSiEZVembW7DAC5HxfFiyMJObRn3M5TyUzlNqXKdIlhItiAM%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript
access-control-allow-origin: *
expires: Sat, 05 Aug 2023 05:23:40 GMT
cache-control: max-age=31536000
cf-ray: 745757b829dbbafa-MXP
cf-bgj: minify

GET
H2 200 20201231onp.js Show response
www.onenewspage.com/js/ 10 KB
3 KB 83ms
82ms Script
text/javascript 2606:4700:3033::ac43:938a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.onenewspage.com/js/20201231onp.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3033::ac43:938a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2c30eaf6a99cbfc3f723d1b7becf6c5617e7c9b4f11b8ab3fae76dfb8adfdd79

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.onenewspage.com/video/20220806/14729083/Max-Igan-Shift-is-Happening!.htm
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Sun, 04 Sep 2022 14:16:23 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2623963
cf-polished: origSize=23945
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Sat, 02 Jan 2021 14:36:48 GMT
server: cloudflare
etag: W/"280c9-5d89-5b7ebc97418af"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5XxBIlxzBymQGrGrblOwF3klU%2BJr31R7pY3FyUmn1f0usCzGIA7NFt8DUOPRcx1p1QanMlF3aZoWiWUA1MKXoWTN2DAb%2Fg86QxeTzV5KsosrwjPLuCvhbPVmzkk7k4HHvs2ZPLUArM69LcH5bwmqodo%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript
access-control-allow-origin: *
expires: Sat, 05 Aug 2023 05:23:40 GMT
cache-control: max-age=31536000
cf-ray: 745757b829e8bafa-MXP
cf-bgj: minify

GET
H2 200 timeago.min.js Show response
www.onenewspage.com/js/ 7 KB
3 KB 82ms
81ms Script
text/javascript 2606:4700:3033::ac43:938a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.onenewspage.com/js/timeago.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3033::ac43:938a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0949d7c871a48d5a4d1f5a86b4bb4bfd7f37958653a02009a8260028a4f87867

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.onenewspage.com/video/20220806/14729083/Max-Igan-Shift-is-Happening!.htm
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Sun, 04 Sep 2022 14:16:23 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2623963
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Mon, 04 May 2020 16:11:46 GMT
server: cloudflare
etag: W/"21f34-1bdd-5a4d4c99bb480"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JHS0pHyUFvKLXU%2FYXGU5rosQlNV6Psh%2BVpYeqN6MD7LlF0SeT8A10WJtpdxXSLm%2BAs7kswXru74L5OdEt6KqjAM%2BYQjFvjF1YA69L3qhyCKLgJObIwrPoQITMeciNSpd07cf1KT%2BP4hHczpIO2iMa1A%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=31536000
cf-ray: 745757b829ebbafa-MXP
expires: Sat, 05 Aug 2023 05:23:40 GMT

GET
H2 200 20210419.min.css
www.onenewspage.com/fonts/fontawesome-free/css/ 55 KB
12 KB 57ms
56ms Stylesheet
text/css 2606:4700:3033::ac43:938a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.onenewspage.com/fonts/fontawesome-free/css/20210419.min.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3033::ac43:938a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 21e4b36c8ff9685816c32854027a548a59af9ab7f1dc33fc3893dc5be1b0f87e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.onenewspage.com/video/20220806/14729083/Max-Igan-Shift-is-Happening!.htm
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Sun, 04 Sep 2022 14:16:23 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2623963
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Tue, 20 Apr 2021 09:18:13 GMT
server: cloudflare
etag: W/"27699-dcc5-5c063ecf8100d"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tUgVYRUk3Tp5KoIQmYPWB5vqCboZjpMB09bTYypHizfcbrgAhC4bfnYYFHMtvAtzr4XFqdjEVlERgDqiIJEnk3tlz1%2Bcj1g0hdLzXvyVTt2EAs3sTC8ivTcTKPOdME2pQ%2FammUamQxxRLPUspmsU3oA%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=31536000
cf-ray: 745757b829d0bafa-MXP
expires: Sat, 05 Aug 2023 05:23:40 GMT

GET
H2 200 20210601onp.css
www.onenewspage.com/css/ 295 KB
46 KB 58ms
57ms Stylesheet
text/css 2606:4700:3033::ac43:938a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.onenewspage.com/css/20210601onp.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3033::ac43:938a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ca3cd09c654dda72c31b5c668675220794bce187289eca46873eaf38d505f3f6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.onenewspage.com/video/20220806/14729083/Max-Igan-Shift-is-Happening!.htm
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Sun, 04 Sep 2022 14:16:23 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2623963
cf-polished: origSize=377379
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Mon, 07 Jun 2021 09:05:30 GMT
server: cloudflare
etag: W/"271f5-5c223-5c42957e683ad"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Wl%2FgAjoGx4hi8sxXX%2FNSUIoa4UGVH8Wuh%2FX3rYLC1FHf%2FU7Ysh7QP%2FOtdQfitZZSysXMqKyUFLS4NL%2Bk9eJSjAolSvGRFY89lNXK5d7ewVoQXgAE5qHzCXAUGzddfxmHufA%2FB7x7bnz3imNpk8hxma4%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
access-control-allow-origin: *
expires: Sat, 05 Aug 2023 05:23:40 GMT
cache-control: max-age=31536000
cf-ray: 745757b829d2bafa-MXP
cf-bgj: minify

GET
H3 200 2021_onp_logo_212x212.png
www.onenewspage.com/images/ 36 KB
37 KB 123ms
122ms Image
image/webp 2606:4700:3033::ac43:938a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.onenewspage.com/images/2021_onp_logo_212x212.png
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3033::ac43:938a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3c276a9c094495f11466b5aaedf043dc9f54d8ef3499941df8317880ee036699

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.onenewspage.com/video/20220806/14729083/Max-Igan-Shift-is-Happening!.htm
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Sun, 04 Sep 2022 14:16:23 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1012998
cf-polished: origFmt=png, origSize=65153
content-disposition: inline; filename="2021_onp_logo_212x212.webp"
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 36928
last-modified: Mon, 21 Dec 2020 15:30:07 GMT
server: cloudflare
etag: "210b5-fe81-5b6fb22083359"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=M70Q8NOiQmw39IrQuUPUXmEsGRrB%2BGavih5ENkHLMzfbFVtXiGdP%2BfxCTgxV%2BVQMxAYfmZqRital8IcASaP8sTZfSaJwSYzSJe58YruEAn7CUkjsUwkt8D%2FAZeaflZnjYGoWYBUdoeYtXAPsyd1b1Fw%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
access-control-allow-origin: *
expires: Wed, 23 Aug 2023 20:53:05 GMT
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 745757b8b868bb06-MXP
cf-bgj: imgq:85,h2pri

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 108 KB
42 KB 76ms
35ms Script
application/javascript 2a00:1450:4001:82f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-3293590-3

Requested by

Host: www.onenewspage.com
URL: https://www.onenewspage.com/video/20220806/14729083/Max-Igan-Shift-is-Happening!.htm

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

505d9b3074db90b6fcd6d986967a191e500ffd37d8ef0f3d76d6800d581613f6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.onenewspage.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Sun, 04 Sep 2022 14:16:23 GMT
content-encoding: br
server: Google Tag Manager
access-control-allow-headers: Cache-Control
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42902
x-xss-protection: 0
expires: Sun, 04 Sep 2022 14:16:23 GMT

GET
H3 200 lazy-empty.png
www.onenewspage.com/images/ 34 B
676 B 56ms
56ms Image
image/webp 2606:4700:3033::ac43:938a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.onenewspage.com/images/lazy-empty.png
Requested by: Host: www.onenewspage.com
URL: https://www.onenewspage.com/video/20220806/14729083/Max-Igan-Shift-is-Happening!.htm
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3033::ac43:938a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 86be52bdb7547413cafb3ed175a806a798c65de98b40849e0b974c47d187de65

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.onenewspage.com/video/20220806/14729083/Max-Igan-Shift-is-Happening!.htm
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Sun, 04 Sep 2022 14:16:23 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2149813
cf-polished: origFmt=png, origSize=70
content-disposition: inline; filename="lazy-empty.webp"
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 34
last-modified: Mon, 21 Dec 2020 15:30:08 GMT
server: cloudflare
etag: "2012d-46-5b6fb2215c064"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=oTXp1oBkhXg9jYgEyH1Nmlf6ZvUZCubeQp6bVRDZPvvX5Tab%2F2dxapI5EB29Dep2v4X%2FkRXXy2YBydSFQCYt0xIJIP0OiBMNskFWUGMufGZFrPsyEaA2EgjE%2FXjqGVk5d%2FQ4lyihU8IfRSRA5Hpjq3s%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
access-control-allow-origin: *
expires: Thu, 10 Aug 2023 17:06:10 GMT
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 745757b8b86ebb06-MXP
cf-bgj: imgq:85,h2pri

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 147 KB
51 KB 200ms
133ms Script
text/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: www.onenewspage.com
URL: https://www.onenewspage.com/video/20220806/14729083/Max-Igan-Shift-is-Happening!.htm

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

dc3c4438932c08049825bbbfb17a850a1103187658f5bb7f5e6f3a80a2f91d3d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.onenewspage.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Sun, 04 Sep 2022 14:16:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 51931
x-xss-protection: 0
server: cafe
etag: 4175092731323577586
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Sun, 04 Sep 2022 14:16:23 GMT

GET
H2 200 v652eace1692a40cfa3763df669d7439c1639079717194 Show response
static.cloudflareinsights.com/beacon.min.js/ 14 KB
5 KB 356ms
153ms Script
text/javascript 2606:4700:440e::6812:2fe6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://static.cloudflareinsights.com/beacon.min.js/v652eace1692a40cfa3763df669d7439c1639079717194
Requested by: Host: www.onenewspage.com
URL: https://www.onenewspage.com/video/20220806/14729083/Max-Igan-Shift-is-Happening!.htm
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:440e::6812:2fe6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: fd0a1ac929c11b08e819fe4b0a18c5574012c44f09de8987c6be99a0f055a505

Request headers

Referer: https://www.onenewspage.com/
Origin: https://www.onenewspage.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Sun, 04 Sep 2022 14:16:23 GMT
content-encoding: gzip
last-modified: Thu, 09 Dec 2021 19:55:17 GMT
server: cloudflare
etag: W/2021.12.0
vary: Accept-Encoding
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
cf-ray: 745757b9f9ac01f8-ZRH

GET
H3 200 font_raleway400.ttf
www.onenewspage.com/fonts/ 144 KB
57 KB 118ms
117ms Font
application/octet-stream 2606:4700:3033::ac43:938a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.onenewspage.com/fonts/font_raleway400.ttf
Requested by: Host: www.onenewspage.com
URL: https://www.onenewspage.com/css/20210601onp.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3033::ac43:938a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6c7e019de017ab41b74f5183b07e22ae7f768d120e5826ab682c745e70a31a88

Request headers

Referer: https://www.onenewspage.com/css/20210601onp.css
Origin: https://www.onenewspage.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Sun, 04 Sep 2022 14:16:23 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2623962
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Wed, 02 Dec 2020 17:49:55 GMT
server: cloudflare
etag: W/"24495-23f68-5b57edefa36c0"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1QyMbJVmB27DRu2YeIK6e6TrEnG40mE9RyQvYHZ1M55ctgM0u6ot%2Bhj9L6gzL6gml8WUzdbHjd6Pw%2FNQJgnLArEr97JGiOzJrUcmdln1S56H%2BERtqdt6Dur9kRvQYOzpXnHtVFmrHitA2tCHgPFxZ1I%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/plain; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
cf-ray: 745757b8c885bb06-MXP
expires: Sat, 05 Aug 2023 05:23:41 GMT

GET
H3 200 fa-solid-900.woff2
www.onenewspage.com/fonts/fontawesome-free/webfonts/ 74 KB
74 KB 54ms
54ms Font
application/octet-stream 2606:4700:3033::ac43:938a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.onenewspage.com/fonts/fontawesome-free/webfonts/fa-solid-900.woff2
Requested by: Host: www.onenewspage.com
URL: https://www.onenewspage.com/fonts/fontawesome-free/css/20210419.min.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3033::ac43:938a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0e5cc0e72c3b89f5345e3e04ae5db4fbcb91daff763a05f6fbc1d0783f90918d

Request headers

Referer: https://www.onenewspage.com/fonts/fontawesome-free/css/20210419.min.css
Origin: https://www.onenewspage.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Sun, 04 Sep 2022 14:16:23 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2623962
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Mon, 16 Sep 2019 14:58:36 GMT
server: cloudflare
etag: W/"24730-12690-592acd699ff00"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WFPm9FXfyCC1sUf4YArlp9VbU9Vld1XdgJ0TP75loGNJz%2Ffi2ZQzlW6fWeFGp6L6CZmwUB2sGQZe37yqKglEHlcJzVuUKC1S2nWzxl%2F2OLWwQX912kjdQSdn9mlFL2yYm1aEQi67CptsGMiaZzVp9Is%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/plain; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
cf-ray: 745757b8c893bb06-MXP
expires: Sat, 05 Aug 2023 05:23:41 GMT

GET
H3 200 font_raleway700.ttf
www.onenewspage.com/fonts/ 144 KB
58 KB 173ms
173ms Font
application/octet-stream 2606:4700:3033::ac43:938a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.onenewspage.com/fonts/font_raleway700.ttf
Requested by: Host: www.onenewspage.com
URL: https://www.onenewspage.com/css/20210601onp.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3033::ac43:938a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9e9caa35261591338460d1ce140a0f6807ba8eab9c7056ca6b239a6e6c4a3614

Request headers

Referer: https://www.onenewspage.com/css/20210601onp.css
Origin: https://www.onenewspage.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Sun, 04 Sep 2022 14:16:23 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2623962
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Wed, 02 Dec 2020 17:49:55 GMT
server: cloudflare
etag: W/"27008-24190-5b57edefa36c0"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6r9Kin21F7OG5OD1Wxf3qobfdpAJ1m3c0a6ol1OAtwytZymY47p%2BUBx6eIVB%2BLaZ5%2B70XHfB2nEPmBT4oPjs1x0CIZSLJ8vvY1ndQNKKTJFayaDOXo2Ggoozt1ApZIKktF7wl8kimtPmW5Wi%2FFTau9Y%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/plain; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
cf-ray: 745757b8c897bb06-MXP
expires: Sat, 05 Aug 2023 05:23:41 GMT

GET
H2 200 v1cc8m1 Show response
rumble.com/embed/ Frame 28E5 17 KB
8 KB 426ms
135ms Document
text/html 172.98.59.21
RUMBLE

General

Check archive.org

Show headers Download Go to

Full URL

https://rumble.com/embed/v1cc8m1?pub=75zn/?autoplay=false

Requested by

Host: www.onenewspage.com
URL: https://www.onenewspage.com/video/20220806/14729083/Max-Igan-Shift-is-Happening!.htm

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.98.59.21 , Canada, ASN399647 (RUMBLE, CA),

Reverse DNS

Software

nginx /

Resource Hash

e12e6dd6cbf8d13a7d08527e8225b11080ba3bf50f1118de59a9ce20f4a34784

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;includeSubDomains;preload

Request headers

Referer: https://www.onenewspage.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

content-encoding: br
content-type: text/html; charset=UTF-8
date: Sun, 04 Sep 2022 14:16:23 GMT
link: <https://rumble.com/v1eyej9-max-igan-a-shift-is-happening.html>; rel="canonical"
server: nginx
strict-transport-security: max-age=31536000;includeSubDomains;preload
vary: Accept-Encoding

GET
H2 200 loader.js Show response
cdn.taboola.com/libtrc/onenewspage-network/ 82 KB
22 KB 128ms
62ms Script
application/javascript 151.101.65.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/onenewspage-network/loader.js
Requested by: Host: www.onenewspage.com
URL: https://www.onenewspage.com/video/20220806/14729083/Max-Igan-Shift-is-Happening!.htm
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 442dcd88f4bdc4ece55828688a60c1030764879891ce11b362667cf71ddac127

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.onenewspage.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

x-amz-version-id: v74lpBxPkRVh2UQaAqy8E7d4VBG7ugvL
content-encoding: gzip
age: 0
via: 1.1 varnish
x-cache: MISS
x-from-cache: 1
x-envoy-upstream-service-time: 6
content-length: 21723
x-amz-id-2: N2ugK6YBu8D/txdALlPmu52T4hqoljon+uw9c29TXuuAJYHY2wqgrdvSuiTcNkDQS8oT44k6jD8=
x-served-by: cache-cdg20753-CDG
last-modified: Sun, 04 Sep 2022 13:42:35 UTC
server: nginx
x-timer: S1662300983.251551,VS0,VE37
etag: "062297b2ea1256eccc066055a1a61f2d4b93cb05"
vary: Accept-Encoding, Accept-Encoding
x-amz-request-id: 6X5QPYKZRM4630CP
access-control-allow-origin: *
cache-control: private,max-age=14400
accept-ranges: bytes
content-type: application/javascript; charset=utf-8
date: Sun, 04 Sep 2022 14:16:23 GMT
abp: 9
x-cache-hits: 0

GET
H3 200 Max-Igan-Shift-is-Happening!.htm
www.onenewspage.com/video/20220806/14729083/ 9 KB
9 KB 153ms
152ms Image
text/html 2606:4700:3033::ac43:938a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.onenewspage.com/video/20220806/14729083/Max-Igan-Shift-is-Happening!.htm

Requested by

Host: www.onenewspage.com
URL: https://www.onenewspage.com/video/20220806/14729083/Max-Igan-Shift-is-Happening!.htm

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3033::ac43:938a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.onenewspage.com/video/20220806/14729083/Max-Igan-Shift-is-Happening!.htm
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Sun, 04 Sep 2022 14:16:23 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Sun, 04 Sep 2022 14:16:22 GMT
server: cloudflare
x-frame-options: DENY
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BUnTjc7NFFqcDB5O3v1WWKx7LovjlnKE865xlwiz6dMEqQqsuX%2ByBwYFfjoWgQTBzt1kf5U8V03kTFqznjKuVw3vRvWMw2YborgNX8VQ07DkGZ0PA0Jp462ncsud4BZH7D7o8YH%2BKA0TlkxJ99XPDvQ%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=3700, s-maxage=3600, stale-while-revalidate=60, stale-if-error=31536000, max-age=60
cf-ray: 745757b8e911bb06-MXP
link: <https://video.newsserve.net/v/20220806/1659775221-Max-Igan-Shift-is-Happening!_hires.jpg>; rel=preload; as=image; nopush, <https://www.onenewspage.com/js/jquery-3.5.1.min.js>; rel=preload; as=script; nopush, <https://www.onenewspage.com/js/bootstrap.min.js>; rel=preload; as=script; nopush, <https://www.onenewspage.com/js/sticky-kit.min.js>; rel=preload; as=script; nopush, <https://www.onenewspage.com/js/owl.carousel.min.js>; rel=preload; as=script; nopush, <https://www.onenewspage.com/js/lazyload.min.js>; rel=preload; as=script; nopush, <https://www.onenewspage.com/js/SmoothScroll.js>; rel=preload; as=script; nopush, <https://www.onenewspage.com/js/20201231onp.js>; rel=preload; as=script; nopush, <https://www.onenewspage.com/js/timeago.min.js>; rel=preload; as=script; nopush, <https://www.onenewspage.com/fonts/fontawesome-free/css/20210419.min.css>; rel=preload; as=style; nopush, <https://www.onenewspage.com/css/20210601onp.css>; rel=preload; as=style; nopush, <https://www.onenewspage.com/images/2021_onp_logo_212x212.png>; rel=preload; as=image; nopush, <https://cdn.newsserve.net>; rel=preconnect , <https://video.newsserve.net>; rel=preconnect , <https://pagead2.googlesyndication.com>; rel=preconnect , <https://stats.g.doubleclick.net>; rel=preconnect , <https://bh.contextweb.com>; rel=preconnect , <https://www.gstatic.com>; rel=preconnect , <https://fonts.googleapis.com>; rel=preconnect , <https://securepubads.g.doubleclick.net>; rel=preconnect , <https://fonts.gstatic.com>; rel=preconnect , <https://googleads.g.doubleclick.net>; rel=preconnect
expires: Sun, 04 Sep 2022 14:17:22 GMT

GET
H3 200 fa-brands-400.woff2
www.onenewspage.com/fonts/fontawesome-free/webfonts/ 73 KB
73 KB 170ms
169ms Font
application/octet-stream 2606:4700:3033::ac43:938a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.onenewspage.com/fonts/fontawesome-free/webfonts/fa-brands-400.woff2
Requested by: Host: www.onenewspage.com
URL: https://www.onenewspage.com/fonts/fontawesome-free/css/20210419.min.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3033::ac43:938a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d1afde4119681731d643192853bbbcb8e251ad415d364de687ebf8072781837d

Request headers

Referer: https://www.onenewspage.com/fonts/fontawesome-free/css/20210419.min.css
Origin: https://www.onenewspage.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Sun, 04 Sep 2022 14:16:23 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2623962
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Mon, 16 Sep 2019 14:58:36 GMT
server: cloudflare
etag: W/"24900-1231c-592acd699ff00"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dkXpYmM1e2yk%2FY%2FVwqFxCPYzIsZJxlcpo7LBh85xNQ3p2vSj7g9YU5lQ6J6U%2FOKFol31gbQCGK1hQHj6V4MX7xBBYJCRUlbC3BqWOr3IsvZsH%2FoDD6pGGZUjNXxegjSpdaFZYSz4SdjswMTcL0h9lP8%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/plain; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
cf-ray: 745757b8f915bb06-MXP
expires: Sat, 05 Aug 2023 05:23:41 GMT

GET
H3 200 RPC_pibjs.php Show response
www.onenewspage.com/ 0
493 B 291ms
290ms Script
text/html 2606:4700:3033::ac43:938a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.onenewspage.com/RPC_pibjs.php?u=https%3A%2F%2Fwww.onenewspage.com%2Fvideo%2F20220806%2F14729083%2FMax-Igan-Shift-is-Happening!.htm&t=1662300983232
Requested by: Host: www.onenewspage.com
URL: https://www.onenewspage.com/video/20220806/14729083/Max-Igan-Shift-is-Happening!.htm
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3033::ac43:938a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.onenewspage.com/video/20220806/14729083/Max-Igan-Shift-is-Happening!.htm
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Sun, 04 Sep 2022 14:16:23 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EK8VSzGY%2Bg3S%2B%2Bytpk21cbDU7BFxyV1X6dqcDURHV8LTeph%2Bv5heUnSAd%2F7W0bOkn26tRRgpWZh2NH%2FxTjEJiK0DdKdw%2BQuTer6Kg3bMunA9mSqB2S5KZ8K1VplTFfHnRRU6GuUJT4U3ICaQuDh7ZzI%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=60
access-control-allow-credentials: true
cf-ray: 745757b959fabb06-MXP
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Sun, 04 Sep 2022 14:17:23 GMT

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 203 KB
72 KB 65ms
33ms Script
application/javascript 2a00:1450:4001:82f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-0L9G5WJY4J&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-3293590-3

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

749c0ea61f6f22a29c9179b30569ddf83673e775f3d04f0f18faafa2ffc4ada6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.onenewspage.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Sun, 04 Sep 2022 14:16:23 GMT
content-encoding: br
server: Google Tag Manager
access-control-allow-headers: Cache-Control
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 73869
x-xss-protection: 0
expires: Sun, 04 Sep 2022 14:16:23 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 94ms
24ms Script
text/javascript 2a00:1450:4001:812::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-3293590-3

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.onenewspage.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 13 Apr 2022 21:02:38 GMT
server: Golfe2
age: 4463
date: Sun, 04 Sep 2022 13:02:00 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20006
expires: Sun, 04 Sep 2022 15:02:00 GMT

GET
H2 200 impl.20220901-18-RELEASE.js Show response
cdn.taboola.com/libtrc/ 681 KB
141 KB 27ms
27ms Script
application/javascript 151.101.65.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/impl.20220901-18-RELEASE.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/onenewspage-network/loader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3-br /
Resource Hash: d4465cdc982cccbc22aff9ea594e01829c763695b45fdf9a12c2858f7d58f68f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.onenewspage.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

x-amz-version-id: IQCbnMxgkiLLAZqCwik0qGW4WuUy885P
content-encoding: br
etag: "4da6c396f8e82b8b37c18539729fe7e5"
age: 27641
x-cache: HIT
content-length: 144214
x-amz-id-2: Ga25ndjbdG3cxVXBZ77dxVuou3As7rdAn/E13Z/K5OB4h5AEROx7KtWPk62w39MYGgxcMx6MPWU=
x-served-by: cache-cdg20753-CDG
last-modified: Thu, 01 Sep 2022 14:22:41 GMT
server: AmazonS3-br
x-timer: S1662300983.334852,VS0,VE1
date: Sun, 04 Sep 2022 14:16:23 GMT
vary: Accept-Encoding
x-amz-request-id: NMH6D5G5DD0HEPMX
via: 1.1 varnish
cache-control: private,max-age=31536000
accept-ranges: bytes
content-type: application/javascript
abp: 70
x-cache-hits: 1

GET
H2 200 beacon.js Show response
sb.scorecardresearch.com/ 4 KB
2 KB 116ms
33ms Script
application/javascript 13.32.121.37
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://sb.scorecardresearch.com/beacon.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/onenewspage-network/loader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.121.37 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-121-37.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: ee54b51af15f1f68f707da981f3c135c249a25e9293871e1e0cbd2c24c7b6117

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.onenewspage.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Sun, 04 Sep 2022 03:40:31 GMT
content-encoding: gzip
etag: W/"eaf85c1c6758e84acfe134efd70e9373"
last-modified: Tue, 28 Jun 2022 13:19:23 GMT
server: AmazonS3
age: 38153
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 d7433132a7c6595c9aab2dc2272e7060.cloudfront.net (CloudFront)
cache-control: max-age=86400
x-amz-cf-pop: FRA60-P1
x-amz-cf-id: ZD17ir_m32QUFh64rtG7WBsfBoAMu6X0ARQo8bb_7MDLR2uGH3ZxYA==

GET
H2 200 tr5
cdn.taboola.com/libtrc/ 3 B
80 B 26ms
26ms Image
text/html 151.101.65.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.taboola.com/libtrc/tr5?abgroup=html_metrics_3_ctrl
Requested by: Host: www.onenewspage.com
URL: https://www.onenewspage.com/video/20220806/14729083/Max-Igan-Shift-is-Happening!.htm
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: Varnish /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.onenewspage.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Sun, 04 Sep 2022 14:16:23 GMT
via: 1.1 varnish
server: Varnish
x-timer: S1662300983.334878,VS0,VE0
x-served-by: cache-cdg20753-CDG
x-cache: HIT
content-type: text/html
cache-control: private,max-age=14400
accept-ranges: bytes
content-length: 3
retry-after: 0
x-cache-hits: 0

POST
H2 204 collect
region1.analytics.google.com/g/ 0
341 B 78ms
24ms Ping
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-0L9G5WJY4J&gtm=2oe8v0&_p=508319689&_gaz=1&cid=1952181317.1662300983&ul=en-us&sr=1600x1200&_z=ccd.v9B&_s=1&sid=1662300983&sct=1&seg=0&dl=https%3A%2F%2Fwww.onenewspage.com%2Fvideo%2F20220806%2F14729083%2FMax-Igan-Shift-is-Happening!.htm&dt=Max%20Igan%3A%20A%20Shift%20is%20Happening!%20-%20One%20News%20Page%20VIDEO&en=page_view&_fv=1&_nsi=1&_ss=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-0L9G5WJY4J&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.onenewspage.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 04 Sep 2022 14:16:23 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.onenewspage.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
stats.g.doubleclick.net/g/ 0
350 B 86ms
28ms Ping
text/plain 2a00:1450:400c:c07::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-0L9G5WJY4J&cid=1952181317.1662300983&gtm=2oe8v0&aip=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-0L9G5WJY4J&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:400c:c07::9d Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.onenewspage.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 04 Sep 2022 14:16:23 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.onenewspage.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
501 B 94ms
55ms Image
image/gif 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-0L9G5WJY4J&cid=1952181317.1662300983&gtm=2oe8v0&aip=1&z=1797339650

Requested by

Host: www.onenewspage.com
URL: https://www.onenewspage.com/video/20220806/14729083/Max-Igan-Shift-is-Happening!.htm

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.onenewspage.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 04 Sep 2022 14:16:23 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 show_ads_impl_with_ama_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202208300101/ 343 KB
121 KB 301ms
133ms Script
text/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202208300101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-4985447070160925&plah=www.onenewspage.com

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ad6ddedc5b8923c00ee689345ce8d18638b36f58b7200774d8adb8f49377d88b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.onenewspage.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Sun, 04 Sep 2022 14:16:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 123723
x-xss-protection: 0
server: cafe
etag: 14073845930234515113
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Sun, 04 Sep 2022 14:16:23 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20220831/r20190131/ Frame B0B2 10 KB
5 KB 57ms
16ms Document
text/html 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20220831/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

de317176fa6b64a8e89bbd45d20b6be2560bbfa96e7e53e63eb754e18bfe6c1f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.onenewspage.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 10436
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=1209600
content-encoding: gzip
content-length: 4412
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 04 Sep 2022 11:22:27 GMT
etag: 8616628553774171045
expires: Sun, 18 Sep 2022 11:22:27 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

POST
H3 200 collect Show response
www.google-analytics.com/j/ 2 B
22 B 57ms
24ms XHR
text/plain 2a00:1450:4001:812::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j96&a=508319689&t=pageview&_s=1&dl=https%3A%2F%2Fwww.onenewspage.com%2Fvideo%2F20220806%2F14729083%2FMax-Igan-Shift-is-Happening!.htm&ul=en-us&de=UTF-8&dt=Max%20Igan%3A%20A%20Shift%20is%20Happening!%20-%20One%20News%20Page%20VIDEO&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YADAAUABAAAAAC~&jid=678503831&gjid=1970896107&cid=1952181317.1662300983&tid=UA-3293590-3&_gid=731355968.1662300983&_r=1&gtm=2ou8v0&z=1474621654

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.onenewspage.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sun, 04 Sep 2022 14:16:23 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.onenewspage.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 b
sb.scorecardresearch.com/ 0
190 B 18ms
17ms Image
text/plain 13.32.121.37
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sb.scorecardresearch.com/b?c1=7&c2=34354936&c3=1&cs_it=b3&cv=3.8.0.210223&ns__t=1662300983459&ns_c=UTF-8&c7=https%3A%2F%2Fwww.onenewspage.com%2Fvideo%2F20220806%2F14729083%2FMax-Igan-Shift-is-Happening!.htm&c8=Max%20Igan%3A%20A%20Shift%20is%20Happening!%20-%20One%20News%20Page%20VIDEO&c9=
Requested by: Host: www.onenewspage.com
URL: https://www.onenewspage.com/video/20220806/14729083/Max-Igan-Shift-is-Happening!.htm
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.121.37 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-121-37.fra60.r.cloudfront.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.onenewspage.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Sun, 04 Sep 2022 14:16:23 GMT
via: 1.1 d7433132a7c6595c9aab2dc2272e7060.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P1
x-amz-cf-id: SWvKHF7DWzJ_Qp2yGGKytqDO02z_3yc4xF1oXsBIYIhmjaz7TxGT2Q==
x-cache: Miss from cloudfront

GET
H3 200 invisible.js Show response
www.onenewspage.com/cdn-cgi/challenge-platform/h/g/scripts/alpha/ Frame 55C1 42 KB
15 KB 36ms
35ms Script
application/javascript 2606:4700:3033::ac43:938a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.onenewspage.com/cdn-cgi/challenge-platform/h/g/scripts/alpha/invisible.js?ts=1662292800
Requested by: Host: www.onenewspage.com
URL: https://www.onenewspage.com/video/20220806/14729083/Max-Igan-Shift-is-Happening!.htm
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3033::ac43:938a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8ae91721d9c9feee4e3e1d0f7cbd076d386a3089dbdd44e52ea0445f2de4b6bc

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Sun, 04 Sep 2022 14:16:23 GMT
content-encoding: br
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: accept-encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UwxpjC%2Bpk2gKUaP8q%2FyhLoU3UgdFsG98xfbhJoyalGkv7ajuI55Crili6rKct9pxenEWs4KNMIvaS5tkn8LdFYl8Ym0wSSakPHkUlm1X0wxStgmNjdJu87QSOJgtLc0Q6LP%2FbZJyaSrL3iNA6ZQLUJ8%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
cache-control: max-age=14400, public
x-control-type-options: nosniff
cf-ray: 745757bafd71bb06-MXP
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

POST
H3 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
25 B 127ms
50ms XHR
text/plain 2a00:1450:400c:c07::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-3293590-3&cid=1952181317.1662300983&jid=678503831&gjid=1970896107&_gid=731355968.1662300983&_u=YADAAUAAAAAAAC~&z=839413726

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400c:c07::9d Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.onenewspage.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Sun, 04 Sep 2022 14:16:23 GMT
content-type: text/plain
access-control-allow-origin: https://www.onenewspage.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 pica.js
www.onenewspage.com/cdn-cgi/challenge-platform/h/g/scripts/ Frame 55C1 22 KB
8 KB 42ms
42ms Other
application/javascript 2606:4700:3033::ac43:938a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.onenewspage.com/cdn-cgi/challenge-platform/h/g/scripts/pica.js
Requested by: Host: www.onenewspage.com
URL: https://www.onenewspage.com/video/20220806/14729083/Max-Igan-Shift-is-Happening!.htm
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3033::ac43:938a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 751a66a488dc5a86880b2bbd5e8a4d730e99db3e4fd72d77324fffcaf4e82f35

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Sun, 04 Sep 2022 14:16:23 GMT
content-encoding: br
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: accept-encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GIocJtdyItzWpmVYhJZIxu%2B45ijuzaUAckck79Uv4JJ%2BLPwSinoQBJGZ%2F4XleGkRZjZ%2FYQCoXrqUHB3irPrOMPqjutlnyDMQku%2BAJ3wgJreNLKhcTE4KcdzCvSTZ%2FONZ%2Fj5SwLnc3d7RJFFTAuWzNCo%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
cache-control: max-age=14400, public
x-control-type-options: nosniff
cf-ray: 745757bb4e19bb06-MXP
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 ui.r2.js Show response
rumble.com/j/p/ Frame 28E5 76 KB
27 KB 136ms
135ms Script
application/javascript 172.98.59.21
RUMBLE

General

Check archive.org

Show headers Download Go to

Full URL

https://rumble.com/j/p/ui.r2.js?_v=327

Requested by

Host: rumble.com
URL: https://rumble.com/embed/v1cc8m1?pub=75zn/?autoplay=false

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.98.59.21 , Canada, ASN399647 (RUMBLE, CA),

Reverse DNS

Software

nginx /

Resource Hash

a12a50065cb1838c2e3178ff9ae6e9c6b6306c45c9e580427cba477f0fd40585

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;includeSubDomains;preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rumble.com/embed/v1cc8m1?pub=75zn/?autoplay=false
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Sun, 04 Sep 2022 14:16:23 GMT
content-encoding: br
last-modified: Sat, 03 Sep 2022 23:26:40 GMT
server: nginx
etag: W/"6313e2b0-12e92"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: public,max-age=31536000,immutable,stale-if-error=31536000,stale-while-revalidate=31536000
strict-transport-security: max-age=31536000;includeSubDomains;preload

GET
H2 200 vaFgf.OvCc-small-Max-Igan-A-Shift-is-Happeni.jpg
sp.rmbl.ws/s8/1/v/a/F/g/ Frame 28E5 53 KB
53 KB 134ms
42ms Image
image/jpeg 151.139.128.11
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sp.rmbl.ws/s8/1/v/a/F/g/vaFgf.OvCc-small-Max-Igan-A-Shift-is-Happeni.jpg
Requested by: Host: rumble.com
URL: https://rumble.com/embed/v1cc8m1?pub=75zn/?autoplay=false
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.139.128.11 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
Software: nginx /
Resource Hash: 55ec61416209045ce56677b61465117ccb08f44f8f4b848a6ee49c3f53ef4122

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rumble.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Sun, 04 Sep 2022 14:16:23 GMT
last-modified: Sat, 06 Aug 2022 05:23:14 GMT
server: nginx
etag: "6dd437b59cb77d7f811231785c9a6a98"
x-hw: 1662300983.cds267.lo4.hn,1662300983.cds324.lo4.c
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=78410
accept-ranges: bytes
content-length: 54014

GET
H2 206 vaFgf.caa.mp4
sp.rmbl.ws/s8/2/v/a/F/g/ Frame 28E5 6 MB
0 197ms
108ms Media
video/mp4 151.139.128.11
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to

Full URL: https://sp.rmbl.ws/s8/2/v/a/F/g/vaFgf.caa.mp4?u=0&b=0
Requested by: Host: rumble.com
URL: https://rumble.com/embed/v1cc8m1?pub=75zn/?autoplay=false
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.139.128.11 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Referer: https://rumble.com/
Accept-Encoding: identity;q=1, *;q=0
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
Range: bytes=0-

Response headers

date: Sun, 04 Sep 2022 14:16:23 GMT
last-modified: Sat, 06 Aug 2022 06:13:03 GMT
server: nginx
access-control-allow-origin: *
etag: "101331561079f4b52208a6f2d640442b-93"
x-hw: 1662300983.cds267.lo4.hn,1662300983.cds037.lo4.c
content-type: video/mp4
Content-Range: bytes 0-483955466/483955467
cache-control: max-age=77060
accept-ranges: bytes
Content-Length: 483955467

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
501 B 96ms
53ms Image
image/gif 2a00:1450:4001:831::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-3293590-3&cid=1952181317.1662300983&jid=678503831&_u=YADAAUAAAAAAAC~&z=653590211

Requested by

Host: www.onenewspage.com
URL: https://www.onenewspage.com/video/20220806/14729083/Max-Igan-Shift-is-Happening!.htm

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.onenewspage.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 04 Sep 2022 14:16:23 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ga-audiences
www.google.de/ads/ 42 B
63 B 91ms
54ms Image
image/gif 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-3293590-3&cid=1952181317.1662300983&jid=678503831&_u=YADAAUAAAAAAAC~&z=653590211

Requested by

Host: www.onenewspage.com
URL: https://www.onenewspage.com/video/20220806/14729083/Max-Igan-Shift-is-Happening!.htm

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.onenewspage.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 04 Sep 2022 14:16:23 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 200 745757b54a4cbafa Show response
www.onenewspage.com/cdn-cgi/challenge-platform/h/g/cv/result/ Frame 55C1 2 B
664 B 53ms
52ms XHR
text/plain 2606:4700:3033::ac43:938a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.onenewspage.com/cdn-cgi/challenge-platform/h/g/cv/result/745757b54a4cbafa
Requested by: Host: www.onenewspage.com
URL: https://www.onenewspage.com/cdn-cgi/challenge-platform/h/g/scripts/alpha/invisible.js?ts=1662292800
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3033::ac43:938a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
Content-Type: application/json

Response headers

date: Sun, 04 Sep 2022 14:16:24 GMT
content-encoding: br
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RWXY3QzPmWKfEYiFQvMRFOgAmSbXdbQ36aet5oom%2BX3er2C4zcUzVoZ3SndOtA6n%2BHy%2Fvie38KO9611n%2BNCrv46bn%2B5T7LHHEJEVpdHPHRW8ApRfyjrrgAtA%2Fe6GeJRGKaMkuZ0MS930IW5A%2BlMpTGs%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/plain; charset=UTF-8
cf-ray: 745757beff6cbb06-MXP
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 json Show response
trc.taboola.com/onenewspage-onenewspage/trc/3/ 15 KB
6 KB 165ms
151ms XHR
application/javascript 151.101.65.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://trc.taboola.com/onenewspage-onenewspage/trc/3/json?tim=14%3A16%3A24.147&lti=html_metrics_3_ctrl&data=%7B%22id%22%3A498%2C%22ii%22%3A%22%2Fvideo%2F20220806%2F14729083%2Fmax-igan-shift-is-happening!.htm%22%2C%22it%22%3A%22video%22%2C%22sd%22%3Anull%2C%22ui%22%3Anull%2C%22uifp%22%3Anull%2C%22lbt%22%3A1662283695616%2C%22vi%22%3A1662300984145%2C%22cv%22%3A%2220220901-18-RELEASE%22%2C%22uiv%22%3A%22default%22%2C%22u%22%3A%22https%3A%2F%2Fwww.onenewspage.com%2Fvideo%2F20220806%2F14729083%2FMax-Igan-Shift-is-Happening!.htm%22%2C%22ul%22%3A%5B%22en-US%22%2C%22en%22%5D%2C%22uad%22%3A%7B%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%2C%22uaFullVersion%22%3A%22%22%7D%2C%22pev%22%3A8515%2C%22btv%22%3A%220%22%2C%22cos%22%3A%224g%22%2C%22bu%22%3A%22https%3A%2F%2Fwww.onenewspage.com%2Fvideo%2F20220806%2F14729083%2FMax-Igan-Shift-is-Happening!.htm%22%2C%22vpi%22%3A%22%2Fvideo%2F20220806%2F14729083%2Fmax-igan-shift-is-happening!.htm%22%2C%22bad%22%3A-1%2C%22sw%22%3A1600%2C%22sh%22%3A1200%2C%22bw%22%3A1600%2C%22sde%22%3A%221.000%22%2C%22bh%22%3A1200%2C%22dw%22%3A1600%2C%22dh%22%3A4587%2C%22nsid%22%3A%22onenewspage-network%22%2C%22r%22%3A%5B%7B%22li%22%3A%22rbox-v2m%22%2C%22s%22%3A6%2C%22uim%22%3A%22desktop-video%3Apub%3Donenewspage-network%3Aabp%3D0%22%2C%22uip%22%3A%22Desktop-video%22%2C%22orig_uip%22%3A%22Desktop-video%22%2C%22cd%22%3A1229.359375%2C%22mw%22%3A471%7D%5D%2C%22cacheKey%22%3A%22video%3D%2Fvideo%2F20220806%2F14729083%2Fmax-igan-shift-is-happening!.htm%2CDesktop-video%3Ddesktop-video%3Apub%3Donenewspage-network%3Aabp%3D0%22%2C%22cb%22%3A%22TRC.callbacks.recommendations_1%22%2C%22lt%22%3A%22html_metrics_3_ctrl%22%7D&llvl=2
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20220901-18-RELEASE.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 5e73d17e5fe7f221c967e002f8ca63713e1552d5cf4bb7fb3b525948f05b75b7

Request headers

Referer: https://www.onenewspage.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
Content-Type: text/plain

Response headers

x-vcl-time-ms: 118
date: Sun, 04 Sep 2022 14:16:24 GMT
content-encoding: gzip
server: nginx
x-timer: S1662300984.178189,VS0,VE118
x-served-by: cache-cdg20753-CDG
vary: Accept-Encoding
x-cache: MISS
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin: https://www.onenewspage.com
access-control-allow-credentials: true
accept-ranges: bytes
content-type: application/javascript; charset=utf-8
via: 1.1 varnish
x-cache-hits: 0

GET
H3 200 analytics.js Show response
www.google-analytics.com/ Frame 28E5 49 KB
20 KB 16ms
15ms Script
text/javascript 2a00:1450:4001:812::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: rumble.com
URL: https://rumble.com/j/p/ui.r2.js?_v=327

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rumble.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 13 Apr 2022 21:02:38 GMT
server: Golfe2
age: 4464
date: Sun, 04 Sep 2022 13:02:00 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20006
expires: Sun, 04 Sep 2022 15:02:00 GMT

POST
H2 200 view...1cc8m1.1miz24o
rumble.com/l/ Frame 28E5 35 B
191 B 140ms
140ms Ping
image/gif 172.98.59.21
RUMBLE

General

Check archive.org

Show headers Download Go to

Full URL

https://rumble.com/l/view...1cc8m1.1miz24o?p=2.3&r=103400492&ref=https%3A%2F%2Fwww.onenewspage.com%2F&gt=2

Requested by

Host: rumble.com
URL: https://rumble.com/j/p/ui.r2.js?_v=327

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.98.59.21 , Canada, ASN399647 (RUMBLE, CA),

Reverse DNS

Software

nginx /

Resource Hash

90252ef0aa9e3d36c861bbeaa1bd57b7f855333edf2957ab9473838a52e2dd7f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;includeSubDomains;preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rumble.com/embed/v1cc8m1?pub=75zn/?autoplay=false
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

access-control-allow-origin: *
pragma: no-cache
date: Sun, 04 Sep 2022 14:16:24 GMT
server: nginx
strict-transport-security: max-age=31536000;includeSubDomains;preload
log-code: 3
content-type: image/gif

GET
H2 200 ima3.js Show response
imasdk.googleapis.com/js/sdkloader/ Frame 28E5 376 KB
126 KB 85ms
30ms Script
text/javascript 2a00:1450:4001:80e::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/sdkloader/ima3.js

Requested by

Host: rumble.com
URL: https://rumble.com/embed/v1cc8m1?pub=75zn/?autoplay=false

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f7cda432fd42a7521a36ef8ea1cf96b14d1049e16f25c32d9fb78d71113267c1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rumble.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Sun, 04 Sep 2022 14:16:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 128229
x-xss-protection: 0
expires: Sun, 04 Sep 2022 14:16:24 GMT

GET
H2 200 ca-pub-4985447070160925 Show response
fundingchoicesmessages.google.com/i/ 104 KB
37 KB 241ms
136ms Script
application/javascript 2a00:1450:4001:827::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/i/ca-pub-4985447070160925?ers=2

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202208300101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-4985447070160925&plah=www.onenewspage.com

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

fe710309411d02b1e3b754d38e786ed8b4242c38f200c00bf931ff0f53665922

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport, script-src 'report-sample' 'nonce-mf_eJjaCb-Ru44_E3g6KPQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.onenewspage.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Sun, 04 Sep 2022 14:16:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
pragma: no-cache
server: ESF
cross-origin-opener-policy: same-origin
x-frame-options: SAMEORIGIN
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
content-type: application/javascript; charset=utf-8
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-platform=*, ch-ua-platform-version=*
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport, script-src 'report-sample' 'nonce-mf_eJjaCb-Ru44_E3g6KPQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist
expires: Mon, 01 Jan 1990 00:00:00 GMT

POST
H2 204 bulk-metrics Show response
trc-events.taboola.com/onenewspage-onenewspage/log/3/ 0
250 B 211ms
45ms XHR
text/plain 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://trc-events.taboola.com/onenewspage-onenewspage/log/3/bulk-metrics?lti=html_metrics_3_ctrl&bulkSize=1
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20220901-18-RELEASE.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.onenewspage.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: https://www.onenewspage.com
pragma: no-cache
date: Sun, 04 Sep 2022 14:16:24 GMT
cache-control: no-cache
access-control-allow-credentials: true
server: nginx
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"

POST
H3 200 collect Show response
www.google-analytics.com/j/ Frame 28E5 4 B
24 B 22ms
22ms XHR
text/plain 2a00:1450:4001:812::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j96&a=650094597&t=pageview&_s=1&dl=https%3A%2F%2Frumble.com%2FembedJS%2Fu4.v1cc8m1%2F&dr=https%3A%2F%2Fwww.onenewspage.com%2F&ul=en-us&de=UTF-8&dt=Max%20Igan%3A%20A%20Shift%20is%20Happening!%20-%20Rumble&sd=24-bit&sr=1600x1200&vp=1140x641&je=0&_u=YEBAAEABAAAAAC~&jid=1309167634&gjid=1540632678&cid=1330484580.1662300984&tid=UA-44331619-1&_gid=1804985715.1662300984&_r=1&_slc=1&z=131717178

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://rumble.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sun, 04 Sep 2022 14:16:24 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://rumble.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 collect
www.google-analytics.com/ Frame 28E5 35 B
55 B 15ms
15ms Image
image/gif 2a00:1450:4001:812::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j96&a=650094597&t=event&_s=2&dl=https%3A%2F%2Frumble.com%2FembedJS%2Fu4.v1cc8m1%2F&dr=https%3A%2F%2Fwww.onenewspage.com%2F&ul=en-us&de=UTF-8&dt=Max%20Igan%3A%20A%20Shift%20is%20Happening!%20-%20Rumble&sd=24-bit&sr=1600x1200&vp=1140x641&je=0&ec=Embed&ea=View&el=v1cc8m1&_u=YEBAAEABAAAAAC~&jid=&gjid=&cid=1330484580.1662300984&tid=UA-44331619-1&_gid=1804985715.1662300984&z=1948974130

Requested by

Host: rumble.com
URL: https://rumble.com/embed/v1cc8m1?pub=75zn/?autoplay=false

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rumble.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 03 Sep 2022 21:21:09 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 60915
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

POST
H3 200 collect Show response
stats.g.doubleclick.net/j/ Frame 28E5 4 B
25 B 112ms
111ms XHR
text/plain 2a00:1450:400c:c07::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-44331619-1&cid=1330484580.1662300984&jid=1309167634&gjid=1540632678&_gid=1804985715.1662300984&_u=YEBAAEAAAAAAAC~&z=852334670

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400c:c07::9d Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://rumble.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Sun, 04 Sep 2022 14:16:24 GMT
content-type: text/plain
access-control-allow-origin: https://rumble.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 cta-component.20220901-18-RELEASE.es6.js Show response
cdn.taboola.com/libtrc/ 19 KB
5 KB 25ms
25ms Script
application/javascript 151.101.65.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/cta-component.20220901-18-RELEASE.es6.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/onenewspage-network/loader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: ccc44a513e2cbb17b310523bd0ce8ed05b4210de34a9dca4156881aba60dd66c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.onenewspage.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

x-amz-version-id: 4Mol9AMSM43VETskA7m3PVInWoro9zci
content-encoding: gzip
etag: "40e6db885eb42ef20ac973688460769c"
age: 13
x-cache: HIT
x-amz-replication-status: COMPLETED
content-length: 5108
x-amz-id-2: sQ4iD4kburiBOAOy7QoPoTZ7CpwleRCTItq5JzOLp1rtDMms4POSG78N1Gk2v8XgNCZzHfaUqKA=
x-served-by: cache-cdg20753-CDG
last-modified: Thu, 01 Sep 2022 14:22:56 GMT
server: AmazonS3
x-timer: S1662300984.351418,VS0,VE1
date: Sun, 04 Sep 2022 14:16:24 GMT
vary: Accept-Encoding
x-amz-request-id: KANJK63H0Y17EYN5
via: 1.1 varnish
cache-control: private,max-age=14400
accept-ranges: bytes
content-type: application/javascript; charset=utf-8
abp: 70
x-cache-hits: 1

GET
H2 200 tb Show response
15.taboola.com/ 32 KB
9 KB 119ms
59ms XHR
text/html 151.101.65.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://15.taboola.com/tb?oid=15&pubnm=onenewspage-onenewspage&unitType=226&tbloc=&pageType=video&pstn=Desktop-video&uuip=&cisrf=&cirf=https%3A%2F%2Fwww.onenewspage.com%2Fvideo%2F20220806%2F14729083%2FMax-Igan-Shift-is-Happening!.htm&encoded=1&uid=215d7ff8-ecbf-41b2-8ef1-05032cc450c6-tucta0e38b8&variant=-100|1&callback=TRC.videoTagCallbacks.videoCallback1&cb=1662300984340&tagid=&cntry=DE&platform=1&sesid=93aa065807e5d4f99e39d264544982cd&itemid=/video/20220806/14729083/max-igan-shift-is-happening!.htm&viewid=1662300984145&geolat=&geoing=&deviceifa=&appid=&sd=v2_93aa065807e5d4f99e39d264544982cd_215d7ff8-ecbf-41b2-8ef1-05032cc450c6-tucta0e38b8_1662300984_1662300984_CNawjgYQ1NhEGNGm8MawMCABKAEwODib4wlAgooQSNzK2QNQpewQWABgAGjpur2xtqb7sOABcAA&ri=963d3c68b67fca3edf9fa3a5d10cb3f8&appname=&cdb=&gdprApplies=true&rid=&sii=-470088920254253358&oee=true&tpubid=1125460&uis=2&fagg=1&ccpaDns=false&ccpaPrivacy=&region=BY&hasGDPRConsent=true&tcfVersion=&cmpStatus=&tnetid=1124704&prcnt=&layer=&normp=1&gvv=8351
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20220901-18-RELEASE.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 4651ba21a63c750036ab727c39e79f9a4aa5766b1a9fb2c785a45e9b5f4ec55b

Request headers

Referer: https://www.onenewspage.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
Content-Type: text/plain

Response headers

date: Sun, 04 Sep 2022 14:16:24 GMT
content-encoding: gzip
access-control-allow-origin: https://www.onenewspage.com
machineid: 1443
x-cache: MISS
xvid-debug: mrmr - :
x-served-by: cache-cdg20753-CDG
pragma: no-cache
server: nginx
x-timer: S1662300984.427939,VS0,VE24
vary: Accept-Encoding
content-type: text/html;charset=ISO-8859-1
via: 1.1 varnish
expires: Sat, 26 Jul 1997 05:00:00 GMT
cache-control: no-cache,must-revalidate,no-store,max-age=0,s-maxage=0
access-control-allow-credentials: true
accept-ranges: bytes
link: <https://am-wf.taboola.com>; rel=preconnect
x-cache-hits: 0

GET
H2 200 userx.20220901-18-RELEASE.es6.js Show response
cdn.taboola.com/libtrc/ 17 KB
6 KB 26ms
26ms Script
application/javascript 151.101.65.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/userx.20220901-18-RELEASE.es6.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/onenewspage-network/loader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 62b94db65072277cbe04a753e028c7f9e9c9ebfccf8eea12b7037d9ef5096381

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.onenewspage.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

x-amz-version-id: mNoxML6dtQpHLFZ4pZZ5NJeUrqFOc8RG
content-encoding: gzip
etag: "1f7de96e206e7be4476fcf23a47fce23"
age: 46
x-cache: HIT
x-amz-replication-status: COMPLETED
content-length: 5398
x-amz-id-2: Y6R42Ue4BMzbyQXW7kGW0A9bG/hVsWFbJ4rPVUhINulQnUwdA4DBi60UW03k1nahXIQOzRSFeBE=
x-served-by: cache-cdg20753-CDG
last-modified: Thu, 01 Sep 2022 14:24:02 GMT
server: AmazonS3
x-timer: S1662300984.357260,VS0,VE1
date: Sun, 04 Sep 2022 14:16:24 GMT
vary: Accept-Encoding
x-amz-request-id: CR23CMJQCYXGMJ08
via: 1.1 varnish
cache-control: private,max-age=14400
accept-ranges: bytes
content-type: application/javascript; charset=utf-8
abp: 70
x-cache-hits: 1

GET
H2 204 debug
am-trc-events.taboola.com/onenewspage-onenewspage/log/2/ 0
90 B 92ms
41ms Image
text/plain 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://am-trc-events.taboola.com/onenewspage-onenewspage/log/2/debug?tim=14%3A16%3A24.332&type=usage&msg=cta-_1662300984332&llvl=2&id=4350&cv=20220901-18-RELEASE&lt=html_metrics_3_ctrl&file=cta-manager&method=&position=&extraData=%7B%22v%22%3A%222%22%2C%22location%22%3A%22https%3A%2F%2Fwww.onenewspage.com%2Fvideo%2F20220806%2F14729083%2FMax-Igan-Shift-is-Happening!.htm%22%2C%22itemId%22%3A%22~~V1~~3639762653397954882~~s7bQDhfW3zU5T%22%2C%22type%22%3A%22event%22%2C%22module%22%3A%22cta-lazy-module%22%2C%22event%22%3A%22CTA-event-has_cta_text%22%2C%22cardIndexOnPage%22%3A0%2C%22index%22%3A2%2C%22placement%22%3A%22Desktop-video%22%2C%22innerText%22%3A%2210%20GB%20LTE%20f%C3%BCr%209%2C99%20%E2%82%AC*Blau%22%2C%22config%22%3A%7B%22borderColor%22%3A%22black%22%2C%22fontWeight%22%3A%22bold%22%2C%22isInheritTitleColor%22%3A%22true%22%7D%7D
Requested by: Host: www.onenewspage.com
URL: https://www.onenewspage.com/video/20220806/14729083/Max-Igan-Shift-is-Happening!.htm
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.onenewspage.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Sun, 04 Sep 2022 14:16:24 GMT
access-control-allow-credentials: true
server: nginx
x-fastly-to-nlb-rtt: 27104

GET
H2 204 debug
am-trc-events.taboola.com/onenewspage-onenewspage/log/2/ 0
89 B 92ms
41ms Image
text/plain 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://am-trc-events.taboola.com/onenewspage-onenewspage/log/2/debug?tim=14%3A16%3A24.332&type=usage&msg=cta-_1662300984332&llvl=2&id=9061&cv=20220901-18-RELEASE&lt=html_metrics_3_ctrl&file=cta-manager&method=&position=&extraData=%7B%22v%22%3A%222%22%2C%22location%22%3A%22https%3A%2F%2Fwww.onenewspage.com%2Fvideo%2F20220806%2F14729083%2FMax-Igan-Shift-is-Happening!.htm%22%2C%22itemId%22%3A%22~~V1~~3639762653397954882~~s7bQDhfW3zU5T%22%2C%22text%22%3A%22Weiterlesen%22%2C%22type%22%3A%22event%22%2C%22module%22%3A%22cta-lazy-module%22%2C%22event%22%3A%22CTA-event-cta_render_candidate%22%2C%22cardIndexOnPage%22%3A0%2C%22index%22%3A2%2C%22placement%22%3A%22Desktop-video%22%2C%22innerText%22%3A%2210%20GB%20LTE%20f%C3%BCr%209%2C99%20%E2%82%AC*Blau%22%2C%22config%22%3A%7B%22borderColor%22%3A%22black%22%2C%22fontWeight%22%3A%22bold%22%2C%22isInheritTitleColor%22%3A%22true%22%7D%7D
Requested by: Host: www.onenewspage.com
URL: https://www.onenewspage.com/video/20220806/14729083/Max-Igan-Shift-is-Happening!.htm
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.onenewspage.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Sun, 04 Sep 2022 14:16:24 GMT
access-control-allow-credentials: true
server: nginx
x-fastly-to-nlb-rtt: 27104

GET
H2 204 debug
am-trc-events.taboola.com/onenewspage-onenewspage/log/2/ 0
89 B 92ms
41ms Image
text/plain 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://am-trc-events.taboola.com/onenewspage-onenewspage/log/2/debug?tim=14%3A16%3A24.333&type=usage&msg=cta-_1662300984333&llvl=2&id=1568&cv=20220901-18-RELEASE&lt=html_metrics_3_ctrl&file=cta-manager&method=&position=&extraData=%7B%22v%22%3A%222%22%2C%22location%22%3A%22https%3A%2F%2Fwww.onenewspage.com%2Fvideo%2F20220806%2F14729083%2FMax-Igan-Shift-is-Happening!.htm%22%2C%22itemId%22%3A%22~~V1~~-8675017772510825032~~OcWbbgrOXb1V%22%2C%22type%22%3A%22event%22%2C%22module%22%3A%22cta-lazy-module%22%2C%22event%22%3A%22CTA-event-has_cta_text%22%2C%22cardIndexOnPage%22%3A1%2C%22index%22%3A4%2C%22placement%22%3A%22Desktop-video%22%2C%22innerText%22%3A%22Die%20B%C3%B6rse%20ist%20kein%20SparbuchFlossbach%20von%20Storch%22%2C%22config%22%3A%7B%22borderColor%22%3A%22black%22%2C%22fontWeight%22%3A%22bold%22%2C%22isInheritTitleColor%22%3A%22true%22%7D%7D
Requested by: Host: www.onenewspage.com
URL: https://www.onenewspage.com/video/20220806/14729083/Max-Igan-Shift-is-Happening!.htm
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.onenewspage.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Sun, 04 Sep 2022 14:16:24 GMT
access-control-allow-credentials: true
server: nginx
x-fastly-to-nlb-rtt: 27104

GET
H2 204 debug
am-trc-events.taboola.com/onenewspage-onenewspage/log/2/ 0
89 B 118ms
67ms Image
text/plain 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://am-trc-events.taboola.com/onenewspage-onenewspage/log/2/debug?tim=14%3A16%3A24.334&type=usage&msg=cta-_1662300984334&llvl=2&id=6002&cv=20220901-18-RELEASE&lt=html_metrics_3_ctrl&file=cta-manager&method=&position=&extraData=%7B%22v%22%3A%222%22%2C%22location%22%3A%22https%3A%2F%2Fwww.onenewspage.com%2Fvideo%2F20220806%2F14729083%2FMax-Igan-Shift-is-Happening!.htm%22%2C%22itemId%22%3A%22~~V1~~-8675017772510825032~~OcWbbgrOXb1V%22%2C%22text%22%3A%22Weiterlesen%22%2C%22type%22%3A%22event%22%2C%22module%22%3A%22cta-lazy-module%22%2C%22event%22%3A%22CTA-event-cta_render_candidate%22%2C%22cardIndexOnPage%22%3A1%2C%22index%22%3A4%2C%22placement%22%3A%22Desktop-video%22%2C%22innerText%22%3A%22Die%20B%C3%B6rse%20ist%20kein%20SparbuchFlossbach%20von%20Storch%22%2C%22config%22%3A%7B%22borderColor%22%3A%22black%22%2C%22fontWeight%22%3A%22bold%22%2C%22isInheritTitleColor%22%3A%22true%22%7D%7D
Requested by: Host: www.onenewspage.com
URL: https://www.onenewspage.com/video/20220806/14729083/Max-Igan-Shift-is-Happening!.htm
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.onenewspage.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Sun, 04 Sep 2022 14:16:24 GMT
access-control-allow-credentials: true
server: nginx
x-fastly-to-nlb-rtt: 28768

POST
H2 204 bulk-metrics Show response
am-trc-events.taboola.com/onenewspage-onenewspage/log/3/ 0
249 B 89ms
42ms XHR
text/plain 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://am-trc-events.taboola.com/onenewspage-onenewspage/log/3/bulk-metrics?route=AM%3AAM%3AV&lti=html_metrics_3_ctrl&bulkSize=5
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20220901-18-RELEASE.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.onenewspage.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: https://www.onenewspage.com
pragma: no-cache
date: Sun, 04 Sep 2022 14:16:24 GMT
cache-control: no-cache
access-control-allow-credentials: true
server: nginx
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"

GET
H2 200 2e396e287f9afadce536e0b9b5f5d906.png
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_167%2Cw_200%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 5 KB
6 KB 29ms
28ms Image
image/webp 151.101.65.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_167%2Cw_200%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/2e396e287f9afadce536e0b9b5f5d906.png
Requested by: Host: www.onenewspage.com
URL: https://www.onenewspage.com/video/20220806/14729083/Max-Igan-Shift-is-Happening!.htm
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: ad4c23e8782e5720780823209df28a9f8f7c6e6ad55b478cab6ddc387a2d6d38

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.onenewspage.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

x-vcl-time-ms: 4
date: Sun, 04 Sep 2022 14:16:24 GMT
via: 1.1 varnish, 1.1 varnish
age: 5271281
edge-cache-tag: 602273645581070279816528367847824682028,375193695950208390837068086851925791917,29ecf9b93bbf306179626feeda1fab70
cache-tag: 602273645581070279816528367847824682028,375193695950208390837068086851925791917,29ecf9b93bbf306179626feeda1fab70
x-ratelimit-remaining: 100
x-envoy-upstream-service-time: 144
expiration: expiry-date="Thu, 28 Jul 2022 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
x-cache: MISS, MISS, MISS, HIT, HIT
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_167%2Cw_200%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/2e396e287f9afadce536e0b9b5f5d906.png
content-length: 5028
x-backend-name: LA_DIR:3FP7YNX3LMizprTZsG7BSW--F_LA_nlb202
last-modified: Mon, 27 Jun 2022 11:07:55 GMT
server: nginx
x-timer: S1662300984.364329,VS0,VE4
etag: "df85827c4bbb2fc59ec836ec2c098451"
x-served-by: cache-iad-kiad7000084-IAD, cache-iad-kjyo7100027-IAD, cache-sna10737-LGB, cache-iad-kcgs7200178-IAD, cache-cdg20753-CDG
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 0, 0, 1, 1

GET
H2 200 9186e6ce8365b0832a8219e9b4016f97.png
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_167%2Cw_200%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 7 KB
8 KB 107ms
106ms Image
image/webp 151.101.65.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_167%2Cw_200%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/9186e6ce8365b0832a8219e9b4016f97.png
Requested by: Host: www.onenewspage.com
URL: https://www.onenewspage.com/video/20220806/14729083/Max-Igan-Shift-is-Happening!.htm
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: eff7537d68a9d0433d28c120c35ed2b8e55f1d9b0f47d595d8098ccf75bf0ce7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.onenewspage.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

x-vcl-time-ms: 81
date: Sun, 04 Sep 2022 14:16:24 GMT
via: 1.1 varnish, 1.1 varnish
age: 882105
edge-cache-tag: 625688881491080587636733076917314504362,375193695950208390837068086851925791917,29ecf9b93bbf306179626feeda1fab70
cache-tag: 625688881491080587636733076917314504362,375193695950208390837068086851925791917,29ecf9b93bbf306179626feeda1fab70
x-ratelimit-remaining: 100
x-envoy-upstream-service-time: 223
expiration: expiry-date="Fri, 09 Sep 2022 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
x-cache: MISS, MISS, MISS, HIT, MISS
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_167%2Cw_200%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/9186e6ce8365b0832a8219e9b4016f97.png
content-length: 7600
x-backend-name: LA_DIR:3FP7YNX3LMizprTZsG7BSW--F_LA_nlb201
last-modified: Tue, 09 Aug 2022 14:54:48 GMT
server: nginx
x-timer: S1662300984.364383,VS0,VE81
etag: "45f1929d4a462ec66868210d17373fa5"
x-served-by: cache-iad-kjyo7100175-IAD, cache-iad-kiad7000049-IAD, cache-bur-kbur8200046-BUR, cache-iad-kiad7000168-IAD, cache-cdg20753-CDG
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 0, 0, 1, 0

GET
H2 200 5152e2cd39a17d20db1c220c3e4b120e.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_167%2Cw_200%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 3 KB
4 KB 106ms
105ms Image
image/webp 151.101.65.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_167%2Cw_200%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/5152e2cd39a17d20db1c220c3e4b120e.jpg
Requested by: Host: www.onenewspage.com
URL: https://www.onenewspage.com/video/20220806/14729083/Max-Igan-Shift-is-Happening!.htm
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: c67ee99bd0e49d9c71dbc05ce1dd6e91d61aaa4f39eb51a282277242070eb1b2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.onenewspage.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

x-vcl-time-ms: 81
date: Sun, 04 Sep 2022 14:16:24 GMT
via: 1.1 varnish, 1.1 varnish
age: 3267467
edge-cache-tag: 595463398221182060579578443366768705222,375193695950208390837068086851925791917,29ecf9b93bbf306179626feeda1fab70
cache-tag: 595463398221182060579578443366768705222,375193695950208390837068086851925791917,29ecf9b93bbf306179626feeda1fab70
x-ratelimit-remaining: 100
x-envoy-upstream-service-time: 144
expiration: expiry-date="Wed, 10 Aug 2022 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
req-referer: https://www.tuttosalernitana.com/
x-cache: HIT, HIT, MISS, HIT, MISS
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_167%2Cw_200%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/5152e2cd39a17d20db1c220c3e4b120e.jpg
content-length: 3548
x-backend-name: LA_DIR:3FP7YNX3LMizprTZsG7BSW--F_LA_nlb203
last-modified: Sun, 10 Jul 2022 14:12:07 GMT
server: nginx
x-timer: S1662300984.367760,VS0,VE81
etag: "8f6e44e7ebfab643dd41a996ebbeccc3"
x-served-by: cache-iad-kcgs7200179-IAD, cache-iad-kiad7000095-IAD, cache-sna10728-LGB, cache-iad-kcgs7200070-IAD, cache-cdg20753-CDG
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 1, 1, 0, 1, 0

GET
H2 200 5b0442c7891b88f1955ea4c6f8c6e4a9.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_167%2Cw_200%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 9 KB
10 KB 111ms
110ms Image
image/webp 151.101.65.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_167%2Cw_200%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/5b0442c7891b88f1955ea4c6f8c6e4a9.jpg
Requested by: Host: www.onenewspage.com
URL: https://www.onenewspage.com/video/20220806/14729083/Max-Igan-Shift-is-Happening!.htm
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: d379fe32aecadb2984eda4618b35dc0e0aa9ddee71a5bdad44388b535f63320d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.onenewspage.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

x-vcl-time-ms: 85
date: Sun, 04 Sep 2022 14:16:24 GMT
via: 1.1 varnish, 1.1 varnish
age: 2855338
edge-cache-tag: 600653571685811902930949369649382477501,375193695950208390837068086851925791917,29ecf9b93bbf306179626feeda1fab70
cache-tag: 600653571685811902930949369649382477501,375193695950208390837068086851925791917,29ecf9b93bbf306179626feeda1fab70
x-ratelimit-remaining: 100
x-envoy-upstream-service-time: 153
expiration: expiry-date="Sat, 06 Aug 2022 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
x-cache: MISS, HIT, MISS, HIT, MISS
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_167%2Cw_200%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/5b0442c7891b88f1955ea4c6f8c6e4a9.jpg
content-length: 9186
x-backend-name: LA_DIR:3FP7YNX3LMizprTZsG7BSW--F_LA_nlb204
last-modified: Wed, 06 Jul 2022 10:09:37 GMT
server: nginx
x-timer: S1662300984.368038,VS0,VE85
etag: "62b59b81a2946e88f4df8b4da17960cf"
x-served-by: cache-iad-kiad7000171-IAD, cache-iad-kjyo7100066-IAD, cache-bur-kbur8200052-BUR, cache-iad-kcgs7200176-IAD, cache-cdg20753-CDG
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 1, 0, 1, 0

GET
H2 200 2493f71f680bbd718c3779c0c6124367.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_167%2Cw_200%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 10 KB
11 KB 27ms
26ms Image
image/webp 151.101.65.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_167%2Cw_200%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/2493f71f680bbd718c3779c0c6124367.jpg
Requested by: Host: www.onenewspage.com
URL: https://www.onenewspage.com/video/20220806/14729083/Max-Igan-Shift-is-Happening!.htm
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: c25d9ac04c763de9528cd0a6774fa77fbd3541b7468604e3b47e507bcb7a725c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.onenewspage.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

x-vcl-time-ms: 2
date: Sun, 04 Sep 2022 14:16:24 GMT
via: 1.1 varnish, 1.1 varnish
age: 2625657
edge-cache-tag: 508280827932448481920008968209538121330,375193695950208390837068086851925791917,29ecf9b93bbf306179626feeda1fab70
cache-tag: 508280827932448481920008968209538121330,375193695950208390837068086851925791917,29ecf9b93bbf306179626feeda1fab70
x-ratelimit-remaining: 100
x-envoy-upstream-service-time: 70
expiration: expiry-date="Sat, 06 Aug 2022 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
req-referer: https://www.tuttosalernitana.com/
x-cache: MISS, MISS, HIT, HIT, HIT
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_167%2Cw_200%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/2493f71f680bbd718c3779c0c6124367.jpg
content-length: 10242
x-backend-name: CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb801
last-modified: Wed, 06 Jul 2022 13:13:21 GMT
server: nginx
x-timer: S1662300984.368204,VS0,VE2
etag: "6c9137e3074b0099193e2a1a792ed3f7"
x-served-by: cache-iad-kiad7000064-IAD, cache-iad-kcgs7200046-IAD, cache-lga21927-LGA, cache-iad-kjyo7100146-IAD, cache-cdg20753-CDG
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 0, 1, 1, 1

GET
H2 200 e27aa15ac648da7e527a65b6933a77ad.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_167%2Cw_200%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 12 KB
12 KB 113ms
113ms Image
image/webp 151.101.65.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_167%2Cw_200%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/e27aa15ac648da7e527a65b6933a77ad.jpg
Requested by: Host: www.onenewspage.com
URL: https://www.onenewspage.com/video/20220806/14729083/Max-Igan-Shift-is-Happening!.htm
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: b45b1f54443f399081dcd0e2011ccffbc68bce9e7d631da57fcb71c5cc49d3a1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.onenewspage.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

x-vcl-time-ms: 86
date: Sun, 04 Sep 2022 14:16:24 GMT
via: 1.1 varnish, 1.1 varnish
age: 2780066
edge-cache-tag: 354825480599519265199289325138458034750,375193695950208390837068086851925791917,29ecf9b93bbf306179626feeda1fab70
cache-tag: 354825480599519265199289325138458034750,375193695950208390837068086851925791917,29ecf9b93bbf306179626feeda1fab70
x-ratelimit-remaining: 100
x-envoy-upstream-service-time: 86
expiration: expiry-date="Thu, 01 Sep 2022 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
x-cache: HIT, HIT, HIT, HIT, MISS
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_167%2Cw_200%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/e27aa15ac648da7e527a65b6933a77ad.jpg
content-length: 12100
x-backend-name: CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb803
last-modified: Mon, 01 Aug 2022 13:19:25 GMT
server: nginx
x-timer: S1662300984.395273,VS0,VE86
etag: "999d5b4e165b965c2160398196171c64"
x-served-by: cache-iad-kjyo7100040-IAD, cache-iad-kiad7000047-IAD, cache-lga21934-LGA, cache-iad-kcgs7200037-IAD, cache-cdg20753-CDG
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 1, 1, 1, 1, 0

GET
H3 200 bridge3.528.0_en.html Show response
imasdk.googleapis.com/js/core/ Frame FA8B 637 KB
206 KB 80ms
19ms Document
text/html 2a00:1450:4001:80e::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/core/bridge3.528.0_en.html

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e9bca797e35294210a471d8fedbcb73598cecbdb14fc19b93eae0f1b5ccffdf5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://rumble.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 585621
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 210604
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
cross-origin-resource-policy: cross-origin
date: Sun, 28 Aug 2022 19:36:03 GMT
expires: Mon, 28 Aug 2023 19:36:03 GMT
last-modified: Fri, 26 Aug 2022 23:46:55 GMT
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 client.js Show response
s0.2mdn.net/instream/video/ Frame 28E5 44 KB
17 KB 186ms
103ms Script
text/javascript 2a00:1450:4001:831::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/instream/video/client.js

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rumble.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Sun, 04 Sep 2022 14:16:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16746
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sun, 04 Sep 2022 14:16:24 GMT

GET
H2 204 debug
am-trc-events.taboola.com/onenewspage-onenewspage/log/2/ 0
89 B 52ms
51ms Image
text/plain 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://am-trc-events.taboola.com/onenewspage-onenewspage/log/2/debug?tim=14%3A16%3A24.401&type=usage&msg=cta-_1662300984401&llvl=2&id=62&cv=20220901-18-RELEASE&lt=html_metrics_3_ctrl&file=cta-manager&method=&position=&extraData=%7B%22v%22%3A%222%22%2C%22location%22%3A%22https%3A%2F%2Fwww.onenewspage.com%2Fvideo%2F20220806%2F14729083%2FMax-Igan-Shift-is-Happening!.htm%22%2C%22itemId%22%3A%22~~V1~~3639762653397954882~~s7bQDhfW3zU5T%22%2C%22text%22%3A%22Weiterlesen%22%2C%22type%22%3A%22event%22%2C%22module%22%3A%22cta-lazy-module%22%2C%22event%22%3A%22CTA-event-rendered%22%2C%22cardIndexOnPage%22%3A0%2C%22index%22%3A2%2C%22placement%22%3A%22Desktop-video%22%2C%22innerText%22%3A%2210%20GB%20LTE%20f%C3%BCr%209%2C99%20%E2%82%AC*%5CnBlau%22%2C%22config%22%3A%7B%22borderColor%22%3A%22black%22%2C%22fontWeight%22%3A%22bold%22%2C%22isInheritTitleColor%22%3A%22true%22%7D%7D
Requested by: Host: www.onenewspage.com
URL: https://www.onenewspage.com/video/20220806/14729083/Max-Igan-Shift-is-Happening!.htm
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.onenewspage.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Sun, 04 Sep 2022 14:16:24 GMT
access-control-allow-credentials: true
server: nginx
x-fastly-to-nlb-rtt: 28768

GET
H2 204 debug
am-trc-events.taboola.com/onenewspage-onenewspage/log/2/ 0
89 B 52ms
51ms Image
text/plain 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://am-trc-events.taboola.com/onenewspage-onenewspage/log/2/debug?tim=14%3A16%3A24.404&type=usage&msg=cta-_1662300984404&llvl=2&id=1049&cv=20220901-18-RELEASE&lt=html_metrics_3_ctrl&file=cta-manager&method=&position=&extraData=%7B%22v%22%3A%222%22%2C%22location%22%3A%22https%3A%2F%2Fwww.onenewspage.com%2Fvideo%2F20220806%2F14729083%2FMax-Igan-Shift-is-Happening!.htm%22%2C%22itemId%22%3A%22~~V1~~-8675017772510825032~~OcWbbgrOXb1V%22%2C%22text%22%3A%22Weiterlesen%22%2C%22type%22%3A%22filter%22%2C%22module%22%3A%22cta-lazy-module%22%2C%22event%22%3A%22CTA-filter-large_branding_width_list_suffix%22%2C%22cardIndexOnPage%22%3A1%2C%22index%22%3A4%2C%22placement%22%3A%22Desktop-video%22%2C%22innerText%22%3A%22Die%20B%C3%B6rse%20ist%20kein%20Sparbuch%5CnFlossbach%20von%20Storch%22%2C%22config%22%3A%7B%22borderColor%22%3A%22black%22%2C%22fontWeight%22%3A%22bold%22%2C%22isInheritTitleColor%22%3A%22true%22%7D%7D
Requested by: Host: www.onenewspage.com
URL: https://www.onenewspage.com/video/20220806/14729083/Max-Igan-Shift-is-Happening!.htm
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.onenewspage.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Sun, 04 Sep 2022 14:16:24 GMT
access-control-allow-credentials: true
server: nginx
x-fastly-to-nlb-rtt: 28768

GET
H2 204 debug
am-trc-events.taboola.com/onenewspage-onenewspage/log/2/ 0
89 B 52ms
52ms Image
text/plain 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://am-trc-events.taboola.com/onenewspage-onenewspage/log/2/debug?tim=14%3A16%3A24.406&type=usage&msg=cta-_1662300984406&llvl=2&id=9964&cv=20220901-18-RELEASE&lt=html_metrics_3_ctrl&file=cta-manager&method=&position=&extraData=%7B%22v%22%3A%222%22%2C%22location%22%3A%22https%3A%2F%2Fwww.onenewspage.com%2Fvideo%2F20220806%2F14729083%2FMax-Igan-Shift-is-Happening!.htm%22%2C%22type%22%3A%22report%22%2C%22module%22%3A%22cta-lazy-module%22%2C%22event%22%3A%22CTA-report-fix_all_video_box_height_is_still_overflowing%22%2C%22innerText%22%3A%22Arthrose%3A%20Ein%20einfacher%20Trick%2C%20um%20Schmerzen%20einfach%20zu%20lindern%5CnNutraFlex%20Nahrungserg%C3%A4nzungsmittel%22%2C%22config%22%3A%7B%22borderColor%22%3A%22black%22%2C%22fontWeight%22%3A%22bold%22%2C%22isInheritTitleColor%22%3A%22true%22%7D%7D
Requested by: Host: www.onenewspage.com
URL: https://www.onenewspage.com/video/20220806/14729083/Max-Igan-Shift-is-Happening!.htm
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.onenewspage.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Sun, 04 Sep 2022 14:16:24 GMT
access-control-allow-credentials: true
server: nginx
x-fastly-to-nlb-rtt: 28768

POST
H2 204 bulk-metrics Show response
am-trc-events.taboola.com/onenewspage-onenewspage/log/3/ 0
249 B 44ms
44ms XHR
text/plain 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://am-trc-events.taboola.com/onenewspage-onenewspage/log/3/bulk-metrics?route=AM%3AAM%3AV&lti=html_metrics_3_ctrl&bulkSize=3
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20220901-18-RELEASE.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.onenewspage.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: https://www.onenewspage.com
pragma: no-cache
date: Sun, 04 Sep 2022 14:16:24 GMT
cache-control: no-cache
access-control-allow-credentials: true
server: nginx
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"

GET
H3 200 ga-audiences
www.google.com/ads/ Frame 28E5 42 B
63 B 98ms
59ms Image
image/gif 2a00:1450:4001:831::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-44331619-1&cid=1330484580.1662300984&jid=1309167634&_u=YEBAAEAAAAAAAC~&z=1471597437

Requested by

Host: rumble.com
URL: https://rumble.com/embed/v1cc8m1?pub=75zn/?autoplay=false

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rumble.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 04 Sep 2022 14:16:24 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ga-audiences
www.google.de/ads/ Frame 28E5 42 B
63 B 65ms
65ms Image
image/gif 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-44331619-1&cid=1330484580.1662300984&jid=1309167634&_u=YEBAAEAAAAAAAC~&z=1471597437

Requested by

Host: rumble.com
URL: https://rumble.com/embed/v1cc8m1?pub=75zn/?autoplay=false

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rumble.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 04 Sep 2022 14:16:24 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 UnitWidgetItemDesktop.min.js Show response
vidstat.taboola.com/lite-unit/3.9.2/ 103 KB
30 KB 61ms
25ms Script
application/javascript 151.101.65.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://vidstat.taboola.com/lite-unit/3.9.2/UnitWidgetItemDesktop.min.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20220901-18-RELEASE.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 4052bdc457a2ebf44a0671f11a91ef88f3b70ddfc706b5ae289365877dfd7d75

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.onenewspage.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Sun, 04 Sep 2022 14:16:24 GMT
via: 1.1 adb83a3a3628f104e6d1d9d74c07d92c.cloudfront.net (CloudFront), 1.1 varnish
age: 536973
x-cache: Hit from cloudfront, HIT
content-encoding: gzip
content-length: 29862
x-served-by: cache-cdg20753-CDG
last-modified: Mon, 29 Aug 2022 09:04:08 GMT
server: AmazonS3
x-timer: S1662300985.523791,VS0,VE0
etag: "9b41d4f2702a079eae60f297e3e0c705"
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS, HEAD
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=2592000
x-amz-cf-pop: CDG52-P2
accept-ranges: bytes
access-control-allow-headers: *
x-amz-cf-id: oqLpV9_LdbCn0UCUi2hxHeNE4TslsVt-_5Y485-xAFS4X2vVjMu9IQ==
x-cache-hits: 18055

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 219 B
647 B 117ms
26ms Script
text/javascript 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=www.onenewspage.com&callback=_gfp_s_&client=ca-pub-4985447070160925

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

cafe /

Resource Hash

d47de24627977982d10fe40cbbb0ae15a4620c460799aa82da8a7408dc382ed3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.onenewspage.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Sun, 04 Sep 2022 14:16:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 203
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
792 B 170ms
100ms Script
application/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=www.onenewspage.com

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.onenewspage.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

timing-allow-origin: *
date: Sun, 04 Sep 2022 14:16:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
549 B 80ms
27ms Script
application/javascript 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.onenewspage.com

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.onenewspage.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

timing-allow-origin: *
date: Sun, 04 Sep 2022 14:16:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 4401 93 KB
31 KB 313ms
279ms Document
text/html 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?us_privacy=1---&client=ca-pub-4985447070160925&output=html&h=280&slotname=8886206350&adk=2616170555&adf=1236709610&pi=t.ma~as.8886206350&w=750&fwrn=4&fwrnh=100&lmt=1662300982&rafmt=1&psa=0&format=750x280&url=https%3A%2F%2Fwww.onenewspage.com%2Fvideo%2F20220806%2F14729083%2FMax-Igan-Shift-is-Happening!.htm&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1662300983414&bpp=4&bdt=375&idt=760&shv=r20220831&mjsv=m202208300101&ptt=9&saldr=aa&abxe=1&correlator=4536277881758&frm=20&pv=2&ga_vid=1952181317.1662300983&ga_sid=1662300985&ga_hid=508319689&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=230&ady=2376&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44761793%2C44770880&oid=2&pvsid=1489802935848688&tmod=541642836&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&btvi=1&fsb=1&xpc=f0sWoWgDPL&p=https%3A//www.onenewspage.com&dtd=1188

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3e416550cf9fb839b9e0ebe347e37275729bba4509b3f8eba626dc4d24188108

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.onenewspage.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: br
content-length: 32175
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 04 Sep 2022 14:16:24 GMT
expires: Sun, 04 Sep 2022 14:16:24 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 869B 80 KB
29 KB 442ms
413ms Document
text/html 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?us_privacy=1---&client=ca-pub-4985447070160925&output=html&h=280&slotname=8987803811&adk=1915398834&adf=4050863620&pi=t.ma~as.8987803811&w=345&fwrn=1&fwrnh=100&lmt=1662300982&rafmt=1&psa=0&format=345x280&url=https%3A%2F%2Fwww.onenewspage.com%2Fvideo%2F20220806%2F14729083%2FMax-Igan-Shift-is-Happening!.htm&fwr=0&fwrattr=false&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1662300983414&bpp=1&bdt=375&idt=810&shv=r20220831&mjsv=m202208300101&ptt=9&saldr=aa&abxe=1&prev_fmts=750x280&correlator=4536277881758&frm=20&pv=1&ga_vid=1952181317.1662300983&ga_sid=1662300985&ga_hid=508319689&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1025&ady=932&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44761793%2C44770880&oid=2&pvsid=1489802935848688&tmod=541642836&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpEe%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=M3bgEHGOE3&p=https%3A//www.onenewspage.com&dtd=1194

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f8443fb133c418ee6d289e9154925030671535863e05229b9e4e8274f8d0685b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.onenewspage.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: br
content-length: 29979
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 04 Sep 2022 14:16:25 GMT
expires: Sun, 04 Sep 2022 14:16:25 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 81F6 68 KB
20 KB 313ms
288ms Document
text/html 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?us_privacy=1---&client=ca-pub-4985447070160925&output=html&h=1069&slotname=4684115771&adk=2369831491&adf=1915577481&pi=t.ma~as.4684115771&w=345&cr_col=1&cr_row=4&lmt=1662300982&rafmt=9&psa=0&format=345x1069&url=https%3A%2F%2Fwww.onenewspage.com%2Fvideo%2F20220806%2F14729083%2FMax-Igan-Shift-is-Happening!.htm&crui=pub_control_image_card_stacked&fwrattr=false&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1662300983414&bpp=1&bdt=374&idt=812&shv=r20220831&mjsv=m202208300101&ptt=9&saldr=aa&abxe=1&prev_fmts=750x280%2C345x280&correlator=4536277881758&frm=20&pv=1&ga_vid=1952181317.1662300983&ga_sid=1662300985&ga_hid=508319689&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1025&ady=2162&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44761793%2C44770880&oid=2&pvsid=1489802935848688&tmod=541642836&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpEebr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=2H1iP2yTvX&p=https%3A//www.onenewspage.com&dtd=1198

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ca5ddc59a0cf97b651c6840f2a5a532be4bd502e3aa1cf168253ef3fb3c43fc2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.onenewspage.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: br
content-length: 20937
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 04 Sep 2022 14:16:24 GMT
expires: Sun, 04 Sep 2022 14:16:24 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 8028 24 KB
1 KB 210ms
188ms Document
text/html 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?us_privacy=1---&client=ca-pub-4985447070160925&output=html&adk=1812271804&adf=3025194257&lmt=1662300982&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A34635776%2C32%3A32&format=0x0&url=https%3A%2F%2Fwww.onenewspage.com%2Fvideo%2F20220806%2F14729083%2FMax-Igan-Shift-is-Happening!.htm&ea=0&pra=7&wgl=1&easpf=1&easpi=0&asntp=0&asntpv=0&asntpl=0&asntpm=0&asntpc=0&asna=0&asnd=0&asnp=0&asns=0&asmat=1&asptt=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1662300983414&bpp=2&bdt=374&idt=814&shv=r20220831&mjsv=m202208300101&ptt=9&saldr=aa&abxe=1&prev_fmts=750x280%2C345x280%2C345x1069&nras=1&correlator=4536277881758&frm=20&pv=1&ga_vid=1952181317.1662300983&ga_sid=1662300985&ga_hid=508319689&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44761793%2C44770880&oid=2&pvsid=1489802935848688&tmod=541642836&uas=0&nvt=1&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=4&uci=a!4&fsb=1&dtd=1201

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a111570f7b52650f56ea88bde2a636f2cdc5159442a92c43c798ae88d07d1dde

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.onenewspage.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: br
content-length: 1481
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 04 Sep 2022 14:16:24 GMT
expires: Sun, 04 Sep 2022 14:16:24 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 AGSKWxUy9Yf2s4vHYMPoHhT-bwzrL8NJWYWafN5-raCSWngDliho2lakV7kL3AgKPDR4JXR61LRWFVUWGWeQj4ibFtI= Show response
fundingchoicesmessages.google.com/f/ 6 KB
3 KB 77ms
44ms Script
application/javascript 2a00:1450:4001:827::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/f/AGSKWxUy9Yf2s4vHYMPoHhT-bwzrL8NJWYWafN5-raCSWngDliho2lakV7kL3AgKPDR4JXR61LRWFVUWGWeQj4ibFtI=?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNjYyMzAwOTg0LDYxOTAwMDAwMF0sIjU2NjBEODY4LUUzOEEtNDJGNi05OTNBLTYxMEVFNjhBNzRDRiIsbnVsbCxudWxsLFtudWxsLFs3XSxudWxsLG51bGwsbnVsbCxudWxsLG51bGwsdHJ1ZSx0cnVlXSwiaHR0cHM6Ly93d3cub25lbmV3c3BhZ2UuY29tL3ZpZGVvLzIwMjIwODA2LzE0NzI5MDgzL01heC1JZ2FuLVNoaWZ0LWlzLUhhcHBlbmluZyEuaHRtIixudWxsLFtdXQ

Requested by

Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.de.VrZiRpDyRAQ.es5.O/d=1/rs=AJlcJMzJI-Scy3r4KuzcfVPAE1igGfSgnQ/m=kernel_loader,loader_js_executable

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

b4da6bbaea4f040947644ef2b15d28437e461623399ccfdcf3747a790c9a6040

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-3OKsMxsNKoRrozCrCh3Ksg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.onenewspage.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

content-security-policy: script-src 'report-sample' 'nonce-3OKsMxsNKoRrozCrCh3Ksg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
pragma: no-cache
server: ESF
cross-origin-opener-policy: same-origin
x-frame-options: SAMEORIGIN
date: Sun, 04 Sep 2022 14:16:24 GMT
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
content-type: application/javascript; charset=utf-8
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-platform=*, ch-ua-platform-version=*
expires: Mon, 01 Jan 1990 00:00:00 GMT

POST
H3 204 AGSKWxXf7YnNCBs3wXkF_AAvUsXr1cIq5Iu78yM4Lsx71NKJTXipHXUVtQOdgd-cVw0mEVO_ybFarsp6gM3WlzU9ZYknN44yMgdUDOas8aHHux9IkhMA3zchdRxUgCy57ReuYfftHHvwKw== Show response
fundingchoicesmessages.google.com/el/ 0
28 B 66ms
32ms XHR
text/html 2a00:1450:4001:827::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxXf7YnNCBs3wXkF_AAvUsXr1cIq5Iu78yM4Lsx71NKJTXipHXUVtQOdgd-cVw0mEVO_ybFarsp6gM3WlzU9ZYknN44yMgdUDOas8aHHux9IkhMA3zchdRxUgCy57ReuYfftHHvwKw==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-WNOFOGNllu_RbtdipsmzKg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.onenewspage.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
Content-Type: text/plain

Response headers

date: Sun, 04 Sep 2022 14:16:24 GMT
x-content-type-options: nosniff
access-control-allow-origin: https://www.onenewspage.com
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
pragma: no-cache
server: ESF
cross-origin-opener-policy: same-origin
x-frame-options: SAMEORIGIN
access-control-max-age: 86400
access-control-allow-methods: POST, GET, OPTIONS
content-type: text/html; charset=utf-8
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-platform=*, ch-ua-platform-version=*
content-security-policy: script-src 'report-sample' 'nonce-WNOFOGNllu_RbtdipsmzKg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 AGSKWxX1CwevjoefmQaon9oYfCHBj3pJR2XeNsneiZAotCep1l_ShixpXbqkcbSmPLl_j4pgjBrq3zVcMkr890hurLfYqvGrqxTBF4CmL-fSfe1AqeD8sxXkr279Jt3cgzLyXLIbKCClHA== Show response
fundingchoicesmessages.google.com/f/ 17 KB
7 KB 56ms
56ms Script
application/javascript 2a00:1450:4001:827::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/f/AGSKWxX1CwevjoefmQaon9oYfCHBj3pJR2XeNsneiZAotCep1l_ShixpXbqkcbSmPLl_j4pgjBrq3zVcMkr890hurLfYqvGrqxTBF4CmL-fSfe1AqeD8sxXkr279Jt3cgzLyXLIbKCClHA==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNjYyMzAwOTg0LDcwNjAwMDAwMF0sIjU2NjBEODY4LUUzOEEtNDJGNi05OTNBLTYxMEVFNjhBNzRDRiIsbnVsbCxudWxsLFtudWxsLFs3LDEwXSxudWxsLG51bGwsbnVsbCxudWxsLG51bGwsMSwxXSwiaHR0cHM6Ly93d3cub25lbmV3c3BhZ2UuY29tL3ZpZGVvLzIwMjIwODA2LzE0NzI5MDgzL01heC1JZ2FuLVNoaWZ0LWlzLUhhcHBlbmluZyEuaHRtIixudWxsLFtdXQ

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e9387b3291b43f880a8ea516dc697287c61574c6b49c4529ee3217bf0cad18f1

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-yoJTzbiJtJbI3w0rB7Ka-Q' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.onenewspage.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Sun, 04 Sep 2022 14:16:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
pragma: no-cache
server: ESF
cross-origin-opener-policy: same-origin
x-frame-options: SAMEORIGIN
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
content-type: application/javascript; charset=utf-8
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-platform=*, ch-ua-platform-version=*
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-yoJTzbiJtJbI3w0rB7Ka-Q' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 st Show response
imprammp.taboola.com/ Frame B2F1 928 B
544 B 37ms
35ms Document
text/html 151.101.65.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://imprammp.taboola.com/st?cijs=convusmp&ttype=0&cisd=convusmp&cipid=66256635&crid=5895835&dast=V7m6gCFgOnWK7GEN8VrwSnWK7GEN8VrwUAAAAGBuIHJDgZrgYj32itsRgXa9FyslkrF57FWjharFzGhWc2nLmMQCIzy2o4HG7WuuVu5RbNfCu3crWyrWW-iXHmmLlmC4dzCg3E8nxNf8Nb9jS5_G6gQtPp8Lnu9brf7663u-wu3-fw8LnsGr_bL3uaXH6_ZDCZDIaD2V4x2k2Wg-Fmr2YY30qew-7WFJ0201vpeQsZhsPL7rT7HHKh6W0HAAAAgAeALPtNiB9AAIAIAAAAAAkAAAAAioCKfwuBCwAAAAAMgAOZJA0AKI6Ddt09p5flHwAADw8gAAACGCQABIL7JQAj1j0nAAAAAAAAAAAs_____zED8v77MgP3Xpc9AA8-AA9EBaNFjAAAAACCNxwUjiZ1QmVRBQBAkG4FcAUAEDCIwE0hFwYAAEAwtkAPi99vdtg1frfLAAAAAAAAAADM_s_-0YSerhXSgOhR7NV-AQEA1n4BAQDYwg0A4E0ALugIWjEYrC4gZgcAAABw9____68HkpuFwzBbDQe7lWtkmjmXK89yZJmNVqPRcjjZmLzHRDtlK5G77NTXQCzP1_Q3vGVPk8tvvwlbjFaTyWY5nC0Xk8FwNByN9jcQg9UAJ2KwXE4mi8luNVqNNsPdaDZYoEAMJkjRosFkNRpNFpPhajRZzZaL3W6DFK1azUabwXA1m8x2u9VwMFyORjhhi9FqMtksh7PlYjIYjoaj0RBhZLEa-WY241rlsdjcosXEshaubI61YDXYTDYe02qwsa1Fr4_pYVh5hhPjFgUDpvYiuEgnervL7vJ9Dg-fy623u-wu3-fw8LksYonmZJFOZJd9c7NwGGar4WC3co1MM-dy5VmOLLPRajRaDicbk7-yWI18M5txrfJYbG7RYmJZC1c2x1qwGmwmG49pNdjY1qLXx_QwrDzDiXHfmM0mm8FgORztG7PZZDMYLIejfYfO8F19zkZjTnTx6Dy2cc3wvTkMCpfB4v1JTItpd3bw_H5Hp079UhZ1RuHle_QaFJ6DRzW8Lpfh6XHxbf4MCsfBoIglgtNFOpE9TS6_RSyRPC3SiXK2GXk2tuHEtpt5HJ6VyeacOTwL18gx2Fg8M-NELFGaLtKJXvY0ufx-yWAyGQwHs71itJssB8PNXu0wvpU-h92tOTptprfS8xY6DIeX3Wn3OeRC09ui_iNDLDdzyW6uGM0Vg1UCAAAAAAAAAFjCnHkTAAAAgNNAlqvZbrVcgAgWKt2f1a-sLCr1tt38PHTPjzJ76eLGjy_e7rK7fJ_Dw-dy6-0uu8v3OTx8LisDRKSAMW_2TBBrtVrWAAAAAtgAAAAB3Lp5Cwiz5PaBqCzNzMzMzPgJcLNaDA!&cmcv=&pix=undefined&cb=1662300984882&uv=3221&tms=1662300984882&abt=inc_all_video_vA!Noappq22_vC!t45!tvrReverse1_vB!ufm&ft=0&unm=WIDGET_ITEM&aure=false&agl=1&cirid=82850d74-cb81-4923-9a31-841ee8a368fe&excid=e22lLINE_ITEM_ID_WILL_BE_HERE_ON_SERVINGc&tst=1&docw=0&cs=true&cias=1
Requested by: Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/lite-unit/3.9.2/UnitWidgetItemDesktop.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: cee951f16e0c0a2483c94e07da6adfd3b4549ce3279979a6c9c054b4f4d7c1cf

Request headers

Referer: https://www.onenewspage.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
content-encoding: gzip
content-type: text/html;charset=ISO-8859-1
date: Sun, 04 Sep 2022 14:16:24 GMT
server: nginx
vary: Accept-Encoding
via: 1.1 varnish
x-cache: MISS
x-cache-hits: 0
x-served-by: cache-cdg20753-CDG
x-timer: S1662300985.902381,VS0,VE11

GET
H2 200 sync Show response
am-match.taboola.com/ Frame 3FD4 928 B
1013 B 73ms
25ms Document
text/html 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://am-match.taboola.com/sync?dast=V7m6gCFgOnWK7GEN8VrwSnWK7GEN8VrwUAAAAGBuIHJDgZrgYj32itsRgXa9FyslkrF57FWjharFzGhWc2nLmMQCIzy2o4HG7WuuVu5RbNfCu3crWyrWW-iXHmmLlmC4dzCg3E8nxNf8Nb9jS5_G6gQtPp8Lnu9brf7663u-wu3-fw8LnsGr_bL3uaXH6_ZDCZDIaD2V4x2k2Wg-Fmr2YY30qew-7WFJ0201vpeQsZhsPL7rT7HHKh6W0HAAAAgAeALPtNiB9AAIAIAAAAAAkAAAAAioCKfwuBCwAAAAAMgAOZJA0AKI6Ddt09p5flHwAADw8gAAACGCQABIL7JQAj1j0nAAAAAAAAAAAs_____zED8v77MgP3Xpc9AA8-AA9EBaNFjAAAAACCNxwUjiZ1QmVRBQBAkG4FcAUAEDCIwE0hFwYAAEAwtkAPi99vdtg1frfLAAAAAAAAAADM_s_-0YSerhXSgOhR7NV-AQEA1n4BAQDYwg0A4E0ALugIWjEYrC4gZgcAAABw9____68HkpuFwzBbDQe7lWtkmjmXK89yZJmNVqPRcjjZmLzHRDtlK5G77NTXQCzP1_Q3vGVPk8tvvwlbjFaTyWY5nC0Xk8FwNByN9jcQg9UAJ2KwXE4mi8luNVqNNsPdaDZYoEAMJkjRosFkNRpNFpPhajRZzZaL3W6DFK1azUabwXA1m8x2u9VwMFyORjhhi9FqMtksh7PlYjIYjoaj0RBhZLEa-WY241rlsdjcosXEshaubI61YDXYTDYe02qwsa1Fr4_pYVh5hhPjFgUDpvYiuEgnervL7vJ9Dg-fy623u-wu3-fw8LksYonmZJFOZJd9c7NwGGar4WC3co1MM-dy5VmOLLPRajRaDicbk7-yWI18M5txrfJYbG7RYmJZC1c2x1qwGmwmG49pNdjY1qLXx_QwrDzDiXHfmM0mm8FgORztG7PZZDMYLIejfYfO8F19zkZjTnTx6Dy2cc3wvTkMCpfB4v1JTItpd3bw_H5Hp079UhZ1RuHle_QaFJ6DRzW8Lpfh6XHxbf4MCsfBoIglgtNFOpE9TS6_RSyRPC3SiXK2GXk2tuHEtpt5HJ6VyeacOTwL18gx2Fg8M-NELFGaLtKJXvY0ufx-yWAyGQwHs71itJssB8PNXu0wvpU-h92tOTptprfS8xY6DIeX3Wn3OeRC09ui_iNDLDdzyW6uGM0Vg1UCAAAAAAAAAFjCnHkTAAAAgNNAlqvZbrVcgAgWKt2f1a-sLCr1tt38PHTPjzJ76eLGjy_e7rK7fJ_Dw-dy6-0uu8v3OTx8LisDRKSAMW_2TBBrtVrWAAAAAtgAAAAB3Lp5Cwiz5PaBqCzNzMzMzPgJcLNaDA!&excid=22&docw=0&cijs=1&nlb=true
Requested by: Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/lite-unit/3.9.2/UnitWidgetItemDesktop.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: 66447cfc636542b4acdb280f4d41993dd18718ba71c208ef9b74f24ca508353d

Request headers

Referer: https://www.onenewspage.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

content-type: text/html;charset=ISO-8859-1
date: Sun, 04 Sep 2022 14:16:24 GMT
machineid: 3401
server: nginx

POST
H2 200 VideoBidRequestHandlerServlet Show response
wf.taboola.com/ 1 KB
819 B 183ms
136ms XHR
application/json 151.101.65.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://wf.taboola.com/VideoBidRequestHandlerServlet?oid=15&width=311&height=174&pubid=169497&tagid=953497&crid=5895835&noaop=5&sortOrderType=0&cb=1662300984888&mimes=5,10,11,12&isvideo=0&plmd=2&mindur=1&maxdur=210&minbr=1&maxbr=10000&st=0&seq=1&pv=1477&pt=359342805&tz=0&viewable=true&ddast=V7m6gCFgOnWK7GEN8VrwSnWK7GEN8VrwUAAAAGBuIHJDgZrgYj32itsRgXa9FyslkrF57FWjharFzGhWc2nLmMQCIzy2o4HG7WuuVu5RbNfCu3crWyrWW-iXHmmLlmC4dzCg3E8nxNf8Nb9jS5_G6gQtPp8Lnu9brf7663u-wu3-fw8LnsGr_bL3uaXH6_ZDCZDIaD2V4x2k2Wg-Fmr2YY30qew-7WFJ0201vpeQsZhsPL7rT7HHKh6W0HAAAAgAeALPtNiB9AAIAIAAAAAAkAAAAAioCKfwuBCwAAAAAMgAOZJA0AKI6Ddt09p5flHwAADw8gAAACGCQABIL7JQAj1j0nAAAAAAAAAAAs_____zED8v77MgP3Xpc9AA8-AA9EBaNFjAAAAACCNxwUjiZ1QmVRBQBAkG4FcAUAEDCIwE0hFwYAAEAwtkAPi99vdtg1frfLAAAAAAAAAADM_s_-0YSerhXSgOhR7NV-AQEA1n4BAQDYwg0A4E0ALugIWjEYrC4gZgcAAABw9____68HkpuFwzBbDQe7lWtkmjmXK89yZJmNVqPRcjjZmLzHRDtlK5G77NTXQCzP1_Q3vGVPk8tvvwlbjFaTyWY5nC0Xk8FwNByN9jcQg9UAJ2KwXE4mi8luNVqNNsPdaDZYoEAMJkjRosFkNRpNFpPhajRZzZaL3W6DFK1azUabwXA1m8x2u9VwMFyORjhhi9FqMtksh7PlYjIYjoaj0RBhZLEa-WY241rlsdjcosXEshaubI61YDXYTDYe02qwsa1Fr4_pYVh5hhPjFgUDpvYiuEgnervL7vJ9Dg-fy623u-wu3-fw8LksYonmZJFOZJd9c7NwGGar4WC3co1MM-dy5VmOLLPRajRaDicbk7-yWI18M5txrfJYbG7RYmJZC1c2x1qwGmwmG49pNdjY1qLXx_QwrDzDiXHfmM0mm8FgORztG7PZZDMYLIejfYfO8F19zkZjTnTx6Dy2cc3wvTkMCpfB4v1JTItpd3bw_H5Hp079UhZ1RuHle_QaFJ6DRzW8Lpfh6XHxbf4MCsfBoIglgtNFOpE9TS6_RSyRPC3SiXK2GXk2tuHEtpt5HJ6VyeacOTwL18gx2Fg8M-NELFGaLtKJXvY0ufx-yWAyGQwHs71itJssB8PNXu0wvpU-h92tOTptprfS8xY6DIeX3Wn3OeRC09ui_iNDLDdzyW6uGM0Vg1UCAAAAAAAAAFjCnHkTAAAAgNNAlqvZbrVcgAgWKt2f1a-sLCr1tt38PHTPjzJ76eLGjy_e7rK7fJ_Dw-dy6-0uu8v3OTx8LisDRKSAMW_2TBBrtVrWAAAAAtgAAAAB3Lp5Cwiz5PaBqCzNzMzMzPgJcLNaDA!&proto=2,3,5,6&encoded=1&pstn=vforce2&callback=&wfv=1&amp=0&qsz=7&ft=0&pb=0&pagg=1&sd=undefined&ctsldr=0&dtagid=2348605&dpubid=295675&abtst=inc_all_video_vA!Noappq22_vC!t45!tvrReverse1_vB!ufm&mPre=0.033&cirf=https%3A%2F%2Fwww.onenewspage.com&en=1
Requested by: Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/lite-unit/3.9.2/UnitWidgetItemDesktop.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: becc5b70362a71d6951f71eceaff9fd3a89fce23f8e4885d00be7371860c102a

Request headers

Referer: https://www.onenewspage.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
Content-type: text/plain

Response headers

date: Sun, 04 Sep 2022 14:16:25 GMT
content-encoding: gzip
access-control-allow-origin: https://www.onenewspage.com
machineid: 1462
x-cache: MISS
x-cache-hits: 0
x-served-by: cache-cdg20753-CDG
pragma: no-cache
server: nginx
x-timer: S1662300985.951802,VS0,VE112
vary: Accept-Encoding
content-type: application/json;charset=utf-8
via: 1.1 varnish
cache-control: no-cache,must-revalidate,no-store,max-age=0,s-maxage=0
access-control-allow-credentials: true
accept-ranges: bytes
expires: Sat, 26 Jul 1997 05:00:00 GMT

GET
H2 200 st
am-vid-events.taboola.com/ 0
43 B 97ms
25ms Image
text/plain 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://am-vid-events.taboola.com/st?cijs=convusmp&ttype=45&cisd=convusmp&cipid=66256635&crid=5895835&dast=V7m6gCFgOnWK7GEN8VrwSnWK7GEN8VrwUAAAAGBuIHJDgZrgYj32itsRgXa9FyslkrF57FWjharFzGhWc2nLmMQCIzy2o4HG7WuuVu5RbNfCu3crWyrWW-iXHmmLlmC4dzCg3E8nxNf8Nb9jS5_G6gQtPp8Lnu9brf7663u-wu3-fw8LnsGr_bL3uaXH6_ZDCZDIaD2V4x2k2Wg-Fmr2YY30qew-7WFJ0201vpeQsZhsPL7rT7HHKh6W0HAAAAgAeALPtNiB9AAIAIAAAAAAkAAAAAioCKfwuBCwAAAAAMgAOZJA0AKI6Ddt09p5flHwAADw8gAAACGCQABIL7JQAj1j0nAAAAAAAAAAAs_____zED8v77MgP3Xpc9AA8-AA9EBaNFjAAAAACCNxwUjiZ1QmVRBQBAkG4FcAUAEDCIwE0hFwYAAEAwtkAPi99vdtg1frfLAAAAAAAAAADM_s_-0YSerhXSgOhR7NV-AQEA1n4BAQDYwg0A4E0ALugIWjEYrC4gZgcAAABw9____68HkpuFwzBbDQe7lWtkmjmXK89yZJmNVqPRcjjZmLzHRDtlK5G77NTXQCzP1_Q3vGVPk8tvvwlbjFaTyWY5nC0Xk8FwNByN9jcQg9UAJ2KwXE4mi8luNVqNNsPdaDZYoEAMJkjRosFkNRpNFpPhajRZzZaL3W6DFK1azUabwXA1m8x2u9VwMFyORjhhi9FqMtksh7PlYjIYjoaj0RBhZLEa-WY241rlsdjcosXEshaubI61YDXYTDYe02qwsa1Fr4_pYVh5hhPjFgUDpvYiuEgnervL7vJ9Dg-fy623u-wu3-fw8LksYonmZJFOZJd9c7NwGGar4WC3co1MM-dy5VmOLLPRajRaDicbk7-yWI18M5txrfJYbG7RYmJZC1c2x1qwGmwmG49pNdjY1qLXx_QwrDzDiXHfmM0mm8FgORztG7PZZDMYLIejfYfO8F19zkZjTnTx6Dy2cc3wvTkMCpfB4v1JTItpd3bw_H5Hp079UhZ1RuHle_QaFJ6DRzW8Lpfh6XHxbf4MCsfBoIglgtNFOpE9TS6_RSyRPC3SiXK2GXk2tuHEtpt5HJ6VyeacOTwL18gx2Fg8M-NELFGaLtKJXvY0ufx-yWAyGQwHs71itJssB8PNXu0wvpU-h92tOTptprfS8xY6DIeX3Wn3OeRC09ui_iNDLDdzyW6uGM0Vg1UCAAAAAAAAAFjCnHkTAAAAgNNAlqvZbrVcgAgWKt2f1a-sLCr1tt38PHTPjzJ76eLGjy_e7rK7fJ_Dw-dy6-0uu8v3OTx8LisDRKSAMW_2TBBrtVrWAAAAAtgAAAAB3Lp5Cwiz5PaBqCzNzMzMzPgJcLNaDA!&cmcv=&pix=31589837&cb=1662300984882&uv=3221&tms=1662300984882&abt=inc_all_video_vA!Noappq22_vC!t45!tvrReverse1_vB!ufm&ft=0&unm=WIDGET_ITEM&debug=pn:!sqg:!torgn:1662300982520.2!ts:1662300984882&mntl=1
Requested by: Host: www.onenewspage.com
URL: https://www.onenewspage.com/video/20220806/14729083/Max-Igan-Shift-is-Happening!.htm
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.onenewspage.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Sun, 04 Sep 2022 14:16:24 GMT
content-length: 0
server: nginx

GET
H2 200 css
fonts.googleapis.com/ Frame 4401 8 KB
1 KB 114ms
44ms Stylesheet
text/css 2a00:1450:4001:812::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?us_privacy=1---&client=ca-pub-4985447070160925&output=html&h=280&slotname=8886206350&adk=2616170555&adf=1236709610&pi=t.ma~as.8886206350&w=750&fwrn=4&fwrnh=100&lmt=1662300982&rafmt=1&psa=0&format=750x280&url=https%3A%2F%2Fwww.onenewspage.com%2Fvideo%2F20220806%2F14729083%2FMax-Igan-Shift-is-Happening!.htm&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1662300983414&bpp=4&bdt=375&idt=760&shv=r20220831&mjsv=m202208300101&ptt=9&saldr=aa&abxe=1&correlator=4536277881758&frm=20&pv=2&ga_vid=1952181317.1662300983&ga_sid=1662300985&ga_hid=508319689&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=230&ady=2376&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44761793%2C44770880&oid=2&pvsid=1489802935848688&tmod=541642836&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&btvi=1&fsb=1&xpc=f0sWoWgDPL&p=https%3A//www.onenewspage.com&dtd=1188

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

4cf6f3dffbc65f9231255bf31f40ddc84a45bc57428b41d6786afc7153b90b7a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Sun, 04 Sep 2022 13:33:13 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Sun, 04 Sep 2022 14:16:25 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sun, 04 Sep 2022 14:16:25 GMT

GET
H2 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220831/r20110914/client/ Frame 4401 2 KB
983 B 86ms
33ms Script
text/javascript 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220831/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

981c0bff12cb03203363a70e8ffe9b7fdf4af3b0b10c7a02a639eb13327574c0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Sun, 04 Sep 2022 14:06:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 608
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 875
x-xss-protection: 0
server: cafe
etag: 16974406330603315520
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 18 Sep 2022 14:06:16 GMT

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220831/r20110914/ Frame 4401 23 KB
10 KB 67ms
15ms Script
text/javascript 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220831/r20110914/abg_lite_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0e39772fd4ab2ea007f5b93277960107e5a96696c53eef90c6e694e556ff5c26

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Sun, 04 Sep 2022 14:12:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 244
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9632
x-xss-protection: 0
server: cafe
etag: 2755732409155645664
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 18 Sep 2022 14:12:20 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 4401 0
0 63ms
62ms Fetch
text/html 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CKSqTOLMUY_29Kbe01fAPzuaP6ATBoJqZbM-wjsvIEJaCzYWIFhABIPXGuANgleKQgqAHoAGhlfLtAsgBCakC1oYXkBazsD6oAwHIA8uEgAKqBLUCT9Cu1-jogRgV4yDBS1BGydfuPMgWemS2g6XAMUoc-1NitZqaf8WslHn-omga4zai2pqPynloe93GYvk1QBZfY3Th0-rPjoNnfeuO73pGAEuXcJ042-m7NgSME7KchBMyQ6emVF9w5FfAGxZlX7RV_kN9AlOyzP2t4hnPsta-gFVEjpnjX9eAteAmZmYj8szrCXQ2dEjNwjDLKJYvBDQSwuHtfctkU9Xm7D4RLFE2sOmeCW9qLecsyzZaAgf4dqaLD4V7yVqSt0XP-Hand41lwvqvQSzUHnTvmHxyxk3AKHIK_efrUht4ai0Nu4Wbj3bY8JHDmIA7FrQ2nK9cDXXPBq0vyZef6bbWaBeF11h21XUaVtDQfRgFxyG4_5zjxNZHBn_8wVtbTvvoajE2-dYgRemhnXl-wASN3aHfiwSSBQQIBBgBkgUECAUYBKAGLoAHx-qNkgGoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G9gHAPIHBBC-lwLSCBEIgOGAEBABGB8yAqoCOgKAQIAKAcgLAdgTDdAVAZgWAYAXAbIXHAoaCAASFHB1Yi00OTg1NDQ3MDcwMTYwOTI1GAA&sigh=KcGOFzZ5m2U&uach_m=[UACH]&template_id=5000

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?us_privacy=1---&client=ca-pub-4985447070160925&output=html&h=280&slotname=8886206350&adk=2616170555&adf=1236709610&pi=t.ma~as.8886206350&w=750&fwrn=4&fwrnh=100&lmt=1662300982&rafmt=1&psa=0&format=750x280&url=https%3A%2F%2Fwww.onenewspage.com%2Fvideo%2F20220806%2F14729083%2FMax-Igan-Shift-is-Happening!.htm&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1662300983414&bpp=4&bdt=375&idt=760&shv=r20220831&mjsv=m202208300101&ptt=9&saldr=aa&abxe=1&correlator=4536277881758&frm=20&pv=2&ga_vid=1952181317.1662300983&ga_sid=1662300985&ga_hid=508319689&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=230&ady=2376&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44761793%2C44770880&oid=2&pvsid=1489802935848688&tmod=541642836&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&btvi=1&fsb=1&xpc=f0sWoWgDPL&p=https%3A//www.onenewspage.com&dtd=1188
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Sun, 04 Sep 2022 14:16:24 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Sun, 04 Sep 2022 14:16:24 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220831/r20110914/client/ Frame 4401 3 KB
1 KB 75ms
34ms Script
text/javascript 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220831/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Sun, 04 Sep 2022 14:12:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 235
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1359
x-xss-protection: 0
server: cafe
etag: 1484984001845508991
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 18 Sep 2022 14:12:29 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 4401 142 KB
44 KB 76ms
23ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e851345505ee432c9397d60e5d91929ab4e5921f75c91f359b0939a879304b7a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Sun, 04 Sep 2022 14:16:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 44792
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1661945761880069"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sun, 04 Sep 2022 14:16:25 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220831/r20110914/client/ Frame 4401 17 KB
8 KB 58ms
17ms Script
text/javascript 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220831/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

57000ea03bfb53734d0858b8fe992e6742226f23f311eb0f9d2177e2a84a5621

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Sun, 04 Sep 2022 14:08:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 485
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7599
x-xss-protection: 0
server: cafe
etag: 9215437806027971270
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 18 Sep 2022 14:08:19 GMT

GET
H2 200 e3ca5db921b3b46420ba257a4c2f6b26.js Show response
www.gstatic.com/mysidia/ Frame 4401 33 KB
14 KB 124ms
83ms Script
text/javascript 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/e3ca5db921b3b46420ba257a4c2f6b26.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

24302eeb5b736bcc9f610299a37ac5dcf7e5b4c11591489fe9ad89f1533bd09b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Fri, 02 Sep 2022 13:15:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 176471
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13683
x-xss-protection: 0
last-modified: Mon, 29 Aug 2022 19:26:35 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Thu, 01 Dec 2022 13:15:13 GMT

GET
H2 200 sync
taboola-supply-partners.tremorhub.com/ Frame B2F1 43 B
183 B 373ms
107ms Image
image/gif 2600:1f18:612b:4264:562f:45f1:d263:2a9f
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://taboola-supply-partners.tremorhub.com/sync?UISTB=%3CtaboolaUserId%3E&gdpr=1&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Ftelaria-rtb-network%2F1%2Frtb-h%2F%3Fgdpr%3D1%26us_privacy%3D1---%26taboola_hm%3D%5BTVUSER_ID%5D%26orig%3Dvideo
Requested by: Host: imprammp.taboola.com
URL: https://imprammp.taboola.com/st?cijs=convusmp&ttype=0&cisd=convusmp&cipid=66256635&crid=5895835&dast=V7m6gCFgOnWK7GEN8VrwSnWK7GEN8VrwUAAAAGBuIHJDgZrgYj32itsRgXa9FyslkrF57FWjharFzGhWc2nLmMQCIzy2o4HG7WuuVu5RbNfCu3crWyrWW-iXHmmLlmC4dzCg3E8nxNf8Nb9jS5_G6gQtPp8Lnu9brf7663u-wu3-fw8LnsGr_bL3uaXH6_ZDCZDIaD2V4x2k2Wg-Fmr2YY30qew-7WFJ0201vpeQsZhsPL7rT7HHKh6W0HAAAAgAeALPtNiB9AAIAIAAAAAAkAAAAAioCKfwuBCwAAAAAMgAOZJA0AKI6Ddt09p5flHwAADw8gAAACGCQABIL7JQAj1j0nAAAAAAAAAAAs_____zED8v77MgP3Xpc9AA8-AA9EBaNFjAAAAACCNxwUjiZ1QmVRBQBAkG4FcAUAEDCIwE0hFwYAAEAwtkAPi99vdtg1frfLAAAAAAAAAADM_s_-0YSerhXSgOhR7NV-AQEA1n4BAQDYwg0A4E0ALugIWjEYrC4gZgcAAABw9____68HkpuFwzBbDQe7lWtkmjmXK89yZJmNVqPRcjjZmLzHRDtlK5G77NTXQCzP1_Q3vGVPk8tvvwlbjFaTyWY5nC0Xk8FwNByN9jcQg9UAJ2KwXE4mi8luNVqNNsPdaDZYoEAMJkjRosFkNRpNFpPhajRZzZaL3W6DFK1azUabwXA1m8x2u9VwMFyORjhhi9FqMtksh7PlYjIYjoaj0RBhZLEa-WY241rlsdjcosXEshaubI61YDXYTDYe02qwsa1Fr4_pYVh5hhPjFgUDpvYiuEgnervL7vJ9Dg-fy623u-wu3-fw8LksYonmZJFOZJd9c7NwGGar4WC3co1MM-dy5VmOLLPRajRaDicbk7-yWI18M5txrfJYbG7RYmJZC1c2x1qwGmwmG49pNdjY1qLXx_QwrDzDiXHfmM0mm8FgORztG7PZZDMYLIejfYfO8F19zkZjTnTx6Dy2cc3wvTkMCpfB4v1JTItpd3bw_H5Hp079UhZ1RuHle_QaFJ6DRzW8Lpfh6XHxbf4MCsfBoIglgtNFOpE9TS6_RSyRPC3SiXK2GXk2tuHEtpt5HJ6VyeacOTwL18gx2Fg8M-NELFGaLtKJXvY0ufx-yWAyGQwHs71itJssB8PNXu0wvpU-h92tOTptprfS8xY6DIeX3Wn3OeRC09ui_iNDLDdzyW6uGM0Vg1UCAAAAAAAAAFjCnHkTAAAAgNNAlqvZbrVcgAgWKt2f1a-sLCr1tt38PHTPjzJ76eLGjy_e7rK7fJ_Dw-dy6-0uu8v3OTx8LisDRKSAMW_2TBBrtVrWAAAAAtgAAAAB3Lp5Cwiz5PaBqCzNzMzMzPgJcLNaDA!&cmcv=&pix=undefined&cb=1662300984882&uv=3221&tms=1662300984882&abt=inc_all_video_vA!Noappq22_vC!t45!tvrReverse1_vB!ufm&ft=0&unm=WIDGET_ITEM&aure=false&agl=1&cirid=82850d74-cb81-4923-9a31-841ee8a368fe&excid=e22lLINE_ITEM_ID_WILL_BE_HERE_ON_SERVINGc&tst=1&docw=0&cs=true&cias=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:612b:4264:562f:45f1:d263:2a9f Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: Apache-Coyote/1.1 /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imprammp.taboola.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Sun, 04 Sep 2022 14:16:25 GMT
server: Apache-Coyote/1.1
p3p: CP='This is not a P3P policy. See https://telaria.com/privacy-policy/'
content-type: image/gif

GET
H2 200 generic
match.adsrvr.org/track/cmf/ Frame B2F1 70 B
265 B 140ms
40ms Image
image/gif 15.197.193.217
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/generic?gdpr=1&ttd_pid=054f32o&us_privacy=1---&ttd_tpi=1
Requested by: Host: imprammp.taboola.com
URL: https://imprammp.taboola.com/st?cijs=convusmp&ttype=0&cisd=convusmp&cipid=66256635&crid=5895835&dast=V7m6gCFgOnWK7GEN8VrwSnWK7GEN8VrwUAAAAGBuIHJDgZrgYj32itsRgXa9FyslkrF57FWjharFzGhWc2nLmMQCIzy2o4HG7WuuVu5RbNfCu3crWyrWW-iXHmmLlmC4dzCg3E8nxNf8Nb9jS5_G6gQtPp8Lnu9brf7663u-wu3-fw8LnsGr_bL3uaXH6_ZDCZDIaD2V4x2k2Wg-Fmr2YY30qew-7WFJ0201vpeQsZhsPL7rT7HHKh6W0HAAAAgAeALPtNiB9AAIAIAAAAAAkAAAAAioCKfwuBCwAAAAAMgAOZJA0AKI6Ddt09p5flHwAADw8gAAACGCQABIL7JQAj1j0nAAAAAAAAAAAs_____zED8v77MgP3Xpc9AA8-AA9EBaNFjAAAAACCNxwUjiZ1QmVRBQBAkG4FcAUAEDCIwE0hFwYAAEAwtkAPi99vdtg1frfLAAAAAAAAAADM_s_-0YSerhXSgOhR7NV-AQEA1n4BAQDYwg0A4E0ALugIWjEYrC4gZgcAAABw9____68HkpuFwzBbDQe7lWtkmjmXK89yZJmNVqPRcjjZmLzHRDtlK5G77NTXQCzP1_Q3vGVPk8tvvwlbjFaTyWY5nC0Xk8FwNByN9jcQg9UAJ2KwXE4mi8luNVqNNsPdaDZYoEAMJkjRosFkNRpNFpPhajRZzZaL3W6DFK1azUabwXA1m8x2u9VwMFyORjhhi9FqMtksh7PlYjIYjoaj0RBhZLEa-WY241rlsdjcosXEshaubI61YDXYTDYe02qwsa1Fr4_pYVh5hhPjFgUDpvYiuEgnervL7vJ9Dg-fy623u-wu3-fw8LksYonmZJFOZJd9c7NwGGar4WC3co1MM-dy5VmOLLPRajRaDicbk7-yWI18M5txrfJYbG7RYmJZC1c2x1qwGmwmG49pNdjY1qLXx_QwrDzDiXHfmM0mm8FgORztG7PZZDMYLIejfYfO8F19zkZjTnTx6Dy2cc3wvTkMCpfB4v1JTItpd3bw_H5Hp079UhZ1RuHle_QaFJ6DRzW8Lpfh6XHxbf4MCsfBoIglgtNFOpE9TS6_RSyRPC3SiXK2GXk2tuHEtpt5HJ6VyeacOTwL18gx2Fg8M-NELFGaLtKJXvY0ufx-yWAyGQwHs71itJssB8PNXu0wvpU-h92tOTptprfS8xY6DIeX3Wn3OeRC09ui_iNDLDdzyW6uGM0Vg1UCAAAAAAAAAFjCnHkTAAAAgNNAlqvZbrVcgAgWKt2f1a-sLCr1tt38PHTPjzJ76eLGjy_e7rK7fJ_Dw-dy6-0uu8v3OTx8LisDRKSAMW_2TBBrtVrWAAAAAtgAAAAB3Lp5Cwiz5PaBqCzNzMzMzPgJcLNaDA!&cmcv=&pix=undefined&cb=1662300984882&uv=3221&tms=1662300984882&abt=inc_all_video_vA!Noappq22_vC!t45!tvrReverse1_vB!ufm&ft=0&unm=WIDGET_ITEM&aure=false&agl=1&cirid=82850d74-cb81-4923-9a31-841ee8a368fe&excid=e22lLINE_ITEM_ID_WILL_BE_HERE_ON_SERVINGc&tst=1&docw=0&cs=true&cias=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 15.197.193.217 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a12b7a488abeaa9e4.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imprammp.taboola.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 04 Sep 2022 14:16:25 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-type: image/gif
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H2

200

rtb-h Show response
sync-t1.taboola.com/sg/spotx-rtb-network/1/ Frame B2F1
Redirect Chain

https://sync.search.spotxchange.com/partner?gdpr=1&adv_id=8532&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fspotx-rtb-network%2F1%2Frtb-h%3Ftaboola_hm%3D%24SPOTX_USER_ID%26orig%3D...
https://sync.search.spotxchange.com/partner?gdpr=1&adv_id=8532&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fspotx-rtb-network%2F1%2Frtb-h%3Ftaboola_hm%3D%24SPOTX_USER_ID%26orig%3D...
https://sync-t1.taboola.com/sg/spotx-rtb-network/1/rtb-h?taboola_hm=28e8584d-2c5c-11ed-9643-1eddb0c50306&orig=video&us_privacy=1---gdpr=1&

0
98 B

68ms
24ms

Script
text/plain

141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://sync-t1.taboola.com/sg/spotx-rtb-network/1/rtb-h?taboola_hm=28e8584d-2c5c-11ed-9643-1eddb0c50306&orig=video&us_privacy=1---gdpr=1&
Requested by: Host: imprammp.taboola.com
URL: https://imprammp.taboola.com/st?cijs=convusmp&ttype=0&cisd=convusmp&cipid=66256635&crid=5895835&dast=V7m6gCFgOnWK7GEN8VrwSnWK7GEN8VrwUAAAAGBuIHJDgZrgYj32itsRgXa9FyslkrF57FWjharFzGhWc2nLmMQCIzy2o4HG7WuuVu5RbNfCu3crWyrWW-iXHmmLlmC4dzCg3E8nxNf8Nb9jS5_G6gQtPp8Lnu9brf7663u-wu3-fw8LnsGr_bL3uaXH6_ZDCZDIaD2V4x2k2Wg-Fmr2YY30qew-7WFJ0201vpeQsZhsPL7rT7HHKh6W0HAAAAgAeALPtNiB9AAIAIAAAAAAkAAAAAioCKfwuBCwAAAAAMgAOZJA0AKI6Ddt09p5flHwAADw8gAAACGCQABIL7JQAj1j0nAAAAAAAAAAAs_____zED8v77MgP3Xpc9AA8-AA9EBaNFjAAAAACCNxwUjiZ1QmVRBQBAkG4FcAUAEDCIwE0hFwYAAEAwtkAPi99vdtg1frfLAAAAAAAAAADM_s_-0YSerhXSgOhR7NV-AQEA1n4BAQDYwg0A4E0ALugIWjEYrC4gZgcAAABw9____68HkpuFwzBbDQe7lWtkmjmXK89yZJmNVqPRcjjZmLzHRDtlK5G77NTXQCzP1_Q3vGVPk8tvvwlbjFaTyWY5nC0Xk8FwNByN9jcQg9UAJ2KwXE4mi8luNVqNNsPdaDZYoEAMJkjRosFkNRpNFpPhajRZzZaL3W6DFK1azUabwXA1m8x2u9VwMFyORjhhi9FqMtksh7PlYjIYjoaj0RBhZLEa-WY241rlsdjcosXEshaubI61YDXYTDYe02qwsa1Fr4_pYVh5hhPjFgUDpvYiuEgnervL7vJ9Dg-fy623u-wu3-fw8LksYonmZJFOZJd9c7NwGGar4WC3co1MM-dy5VmOLLPRajRaDicbk7-yWI18M5txrfJYbG7RYmJZC1c2x1qwGmwmG49pNdjY1qLXx_QwrDzDiXHfmM0mm8FgORztG7PZZDMYLIejfYfO8F19zkZjTnTx6Dy2cc3wvTkMCpfB4v1JTItpd3bw_H5Hp079UhZ1RuHle_QaFJ6DRzW8Lpfh6XHxbf4MCsfBoIglgtNFOpE9TS6_RSyRPC3SiXK2GXk2tuHEtpt5HJ6VyeacOTwL18gx2Fg8M-NELFGaLtKJXvY0ufx-yWAyGQwHs71itJssB8PNXu0wvpU-h92tOTptprfS8xY6DIeX3Wn3OeRC09ui_iNDLDdzyW6uGM0Vg1UCAAAAAAAAAFjCnHkTAAAAgNNAlqvZbrVcgAgWKt2f1a-sLCr1tt38PHTPjzJ76eLGjy_e7rK7fJ_Dw-dy6-0uu8v3OTx8LisDRKSAMW_2TBBrtVrWAAAAAtgAAAAB3Lp5Cwiz5PaBqCzNzMzMzPgJcLNaDA!&cmcv=&pix=undefined&cb=1662300984882&uv=3221&tms=1662300984882&abt=inc_all_video_vA!Noappq22_vC!t45!tvrReverse1_vB!ufm&ft=0&unm=WIDGET_ITEM&aure=false&agl=1&cirid=82850d74-cb81-4923-9a31-841ee8a368fe&excid=e22lLINE_ITEM_ID_WILL_BE_HERE_ON_SERVINGc&tst=1&docw=0&cs=true&cias=1
Protocol: H2
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imprammp.taboola.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Sun, 04 Sep 2022 14:16:25 GMT
access-control-allow-credentials: true
server: nginx
x-fastly-to-nlb-rtt: 28237

Redirect headers

Date: Sun, 04 Sep 2022 14:16:25 GMT
Server: nginx
Location: https://sync-t1.taboola.com/sg/spotx-rtb-network/1/rtb-h?taboola_hm=28e8584d-2c5c-11ed-9643-1eddb0c50306&orig=video&us_privacy=1---gdpr=1&
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: text/plain
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Access-Control-Allow-Credentials: false
X-fe: 48
Connection: keep-alive
Content-Length: 0

GET
H2

200

/
sync.taboola.com/sg/yahoosspus-network/1/rtb-h/ Frame B2F1
Redirect Chain

https://ups.analytics.yahoo.com/ups/58534/occ
https://ups.analytics.yahoo.com/ups/58534/occ?verify=true
https://sync.taboola.com/sg/yahoosspus-network/1/rtb-h/?taboola_hm=y-TH8pgq5E2uHpbuLsdtDQnDbdlzJU6mu9Al.yB.I-~A

0
98 B

185ms
24ms

Image
text/plain

141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.taboola.com/sg/yahoosspus-network/1/rtb-h/?taboola_hm=y-TH8pgq5E2uHpbuLsdtDQnDbdlzJU6mu9Al.yB.I-~A
Requested by: Host: imprammp.taboola.com
URL: https://imprammp.taboola.com/st?cijs=convusmp&ttype=0&cisd=convusmp&cipid=66256635&crid=5895835&dast=V7m6gCFgOnWK7GEN8VrwSnWK7GEN8VrwUAAAAGBuIHJDgZrgYj32itsRgXa9FyslkrF57FWjharFzGhWc2nLmMQCIzy2o4HG7WuuVu5RbNfCu3crWyrWW-iXHmmLlmC4dzCg3E8nxNf8Nb9jS5_G6gQtPp8Lnu9brf7663u-wu3-fw8LnsGr_bL3uaXH6_ZDCZDIaD2V4x2k2Wg-Fmr2YY30qew-7WFJ0201vpeQsZhsPL7rT7HHKh6W0HAAAAgAeALPtNiB9AAIAIAAAAAAkAAAAAioCKfwuBCwAAAAAMgAOZJA0AKI6Ddt09p5flHwAADw8gAAACGCQABIL7JQAj1j0nAAAAAAAAAAAs_____zED8v77MgP3Xpc9AA8-AA9EBaNFjAAAAACCNxwUjiZ1QmVRBQBAkG4FcAUAEDCIwE0hFwYAAEAwtkAPi99vdtg1frfLAAAAAAAAAADM_s_-0YSerhXSgOhR7NV-AQEA1n4BAQDYwg0A4E0ALugIWjEYrC4gZgcAAABw9____68HkpuFwzBbDQe7lWtkmjmXK89yZJmNVqPRcjjZmLzHRDtlK5G77NTXQCzP1_Q3vGVPk8tvvwlbjFaTyWY5nC0Xk8FwNByN9jcQg9UAJ2KwXE4mi8luNVqNNsPdaDZYoEAMJkjRosFkNRpNFpPhajRZzZaL3W6DFK1azUabwXA1m8x2u9VwMFyORjhhi9FqMtksh7PlYjIYjoaj0RBhZLEa-WY241rlsdjcosXEshaubI61YDXYTDYe02qwsa1Fr4_pYVh5hhPjFgUDpvYiuEgnervL7vJ9Dg-fy623u-wu3-fw8LksYonmZJFOZJd9c7NwGGar4WC3co1MM-dy5VmOLLPRajRaDicbk7-yWI18M5txrfJYbG7RYmJZC1c2x1qwGmwmG49pNdjY1qLXx_QwrDzDiXHfmM0mm8FgORztG7PZZDMYLIejfYfO8F19zkZjTnTx6Dy2cc3wvTkMCpfB4v1JTItpd3bw_H5Hp079UhZ1RuHle_QaFJ6DRzW8Lpfh6XHxbf4MCsfBoIglgtNFOpE9TS6_RSyRPC3SiXK2GXk2tuHEtpt5HJ6VyeacOTwL18gx2Fg8M-NELFGaLtKJXvY0ufx-yWAyGQwHs71itJssB8PNXu0wvpU-h92tOTptprfS8xY6DIeX3Wn3OeRC09ui_iNDLDdzyW6uGM0Vg1UCAAAAAAAAAFjCnHkTAAAAgNNAlqvZbrVcgAgWKt2f1a-sLCr1tt38PHTPjzJ76eLGjy_e7rK7fJ_Dw-dy6-0uu8v3OTx8LisDRKSAMW_2TBBrtVrWAAAAAtgAAAAB3Lp5Cwiz5PaBqCzNzMzMzPgJcLNaDA!&cmcv=&pix=undefined&cb=1662300984882&uv=3221&tms=1662300984882&abt=inc_all_video_vA!Noappq22_vC!t45!tvrReverse1_vB!ufm&ft=0&unm=WIDGET_ITEM&aure=false&agl=1&cirid=82850d74-cb81-4923-9a31-841ee8a368fe&excid=e22lLINE_ITEM_ID_WILL_BE_HERE_ON_SERVINGc&tst=1&docw=0&cs=true&cias=1
Protocol: H2
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imprammp.taboola.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Sun, 04 Sep 2022 14:16:25 GMT
access-control-allow-credentials: true
server: nginx
x-fastly-to-nlb-rtt: 31998

Redirect headers

location: https://sync.taboola.com/sg/yahoosspus-network/1/rtb-h/?taboola_hm=y-TH8pgq5E2uHpbuLsdtDQnDbdlzJU6mu9Al.yB.I-~A
date: Sun, 04 Sep 2022 14:16:25 GMT
server: ATS/9.1.10.25
age: 0
content-length: 0
strict-transport-security: max-age=31536000
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

GET
H/1.1 200
OK sync
x.bidswitch.net/ Frame B2F1 43 B
220 B 144ms
17ms Image
image/gif 52.57.12.251
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://x.bidswitch.net/sync?gdpr=1&us_privacy=1---&ssp=taboola
Requested by: Host: imprammp.taboola.com
URL: https://imprammp.taboola.com/st?cijs=convusmp&ttype=0&cisd=convusmp&cipid=66256635&crid=5895835&dast=V7m6gCFgOnWK7GEN8VrwSnWK7GEN8VrwUAAAAGBuIHJDgZrgYj32itsRgXa9FyslkrF57FWjharFzGhWc2nLmMQCIzy2o4HG7WuuVu5RbNfCu3crWyrWW-iXHmmLlmC4dzCg3E8nxNf8Nb9jS5_G6gQtPp8Lnu9brf7663u-wu3-fw8LnsGr_bL3uaXH6_ZDCZDIaD2V4x2k2Wg-Fmr2YY30qew-7WFJ0201vpeQsZhsPL7rT7HHKh6W0HAAAAgAeALPtNiB9AAIAIAAAAAAkAAAAAioCKfwuBCwAAAAAMgAOZJA0AKI6Ddt09p5flHwAADw8gAAACGCQABIL7JQAj1j0nAAAAAAAAAAAs_____zED8v77MgP3Xpc9AA8-AA9EBaNFjAAAAACCNxwUjiZ1QmVRBQBAkG4FcAUAEDCIwE0hFwYAAEAwtkAPi99vdtg1frfLAAAAAAAAAADM_s_-0YSerhXSgOhR7NV-AQEA1n4BAQDYwg0A4E0ALugIWjEYrC4gZgcAAABw9____68HkpuFwzBbDQe7lWtkmjmXK89yZJmNVqPRcjjZmLzHRDtlK5G77NTXQCzP1_Q3vGVPk8tvvwlbjFaTyWY5nC0Xk8FwNByN9jcQg9UAJ2KwXE4mi8luNVqNNsPdaDZYoEAMJkjRosFkNRpNFpPhajRZzZaL3W6DFK1azUabwXA1m8x2u9VwMFyORjhhi9FqMtksh7PlYjIYjoaj0RBhZLEa-WY241rlsdjcosXEshaubI61YDXYTDYe02qwsa1Fr4_pYVh5hhPjFgUDpvYiuEgnervL7vJ9Dg-fy623u-wu3-fw8LksYonmZJFOZJd9c7NwGGar4WC3co1MM-dy5VmOLLPRajRaDicbk7-yWI18M5txrfJYbG7RYmJZC1c2x1qwGmwmG49pNdjY1qLXx_QwrDzDiXHfmM0mm8FgORztG7PZZDMYLIejfYfO8F19zkZjTnTx6Dy2cc3wvTkMCpfB4v1JTItpd3bw_H5Hp079UhZ1RuHle_QaFJ6DRzW8Lpfh6XHxbf4MCsfBoIglgtNFOpE9TS6_RSyRPC3SiXK2GXk2tuHEtpt5HJ6VyeacOTwL18gx2Fg8M-NELFGaLtKJXvY0ufx-yWAyGQwHs71itJssB8PNXu0wvpU-h92tOTptprfS8xY6DIeX3Wn3OeRC09ui_iNDLDdzyW6uGM0Vg1UCAAAAAAAAAFjCnHkTAAAAgNNAlqvZbrVcgAgWKt2f1a-sLCr1tt38PHTPjzJ76eLGjy_e7rK7fJ_Dw-dy6-0uu8v3OTx8LisDRKSAMW_2TBBrtVrWAAAAAtgAAAAB3Lp5Cwiz5PaBqCzNzMzMzPgJcLNaDA!&cmcv=&pix=undefined&cb=1662300984882&uv=3221&tms=1662300984882&abt=inc_all_video_vA!Noappq22_vC!t45!tvrReverse1_vB!ufm&ft=0&unm=WIDGET_ITEM&aure=false&agl=1&cirid=82850d74-cb81-4923-9a31-841ee8a368fe&excid=e22lLINE_ITEM_ID_WILL_BE_HERE_ON_SERVINGc&tst=1&docw=0&cs=true&cias=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.57.12.251 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-57-12-251.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imprammp.taboola.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

Date: Sun, 04 Sep 2022 14:16:25 GMT
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Length: 43
Content-Type: image/gif

GET
H2 200 downsize_200k_v1
tpc.googlesyndication.com/simgad/5826709250813818495/ Frame 4401 20 KB
20 KB 68ms
35ms Image
image/jpeg 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/5826709250813818495/downsize_200k_v1?w=400&h=209

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c74210c6fbbed7af7c82b7d3277e3fb39a4cb0237b4e5e5da2229a7e78803ba4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Mon, 29 Aug 2022 09:09:27 GMT
x-content-type-options: nosniff
age: 536817
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20619
x-xss-protection: 0
last-modified: Fri, 21 Jan 2022 13:18:17 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Tue, 29 Aug 2023 09:09:27 GMT

GET
DATA 200
OK truncated
/ Frame 4401 206 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 44eefef34507164f4234b958d8f6906488a2521071379498041568bae9499b2e

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame 4401 209 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d7779d95203bed5280ee3281f856607f95ac5df680547356656c7109d7d0a6a6

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 0e36d09df9ff74ac9a9a8e304d461f4b.js Show response
www.gstatic.com/mysidia/ Frame 81F6 10 KB
4 KB 109ms
87ms Script
text/javascript 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/0e36d09df9ff74ac9a9a8e304d461f4b.js?tag=client_fast_engine_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?us_privacy=1---&client=ca-pub-4985447070160925&output=html&h=1069&slotname=4684115771&adk=2369831491&adf=1915577481&pi=t.ma~as.4684115771&w=345&cr_col=1&cr_row=4&lmt=1662300982&rafmt=9&psa=0&format=345x1069&url=https%3A%2F%2Fwww.onenewspage.com%2Fvideo%2F20220806%2F14729083%2FMax-Igan-Shift-is-Happening!.htm&crui=pub_control_image_card_stacked&fwrattr=false&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1662300983414&bpp=1&bdt=374&idt=812&shv=r20220831&mjsv=m202208300101&ptt=9&saldr=aa&abxe=1&prev_fmts=750x280%2C345x280&correlator=4536277881758&frm=20&pv=1&ga_vid=1952181317.1662300983&ga_sid=1662300985&ga_hid=508319689&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1025&ady=2162&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44761793%2C44770880&oid=2&pvsid=1489802935848688&tmod=541642836&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpEebr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=2H1iP2yTvX&p=https%3A//www.onenewspage.com&dtd=1198

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8a5dc38cec076d349128944270877cc436cf084bb9ea8130ad55a644c40b35f5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Fri, 02 Sep 2022 13:15:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 176470
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4500
x-xss-protection: 0
last-modified: Mon, 29 Aug 2022 19:26:35 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Thu, 01 Dec 2022 13:15:14 GMT

GET
H2 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220831/r20110914/client/ Frame 81F6 2 KB
936 B 56ms
34ms Script
text/javascript 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220831/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?us_privacy=1---&client=ca-pub-4985447070160925&output=html&h=1069&slotname=4684115771&adk=2369831491&adf=1915577481&pi=t.ma~as.4684115771&w=345&cr_col=1&cr_row=4&lmt=1662300982&rafmt=9&psa=0&format=345x1069&url=https%3A%2F%2Fwww.onenewspage.com%2Fvideo%2F20220806%2F14729083%2FMax-Igan-Shift-is-Happening!.htm&crui=pub_control_image_card_stacked&fwrattr=false&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1662300983414&bpp=1&bdt=374&idt=812&shv=r20220831&mjsv=m202208300101&ptt=9&saldr=aa&abxe=1&prev_fmts=750x280%2C345x280&correlator=4536277881758&frm=20&pv=1&ga_vid=1952181317.1662300983&ga_sid=1662300985&ga_hid=508319689&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1025&ady=2162&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44761793%2C44770880&oid=2&pvsid=1489802935848688&tmod=541642836&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpEebr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=2H1iP2yTvX&p=https%3A//www.onenewspage.com&dtd=1198

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

981c0bff12cb03203363a70e8ffe9b7fdf4af3b0b10c7a02a639eb13327574c0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Sun, 04 Sep 2022 14:06:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 608
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 875
x-xss-protection: 0
server: cafe
etag: 16974406330603315520
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 18 Sep 2022 14:06:16 GMT

GET
H2 200 62d0a223bbf42150c8ef2ea95c54930b.js Show response
www.gstatic.com/mysidia/ Frame 81F6 22 KB
9 KB 109ms
88ms Script
text/javascript 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/62d0a223bbf42150c8ef2ea95c54930b.js?tag=exit_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?us_privacy=1---&client=ca-pub-4985447070160925&output=html&h=1069&slotname=4684115771&adk=2369831491&adf=1915577481&pi=t.ma~as.4684115771&w=345&cr_col=1&cr_row=4&lmt=1662300982&rafmt=9&psa=0&format=345x1069&url=https%3A%2F%2Fwww.onenewspage.com%2Fvideo%2F20220806%2F14729083%2FMax-Igan-Shift-is-Happening!.htm&crui=pub_control_image_card_stacked&fwrattr=false&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1662300983414&bpp=1&bdt=374&idt=812&shv=r20220831&mjsv=m202208300101&ptt=9&saldr=aa&abxe=1&prev_fmts=750x280%2C345x280&correlator=4536277881758&frm=20&pv=1&ga_vid=1952181317.1662300983&ga_sid=1662300985&ga_hid=508319689&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1025&ady=2162&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44761793%2C44770880&oid=2&pvsid=1489802935848688&tmod=541642836&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpEebr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=2H1iP2yTvX&p=https%3A//www.onenewspage.com&dtd=1198

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

84c692f5b218c59f2066d6a392f426aa7862a0f573a24835d95edca6d26fd4d6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Thu, 01 Sep 2022 02:39:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 300987
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9299
x-xss-protection: 0
last-modified: Thu, 25 Aug 2022 01:10:52 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Wed, 30 Nov 2022 02:39:57 GMT

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220831/r20110914/ Frame 81F6 23 KB
9 KB 41ms
20ms Script
text/javascript 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220831/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?us_privacy=1---&client=ca-pub-4985447070160925&output=html&h=1069&slotname=4684115771&adk=2369831491&adf=1915577481&pi=t.ma~as.4684115771&w=345&cr_col=1&cr_row=4&lmt=1662300982&rafmt=9&psa=0&format=345x1069&url=https%3A%2F%2Fwww.onenewspage.com%2Fvideo%2F20220806%2F14729083%2FMax-Igan-Shift-is-Happening!.htm&crui=pub_control_image_card_stacked&fwrattr=false&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1662300983414&bpp=1&bdt=374&idt=812&shv=r20220831&mjsv=m202208300101&ptt=9&saldr=aa&abxe=1&prev_fmts=750x280%2C345x280&correlator=4536277881758&frm=20&pv=1&ga_vid=1952181317.1662300983&ga_sid=1662300985&ga_hid=508319689&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1025&ady=2162&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44761793%2C44770880&oid=2&pvsid=1489802935848688&tmod=541642836&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpEebr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=2H1iP2yTvX&p=https%3A//www.onenewspage.com&dtd=1198

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0e39772fd4ab2ea007f5b93277960107e5a96696c53eef90c6e694e556ff5c26

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Sun, 04 Sep 2022 14:12:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 244
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9632
x-xss-protection: 0
server: cafe
etag: 2755732409155645664
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 18 Sep 2022 14:12:20 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220831/r20110914/client/ Frame 81F6 3 KB
1 KB 44ms
16ms Script
text/javascript 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220831/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?us_privacy=1---&client=ca-pub-4985447070160925&output=html&h=1069&slotname=4684115771&adk=2369831491&adf=1915577481&pi=t.ma~as.4684115771&w=345&cr_col=1&cr_row=4&lmt=1662300982&rafmt=9&psa=0&format=345x1069&url=https%3A%2F%2Fwww.onenewspage.com%2Fvideo%2F20220806%2F14729083%2FMax-Igan-Shift-is-Happening!.htm&crui=pub_control_image_card_stacked&fwrattr=false&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1662300983414&bpp=1&bdt=374&idt=812&shv=r20220831&mjsv=m202208300101&ptt=9&saldr=aa&abxe=1&prev_fmts=750x280%2C345x280&correlator=4536277881758&frm=20&pv=1&ga_vid=1952181317.1662300983&ga_sid=1662300985&ga_hid=508319689&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1025&ady=2162&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44761793%2C44770880&oid=2&pvsid=1489802935848688&tmod=541642836&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpEebr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=2H1iP2yTvX&p=https%3A//www.onenewspage.com&dtd=1198

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Sun, 04 Sep 2022 14:09:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 424
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1359
x-xss-protection: 0
server: cafe
etag: 1484984001845508991
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 18 Sep 2022 14:09:21 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 81F6 142 KB
44 KB 76ms
44ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?us_privacy=1---&client=ca-pub-4985447070160925&output=html&h=1069&slotname=4684115771&adk=2369831491&adf=1915577481&pi=t.ma~as.4684115771&w=345&cr_col=1&cr_row=4&lmt=1662300982&rafmt=9&psa=0&format=345x1069&url=https%3A%2F%2Fwww.onenewspage.com%2Fvideo%2F20220806%2F14729083%2FMax-Igan-Shift-is-Happening!.htm&crui=pub_control_image_card_stacked&fwrattr=false&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1662300983414&bpp=1&bdt=374&idt=812&shv=r20220831&mjsv=m202208300101&ptt=9&saldr=aa&abxe=1&prev_fmts=750x280%2C345x280&correlator=4536277881758&frm=20&pv=1&ga_vid=1952181317.1662300983&ga_sid=1662300985&ga_hid=508319689&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1025&ady=2162&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44761793%2C44770880&oid=2&pvsid=1489802935848688&tmod=541642836&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpEebr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=2H1iP2yTvX&p=https%3A//www.onenewspage.com&dtd=1198

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e851345505ee432c9397d60e5d91929ab4e5921f75c91f359b0939a879304b7a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Sun, 04 Sep 2022 14:16:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 44792
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1661945761880069"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sun, 04 Sep 2022 14:16:25 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220831/r20110914/client/ Frame 81F6 17 KB
7 KB 51ms
31ms Script
text/javascript 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220831/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?us_privacy=1---&client=ca-pub-4985447070160925&output=html&h=1069&slotname=4684115771&adk=2369831491&adf=1915577481&pi=t.ma~as.4684115771&w=345&cr_col=1&cr_row=4&lmt=1662300982&rafmt=9&psa=0&format=345x1069&url=https%3A%2F%2Fwww.onenewspage.com%2Fvideo%2F20220806%2F14729083%2FMax-Igan-Shift-is-Happening!.htm&crui=pub_control_image_card_stacked&fwrattr=false&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1662300983414&bpp=1&bdt=374&idt=812&shv=r20220831&mjsv=m202208300101&ptt=9&saldr=aa&abxe=1&prev_fmts=750x280%2C345x280&correlator=4536277881758&frm=20&pv=1&ga_vid=1952181317.1662300983&ga_sid=1662300985&ga_hid=508319689&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1025&ady=2162&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44761793%2C44770880&oid=2&pvsid=1489802935848688&tmod=541642836&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpEebr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=2H1iP2yTvX&p=https%3A//www.onenewspage.com&dtd=1198

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

57000ea03bfb53734d0858b8fe992e6742226f23f311eb0f9d2177e2a84a5621

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Sun, 04 Sep 2022 14:08:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 485
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7599
x-xss-protection: 0
server: cafe
etag: 9215437806027971270
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 18 Sep 2022 14:08:19 GMT

GET
H2 200 sync
taboola-supply-partners.tremorhub.com/ Frame 3FD4 43 B
182 B 349ms
107ms Image
image/gif 2600:1f18:612b:4264:562f:45f1:d263:2a9f
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://taboola-supply-partners.tremorhub.com/sync?UISTB=%3CtaboolaUserId%3E&gdpr=1&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Ftelaria-rtb-network%2F1%2Frtb-h%2F%3Fgdpr%3D1%26us_privacy%3D1---%26taboola_hm%3D%5BTVUSER_ID%5D%26orig%3Dvideo
Requested by: Host: am-match.taboola.com
URL: https://am-match.taboola.com/sync?dast=V7m6gCFgOnWK7GEN8VrwSnWK7GEN8VrwUAAAAGBuIHJDgZrgYj32itsRgXa9FyslkrF57FWjharFzGhWc2nLmMQCIzy2o4HG7WuuVu5RbNfCu3crWyrWW-iXHmmLlmC4dzCg3E8nxNf8Nb9jS5_G6gQtPp8Lnu9brf7663u-wu3-fw8LnsGr_bL3uaXH6_ZDCZDIaD2V4x2k2Wg-Fmr2YY30qew-7WFJ0201vpeQsZhsPL7rT7HHKh6W0HAAAAgAeALPtNiB9AAIAIAAAAAAkAAAAAioCKfwuBCwAAAAAMgAOZJA0AKI6Ddt09p5flHwAADw8gAAACGCQABIL7JQAj1j0nAAAAAAAAAAAs_____zED8v77MgP3Xpc9AA8-AA9EBaNFjAAAAACCNxwUjiZ1QmVRBQBAkG4FcAUAEDCIwE0hFwYAAEAwtkAPi99vdtg1frfLAAAAAAAAAADM_s_-0YSerhXSgOhR7NV-AQEA1n4BAQDYwg0A4E0ALugIWjEYrC4gZgcAAABw9____68HkpuFwzBbDQe7lWtkmjmXK89yZJmNVqPRcjjZmLzHRDtlK5G77NTXQCzP1_Q3vGVPk8tvvwlbjFaTyWY5nC0Xk8FwNByN9jcQg9UAJ2KwXE4mi8luNVqNNsPdaDZYoEAMJkjRosFkNRpNFpPhajRZzZaL3W6DFK1azUabwXA1m8x2u9VwMFyORjhhi9FqMtksh7PlYjIYjoaj0RBhZLEa-WY241rlsdjcosXEshaubI61YDXYTDYe02qwsa1Fr4_pYVh5hhPjFgUDpvYiuEgnervL7vJ9Dg-fy623u-wu3-fw8LksYonmZJFOZJd9c7NwGGar4WC3co1MM-dy5VmOLLPRajRaDicbk7-yWI18M5txrfJYbG7RYmJZC1c2x1qwGmwmG49pNdjY1qLXx_QwrDzDiXHfmM0mm8FgORztG7PZZDMYLIejfYfO8F19zkZjTnTx6Dy2cc3wvTkMCpfB4v1JTItpd3bw_H5Hp079UhZ1RuHle_QaFJ6DRzW8Lpfh6XHxbf4MCsfBoIglgtNFOpE9TS6_RSyRPC3SiXK2GXk2tuHEtpt5HJ6VyeacOTwL18gx2Fg8M-NELFGaLtKJXvY0ufx-yWAyGQwHs71itJssB8PNXu0wvpU-h92tOTptprfS8xY6DIeX3Wn3OeRC09ui_iNDLDdzyW6uGM0Vg1UCAAAAAAAAAFjCnHkTAAAAgNNAlqvZbrVcgAgWKt2f1a-sLCr1tt38PHTPjzJ76eLGjy_e7rK7fJ_Dw-dy6-0uu8v3OTx8LisDRKSAMW_2TBBrtVrWAAAAAtgAAAAB3Lp5Cwiz5PaBqCzNzMzMzPgJcLNaDA!&excid=22&docw=0&cijs=1&nlb=true
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:612b:4264:562f:45f1:d263:2a9f Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: Apache-Coyote/1.1 /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://am-match.taboola.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Sun, 04 Sep 2022 14:16:25 GMT
server: Apache-Coyote/1.1
p3p: CP='This is not a P3P policy. See https://telaria.com/privacy-policy/'
content-type: image/gif

GET
H2 200 generic
match.adsrvr.org/track/cmf/ Frame 3FD4 70 B
264 B 116ms
41ms Image
image/gif 15.197.193.217
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/generic?gdpr=1&ttd_pid=054f32o&us_privacy=1---&ttd_tpi=1
Requested by: Host: am-match.taboola.com
URL: https://am-match.taboola.com/sync?dast=V7m6gCFgOnWK7GEN8VrwSnWK7GEN8VrwUAAAAGBuIHJDgZrgYj32itsRgXa9FyslkrF57FWjharFzGhWc2nLmMQCIzy2o4HG7WuuVu5RbNfCu3crWyrWW-iXHmmLlmC4dzCg3E8nxNf8Nb9jS5_G6gQtPp8Lnu9brf7663u-wu3-fw8LnsGr_bL3uaXH6_ZDCZDIaD2V4x2k2Wg-Fmr2YY30qew-7WFJ0201vpeQsZhsPL7rT7HHKh6W0HAAAAgAeALPtNiB9AAIAIAAAAAAkAAAAAioCKfwuBCwAAAAAMgAOZJA0AKI6Ddt09p5flHwAADw8gAAACGCQABIL7JQAj1j0nAAAAAAAAAAAs_____zED8v77MgP3Xpc9AA8-AA9EBaNFjAAAAACCNxwUjiZ1QmVRBQBAkG4FcAUAEDCIwE0hFwYAAEAwtkAPi99vdtg1frfLAAAAAAAAAADM_s_-0YSerhXSgOhR7NV-AQEA1n4BAQDYwg0A4E0ALugIWjEYrC4gZgcAAABw9____68HkpuFwzBbDQe7lWtkmjmXK89yZJmNVqPRcjjZmLzHRDtlK5G77NTXQCzP1_Q3vGVPk8tvvwlbjFaTyWY5nC0Xk8FwNByN9jcQg9UAJ2KwXE4mi8luNVqNNsPdaDZYoEAMJkjRosFkNRpNFpPhajRZzZaL3W6DFK1azUabwXA1m8x2u9VwMFyORjhhi9FqMtksh7PlYjIYjoaj0RBhZLEa-WY241rlsdjcosXEshaubI61YDXYTDYe02qwsa1Fr4_pYVh5hhPjFgUDpvYiuEgnervL7vJ9Dg-fy623u-wu3-fw8LksYonmZJFOZJd9c7NwGGar4WC3co1MM-dy5VmOLLPRajRaDicbk7-yWI18M5txrfJYbG7RYmJZC1c2x1qwGmwmG49pNdjY1qLXx_QwrDzDiXHfmM0mm8FgORztG7PZZDMYLIejfYfO8F19zkZjTnTx6Dy2cc3wvTkMCpfB4v1JTItpd3bw_H5Hp079UhZ1RuHle_QaFJ6DRzW8Lpfh6XHxbf4MCsfBoIglgtNFOpE9TS6_RSyRPC3SiXK2GXk2tuHEtpt5HJ6VyeacOTwL18gx2Fg8M-NELFGaLtKJXvY0ufx-yWAyGQwHs71itJssB8PNXu0wvpU-h92tOTptprfS8xY6DIeX3Wn3OeRC09ui_iNDLDdzyW6uGM0Vg1UCAAAAAAAAAFjCnHkTAAAAgNNAlqvZbrVcgAgWKt2f1a-sLCr1tt38PHTPjzJ76eLGjy_e7rK7fJ_Dw-dy6-0uu8v3OTx8LisDRKSAMW_2TBBrtVrWAAAAAtgAAAAB3Lp5Cwiz5PaBqCzNzMzMzPgJcLNaDA!&excid=22&docw=0&cijs=1&nlb=true
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 15.197.193.217 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a12b7a488abeaa9e4.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://am-match.taboola.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 04 Sep 2022 14:16:25 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-type: image/gif
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H2

200

rtb-h Show response
sync-t1.taboola.com/sg/spotx-rtb-network/1/ Frame 3FD4
Redirect Chain

https://sync.search.spotxchange.com/partner?gdpr=1&adv_id=8532&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fspotx-rtb-network%2F1%2Frtb-h%3Ftaboola_hm%3D%24SPOTX_USER_ID%26orig%3D...
https://sync.search.spotxchange.com/partner?gdpr=1&adv_id=8532&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fspotx-rtb-network%2F1%2Frtb-h%3Ftaboola_hm%3D%24SPOTX_USER_ID%26orig%3D...
https://sync-t1.taboola.com/sg/spotx-rtb-network/1/rtb-h?taboola_hm=28f3c2e2-2c5c-11ed-8180-1bf9ad920206&orig=video&us_privacy=1---gdpr=1&

0
98 B

59ms
23ms

Script
text/plain

141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://sync-t1.taboola.com/sg/spotx-rtb-network/1/rtb-h?taboola_hm=28f3c2e2-2c5c-11ed-8180-1bf9ad920206&orig=video&us_privacy=1---gdpr=1&
Requested by: Host: am-match.taboola.com
URL: https://am-match.taboola.com/sync?dast=V7m6gCFgOnWK7GEN8VrwSnWK7GEN8VrwUAAAAGBuIHJDgZrgYj32itsRgXa9FyslkrF57FWjharFzGhWc2nLmMQCIzy2o4HG7WuuVu5RbNfCu3crWyrWW-iXHmmLlmC4dzCg3E8nxNf8Nb9jS5_G6gQtPp8Lnu9brf7663u-wu3-fw8LnsGr_bL3uaXH6_ZDCZDIaD2V4x2k2Wg-Fmr2YY30qew-7WFJ0201vpeQsZhsPL7rT7HHKh6W0HAAAAgAeALPtNiB9AAIAIAAAAAAkAAAAAioCKfwuBCwAAAAAMgAOZJA0AKI6Ddt09p5flHwAADw8gAAACGCQABIL7JQAj1j0nAAAAAAAAAAAs_____zED8v77MgP3Xpc9AA8-AA9EBaNFjAAAAACCNxwUjiZ1QmVRBQBAkG4FcAUAEDCIwE0hFwYAAEAwtkAPi99vdtg1frfLAAAAAAAAAADM_s_-0YSerhXSgOhR7NV-AQEA1n4BAQDYwg0A4E0ALugIWjEYrC4gZgcAAABw9____68HkpuFwzBbDQe7lWtkmjmXK89yZJmNVqPRcjjZmLzHRDtlK5G77NTXQCzP1_Q3vGVPk8tvvwlbjFaTyWY5nC0Xk8FwNByN9jcQg9UAJ2KwXE4mi8luNVqNNsPdaDZYoEAMJkjRosFkNRpNFpPhajRZzZaL3W6DFK1azUabwXA1m8x2u9VwMFyORjhhi9FqMtksh7PlYjIYjoaj0RBhZLEa-WY241rlsdjcosXEshaubI61YDXYTDYe02qwsa1Fr4_pYVh5hhPjFgUDpvYiuEgnervL7vJ9Dg-fy623u-wu3-fw8LksYonmZJFOZJd9c7NwGGar4WC3co1MM-dy5VmOLLPRajRaDicbk7-yWI18M5txrfJYbG7RYmJZC1c2x1qwGmwmG49pNdjY1qLXx_QwrDzDiXHfmM0mm8FgORztG7PZZDMYLIejfYfO8F19zkZjTnTx6Dy2cc3wvTkMCpfB4v1JTItpd3bw_H5Hp079UhZ1RuHle_QaFJ6DRzW8Lpfh6XHxbf4MCsfBoIglgtNFOpE9TS6_RSyRPC3SiXK2GXk2tuHEtpt5HJ6VyeacOTwL18gx2Fg8M-NELFGaLtKJXvY0ufx-yWAyGQwHs71itJssB8PNXu0wvpU-h92tOTptprfS8xY6DIeX3Wn3OeRC09ui_iNDLDdzyW6uGM0Vg1UCAAAAAAAAAFjCnHkTAAAAgNNAlqvZbrVcgAgWKt2f1a-sLCr1tt38PHTPjzJ76eLGjy_e7rK7fJ_Dw-dy6-0uu8v3OTx8LisDRKSAMW_2TBBrtVrWAAAAAtgAAAAB3Lp5Cwiz5PaBqCzNzMzMzPgJcLNaDA!&excid=22&docw=0&cijs=1&nlb=true
Protocol: H2
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://am-match.taboola.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Sun, 04 Sep 2022 14:16:25 GMT
access-control-allow-credentials: true
server: nginx
x-fastly-to-nlb-rtt: 28237

Redirect headers

Date: Sun, 04 Sep 2022 14:16:25 GMT
Server: nginx
Location: https://sync-t1.taboola.com/sg/spotx-rtb-network/1/rtb-h?taboola_hm=28f3c2e2-2c5c-11ed-8180-1bf9ad920206&orig=video&us_privacy=1---gdpr=1&
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: text/plain
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Access-Control-Allow-Credentials: false
X-fe: 138
Connection: keep-alive
Content-Length: 0

GET
H/1.1 200
OK sync
x.bidswitch.net/ Frame 3FD4 43 B
220 B 134ms
17ms Image
image/gif 52.57.12.251
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://x.bidswitch.net/sync?gdpr=1&us_privacy=1---&ssp=taboola
Requested by: Host: am-match.taboola.com
URL: https://am-match.taboola.com/sync?dast=V7m6gCFgOnWK7GEN8VrwSnWK7GEN8VrwUAAAAGBuIHJDgZrgYj32itsRgXa9FyslkrF57FWjharFzGhWc2nLmMQCIzy2o4HG7WuuVu5RbNfCu3crWyrWW-iXHmmLlmC4dzCg3E8nxNf8Nb9jS5_G6gQtPp8Lnu9brf7663u-wu3-fw8LnsGr_bL3uaXH6_ZDCZDIaD2V4x2k2Wg-Fmr2YY30qew-7WFJ0201vpeQsZhsPL7rT7HHKh6W0HAAAAgAeALPtNiB9AAIAIAAAAAAkAAAAAioCKfwuBCwAAAAAMgAOZJA0AKI6Ddt09p5flHwAADw8gAAACGCQABIL7JQAj1j0nAAAAAAAAAAAs_____zED8v77MgP3Xpc9AA8-AA9EBaNFjAAAAACCNxwUjiZ1QmVRBQBAkG4FcAUAEDCIwE0hFwYAAEAwtkAPi99vdtg1frfLAAAAAAAAAADM_s_-0YSerhXSgOhR7NV-AQEA1n4BAQDYwg0A4E0ALugIWjEYrC4gZgcAAABw9____68HkpuFwzBbDQe7lWtkmjmXK89yZJmNVqPRcjjZmLzHRDtlK5G77NTXQCzP1_Q3vGVPk8tvvwlbjFaTyWY5nC0Xk8FwNByN9jcQg9UAJ2KwXE4mi8luNVqNNsPdaDZYoEAMJkjRosFkNRpNFpPhajRZzZaL3W6DFK1azUabwXA1m8x2u9VwMFyORjhhi9FqMtksh7PlYjIYjoaj0RBhZLEa-WY241rlsdjcosXEshaubI61YDXYTDYe02qwsa1Fr4_pYVh5hhPjFgUDpvYiuEgnervL7vJ9Dg-fy623u-wu3-fw8LksYonmZJFOZJd9c7NwGGar4WC3co1MM-dy5VmOLLPRajRaDicbk7-yWI18M5txrfJYbG7RYmJZC1c2x1qwGmwmG49pNdjY1qLXx_QwrDzDiXHfmM0mm8FgORztG7PZZDMYLIejfYfO8F19zkZjTnTx6Dy2cc3wvTkMCpfB4v1JTItpd3bw_H5Hp079UhZ1RuHle_QaFJ6DRzW8Lpfh6XHxbf4MCsfBoIglgtNFOpE9TS6_RSyRPC3SiXK2GXk2tuHEtpt5HJ6VyeacOTwL18gx2Fg8M-NELFGaLtKJXvY0ufx-yWAyGQwHs71itJssB8PNXu0wvpU-h92tOTptprfS8xY6DIeX3Wn3OeRC09ui_iNDLDdzyW6uGM0Vg1UCAAAAAAAAAFjCnHkTAAAAgNNAlqvZbrVcgAgWKt2f1a-sLCr1tt38PHTPjzJ76eLGjy_e7rK7fJ_Dw-dy6-0uu8v3OTx8LisDRKSAMW_2TBBrtVrWAAAAAtgAAAAB3Lp5Cwiz5PaBqCzNzMzMzPgJcLNaDA!&excid=22&docw=0&cijs=1&nlb=true
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.57.12.251 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-57-12-251.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://am-match.taboola.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

Date: Sun, 04 Sep 2022 14:16:25 GMT
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Length: 43
Content-Type: image/gif

GET
H2

200

/
sync.taboola.com/sg/yahoosspus-network/1/rtb-h/ Frame 3FD4
Redirect Chain

https://ups.analytics.yahoo.com/ups/58534/occ
https://ups.analytics.yahoo.com/ups/58534/occ?verify=true
https://sync.taboola.com/sg/yahoosspus-network/1/rtb-h/?taboola_hm=y-F_93_zBE2uEBFdlyf0MjLNf9UO8rIiZXi0w8EZk-~A

0
98 B

186ms
25ms

Image
text/plain

141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.taboola.com/sg/yahoosspus-network/1/rtb-h/?taboola_hm=y-F_93_zBE2uEBFdlyf0MjLNf9UO8rIiZXi0w8EZk-~A
Requested by: Host: am-match.taboola.com
URL: https://am-match.taboola.com/sync?dast=V7m6gCFgOnWK7GEN8VrwSnWK7GEN8VrwUAAAAGBuIHJDgZrgYj32itsRgXa9FyslkrF57FWjharFzGhWc2nLmMQCIzy2o4HG7WuuVu5RbNfCu3crWyrWW-iXHmmLlmC4dzCg3E8nxNf8Nb9jS5_G6gQtPp8Lnu9brf7663u-wu3-fw8LnsGr_bL3uaXH6_ZDCZDIaD2V4x2k2Wg-Fmr2YY30qew-7WFJ0201vpeQsZhsPL7rT7HHKh6W0HAAAAgAeALPtNiB9AAIAIAAAAAAkAAAAAioCKfwuBCwAAAAAMgAOZJA0AKI6Ddt09p5flHwAADw8gAAACGCQABIL7JQAj1j0nAAAAAAAAAAAs_____zED8v77MgP3Xpc9AA8-AA9EBaNFjAAAAACCNxwUjiZ1QmVRBQBAkG4FcAUAEDCIwE0hFwYAAEAwtkAPi99vdtg1frfLAAAAAAAAAADM_s_-0YSerhXSgOhR7NV-AQEA1n4BAQDYwg0A4E0ALugIWjEYrC4gZgcAAABw9____68HkpuFwzBbDQe7lWtkmjmXK89yZJmNVqPRcjjZmLzHRDtlK5G77NTXQCzP1_Q3vGVPk8tvvwlbjFaTyWY5nC0Xk8FwNByN9jcQg9UAJ2KwXE4mi8luNVqNNsPdaDZYoEAMJkjRosFkNRpNFpPhajRZzZaL3W6DFK1azUabwXA1m8x2u9VwMFyORjhhi9FqMtksh7PlYjIYjoaj0RBhZLEa-WY241rlsdjcosXEshaubI61YDXYTDYe02qwsa1Fr4_pYVh5hhPjFgUDpvYiuEgnervL7vJ9Dg-fy623u-wu3-fw8LksYonmZJFOZJd9c7NwGGar4WC3co1MM-dy5VmOLLPRajRaDicbk7-yWI18M5txrfJYbG7RYmJZC1c2x1qwGmwmG49pNdjY1qLXx_QwrDzDiXHfmM0mm8FgORztG7PZZDMYLIejfYfO8F19zkZjTnTx6Dy2cc3wvTkMCpfB4v1JTItpd3bw_H5Hp079UhZ1RuHle_QaFJ6DRzW8Lpfh6XHxbf4MCsfBoIglgtNFOpE9TS6_RSyRPC3SiXK2GXk2tuHEtpt5HJ6VyeacOTwL18gx2Fg8M-NELFGaLtKJXvY0ufx-yWAyGQwHs71itJssB8PNXu0wvpU-h92tOTptprfS8xY6DIeX3Wn3OeRC09ui_iNDLDdzyW6uGM0Vg1UCAAAAAAAAAFjCnHkTAAAAgNNAlqvZbrVcgAgWKt2f1a-sLCr1tt38PHTPjzJ76eLGjy_e7rK7fJ_Dw-dy6-0uu8v3OTx8LisDRKSAMW_2TBBrtVrWAAAAAtgAAAAB3Lp5Cwiz5PaBqCzNzMzMzPgJcLNaDA!&excid=22&docw=0&cijs=1&nlb=true
Protocol: H2
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://am-match.taboola.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Sun, 04 Sep 2022 14:16:25 GMT
access-control-allow-credentials: true
server: nginx
x-fastly-to-nlb-rtt: 31998

Redirect headers

location: https://sync.taboola.com/sg/yahoosspus-network/1/rtb-h/?taboola_hm=y-F_93_zBE2uEBFdlyf0MjLNf9UO8rIiZXi0w8EZk-~A
date: Sun, 04 Sep 2022 14:16:25 GMT
server: ATS/9.1.10.25
age: 0
content-length: 0
strict-transport-security: max-age=31536000
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

GET
DATA 200
OK truncated
/ Frame 4401 210 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 224b545c48a4d06757fc2d20f7b7164c5ec65153767650a7aed54b210423c6b2

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 css
fonts.googleapis.com/ Frame 869B 6 KB
672 B 58ms
25ms Stylesheet
text/css 2a00:1450:4001:812::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?us_privacy=1---&client=ca-pub-4985447070160925&output=html&h=280&slotname=8987803811&adk=1915398834&adf=4050863620&pi=t.ma~as.8987803811&w=345&fwrn=1&fwrnh=100&lmt=1662300982&rafmt=1&psa=0&format=345x280&url=https%3A%2F%2Fwww.onenewspage.com%2Fvideo%2F20220806%2F14729083%2FMax-Igan-Shift-is-Happening!.htm&fwr=0&fwrattr=false&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1662300983414&bpp=1&bdt=375&idt=810&shv=r20220831&mjsv=m202208300101&ptt=9&saldr=aa&abxe=1&prev_fmts=750x280&correlator=4536277881758&frm=20&pv=1&ga_vid=1952181317.1662300983&ga_sid=1662300985&ga_hid=508319689&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1025&ady=932&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44761793%2C44770880&oid=2&pvsid=1489802935848688&tmod=541642836&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpEe%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=M3bgEHGOE3&p=https%3A//www.onenewspage.com&dtd=1194

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e0be1d222e2e367ac5106f4aee4830c3de18af1d266f8cde53915e11e8b01bfd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Sun, 04 Sep 2022 13:37:30 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Sun, 04 Sep 2022 14:16:25 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sun, 04 Sep 2022 14:16:25 GMT

GET
H3 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220831/r20110914/client/ Frame 869B 2 KB
902 B 82ms
47ms Script
text/javascript 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220831/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?us_privacy=1---&client=ca-pub-4985447070160925&output=html&h=280&slotname=8987803811&adk=1915398834&adf=4050863620&pi=t.ma~as.8987803811&w=345&fwrn=1&fwrnh=100&lmt=1662300982&rafmt=1&psa=0&format=345x280&url=https%3A%2F%2Fwww.onenewspage.com%2Fvideo%2F20220806%2F14729083%2FMax-Igan-Shift-is-Happening!.htm&fwr=0&fwrattr=false&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1662300983414&bpp=1&bdt=375&idt=810&shv=r20220831&mjsv=m202208300101&ptt=9&saldr=aa&abxe=1&prev_fmts=750x280&correlator=4536277881758&frm=20&pv=1&ga_vid=1952181317.1662300983&ga_sid=1662300985&ga_hid=508319689&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1025&ady=932&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44761793%2C44770880&oid=2&pvsid=1489802935848688&tmod=541642836&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpEe%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=M3bgEHGOE3&p=https%3A//www.onenewspage.com&dtd=1194

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

981c0bff12cb03203363a70e8ffe9b7fdf4af3b0b10c7a02a639eb13327574c0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Sun, 04 Sep 2022 14:06:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 609
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 875
x-xss-protection: 0
server: cafe
etag: 16974406330603315520
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 18 Sep 2022 14:06:16 GMT

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220831/r20110914/ Frame 869B 23 KB
9 KB 51ms
16ms Script
text/javascript 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220831/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?us_privacy=1---&client=ca-pub-4985447070160925&output=html&h=280&slotname=8987803811&adk=1915398834&adf=4050863620&pi=t.ma~as.8987803811&w=345&fwrn=1&fwrnh=100&lmt=1662300982&rafmt=1&psa=0&format=345x280&url=https%3A%2F%2Fwww.onenewspage.com%2Fvideo%2F20220806%2F14729083%2FMax-Igan-Shift-is-Happening!.htm&fwr=0&fwrattr=false&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1662300983414&bpp=1&bdt=375&idt=810&shv=r20220831&mjsv=m202208300101&ptt=9&saldr=aa&abxe=1&prev_fmts=750x280&correlator=4536277881758&frm=20&pv=1&ga_vid=1952181317.1662300983&ga_sid=1662300985&ga_hid=508319689&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1025&ady=932&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44761793%2C44770880&oid=2&pvsid=1489802935848688&tmod=541642836&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpEe%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=M3bgEHGOE3&p=https%3A//www.onenewspage.com&dtd=1194

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0e39772fd4ab2ea007f5b93277960107e5a96696c53eef90c6e694e556ff5c26

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Sun, 04 Sep 2022 13:58:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1046
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9632
x-xss-protection: 0
server: cafe
etag: 2755732409155645664
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 18 Sep 2022 13:58:59 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220831/r20110914/client/ Frame 869B 3 KB
1 KB 40ms
15ms Script
text/javascript 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220831/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?us_privacy=1---&client=ca-pub-4985447070160925&output=html&h=280&slotname=8987803811&adk=1915398834&adf=4050863620&pi=t.ma~as.8987803811&w=345&fwrn=1&fwrnh=100&lmt=1662300982&rafmt=1&psa=0&format=345x280&url=https%3A%2F%2Fwww.onenewspage.com%2Fvideo%2F20220806%2F14729083%2FMax-Igan-Shift-is-Happening!.htm&fwr=0&fwrattr=false&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1662300983414&bpp=1&bdt=375&idt=810&shv=r20220831&mjsv=m202208300101&ptt=9&saldr=aa&abxe=1&prev_fmts=750x280&correlator=4536277881758&frm=20&pv=1&ga_vid=1952181317.1662300983&ga_sid=1662300985&ga_hid=508319689&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1025&ady=932&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44761793%2C44770880&oid=2&pvsid=1489802935848688&tmod=541642836&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpEe%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=M3bgEHGOE3&p=https%3A//www.onenewspage.com&dtd=1194

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Sun, 04 Sep 2022 14:09:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 424
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1359
x-xss-protection: 0
server: cafe
etag: 1484984001845508991
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 18 Sep 2022 14:09:21 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220831/r20110914/client/ Frame 869B 17 KB
7 KB 54ms
19ms Script
text/javascript 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220831/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?us_privacy=1---&client=ca-pub-4985447070160925&output=html&h=280&slotname=8987803811&adk=1915398834&adf=4050863620&pi=t.ma~as.8987803811&w=345&fwrn=1&fwrnh=100&lmt=1662300982&rafmt=1&psa=0&format=345x280&url=https%3A%2F%2Fwww.onenewspage.com%2Fvideo%2F20220806%2F14729083%2FMax-Igan-Shift-is-Happening!.htm&fwr=0&fwrattr=false&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1662300983414&bpp=1&bdt=375&idt=810&shv=r20220831&mjsv=m202208300101&ptt=9&saldr=aa&abxe=1&prev_fmts=750x280&correlator=4536277881758&frm=20&pv=1&ga_vid=1952181317.1662300983&ga_sid=1662300985&ga_hid=508319689&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1025&ady=932&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44761793%2C44770880&oid=2&pvsid=1489802935848688&tmod=541642836&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpEe%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=M3bgEHGOE3&p=https%3A//www.onenewspage.com&dtd=1194

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

57000ea03bfb53734d0858b8fe992e6742226f23f311eb0f9d2177e2a84a5621

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Sun, 04 Sep 2022 14:15:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 69
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7599
x-xss-protection: 0
server: cafe
etag: 9215437806027971270
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 18 Sep 2022 14:15:16 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 869B 142 KB
44 KB 64ms
30ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?us_privacy=1---&client=ca-pub-4985447070160925&output=html&h=280&slotname=8987803811&adk=1915398834&adf=4050863620&pi=t.ma~as.8987803811&w=345&fwrn=1&fwrnh=100&lmt=1662300982&rafmt=1&psa=0&format=345x280&url=https%3A%2F%2Fwww.onenewspage.com%2Fvideo%2F20220806%2F14729083%2FMax-Igan-Shift-is-Happening!.htm&fwr=0&fwrattr=false&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1662300983414&bpp=1&bdt=375&idt=810&shv=r20220831&mjsv=m202208300101&ptt=9&saldr=aa&abxe=1&prev_fmts=750x280&correlator=4536277881758&frm=20&pv=1&ga_vid=1952181317.1662300983&ga_sid=1662300985&ga_hid=508319689&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1025&ady=932&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44761793%2C44770880&oid=2&pvsid=1489802935848688&tmod=541642836&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpEe%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=M3bgEHGOE3&p=https%3A//www.onenewspage.com&dtd=1194

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e851345505ee432c9397d60e5d91929ab4e5921f75c91f359b0939a879304b7a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Sun, 04 Sep 2022 14:16:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 44792
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1661945761880069"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sun, 04 Sep 2022 14:16:25 GMT

GET
H3 200 e3ca5db921b3b46420ba257a4c2f6b26.js Show response
www.gstatic.com/mysidia/ Frame 869B 33 KB
13 KB 49ms
17ms Script
text/javascript 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/e3ca5db921b3b46420ba257a4c2f6b26.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?us_privacy=1---&client=ca-pub-4985447070160925&output=html&h=280&slotname=8987803811&adk=1915398834&adf=4050863620&pi=t.ma~as.8987803811&w=345&fwrn=1&fwrnh=100&lmt=1662300982&rafmt=1&psa=0&format=345x280&url=https%3A%2F%2Fwww.onenewspage.com%2Fvideo%2F20220806%2F14729083%2FMax-Igan-Shift-is-Happening!.htm&fwr=0&fwrattr=false&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1662300983414&bpp=1&bdt=375&idt=810&shv=r20220831&mjsv=m202208300101&ptt=9&saldr=aa&abxe=1&prev_fmts=750x280&correlator=4536277881758&frm=20&pv=1&ga_vid=1952181317.1662300983&ga_sid=1662300985&ga_hid=508319689&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1025&ady=932&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44761793%2C44770880&oid=2&pvsid=1489802935848688&tmod=541642836&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpEe%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=M3bgEHGOE3&p=https%3A//www.onenewspage.com&dtd=1194

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

24302eeb5b736bcc9f610299a37ac5dcf7e5b4c11591489fe9ad89f1533bd09b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Fri, 02 Sep 2022 13:15:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 176472
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13683
x-xss-protection: 0
last-modified: Mon, 29 Aug 2022 19:26:35 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Thu, 01 Dec 2022 13:15:13 GMT

GET
H2 200 cmTagWIDGET_ITEM.js Show response
vidstat.taboola.com/vpaid/units/32_2_1/infra/ 725 KB
124 KB 49ms
16ms Script
application/javascript 151.101.65.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://vidstat.taboola.com/vpaid/units/32_2_1/infra/cmTagWIDGET_ITEM.js
Requested by: Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/lite-unit/3.9.2/UnitWidgetItemDesktop.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3-br /
Resource Hash: 8e5222350bd22079ba76a819e20ccea6be4235110a4b8cebd33564fdda18cab7

Request headers

Referer: https://www.onenewspage.com/
Origin: https://www.onenewspage.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Sun, 04 Sep 2022 14:16:25 GMT
via: 1.1 varnish
age: 536856
x-amz-meta-mtime: 1661763973
x-cache: HIT
x-amz-meta-ctime: 1661763975
x-amz-meta-mode: 33188
content-encoding: br
content-length: 126712
x-amz-id-2: UqIOectxORRsy1fzSz1D2lWFJ5P06vEogkblf2DtjwEnPW22hjM6QkzunByn49W34XTZTGmo/HQ=
x-served-by: cache-hhn4064-HHN
accept-ranges: bytes
last-modified: Mon, 29 Aug 2022 09:06:16 GMT
server: AmazonS3-br
x-timer: S1662300985.128539,VS0,VE0
etag: "5f22089507fa10d5707ce2727a7dc3e8"
x-amz-meta-uid: 0
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS, HEAD
x-amz-request-id: MQC8X2EQAWM8H23W
access-control-allow-origin: *
cache-control: public, max-age=2592000
x-amz-meta-gid: 0
content-type: application/javascript
access-control-allow-headers: *
x-cache-hits: 53983

GET
H2 200 cmOsUnit.css
vidstat.taboola.com/vpaid/units/32_2_1/assets/css/ 63 KB
9 KB 25ms
25ms Stylesheet
text/css 151.101.65.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://vidstat.taboola.com/vpaid/units/32_2_1/assets/css/cmOsUnit.css
Requested by: Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/lite-unit/3.9.2/UnitWidgetItemDesktop.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3-br /
Resource Hash: 380c8dd7c2b23d5b7572ed28bb68013004e8b81fd50a43c631475afb9760f5c8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.onenewspage.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Sun, 04 Sep 2022 14:16:25 GMT
via: 1.1 varnish
age: 536858
x-amz-meta-mtime: 1661764028
x-cache: HIT
x-amz-meta-ctime: 1661764029
x-amz-meta-mode: 33188
content-encoding: br
content-length: 8297
x-amz-id-2: 0bvhOVcqXvwZE1SHatstIhdvLvAzJ3pxw9am2I8c5aTwkHTOTPs9EWfjG9W6MbQ30R3Hl7q9c30=
x-served-by: cache-cdg20753-CDG
accept-ranges: bytes
last-modified: Mon, 29 Aug 2022 09:07:10 GMT
server: AmazonS3-br
x-timer: S1662300985.100362,VS0,VE0
etag: "a28320a69408adba1f01f56d6eb80708"
x-amz-meta-uid: 0
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS, HEAD
x-amz-request-id: 8NTH8R765WQSD308
access-control-allow-origin: *
cache-control: public, max-age=2592000
x-amz-meta-gid: 0
content-type: text/css
access-control-allow-headers: *
x-cache-hits: 200510

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 869B 0
0 60ms
60ms Fetch
text/html 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CEOo6OLMUY8PYKuGV1fAP8ICn4AfBoJqZbM-wjsvIEPSQyPuaAhABIPXGuANgleKQgqAHoAGhlfLtAsgBCakC1oYXkBazsD6oAwHIA8sEqgS4Ak_Q7KY6uVXxyiyd1ZCnUF391bvjfKOrrPiBJMQ8Wwr50zcBbZOwmCRLdNEJkpoyZYTNq306E_tE_aV7RjmdtO-FIC1VHJ4hfB8riQc0mXdWbKsdJppeZ39bLidmqx3L8HJMHiSQjcotPT7oopfsbNwi5qKGXuqPCZHJffeC9d74edGNYpYk0h6EOKUunJeEsbzQT5ZJfWgJ1BvGEKzwVejJ_CidJAHyCTPNPI5SoHH_se1ij9T5svHRQDPuUMKYunPqjywg0lxCzYE8tjOlhDAMsgv-43d2H16Of155cxj3wco9iBM_xUM2T7PdS1X7Zz_cg0K-cmS7RTtVbUMJ6z1cKtgGO1ap0wVN8YMOx54wp8yhpMLcMKlZA76M_a65PPlx3IJiJ7pR6bi5u9bAXzGjlF_TGXca2cAEjd2h34sEkgUECAQYAZIFBAgFGASgBi6AB8fqjZIBqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhvYBwDyBwQQ3vkF0ggRCIDhgBAQARgfMgKqAjoCgECACgHICwG4E-QD2BMN0BUBmBYBgBcBshccChoIABIUcHViLTQ5ODU0NDcwNzAxNjA5MjUYAA&sigh=BcmnHL9MxTs&uach_m=[UACH]&template_id=484

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?us_privacy=1---&client=ca-pub-4985447070160925&output=html&h=280&slotname=8987803811&adk=1915398834&adf=4050863620&pi=t.ma~as.8987803811&w=345&fwrn=1&fwrnh=100&lmt=1662300982&rafmt=1&psa=0&format=345x280&url=https%3A%2F%2Fwww.onenewspage.com%2Fvideo%2F20220806%2F14729083%2FMax-Igan-Shift-is-Happening!.htm&fwr=0&fwrattr=false&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1662300983414&bpp=1&bdt=375&idt=810&shv=r20220831&mjsv=m202208300101&ptt=9&saldr=aa&abxe=1&prev_fmts=750x280&correlator=4536277881758&frm=20&pv=1&ga_vid=1952181317.1662300983&ga_sid=1662300985&ga_hid=508319689&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1025&ady=932&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44761793%2C44770880&oid=2&pvsid=1489802935848688&tmod=541642836&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpEe%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=M3bgEHGOE3&p=https%3A//www.onenewspage.com&dtd=1194

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?us_privacy=1---&client=ca-pub-4985447070160925&output=html&h=280&slotname=8987803811&adk=1915398834&adf=4050863620&pi=t.ma~as.8987803811&w=345&fwrn=1&fwrnh=100&lmt=1662300982&rafmt=1&psa=0&format=345x280&url=https%3A%2F%2Fwww.onenewspage.com%2Fvideo%2F20220806%2F14729083%2FMax-Igan-Shift-is-Happening!.htm&fwr=0&fwrattr=false&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1662300983414&bpp=1&bdt=375&idt=810&shv=r20220831&mjsv=m202208300101&ptt=9&saldr=aa&abxe=1&prev_fmts=750x280&correlator=4536277881758&frm=20&pv=1&ga_vid=1952181317.1662300983&ga_sid=1662300985&ga_hid=508319689&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1025&ady=932&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44761793%2C44770880&oid=2&pvsid=1489802935848688&tmod=541642836&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpEe%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=M3bgEHGOE3&p=https%3A//www.onenewspage.com&dtd=1194
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Sun, 04 Sep 2022 14:16:25 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H2 200 4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
fonts.gstatic.com/s/googlesans/v45/ Frame 4401 28 KB
28 KB 59ms
18ms Font
font/woff2 2a00:1450:4001:803::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesans/v45/4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4a6fab14bfe7b33fe5dc5349a2bb3720037e0ed7ebe621b352340f9514d83c08

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Wed, 31 Aug 2022 20:36:54 GMT
x-content-type-options: nosniff
age: 322771
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28288
x-xss-protection: 0
last-modified: Wed, 01 Jun 2022 19:05:56 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 31 Aug 2023 20:36:54 GMT

GET
H3 200 downsize_200k_v1
tpc.googlesyndication.com/simgad/5826709250813818495/ Frame 869B 20 KB
20 KB 41ms
21ms Image
image/jpeg 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/5826709250813818495/downsize_200k_v1?w=400&h=209

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?us_privacy=1---&client=ca-pub-4985447070160925&output=html&h=280&slotname=8987803811&adk=1915398834&adf=4050863620&pi=t.ma~as.8987803811&w=345&fwrn=1&fwrnh=100&lmt=1662300982&rafmt=1&psa=0&format=345x280&url=https%3A%2F%2Fwww.onenewspage.com%2Fvideo%2F20220806%2F14729083%2FMax-Igan-Shift-is-Happening!.htm&fwr=0&fwrattr=false&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1662300983414&bpp=1&bdt=375&idt=810&shv=r20220831&mjsv=m202208300101&ptt=9&saldr=aa&abxe=1&prev_fmts=750x280&correlator=4536277881758&frm=20&pv=1&ga_vid=1952181317.1662300983&ga_sid=1662300985&ga_hid=508319689&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1025&ady=932&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44761793%2C44770880&oid=2&pvsid=1489802935848688&tmod=541642836&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpEe%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=M3bgEHGOE3&p=https%3A//www.onenewspage.com&dtd=1194

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c74210c6fbbed7af7c82b7d3277e3fb39a4cb0237b4e5e5da2229a7e78803ba4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Mon, 29 Aug 2022 09:09:27 GMT
x-content-type-options: nosniff
age: 536818
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20619
x-xss-protection: 0
last-modified: Fri, 21 Jan 2022 13:18:17 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Tue, 29 Aug 2023 09:09:27 GMT

GET
DATA 200
OK truncated
/ Frame 869B 221 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 613603afe8c5203c59d7f9df1cbac87109df7ffdf245fd20becfa6bd95b92155

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H3 200 downsize_200k_v1
tpc.googlesyndication.com/simgad/8704688159398100792/ Frame 81F6 55 KB
55 KB 34ms
29ms Image
image/jpeg 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/8704688159398100792/downsize_200k_v1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?us_privacy=1---&client=ca-pub-4985447070160925&output=html&h=1069&slotname=4684115771&adk=2369831491&adf=1915577481&pi=t.ma~as.4684115771&w=345&cr_col=1&cr_row=4&lmt=1662300982&rafmt=9&psa=0&format=345x1069&url=https%3A%2F%2Fwww.onenewspage.com%2Fvideo%2F20220806%2F14729083%2FMax-Igan-Shift-is-Happening!.htm&crui=pub_control_image_card_stacked&fwrattr=false&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1662300983414&bpp=1&bdt=374&idt=812&shv=r20220831&mjsv=m202208300101&ptt=9&saldr=aa&abxe=1&prev_fmts=750x280%2C345x280&correlator=4536277881758&frm=20&pv=1&ga_vid=1952181317.1662300983&ga_sid=1662300985&ga_hid=508319689&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1025&ady=2162&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44761793%2C44770880&oid=2&pvsid=1489802935848688&tmod=541642836&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpEebr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=2H1iP2yTvX&p=https%3A//www.onenewspage.com&dtd=1198

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3b1e0babe6e6f4b6c2667285f60b4b4d2a13233d5cbc3fa3ea9491515808305d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Wed, 31 Aug 2022 09:45:52 GMT
x-content-type-options: nosniff
age: 361833
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 56027
x-xss-protection: 0
last-modified: Wed, 18 May 2022 12:13:19 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Thu, 31 Aug 2023 09:45:52 GMT

GET
H3 200 ads
googleads.g.doubleclick.net/pagead/ Frame 81F6 72 KB
72 KB 285ms
284ms Image
text/html 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?us_privacy=1---&client=ca-pub-4985447070160925&output=html&h=1069&slotname=4684115771&adk=2369831491&adf=1915577481&pi=t.ma~as.4684115771&w=345&cr_col=1&cr_row=4&lmt=1662300982&rafmt=9&psa=0&format=345x1069&url=https%3A%2F%2Fwww.onenewspage.com%2Fvideo%2F20220806%2F14729083%2FMax-Igan-Shift-is-Happening!.htm&crui=pub_control_image_card_stacked&fwrattr=false&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1662300983414&bpp=1&bdt=374&idt=812&shv=r20220831&mjsv=m202208300101&ptt=9&saldr=aa&abxe=1&prev_fmts=750x280%2C345x280&correlator=4536277881758&frm=20&pv=1&ga_vid=1952181317.1662300983&ga_sid=1662300985&ga_hid=508319689&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1025&ady=2162&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44761793%2C44770880&oid=2&pvsid=1489802935848688&tmod=541642836&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpEebr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=2H1iP2yTvX&p=https%3A//www.onenewspage.com&dtd=1198

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?us_privacy=1---&client=ca-pub-4985447070160925&output=html&h=1069&slotname=4684115771&adk=2369831491&adf=1915577481&pi=t.ma~as.4684115771&w=345&cr_col=1&cr_row=4&lmt=1662300982&rafmt=9&psa=0&format=345x1069&url=https%3A%2F%2Fwww.onenewspage.com%2Fvideo%2F20220806%2F14729083%2FMax-Igan-Shift-is-Happening!.htm&crui=pub_control_image_card_stacked&fwrattr=false&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1662300983414&bpp=1&bdt=374&idt=812&shv=r20220831&mjsv=m202208300101&ptt=9&saldr=aa&abxe=1&prev_fmts=750x280%2C345x280&correlator=4536277881758&frm=20&pv=1&ga_vid=1952181317.1662300983&ga_sid=1662300985&ga_hid=508319689&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1025&ady=2162&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44761793%2C44770880&oid=2&pvsid=1489802935848688&tmod=541642836&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpEebr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=2H1iP2yTvX&p=https%3A//www.onenewspage.com&dtd=1198
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Sun, 04 Sep 2022 14:16:25 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 23331
x-xss-protection: 0

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 81F6 0
0 67ms
66ms Fetch
text/html 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=COD_NOLMUY8iGKYWe1fAPwemI0AqyqtH8ar_O0dWWEPP3gI36LxABIPXGuANgleKQgqAHoAH0xJCfAsgBBqgDAcgDAqoExAJP0PAV2ucZWCbEPtA5cJMbyvSaxzDUsGh213ax3KSnF0PFEfCZIVNLaGtjpgFoNSIqupPvXo3RZF_NznQdoulr1fmZge7IcYX5quQldSnmTGbyuaDM0P25DUln4sB-yoOJkH7DyIPoc019BpxkzygHTgv-Wexo4UqHMKWP7Rs7t5I9YvVQ4EOMzGxn1SyZmxAs_ckSZkHwamH8Lvg7ki4uXYjZ48ObWiRy_6Xl_LPqoNmy-PT81wF95RfJbAJXKehcGZoo9zrOeTtK2jNF2N5KZyZHeyWXJ5-mvmXtTBxBZnaUydOGz3cQ4oMeaefs4gLmsqfP92L83EiXP7w6uy2ltZ_Q-CPCeb0nPtjEewJXRQ7xSrEcBgiV9FY4fje3qm0SEfK10Oo9D3mdek8X5Ajs1fF1fABnUk88JXg21m8g5IgdmJrABLnsw5uQBJIFBAgEGAGSBQQIBRgEkgUECAUYGJIFBQgFGKgBoAY3gAfEpvLgAagHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4b2AcB8gcDEOA80ggRCIDhgBAQARgfMgKqAjoCgECACgHICwHYEwzQFQGAFwGyFxwKGggAEhRwdWItNDk4NTQ0NzA3MDE2MDkyNRgA&sigh=rhWWGTA-7nU&uach_m=[UACH]&template_id=492

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?us_privacy=1---&client=ca-pub-4985447070160925&output=html&h=1069&slotname=4684115771&adk=2369831491&adf=1915577481&pi=t.ma~as.4684115771&w=345&cr_col=1&cr_row=4&lmt=1662300982&rafmt=9&psa=0&format=345x1069&url=https%3A%2F%2Fwww.onenewspage.com%2Fvideo%2F20220806%2F14729083%2FMax-Igan-Shift-is-Happening!.htm&crui=pub_control_image_card_stacked&fwrattr=false&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1662300983414&bpp=1&bdt=374&idt=812&shv=r20220831&mjsv=m202208300101&ptt=9&saldr=aa&abxe=1&prev_fmts=750x280%2C345x280&correlator=4536277881758&frm=20&pv=1&ga_vid=1952181317.1662300983&ga_sid=1662300985&ga_hid=508319689&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1025&ady=2162&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44761793%2C44770880&oid=2&pvsid=1489802935848688&tmod=541642836&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpEebr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=2H1iP2yTvX&p=https%3A//www.onenewspage.com&dtd=1198

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?us_privacy=1---&client=ca-pub-4985447070160925&output=html&h=1069&slotname=4684115771&adk=2369831491&adf=1915577481&pi=t.ma~as.4684115771&w=345&cr_col=1&cr_row=4&lmt=1662300982&rafmt=9&psa=0&format=345x1069&url=https%3A%2F%2Fwww.onenewspage.com%2Fvideo%2F20220806%2F14729083%2FMax-Igan-Shift-is-Happening!.htm&crui=pub_control_image_card_stacked&fwrattr=false&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1662300983414&bpp=1&bdt=374&idt=812&shv=r20220831&mjsv=m202208300101&ptt=9&saldr=aa&abxe=1&prev_fmts=750x280%2C345x280&correlator=4536277881758&frm=20&pv=1&ga_vid=1952181317.1662300983&ga_sid=1662300985&ga_hid=508319689&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1025&ady=2162&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44761793%2C44770880&oid=2&pvsid=1489802935848688&tmod=541642836&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpEebr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=2H1iP2yTvX&p=https%3A//www.onenewspage.com&dtd=1198
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Sun, 04 Sep 2022 14:16:25 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame 869B 210 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 632d07eedff2c41430cd3be28e3a57fc192468a60abedcd5a22e1391c7415101

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame 81F6 216 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: f42c11edae05ec91eb4ead37ff76211850c8dc5b4a53668aa3473f9717094e16

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 CgETvhyXIYksjpVuZOiCWYZFr3TNicAtz6hsjYVMHCQ.js Show response
pagead2.googlesyndication.com/bg/ Frame 60F7 36 KB
15 KB 61ms
61ms Script
text/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/CgETvhyXIYksjpVuZOiCWYZFr3TNicAtz6hsjYVMHCQ.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0a0113be1c9721892c8e956e64e882598645af74cd89c02dcfa86c8d854c1c24

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Sun, 04 Sep 2022 11:16:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 10805
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15836
x-xss-protection: 0
last-modified: Mon, 29 Aug 2022 10:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Mon, 04 Sep 2023 11:16:20 GMT

GET
H2 200 OvaMediaPlayer.js Show response
vidstat.taboola.com/vpaid/vPlayer/player/v14.7.7/ 426 KB
85 KB 28ms
28ms Script
application/javascript 151.101.65.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://vidstat.taboola.com/vpaid/vPlayer/player/v14.7.7/OvaMediaPlayer.js
Requested by: Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/vpaid/units/32_2_1/infra/cmTagWIDGET_ITEM.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3-br /
Resource Hash: 376dd78b0a9611070abca5b4dca8c5497cc263a969779273d20c3ee9a1d01711

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.onenewspage.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Sun, 04 Sep 2022 14:16:25 GMT
via: 1.1 varnish
age: 371878
x-amz-meta-mtime: 1661929036
x-cache: HIT
x-amz-meta-ctime: 1661929049
x-amz-meta-mode: 33188
content-encoding: br
content-length: 86596
x-amz-id-2: B/SuMqVOPFmaEY99X5qNmXE/iJ1h5+Bir49xHobPlAEeX9/iBfNMf07JmQsnuGXy17VYRYUtwYM=
x-served-by: cache-cdg20753-CDG
accept-ranges: bytes
last-modified: Wed, 31 Aug 2022 06:57:30 GMT
server: AmazonS3-br
x-timer: S1662300985.304910,VS0,VE0
etag: "dc6f9c508a655c577be225354b665441"
x-amz-meta-uid: 0
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS, HEAD
x-amz-request-id: TK9QZST7BY47341M
access-control-allow-origin: *
cache-control: public, max-age=2592000
x-amz-meta-gid: 0
content-type: application/javascript
access-control-allow-headers: *
x-cache-hits: 155693

GET
H2 200 sync Show response
am-match.taboola.com/ Frame 6050 928 B
1013 B 27ms
26ms Document
text/html 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://am-match.taboola.com/sync?dast=V7m6gCFgOnWK7GEN8VrwSnWK7GEN8VrwUAAAAGBuIHJDgZrgYj32itsRgXa9FyslkrF57FWjharFzGhWc2nLmMQCIzy2o4HG7WuuVu5RbNfCu3crWyrWW-iXHmmLlmC4dzCg3E8nxNf8Nb9jS5_G6gQtPp8Lnu9brf7663u-wu3-fw8LnsGr_bL3uaXH6_ZDCZDIaD2V4x2k2Wg-Fmr2YY30qew-7WFJ0201vpeQsZhsPL7rT7HHKh6W0HAAAAgAeALPtNiB9AAIAIAAAAAAkAAAAAioCKfwuBCwAAAAAMgAOZJA0AKI6Ddt09p5flHwAADw8gAAACGCQABIL7JQAj1j0nAAAAAAAAAAAs_____zED8v77MgP3Xpc9AA8-AA9EBaNFjAAAAACCNxwUjiZ1QmVRBQBAkG4FcAUAEDCIwE0hFwYAAEAwtkAPi99vdtg1frfLAAAAAAAAAADM_s_-0YSerhXSgOhR7NV-AQEA1n4BAQDYwg0A4E0ALugIWjEYrC4gZgcAAABw9____68HkpuFwzBbDQe7lWtkmjmXK89yZJmNVqPRcjjZmLzHRDtlK5G77NTXQCzP1_Q3vGVPk8tvvwlbjFaTyWY5nC0Xk8FwNByN9jcQg9UAJ2KwXE4mi8luNVqNNsPdaDZYoEAMJkjRosFkNRpNFpPhajRZzZaL3W6DFK1azUabwXA1m8x2u9VwMFyORjhhi9FqMtksh7PlYjIYjoaj0RBhZLEa-WY241rlsdjcosXEshaubI61YDXYTDYe02qwsa1Fr4_pYVh5hhPjFgUDpvYiuEgnervL7vJ9Dg-fy623u-wu3-fw8LksYonmZJFOZJd9c7NwGGar4WC3co1MM-dy5VmOLLPRajRaDicbk7-yWI18M5txrfJYbG7RYmJZC1c2x1qwGmwmG49pNdjY1qLXx_QwrDzDiXHfmM0mm8FgORztG7PZZDMYLIejfYfO8F19zkZjTnTx6Dy2cc3wvTkMCpfB4v1JTItpd3bw_H5Hp079UhZ1RuHle_QaFJ6DRzW8Lpfh6XHxbf4MCsfBoIglgtNFOpE9TS6_RSyRPC3SiXK2GXk2tuHEtpt5HJ6VyeacOTwL18gx2Fg8M-NELFGaLtKJXvY0ufx-yWAyGQwHs71itJssB8PNXu0wvpU-h92tOTptprfS8xY6DIeX3Wn3OeRC09ui_iNDLDdzyW6uGM0Vg1UCAAAAAAAAAFjCnHkTAAAAgNNAlqvZbrVcgAgWKt2f1a-sLCr1tt38PHTPjzJ76eLGjy_e7rK7fJ_Dw-dy6-0uu8v3OTx8LisDRKSAMW_2TBBrtVrWAAAAAtgAAAAB3Lp5Cwiz5PaBqCzNzMzMzPgJcLNaDA!&excid=22&docw=0&cijs=1&nlb=true
Requested by: Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/vpaid/units/32_2_1/infra/cmTagWIDGET_ITEM.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: 66447cfc636542b4acdb280f4d41993dd18718ba71c208ef9b74f24ca508353d

Request headers

Referer: https://www.onenewspage.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

content-type: text/html;charset=ISO-8859-1
date: Sun, 04 Sep 2022 14:16:25 GMT
machineid: 3402
server: nginx

GET
H2 206 blackScreen5.mp4
vidstatb.taboola.com/vid/ 89 KB
89 KB 62ms
26ms Media
video/mp4 151.101.65.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://vidstatb.taboola.com/vid/blackScreen5.mp4
Requested by: Host: www.onenewspage.com
URL: https://www.onenewspage.com/video/20220806/14729083/Max-Igan-Shift-is-Happening!.htm
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 0407dafc112212a135d1aa4dd9b40ba0208c6bb6b1959f5535af093254189d66

Request headers

Referer: https://www.onenewspage.com/
Accept-Encoding: identity;q=1, *;q=0
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
Range: bytes=0-

Response headers

date: Sun, 04 Sep 2022 14:16:25 GMT
via: 1.1 d5ee2aa873a3cb23609433e0272dd41c.cloudfront.net (CloudFront), 1.1 varnish
age: 641484
x-amz-meta-mtime: 1497790207
x-cache: Hit from cloudfront, HIT
Content-Range: bytes 0-90783/90784
x-amz-meta-mode: 33188
Content-Length: 90784
x-served-by: cache-cdg20753-CDG
last-modified: Sun, 02 Jul 2017 20:40:57 GMT
server: AmazonS3
x-timer: S1662300985.367637,VS0,VE0
etag: "b2b087fe4ae638c533731c347fcd4df8"
x-amz-meta-uid: 0
access-control-allow-methods: GET, OPTIONS, HEAD
x-amz-meta-gid: 0
access-control-allow-origin: *
cache-control: public, max-age=2592000
x-amz-cf-pop: CDG50-P2
accept-ranges: bytes
content-type: video/mp4
access-control-allow-headers: *
x-amz-cf-id: O_0RZADpuu9ZB6Sw-rua-VZDmr-5cGG8AEXJuMqjWWxxTgOBxH9ZeA==
x-cache-hits: 156758

GET
H3 200 KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 869B 15 KB
16 KB 53ms
18ms Font
font/woff2 2a00:1450:4001:803::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Mon, 29 Aug 2022 16:44:52 GMT
x-content-type-options: nosniff
age: 509493
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15860
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 29 Aug 2023 16:44:52 GMT

GET
H3 200 KFOlCnqEu92Fr1MmSU5fBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 869B 15 KB
15 KB 49ms
16ms Font
font/woff2 2a00:1450:4001:803::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmSU5fBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f75911313e1c7802c23345ab57e754d87801581706780c993fb23ff4e0fe62ef

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Mon, 29 Aug 2022 16:39:45 GMT
x-content-type-options: nosniff
age: 509800
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15740
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:56 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 29 Aug 2023 16:39:45 GMT

POST
H2 204 bulk Show response
trc.taboola.com/onenewspage-onenewspage/log/3/ 0
291 B 37ms
37ms XHR
image/gif 151.101.65.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://trc.taboola.com/onenewspage-onenewspage/log/3/bulk?route=AM%3AAM%3AV&lti=html_metrics_3_ctrl&bulkSize=1
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20220901-18-RELEASE.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.onenewspage.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-vcl-time-ms: 12
pragma: no-cache
date: Sun, 04 Sep 2022 14:16:25 GMT
via: 1.1 varnish
server: nginx
x-timer: S1662300985.398036,VS0,VE12
x-served-by: cache-cdg20753-CDG
x-cache: MISS
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin: https://www.onenewspage.com
cache-control: no-cache
access-control-allow-credentials: true
accept-ranges: bytes
content-type: image/gif
x-cache-hits: 0

GET
H2 200 sync
taboola-supply-partners.tremorhub.com/ Frame 6050 43 B
182 B 109ms
109ms Image
image/gif 2600:1f18:612b:4264:562f:45f1:d263:2a9f
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://taboola-supply-partners.tremorhub.com/sync?UISTB=%3CtaboolaUserId%3E&gdpr=1&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Ftelaria-rtb-network%2F1%2Frtb-h%2F%3Fgdpr%3D1%26us_privacy%3D1---%26taboola_hm%3D%5BTVUSER_ID%5D%26orig%3Dvideo
Requested by: Host: am-match.taboola.com
URL: https://am-match.taboola.com/sync?dast=V7m6gCFgOnWK7GEN8VrwSnWK7GEN8VrwUAAAAGBuIHJDgZrgYj32itsRgXa9FyslkrF57FWjharFzGhWc2nLmMQCIzy2o4HG7WuuVu5RbNfCu3crWyrWW-iXHmmLlmC4dzCg3E8nxNf8Nb9jS5_G6gQtPp8Lnu9brf7663u-wu3-fw8LnsGr_bL3uaXH6_ZDCZDIaD2V4x2k2Wg-Fmr2YY30qew-7WFJ0201vpeQsZhsPL7rT7HHKh6W0HAAAAgAeALPtNiB9AAIAIAAAAAAkAAAAAioCKfwuBCwAAAAAMgAOZJA0AKI6Ddt09p5flHwAADw8gAAACGCQABIL7JQAj1j0nAAAAAAAAAAAs_____zED8v77MgP3Xpc9AA8-AA9EBaNFjAAAAACCNxwUjiZ1QmVRBQBAkG4FcAUAEDCIwE0hFwYAAEAwtkAPi99vdtg1frfLAAAAAAAAAADM_s_-0YSerhXSgOhR7NV-AQEA1n4BAQDYwg0A4E0ALugIWjEYrC4gZgcAAABw9____68HkpuFwzBbDQe7lWtkmjmXK89yZJmNVqPRcjjZmLzHRDtlK5G77NTXQCzP1_Q3vGVPk8tvvwlbjFaTyWY5nC0Xk8FwNByN9jcQg9UAJ2KwXE4mi8luNVqNNsPdaDZYoEAMJkjRosFkNRpNFpPhajRZzZaL3W6DFK1azUabwXA1m8x2u9VwMFyORjhhi9FqMtksh7PlYjIYjoaj0RBhZLEa-WY241rlsdjcosXEshaubI61YDXYTDYe02qwsa1Fr4_pYVh5hhPjFgUDpvYiuEgnervL7vJ9Dg-fy623u-wu3-fw8LksYonmZJFOZJd9c7NwGGar4WC3co1MM-dy5VmOLLPRajRaDicbk7-yWI18M5txrfJYbG7RYmJZC1c2x1qwGmwmG49pNdjY1qLXx_QwrDzDiXHfmM0mm8FgORztG7PZZDMYLIejfYfO8F19zkZjTnTx6Dy2cc3wvTkMCpfB4v1JTItpd3bw_H5Hp079UhZ1RuHle_QaFJ6DRzW8Lpfh6XHxbf4MCsfBoIglgtNFOpE9TS6_RSyRPC3SiXK2GXk2tuHEtpt5HJ6VyeacOTwL18gx2Fg8M-NELFGaLtKJXvY0ufx-yWAyGQwHs71itJssB8PNXu0wvpU-h92tOTptprfS8xY6DIeX3Wn3OeRC09ui_iNDLDdzyW6uGM0Vg1UCAAAAAAAAAFjCnHkTAAAAgNNAlqvZbrVcgAgWKt2f1a-sLCr1tt38PHTPjzJ76eLGjy_e7rK7fJ_Dw-dy6-0uu8v3OTx8LisDRKSAMW_2TBBrtVrWAAAAAtgAAAAB3Lp5Cwiz5PaBqCzNzMzMzPgJcLNaDA!&excid=22&docw=0&cijs=1&nlb=true
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:612b:4264:562f:45f1:d263:2a9f Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: Apache-Coyote/1.1 /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://am-match.taboola.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Sun, 04 Sep 2022 14:16:25 GMT
server: Apache-Coyote/1.1
p3p: CP='This is not a P3P policy. See https://telaria.com/privacy-policy/'
content-type: image/gif

GET
H2 200 generic
match.adsrvr.org/track/cmf/ Frame 6050 70 B
264 B 43ms
43ms Image
image/gif 15.197.193.217
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/generic?gdpr=1&ttd_pid=054f32o&us_privacy=1---&ttd_tpi=1
Requested by: Host: am-match.taboola.com
URL: https://am-match.taboola.com/sync?dast=V7m6gCFgOnWK7GEN8VrwSnWK7GEN8VrwUAAAAGBuIHJDgZrgYj32itsRgXa9FyslkrF57FWjharFzGhWc2nLmMQCIzy2o4HG7WuuVu5RbNfCu3crWyrWW-iXHmmLlmC4dzCg3E8nxNf8Nb9jS5_G6gQtPp8Lnu9brf7663u-wu3-fw8LnsGr_bL3uaXH6_ZDCZDIaD2V4x2k2Wg-Fmr2YY30qew-7WFJ0201vpeQsZhsPL7rT7HHKh6W0HAAAAgAeALPtNiB9AAIAIAAAAAAkAAAAAioCKfwuBCwAAAAAMgAOZJA0AKI6Ddt09p5flHwAADw8gAAACGCQABIL7JQAj1j0nAAAAAAAAAAAs_____zED8v77MgP3Xpc9AA8-AA9EBaNFjAAAAACCNxwUjiZ1QmVRBQBAkG4FcAUAEDCIwE0hFwYAAEAwtkAPi99vdtg1frfLAAAAAAAAAADM_s_-0YSerhXSgOhR7NV-AQEA1n4BAQDYwg0A4E0ALugIWjEYrC4gZgcAAABw9____68HkpuFwzBbDQe7lWtkmjmXK89yZJmNVqPRcjjZmLzHRDtlK5G77NTXQCzP1_Q3vGVPk8tvvwlbjFaTyWY5nC0Xk8FwNByN9jcQg9UAJ2KwXE4mi8luNVqNNsPdaDZYoEAMJkjRosFkNRpNFpPhajRZzZaL3W6DFK1azUabwXA1m8x2u9VwMFyORjhhi9FqMtksh7PlYjIYjoaj0RBhZLEa-WY241rlsdjcosXEshaubI61YDXYTDYe02qwsa1Fr4_pYVh5hhPjFgUDpvYiuEgnervL7vJ9Dg-fy623u-wu3-fw8LksYonmZJFOZJd9c7NwGGar4WC3co1MM-dy5VmOLLPRajRaDicbk7-yWI18M5txrfJYbG7RYmJZC1c2x1qwGmwmG49pNdjY1qLXx_QwrDzDiXHfmM0mm8FgORztG7PZZDMYLIejfYfO8F19zkZjTnTx6Dy2cc3wvTkMCpfB4v1JTItpd3bw_H5Hp079UhZ1RuHle_QaFJ6DRzW8Lpfh6XHxbf4MCsfBoIglgtNFOpE9TS6_RSyRPC3SiXK2GXk2tuHEtpt5HJ6VyeacOTwL18gx2Fg8M-NELFGaLtKJXvY0ufx-yWAyGQwHs71itJssB8PNXu0wvpU-h92tOTptprfS8xY6DIeX3Wn3OeRC09ui_iNDLDdzyW6uGM0Vg1UCAAAAAAAAAFjCnHkTAAAAgNNAlqvZbrVcgAgWKt2f1a-sLCr1tt38PHTPjzJ76eLGjy_e7rK7fJ_Dw-dy6-0uu8v3OTx8LisDRKSAMW_2TBBrtVrWAAAAAtgAAAAB3Lp5Cwiz5PaBqCzNzMzMzPgJcLNaDA!&excid=22&docw=0&cijs=1&nlb=true
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 15.197.193.217 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a12b7a488abeaa9e4.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://am-match.taboola.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 04 Sep 2022 14:16:25 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-type: image/gif
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H2

200

rtb-h Show response
sync-t1.taboola.com/sg/spotx-rtb-network/1/ Frame 6050
Redirect Chain

https://sync.search.spotxchange.com/partner?gdpr=1&adv_id=8532&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fspotx-rtb-network%2F1%2Frtb-h%3Ftaboola_hm%3D%24SPOTX_USER_ID%26orig%3D...
https://sync-t1.taboola.com/sg/spotx-rtb-network/1/rtb-h?taboola_hm=28f3c2e2-2c5c-11ed-8180-1bf9ad920206&orig=video&us_privacy=1---gdpr=1&

0
98 B

24ms
24ms

Script
text/plain

141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://sync-t1.taboola.com/sg/spotx-rtb-network/1/rtb-h?taboola_hm=28f3c2e2-2c5c-11ed-8180-1bf9ad920206&orig=video&us_privacy=1---gdpr=1&
Requested by: Host: am-match.taboola.com
URL: https://am-match.taboola.com/sync?dast=V7m6gCFgOnWK7GEN8VrwSnWK7GEN8VrwUAAAAGBuIHJDgZrgYj32itsRgXa9FyslkrF57FWjharFzGhWc2nLmMQCIzy2o4HG7WuuVu5RbNfCu3crWyrWW-iXHmmLlmC4dzCg3E8nxNf8Nb9jS5_G6gQtPp8Lnu9brf7663u-wu3-fw8LnsGr_bL3uaXH6_ZDCZDIaD2V4x2k2Wg-Fmr2YY30qew-7WFJ0201vpeQsZhsPL7rT7HHKh6W0HAAAAgAeALPtNiB9AAIAIAAAAAAkAAAAAioCKfwuBCwAAAAAMgAOZJA0AKI6Ddt09p5flHwAADw8gAAACGCQABIL7JQAj1j0nAAAAAAAAAAAs_____zED8v77MgP3Xpc9AA8-AA9EBaNFjAAAAACCNxwUjiZ1QmVRBQBAkG4FcAUAEDCIwE0hFwYAAEAwtkAPi99vdtg1frfLAAAAAAAAAADM_s_-0YSerhXSgOhR7NV-AQEA1n4BAQDYwg0A4E0ALugIWjEYrC4gZgcAAABw9____68HkpuFwzBbDQe7lWtkmjmXK89yZJmNVqPRcjjZmLzHRDtlK5G77NTXQCzP1_Q3vGVPk8tvvwlbjFaTyWY5nC0Xk8FwNByN9jcQg9UAJ2KwXE4mi8luNVqNNsPdaDZYoEAMJkjRosFkNRpNFpPhajRZzZaL3W6DFK1azUabwXA1m8x2u9VwMFyORjhhi9FqMtksh7PlYjIYjoaj0RBhZLEa-WY241rlsdjcosXEshaubI61YDXYTDYe02qwsa1Fr4_pYVh5hhPjFgUDpvYiuEgnervL7vJ9Dg-fy623u-wu3-fw8LksYonmZJFOZJd9c7NwGGar4WC3co1MM-dy5VmOLLPRajRaDicbk7-yWI18M5txrfJYbG7RYmJZC1c2x1qwGmwmG49pNdjY1qLXx_QwrDzDiXHfmM0mm8FgORztG7PZZDMYLIejfYfO8F19zkZjTnTx6Dy2cc3wvTkMCpfB4v1JTItpd3bw_H5Hp079UhZ1RuHle_QaFJ6DRzW8Lpfh6XHxbf4MCsfBoIglgtNFOpE9TS6_RSyRPC3SiXK2GXk2tuHEtpt5HJ6VyeacOTwL18gx2Fg8M-NELFGaLtKJXvY0ufx-yWAyGQwHs71itJssB8PNXu0wvpU-h92tOTptprfS8xY6DIeX3Wn3OeRC09ui_iNDLDdzyW6uGM0Vg1UCAAAAAAAAAFjCnHkTAAAAgNNAlqvZbrVcgAgWKt2f1a-sLCr1tt38PHTPjzJ76eLGjy_e7rK7fJ_Dw-dy6-0uu8v3OTx8LisDRKSAMW_2TBBrtVrWAAAAAtgAAAAB3Lp5Cwiz5PaBqCzNzMzMzPgJcLNaDA!&excid=22&docw=0&cijs=1&nlb=true
Protocol: H2
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://am-match.taboola.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Sun, 04 Sep 2022 14:16:25 GMT
access-control-allow-credentials: true
server: nginx
x-fastly-to-nlb-rtt: 26899

Redirect headers

Date: Sun, 04 Sep 2022 14:16:25 GMT
Server: nginx
Location: https://sync-t1.taboola.com/sg/spotx-rtb-network/1/rtb-h?taboola_hm=28f3c2e2-2c5c-11ed-8180-1bf9ad920206&orig=video&us_privacy=1---gdpr=1&
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: text/plain
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Access-Control-Allow-Credentials: false
X-fe: 137
Connection: keep-alive
Content-Length: 0

GET
H/1.1 200
OK sync
x.bidswitch.net/ Frame 6050 43 B
220 B 19ms
18ms Image
image/gif 52.57.12.251
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://x.bidswitch.net/sync?gdpr=1&us_privacy=1---&ssp=taboola
Requested by: Host: am-match.taboola.com
URL: https://am-match.taboola.com/sync?dast=V7m6gCFgOnWK7GEN8VrwSnWK7GEN8VrwUAAAAGBuIHJDgZrgYj32itsRgXa9FyslkrF57FWjharFzGhWc2nLmMQCIzy2o4HG7WuuVu5RbNfCu3crWyrWW-iXHmmLlmC4dzCg3E8nxNf8Nb9jS5_G6gQtPp8Lnu9brf7663u-wu3-fw8LnsGr_bL3uaXH6_ZDCZDIaD2V4x2k2Wg-Fmr2YY30qew-7WFJ0201vpeQsZhsPL7rT7HHKh6W0HAAAAgAeALPtNiB9AAIAIAAAAAAkAAAAAioCKfwuBCwAAAAAMgAOZJA0AKI6Ddt09p5flHwAADw8gAAACGCQABIL7JQAj1j0nAAAAAAAAAAAs_____zED8v77MgP3Xpc9AA8-AA9EBaNFjAAAAACCNxwUjiZ1QmVRBQBAkG4FcAUAEDCIwE0hFwYAAEAwtkAPi99vdtg1frfLAAAAAAAAAADM_s_-0YSerhXSgOhR7NV-AQEA1n4BAQDYwg0A4E0ALugIWjEYrC4gZgcAAABw9____68HkpuFwzBbDQe7lWtkmjmXK89yZJmNVqPRcjjZmLzHRDtlK5G77NTXQCzP1_Q3vGVPk8tvvwlbjFaTyWY5nC0Xk8FwNByN9jcQg9UAJ2KwXE4mi8luNVqNNsPdaDZYoEAMJkjRosFkNRpNFpPhajRZzZaL3W6DFK1azUabwXA1m8x2u9VwMFyORjhhi9FqMtksh7PlYjIYjoaj0RBhZLEa-WY241rlsdjcosXEshaubI61YDXYTDYe02qwsa1Fr4_pYVh5hhPjFgUDpvYiuEgnervL7vJ9Dg-fy623u-wu3-fw8LksYonmZJFOZJd9c7NwGGar4WC3co1MM-dy5VmOLLPRajRaDicbk7-yWI18M5txrfJYbG7RYmJZC1c2x1qwGmwmG49pNdjY1qLXx_QwrDzDiXHfmM0mm8FgORztG7PZZDMYLIejfYfO8F19zkZjTnTx6Dy2cc3wvTkMCpfB4v1JTItpd3bw_H5Hp079UhZ1RuHle_QaFJ6DRzW8Lpfh6XHxbf4MCsfBoIglgtNFOpE9TS6_RSyRPC3SiXK2GXk2tuHEtpt5HJ6VyeacOTwL18gx2Fg8M-NELFGaLtKJXvY0ufx-yWAyGQwHs71itJssB8PNXu0wvpU-h92tOTptprfS8xY6DIeX3Wn3OeRC09ui_iNDLDdzyW6uGM0Vg1UCAAAAAAAAAFjCnHkTAAAAgNNAlqvZbrVcgAgWKt2f1a-sLCr1tt38PHTPjzJ76eLGjy_e7rK7fJ_Dw-dy6-0uu8v3OTx8LisDRKSAMW_2TBBrtVrWAAAAAtgAAAAB3Lp5Cwiz5PaBqCzNzMzMzPgJcLNaDA!&excid=22&docw=0&cijs=1&nlb=true
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.57.12.251 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-57-12-251.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://am-match.taboola.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

Date: Sun, 04 Sep 2022 14:16:25 GMT
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Length: 43
Content-Type: image/gif

GET
H2

200

/
sync.taboola.com/sg/yahoosspus-network/1/rtb-h/ Frame 6050
Redirect Chain

https://ups.analytics.yahoo.com/ups/58534/occ
https://sync.taboola.com/sg/yahoosspus-network/1/rtb-h/?taboola_hm=y-TH8pgq5E2uHpbuLsdtDQnDbdlzJU6mu9Al.yB.I-~A

0
98 B

23ms
23ms

Image
text/plain

141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.taboola.com/sg/yahoosspus-network/1/rtb-h/?taboola_hm=y-TH8pgq5E2uHpbuLsdtDQnDbdlzJU6mu9Al.yB.I-~A
Requested by: Host: am-match.taboola.com
URL: https://am-match.taboola.com/sync?dast=V7m6gCFgOnWK7GEN8VrwSnWK7GEN8VrwUAAAAGBuIHJDgZrgYj32itsRgXa9FyslkrF57FWjharFzGhWc2nLmMQCIzy2o4HG7WuuVu5RbNfCu3crWyrWW-iXHmmLlmC4dzCg3E8nxNf8Nb9jS5_G6gQtPp8Lnu9brf7663u-wu3-fw8LnsGr_bL3uaXH6_ZDCZDIaD2V4x2k2Wg-Fmr2YY30qew-7WFJ0201vpeQsZhsPL7rT7HHKh6W0HAAAAgAeALPtNiB9AAIAIAAAAAAkAAAAAioCKfwuBCwAAAAAMgAOZJA0AKI6Ddt09p5flHwAADw8gAAACGCQABIL7JQAj1j0nAAAAAAAAAAAs_____zED8v77MgP3Xpc9AA8-AA9EBaNFjAAAAACCNxwUjiZ1QmVRBQBAkG4FcAUAEDCIwE0hFwYAAEAwtkAPi99vdtg1frfLAAAAAAAAAADM_s_-0YSerhXSgOhR7NV-AQEA1n4BAQDYwg0A4E0ALugIWjEYrC4gZgcAAABw9____68HkpuFwzBbDQe7lWtkmjmXK89yZJmNVqPRcjjZmLzHRDtlK5G77NTXQCzP1_Q3vGVPk8tvvwlbjFaTyWY5nC0Xk8FwNByN9jcQg9UAJ2KwXE4mi8luNVqNNsPdaDZYoEAMJkjRosFkNRpNFpPhajRZzZaL3W6DFK1azUabwXA1m8x2u9VwMFyORjhhi9FqMtksh7PlYjIYjoaj0RBhZLEa-WY241rlsdjcosXEshaubI61YDXYTDYe02qwsa1Fr4_pYVh5hhPjFgUDpvYiuEgnervL7vJ9Dg-fy623u-wu3-fw8LksYonmZJFOZJd9c7NwGGar4WC3co1MM-dy5VmOLLPRajRaDicbk7-yWI18M5txrfJYbG7RYmJZC1c2x1qwGmwmG49pNdjY1qLXx_QwrDzDiXHfmM0mm8FgORztG7PZZDMYLIejfYfO8F19zkZjTnTx6Dy2cc3wvTkMCpfB4v1JTItpd3bw_H5Hp079UhZ1RuHle_QaFJ6DRzW8Lpfh6XHxbf4MCsfBoIglgtNFOpE9TS6_RSyRPC3SiXK2GXk2tuHEtpt5HJ6VyeacOTwL18gx2Fg8M-NELFGaLtKJXvY0ufx-yWAyGQwHs71itJssB8PNXu0wvpU-h92tOTptprfS8xY6DIeX3Wn3OeRC09ui_iNDLDdzyW6uGM0Vg1UCAAAAAAAAAFjCnHkTAAAAgNNAlqvZbrVcgAgWKt2f1a-sLCr1tt38PHTPjzJ76eLGjy_e7rK7fJ_Dw-dy6-0uu8v3OTx8LisDRKSAMW_2TBBrtVrWAAAAAtgAAAAB3Lp5Cwiz5PaBqCzNzMzMzPgJcLNaDA!&excid=22&docw=0&cijs=1&nlb=true
Protocol: H2
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://am-match.taboola.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Sun, 04 Sep 2022 14:16:25 GMT
access-control-allow-credentials: true
server: nginx
x-fastly-to-nlb-rtt: 29060

Redirect headers

location: https://sync.taboola.com/sg/yahoosspus-network/1/rtb-h/?taboola_hm=y-TH8pgq5E2uHpbuLsdtDQnDbdlzJU6mu9Al.yB.I-~A
date: Sun, 04 Sep 2022 14:16:25 GMT
server: ATS/9.1.10.25
age: 0
content-length: 0
strict-transport-security: max-age=31536000
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

GET
H3 200 CgETvhyXIYksjpVuZOiCWYZFr3TNicAtz6hsjYVMHCQ.js Show response
pagead2.googlesyndication.com/bg/ Frame A52D 36 KB
15 KB 61ms
60ms Script
text/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/CgETvhyXIYksjpVuZOiCWYZFr3TNicAtz6hsjYVMHCQ.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?us_privacy=1---&client=ca-pub-4985447070160925&output=html&h=280&slotname=8987803811&adk=1915398834&adf=4050863620&pi=t.ma~as.8987803811&w=345&fwrn=1&fwrnh=100&lmt=1662300982&rafmt=1&psa=0&format=345x280&url=https%3A%2F%2Fwww.onenewspage.com%2Fvideo%2F20220806%2F14729083%2FMax-Igan-Shift-is-Happening!.htm&fwr=0&fwrattr=false&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1662300983414&bpp=1&bdt=375&idt=810&shv=r20220831&mjsv=m202208300101&ptt=9&saldr=aa&abxe=1&prev_fmts=750x280&correlator=4536277881758&frm=20&pv=1&ga_vid=1952181317.1662300983&ga_sid=1662300985&ga_hid=508319689&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1025&ady=932&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44761793%2C44770880&oid=2&pvsid=1489802935848688&tmod=541642836&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpEe%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=M3bgEHGOE3&p=https%3A//www.onenewspage.com&dtd=1194

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0a0113be1c9721892c8e956e64e882598645af74cd89c02dcfa86c8d854c1c24

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Sun, 04 Sep 2022 11:16:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 10805
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15836
x-xss-protection: 0
last-modified: Mon, 29 Aug 2022 10:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Mon, 04 Sep 2023 11:16:20 GMT

GET
H2 200 f539211219b796ffbb49949997c764f0.png
cdn.taboola.com/libtrc/static/thumbnails/ 254 B
708 B 26ms
25ms Image
image/png 151.101.65.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.taboola.com/libtrc/static/thumbnails/f539211219b796ffbb49949997c764f0.png
Requested by: Host: www.onenewspage.com
URL: https://www.onenewspage.com/video/20220806/14729083/Max-Igan-Shift-is-Happening!.htm
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: f68019eb4b4e5933301d4ee75969e0cb94ed8333bf514630fa749eb9c3e483c9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.onenewspage.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

x-amz-version-id: hL.cyLD7Q4TL5ceY.7JQwF9m5IYI8mkC
via: 1.1 varnish
etag: "dfa7b52c86e56bd67fa4002f6ed19854"
age: 18099
x-cache: HIT
x-amz-replication-status: COMPLETED
content-length: 254
x-amz-id-2: zDuIcdt6S3stmzYEfDXrVDdNiMz2/9b67ArEVSE+q2VR4x9Mp+wDNkBA2o6YRkq7ELRmLKpGRJk=
x-served-by: cache-cdg20753-CDG
last-modified: Wed, 24 Jun 2015 07:14:11 GMT
server: AmazonS3
x-amz-meta-s3cmd-attrs: uid:0/gname:root/uname:root/gid:0/mode:33188/mtime:1377415166/atime:1435052450/md5:dfa7b52c86e56bd67fa4002f6ed19854/ctime:1422381567
x-timer: S1662300985.452768,VS0,VE0
date: Sun, 04 Sep 2022 14:16:25 GMT
x-amz-request-id: YPR93VMR3A8JGEX4
cache-control: private,max-age=31536000
accept-ranges: bytes
content-type: image/png
abp: 70
x-cache-hits: 1726

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 14 KB
11 KB 316ms
159ms XHR
application/json 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20220831&st=env

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c7d4e24937bd1729e639ec6f1f9cc2789d2cb9d20cea69247fb02f87ff58d3b0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.onenewspage.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

timing-allow-origin: *
date: Sun, 04 Sep 2022 14:16:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10964
x-xss-protection: 0

POST
H3 200 rum Show response
www.onenewspage.com/cdn-cgi/ 0
169 B 77ms
43ms XHR
text/plain 2606:4700:3033::ac43:938a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.onenewspage.com/cdn-cgi/rum?

Requested by

Host: static.cloudflareinsights.com
URL: https://static.cloudflareinsights.com/beacon.min.js/v652eace1692a40cfa3763df669d7439c1639079717194

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3033::ac43:938a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://www.onenewspage.com/video/20220806/14729083/Max-Igan-Shift-is-Happening!.htm
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
content-type: application/json

Response headers

date: Sun, 04 Sep 2022 14:16:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cloudflare
x-frame-options: DENY
access-control-allow-methods: POST,OPTIONS
content-type: text/plain
access-control-allow-origin: https://www.onenewspage.com
access-control-max-age: 86400
access-control-allow-credentials: true
cf-ray: 745757c81f5ebb06-MXP
vary: Origin

GET
H3 200 px.gif
fundingchoicesmessages.google.com/img/ 43 B
69 B 34ms
33ms Image
image/gif 2a00:1450:4001:827::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://fundingchoicesmessages.google.com/img/px.gif?ch=1&rn=6.030664705008474

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-vXnVGNQLYRnk7I6FaJUcRw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingDetectionHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingDetectionHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingDetectionHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.onenewspage.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

content-security-policy: script-src 'report-sample' 'nonce-vXnVGNQLYRnk7I6FaJUcRw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingDetectionHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingDetectionHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingDetectionHttp/cspreport
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
pragma: no-cache
server: ESF
cross-origin-opener-policy: same-origin; report-to="ContributorServingDetectionHttp"
x-frame-options: SAMEORIGIN
date: Sun, 04 Sep 2022 14:16:25 GMT
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
report-to: {"group":"ContributorServingDetectionHttp","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ContributorServingDetectionHttp/external"}]}
content-type: image/gif
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-platform=*, ch-ua-platform-version=*
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 px.gif
fundingchoicesmessages.google.com/img/ 43 B
68 B 38ms
37ms Image
image/gif 2a00:1450:4001:827::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://fundingchoicesmessages.google.com/img/px.gif?ch=2&rn=7.771375914071905

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorServingDetectionHttp/cspreport, script-src 'report-sample' 'nonce-QlOyFRyG7stHgqUs64ihvw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingDetectionHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingDetectionHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.onenewspage.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Sun, 04 Sep 2022 14:16:25 GMT
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
pragma: no-cache
server: ESF
cross-origin-opener-policy: same-origin
x-frame-options: SAMEORIGIN
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
content-type: image/gif
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-platform=*, ch-ua-platform-version=*
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorServingDetectionHttp/cspreport, script-src 'report-sample' 'nonce-QlOyFRyG7stHgqUs64ihvw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingDetectionHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingDetectionHttp/cspreport/allowlist
expires: Mon, 01 Jan 1990 00:00:00 GMT

POST
H3 204 AGSKWxWVX2ttyUfCvX5UtupOVfo24aVnGP6r0rX5piJ1w4YwPb8FbYzoKDH5J4Qds2fx8H4kbD1g2oxWCVTdMR2kWSp9G0Xb0pfIXRh0Gsv6WkAVKXQGYzHDg4SwBs5G1n5PYCRJf77rYw== Show response
fundingchoicesmessages.google.com/el/ 0
28 B 29ms
29ms XHR
text/html 2a00:1450:4001:827::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxWVX2ttyUfCvX5UtupOVfo24aVnGP6r0rX5piJ1w4YwPb8FbYzoKDH5J4Qds2fx8H4kbD1g2oxWCVTdMR2kWSp9G0Xb0pfIXRh0Gsv6WkAVKXQGYzHDg4SwBs5G1n5PYCRJf77rYw==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-rfNUisR3XSUDInQkM0xn9g' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.onenewspage.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
Content-Type: text/plain

Response headers

date: Sun, 04 Sep 2022 14:16:25 GMT
x-content-type-options: nosniff
access-control-allow-origin: https://www.onenewspage.com
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
pragma: no-cache
server: ESF
cross-origin-opener-policy: same-origin
x-frame-options: SAMEORIGIN
access-control-max-age: 86400
access-control-allow-methods: POST, GET, OPTIONS
content-type: text/html; charset=utf-8
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-platform=*, ch-ua-platform-version=*
content-security-policy: script-src 'report-sample' 'nonce-rfNUisR3XSUDInQkM0xn9g' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 32ms
30ms Script
text/javascript 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.onenewspage.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Sun, 04 Sep 2022 14:16:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sun, 04 Sep 2022 14:16:25 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame F2A8 13 KB
5 KB 18ms
16ms Document
text/html 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.onenewspage.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 1236
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Sun, 04 Sep 2022 13:55:49 GMT
expires: Mon, 04 Sep 2023 13:55:49 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame A889 783 B
537 B 28ms
27ms Document
text/html 2a00:1450:4001:831::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

d14b13ba1a41f52c612003fe16d2235f5db502804483147f22d47536968bce2f

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-3jOZIJYQboH5n8hDjjXV5w' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.onenewspage.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private, max-age=300
content-encoding: gzip
content-length: 515
content-security-policy: script-src 'report-sample' 'nonce-3jOZIJYQboH5n8hDjjXV5w' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Sun, 04 Sep 2022 14:16:26 GMT
expires: Sun, 04 Sep 2022 14:16:26 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame A889 0
0 164ms
163ms Image
text/html 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20220831&jk=1489802935848688&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

GET
H3 200 CgETvhyXIYksjpVuZOiCWYZFr3TNicAtz6hsjYVMHCQ.js Show response
pagead2.googlesyndication.com/bg/ Frame F2A8 36 KB
15 KB 132ms
132ms Script
text/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/CgETvhyXIYksjpVuZOiCWYZFr3TNicAtz6hsjYVMHCQ.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0a0113be1c9721892c8e956e64e882598645af74cd89c02dcfa86c8d854c1c24

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Sun, 04 Sep 2022 11:16:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 10806
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15836
x-xss-protection: 0
last-modified: Mon, 29 Aug 2022 10:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Mon, 04 Sep 2023 11:16:20 GMT

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame F2A8 0
10 B 15ms
15ms Image
text/plain 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?FC85iw
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Sun, 04 Sep 2022 14:16:26 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 869B 42 B
64 B 143ms
142ms Fetch
image/gif 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstmnvACwm6e8SFA7Yvk7nrHwwSNTd4-1p7kyiB6EpCXhCQlPpawK5_5hhc_rYBsXbw50QjJXOpcURr5_NOMGEy9dtHWz3BOgqKCsJsg8mXkPz_NfNPgqSojaH17uPirUCYu8tYN3g&sai=AMfl-YTDPgh1YbecDGLnYvCGYNAPRzAeBhodg9-U11LBsna7E9MHyA3A-F0CQpd-jXFrRI6vdWVIqv7xjG0p&sig=Cg0ArKJSzP8D2Y6GB7CKEAE&id=lidar2&mcvt=1000&p=0,0,280,345&mtos=0,1000,1000,1000,1000&tos=0,1000,0,0,0&v=20220831&bin=7&avms=nio&bs=0,0&mc=0.96&if=1&vu=1&app=0&itpl=22&adk=1915398834&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1662300984609&rpt=781&met=mue&wmsd=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 04 Sep 2022 14:16:26 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 advs_actv. Show response
fundingchoicesmessages.google.com/f/AGSKWxWq2X2ITzWK9flG5fLQS9FhatYlk95sTTTW4sTHloHMml6qJMmDyjZRF0cqtQVP-MqCSs8nPVbNT8ZWFN7xEsOFhM7o2Yb_cf9VAoxWQyaYAqlxPrKzICcJMxtkvuseVLfJI49LKkHeo_UOa3E4QDeWn7UrV... 54 B
109 B 29ms
28ms Script
application/javascript 2a00:1450:4001:827::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/f/AGSKWxWq2X2ITzWK9flG5fLQS9FhatYlk95sTTTW4sTHloHMml6qJMmDyjZRF0cqtQVP-MqCSs8nPVbNT8ZWFN7xEsOFhM7o2Yb_cf9VAoxWQyaYAqlxPrKzICcJMxtkvuseVLfJI49LKkHeo_UOa3E4QDeWn7UrVNX1vU5WXRhpgDLlTvD_yo739EK_CTJu/_/showadvert./ad_rectangle_/728x90banner./adfoxLoader_/advs_actv.

Requested by

Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.de.VrZiRpDyRAQ.es5.O/d=1/exm=kernel_loader,loader_js_executable,web_iab_ccpa_signal_executable/ed=1/rs=AJlcJMzJI-Scy3r4KuzcfVPAE1igGfSgnQ/m=ad_blocking_detection_executable

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

3ebd5678eab937997f10ae8df14e4e4a457dc99f02c972e2ae3615d4d0a82cec

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-ttfxmJtEstgaU2OePOao6w' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.onenewspage.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-ttfxmJtEstgaU2OePOao6w' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
pragma: no-cache
server: ESF
cross-origin-opener-policy: same-origin
x-frame-options: SAMEORIGIN
date: Sun, 04 Sep 2022 14:16:26 GMT
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
content-type: application/javascript; charset=utf-8
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-platform=*, ch-ua-platform-version=*
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 show_companion_ad.js Show response
pagead2.googlesyndication.com/pagead/ 30 KB
9 KB 149ms
149ms Script
text/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/show_companion_ad.js?fcd=true

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

87db7952f6b0c476eda69d55beacf9cd60f50f8f804ddd85311743856dc1f245

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.onenewspage.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Sun, 04 Sep 2022 14:10:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 342
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9502
x-xss-protection: 0
server: cafe
etag: 381710168485792314
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=3600
timing-allow-origin: *
expires: Sun, 04 Sep 2022 15:10:44 GMT

POST
H3 204 AGSKWxWVX2ttyUfCvX5UtupOVfo24aVnGP6r0rX5piJ1w4YwPb8FbYzoKDH5J4Qds2fx8H4kbD1g2oxWCVTdMR2kWSp9G0Xb0pfIXRh0Gsv6WkAVKXQGYzHDg4SwBs5G1n5PYCRJf77rYw== Show response
fundingchoicesmessages.google.com/el/ 0
28 B 34ms
34ms XHR
text/html 2a00:1450:4001:827::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxWVX2ttyUfCvX5UtupOVfo24aVnGP6r0rX5piJ1w4YwPb8FbYzoKDH5J4Qds2fx8H4kbD1g2oxWCVTdMR2kWSp9G0Xb0pfIXRh0Gsv6WkAVKXQGYzHDg4SwBs5G1n5PYCRJf77rYw==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-WKGMU9ppUhEUA1UUpCERRA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.onenewspage.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
Content-Type: text/plain

Response headers

date: Sun, 04 Sep 2022 14:16:26 GMT
x-content-type-options: nosniff
access-control-allow-origin: https://www.onenewspage.com
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
pragma: no-cache
server: ESF
cross-origin-opener-policy: same-origin
x-frame-options: SAMEORIGIN
access-control-max-age: 86400
access-control-allow-methods: POST, GET, OPTIONS
content-type: text/html; charset=utf-8
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-platform=*, ch-ua-platform-version=*
content-security-policy: script-src 'report-sample' 'nonce-WKGMU9ppUhEUA1UUpCERRA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
expires: Mon, 01 Jan 1990 00:00:00 GMT

POST
H3 204 AGSKWxWVX2ttyUfCvX5UtupOVfo24aVnGP6r0rX5piJ1w4YwPb8FbYzoKDH5J4Qds2fx8H4kbD1g2oxWCVTdMR2kWSp9G0Xb0pfIXRh0Gsv6WkAVKXQGYzHDg4SwBs5G1n5PYCRJf77rYw== Show response
fundingchoicesmessages.google.com/el/ 0
28 B 33ms
33ms XHR
text/html 2a00:1450:4001:827::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxWVX2ttyUfCvX5UtupOVfo24aVnGP6r0rX5piJ1w4YwPb8FbYzoKDH5J4Qds2fx8H4kbD1g2oxWCVTdMR2kWSp9G0Xb0pfIXRh0Gsv6WkAVKXQGYzHDg4SwBs5G1n5PYCRJf77rYw==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-sVrjKpngEXnAd4JUz4T-VA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.onenewspage.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
Content-Type: text/plain

Response headers

date: Sun, 04 Sep 2022 14:16:26 GMT
x-content-type-options: nosniff
access-control-allow-origin: https://www.onenewspage.com
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
pragma: no-cache
server: ESF
cross-origin-opener-policy: same-origin
x-frame-options: SAMEORIGIN
access-control-max-age: 86400
access-control-allow-methods: POST, GET, OPTIONS
content-type: text/html; charset=utf-8
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-platform=*, ch-ua-platform-version=*
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-sVrjKpngEXnAd4JUz4T-VA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
expires: Mon, 01 Jan 1990 00:00:00 GMT

POST
H3 204 AGSKWxWVX2ttyUfCvX5UtupOVfo24aVnGP6r0rX5piJ1w4YwPb8FbYzoKDH5J4Qds2fx8H4kbD1g2oxWCVTdMR2kWSp9G0Xb0pfIXRh0Gsv6WkAVKXQGYzHDg4SwBs5G1n5PYCRJf77rYw== Show response
fundingchoicesmessages.google.com/el/ 0
29 B 32ms
32ms XHR
text/html 2a00:1450:4001:827::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxWVX2ttyUfCvX5UtupOVfo24aVnGP6r0rX5piJ1w4YwPb8FbYzoKDH5J4Qds2fx8H4kbD1g2oxWCVTdMR2kWSp9G0Xb0pfIXRh0Gsv6WkAVKXQGYzHDg4SwBs5G1n5PYCRJf77rYw==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-aIm1zBgvcr02FTXjOni-Hg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.onenewspage.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
Content-Type: text/plain

Response headers

date: Sun, 04 Sep 2022 14:16:26 GMT
access-control-allow-methods: POST, GET, OPTIONS
x-content-type-options: nosniff
access-control-allow-origin: https://www.onenewspage.com
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
pragma: no-cache
server: ESF
cross-origin-opener-policy: same-origin; report-to="ContributorLoggingHttp"
x-frame-options: SAMEORIGIN
access-control-max-age: 86400
report-to: {"group":"ContributorLoggingHttp","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ContributorLoggingHttp/external"}]}
content-type: text/html; charset=utf-8
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-platform=*, ch-ua-platform-version=*
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-aIm1zBgvcr02FTXjOni-Hg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
expires: Mon, 01 Jan 1990 00:00:00 GMT

POST
H3 204 AGSKWxWVX2ttyUfCvX5UtupOVfo24aVnGP6r0rX5piJ1w4YwPb8FbYzoKDH5J4Qds2fx8H4kbD1g2oxWCVTdMR2kWSp9G0Xb0pfIXRh0Gsv6WkAVKXQGYzHDg4SwBs5G1n5PYCRJf77rYw== Show response
fundingchoicesmessages.google.com/el/ 0
29 B 34ms
34ms XHR
text/html 2a00:1450:4001:827::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxWVX2ttyUfCvX5UtupOVfo24aVnGP6r0rX5piJ1w4YwPb8FbYzoKDH5J4Qds2fx8H4kbD1g2oxWCVTdMR2kWSp9G0Xb0pfIXRh0Gsv6WkAVKXQGYzHDg4SwBs5G1n5PYCRJf77rYw==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-rEOoKDeXgXGfFXO3OQEmKA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.onenewspage.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
Content-Type: text/plain

Response headers

date: Sun, 04 Sep 2022 14:16:26 GMT
access-control-allow-methods: POST, GET, OPTIONS
x-content-type-options: nosniff
access-control-allow-origin: https://www.onenewspage.com
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
pragma: no-cache
server: ESF
cross-origin-opener-policy: same-origin; report-to="ContributorLoggingHttp"
x-frame-options: SAMEORIGIN
access-control-max-age: 86400
report-to: {"group":"ContributorLoggingHttp","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ContributorLoggingHttp/external"}]}
content-type: text/html; charset=utf-8
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-platform=*, ch-ua-platform-version=*
content-security-policy: script-src 'report-sample' 'nonce-rEOoKDeXgXGfFXO3OQEmKA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 AGSKWxW9aQnq_gflKfrdpip4UnUn0d3naUWJNAtQZvC0wwIZFkwg6PHR9uuDryObOLOz5Lsiq_BQbhKtM6LRhravfYCoKRlA1gLksTUFkLJnwcDShJMwFmWYX_j4UBdyBlXC8NPyxEA9yQ== Show response
fundingchoicesmessages.google.com/f/ 3 KB
2 KB 46ms
45ms Script
application/javascript 2a00:1450:4001:827::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/f/AGSKWxW9aQnq_gflKfrdpip4UnUn0d3naUWJNAtQZvC0wwIZFkwg6PHR9uuDryObOLOz5Lsiq_BQbhKtM6LRhravfYCoKRlA1gLksTUFkLJnwcDShJMwFmWYX_j4UBdyBlXC8NPyxEA9yQ==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNjYyMzAwOTg2LDYyOTAwMDAwMF0sbnVsbCxudWxsLG51bGwsW251bGwsWzcsMTAsNl0sbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLDEsMSxudWxsLG51bGwsMV0sImh0dHBzOi8vd3d3Lm9uZW5ld3NwYWdlLmNvbS92aWRlby8yMDIyMDgwNi8xNDcyOTA4My9NYXgtSWdhbi1TaGlmdC1pcy1IYXBwZW5pbmchLmh0bSIsbnVsbCxbXV0

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

ed05971a38adba61ff8bb8e7a29a6092d3f6a07e45f23ff3b015bacfe8847870

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-okm286p2fEC8ckQiemzSog' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.onenewspage.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Sun, 04 Sep 2022 14:16:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
pragma: no-cache
server: ESF
cross-origin-opener-policy: same-origin; report-to="ContributorGlobalRouterHttp"
x-frame-options: SAMEORIGIN
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
report-to: {"group":"ContributorGlobalRouterHttp","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ContributorGlobalRouterHttp/external"}]}
content-type: application/javascript; charset=utf-8
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-platform=*, ch-ua-platform-version=*
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-okm286p2fEC8ckQiemzSog' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
expires: Mon, 01 Jan 1990 00:00:00 GMT

POST
H3 204 AGSKWxVqE0X9gvQHzvHV5bfqcMw5o65D2r4BIcK4KwtRlgnlUIzQ7YSgE014DII-zMYN4M3O93xaLn7_DU-2szAy1nuODSNY7gnZVEvHpMBHmXCu6w32OsiSxjYN6BlHtJm0kjXv5mkvdg== Show response
fundingchoicesmessages.google.com/el/ 0
29 B 34ms
33ms XHR
text/html 2a00:1450:4001:827::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxVqE0X9gvQHzvHV5bfqcMw5o65D2r4BIcK4KwtRlgnlUIzQ7YSgE014DII-zMYN4M3O93xaLn7_DU-2szAy1nuODSNY7gnZVEvHpMBHmXCu6w32OsiSxjYN6BlHtJm0kjXv5mkvdg==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-a6hUzmLNN2U-AkdfUk68XQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.onenewspage.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
Content-Type: text/plain

Response headers

date: Sun, 04 Sep 2022 14:16:26 GMT
access-control-allow-methods: POST, GET, OPTIONS
x-content-type-options: nosniff
access-control-allow-origin: https://www.onenewspage.com
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
pragma: no-cache
server: ESF
cross-origin-opener-policy: same-origin; report-to="ContributorLoggingHttp"
x-frame-options: SAMEORIGIN
access-control-max-age: 86400
report-to: {"group":"ContributorLoggingHttp","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ContributorLoggingHttp/external"}]}
content-type: text/html; charset=utf-8
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-platform=*, ch-ua-platform-version=*
content-security-policy: script-src 'report-sample' 'nonce-a6hUzmLNN2U-AkdfUk68XQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 132ms
131ms Image
text/html 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20220831&jk=1489802935848688&bg=!Q0ClQATNAAZTikH4c4o7ACkAdvg8WuvqD4zoKenTpOAM2JADJcwB7UNg5pHYq73FyCr03OOkKXyF_QIAAABeUgAAAAloAQcKAL3Ip5YhzzQrjAAEqMkz7J2kJrHUvXwU8OBBMmc47AUCIA66y4WscR5gFPe1sbtC4oF4KmFoCEOGRDrHZ-KI2GQgjZf7fBjcRMg-Bf1YES3OrHyhDW6zV6Asos_Vz0MZPjnPUgPUyEvabe9AEovPzfeajmkrXatn6ELRzKieBCNHBT59gVGMlhIaY37P2pJmPsAVGzkcxJCIGoSn0lQKSYr2NxtlmOn4y3-PP7NHHwssLknRBksjepvzmMUFxfyZArTOw3Lko8mp6_ZAf9YepL5DDzyELdZRYS0px_m6q7b7psPii29-EGmNGIy48GPnpvwJGvKiI_hUwM2BnY8Kt3bfBgMqIRkPRl5oNOx_J0du0AUW6sdOjU1YeQy8wIfeDOr_yIp8G6uW2JqpU3n0wjCi_jdy1fgBCwB9z0aQFt42Jto7EWR4w-oQGffzQNh7CXPSe09fptor4h5d_6YETqrTfTvl1rubq6rXmc23AduG1___1lFcr8g9RETJPXd0bx38Tl3YLU3IYOjw2DFFYjWISWoVTTOjCpzeKcrMTJcReuut0Yv4Twbq6Mno_S-2ma7_usLCM8ejAbfzg1ebdwjibwCDuVpeEu3MjlNwpB0aFvr6zTnwP_y-eFjx5meMV98goyV3c664_8eLiJ5OBuCokO4BMlcg_HBtcYPaIEbn1ecRzPJGDmH6KgFTHvwmD2o4bq5K9Yga0PmBEOa6goTWD7wSz0Q9hcPeLPCj8F-HfgeGG_hqSnYmvJQ1GK2QN08Ku6--ZMWnxa-JycyJcrvJ32qEbtmejcIGTKDoWeT7jEJGJoPwQB0OzpDhZMrHxwqppr3SVSW6vHAnn_s_OG0R064trJDCGwwd9rZLatmlnE2n4O84bG2HrhkFtKX0GAdnUigfch51W1pioRu5D02bsL7516b_Fq7B0hLPiip9IDlIAWwghbp3V6X7bfUViusE0fHRCnz-9rKcbyEK95_o5xwCPx13AB353bTtcfpP4vekZwV9zLn028nM44RApNcDUIzLsh6bNYSLsjFg7e5UjG_Vhoopylxj4OYEjzLlsJ-5T8OhdUzjhWgG_HH1i8zZiWP3Sgz8BZhwCZTqjOI_PakGDw8nfm9p_ow46F0kknz4fYc6wBDJkK7cn9fvzbVwpLb1BuCl50uEQI7-SijEXEpSgw
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.onenewspage.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

POST
H2 200 VideoBidRequestHandlerServlet Show response
wf.taboola.com/ 1 KB
775 B 158ms
158ms XHR
application/json 151.101.65.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://wf.taboola.com/VideoBidRequestHandlerServlet?oid=15&width=311&height=174&pubid=169497&tagid=953497&crid=5895835&noaop=5&sortOrderType=0&cb=1662300990413&mimes=5,10,11,12&isvideo=0&plmd=2&mindur=1&maxdur=210&minbr=1&maxbr=10000&st=0&seq=2&pv=1477&pt=-779367554&tz=0&viewable=true&ddast=V7m6gCFgOnWK7GEN8VrwSnWK7GEN8VrwUAAAAGBuIHJDgZrgYj32itsRgXa9FyslkrF57FWjharFzGhWc2nLmMQCIzy2o4HG7WuuVu5RbNfCu3crWyrWW-iXHmmLlmC4dzCg3E8nxNf8Nb9jS5_G6gQtPp8Lnu9brf7663u-wu3-fw8LnsGr_bL3uaXH6_ZDCZDIaD2V4x2k2Wg-Fmr2YY30qew-7WFJ0201vpeQsZhsPL7rT7HHKh6W0HAAAAgAeALPtNiB9AAIAIAAAAAAkAAAAAioCKfwuBCwAAAAAMgAOZJA0AKI6Ddt09p5flHwAADw8gAAACGCQABIL7JQAj1j0nAAAAAAAAAAAs_____zED8v77MgP3Xpc9AA8-AA9EBaNFjAAAAACCNxwUjiZ1QmVRBQBAkG4FcAUAEDCIwE0hFwYAAEAwtkAPi99vdtg1frfLAAAAAAAAAADM_s_-0YSerhXSgOhR7NV-AQEA1n4BAQDYwg0A4E0ALugIWjEYrC4gZgcAAABw9____68HkpuFwzBbDQe7lWtkmjmXK89yZJmNVqPRcjjZmLzHRDtlK5G77NTXQCzP1_Q3vGVPk8tvvwlbjFaTyWY5nC0Xk8FwNByN9jcQg9UAJ2KwXE4mi8luNVqNNsPdaDZYoEAMJkjRosFkNRpNFpPhajRZzZaL3W6DFK1azUabwXA1m8x2u9VwMFyORjhhi9FqMtksh7PlYjIYjoaj0RBhZLEa-WY241rlsdjcosXEshaubI61YDXYTDYe02qwsa1Fr4_pYVh5hhPjFgUDpvYiuEgnervL7vJ9Dg-fy623u-wu3-fw8LksYonmZJFOZJd9c7NwGGar4WC3co1MM-dy5VmOLLPRajRaDicbk7-yWI18M5txrfJYbG7RYmJZC1c2x1qwGmwmG49pNdjY1qLXx_QwrDzDiXHfmM0mm8FgORztG7PZZDMYLIejfYfO8F19zkZjTnTx6Dy2cc3wvTkMCpfB4v1JTItpd3bw_H5Hp079UhZ1RuHle_QaFJ6DRzW8Lpfh6XHxbf4MCsfBoIglgtNFOpE9TS6_RSyRPC3SiXK2GXk2tuHEtpt5HJ6VyeacOTwL18gx2Fg8M-NELFGaLtKJXvY0ufx-yWAyGQwHs71itJssB8PNXu0wvpU-h92tOTptprfS8xY6DIeX3Wn3OeRC09ui_iNDLDdzyW6uGM0Vg1UCAAAAAAAAAFjCnHkTAAAAgNNAlqvZbrVcgAgWKt2f1a-sLCr1tt38PHTPjzJ76eLGjy_e7rK7fJ_Dw-dy6-0uu8v3OTx8LisDRKSAMW_2TBBrtVrWAAAAAtgAAAAB3Lp5Cwiz5PaBqCzNzMzMzPgJcLNaDA!&proto=2,3,5,6&encoded=1&pstn=vforce2&callback=&wfv=1&amp=0&qsz=7&ft=0&pb=0&pagg=1&sd=undefined&ctsldr=0&dtagid=2348605&dpubid=295675&abtst=Noappq22_vC!inc_all_video_vA!t45!tvrReverse1_vB!ufm_vA&mPre=0.033&cirf=https%3A%2F%2Fwww.onenewspage.com&en=1
Requested by: Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/lite-unit/3.9.2/UnitWidgetItemDesktop.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: becc5b70362a71d6951f71eceaff9fd3a89fce23f8e4885d00be7371860c102a

Request headers

Referer: https://www.onenewspage.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
Content-type: text/plain

Response headers

date: Sun, 04 Sep 2022 14:16:30 GMT
content-encoding: gzip
access-control-allow-origin: https://www.onenewspage.com
machineid: 1406
x-cache: MISS
x-cache-hits: 0
x-served-by: cache-cdg20753-CDG
pragma: no-cache
server: nginx
x-timer: S1662300990.431544,VS0,VE134
vary: Accept-Encoding
content-type: application/json;charset=utf-8
via: 1.1 varnish
cache-control: no-cache,must-revalidate,no-store,max-age=0,s-maxage=0
access-control-allow-credentials: true
accept-ranges: bytes
expires: Sat, 26 Jul 1997 05:00:00 GMT

POST
H2 204 perf
am-trc-events.taboola.com/onenewspage-onenewspage/log/3/ 0
249 B 27ms
24ms Ping
text/plain 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://am-trc-events.taboola.com/onenewspage-onenewspage/log/3/perf?route=AM%3AAM%3AV&lti=html_metrics_3_ctrl
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20220901-18-RELEASE.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.onenewspage.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: https://www.onenewspage.com
pragma: no-cache
date: Sun, 04 Sep 2022 14:16:33 GMT
cache-control: no-cache
access-control-allow-credentials: true
server: nginx
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"

Verdicts & Comments Add Verdict or Comment

138 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

16 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.onenewspage.com/	1970-01-20 15:21:00	Name: _ga_0L9G5WJY4J Value: GS1.1.1662300983.1.0.1662300983.60.0.0
.onenewspage.com/	1970-01-20 15:21:00	Name: _ga Value: GA1.2.1952181317.1662300983
.onenewspage.com/	1970-01-20 05:46:27	Name: _gid Value: GA1.2.731355968.1662300983
.onenewspage.com/	1970-01-20 05:45:01	Name: _gat_gtag_UA_3293590_3 Value: 1
.onenewspage.com/	1970-01-20 05:45:02	Name: __cf_bm Value: d7iNOvKbjE1TV9B1kGcImM5dC4sw0zNy_7t0.7x406M-1662300984-0-AWm3vrAYjeBxhlfRo9aK2yq6jxIFiDwsZagteVIea/5RCR0HWo3ov+cIXdQBLOxS83brhoTJO0J2tY8Qw30OUvXjU9DJWpgp0F9naURA9J+D8AfkDrnLpt74t2u0UR91CA==
.rumble.com/	1970-01-20 15:21:00	Name: _ga Value: GA1.2.1330484580.1662300984
.rumble.com/	1970-01-20 05:46:27	Name: _gid Value: GA1.2.1804985715.1662300984
.rumble.com/	1970-01-20 05:45:01	Name: _gat_rumble Value: 1
www.onenewspage.com/	1970-01-20 14:30:36	Name: trc_cookie_storage Value: taboola%2520global%253Auser-id%3D215d7ff8-ecbf-41b2-8ef1-05032cc450c6-tucta0e38b8
.onenewspage.com/	1970-01-20 15:06:36	Name: __gads Value: ID=fa674d59c2ce72f0-22d8b93111ce00d2:T=1662300984:RT=1662300984:S=ALNI_MZyb9YRBs51CR0ULLQOhGOfiKgeRg
.doubleclick.net/	1970-01-20 15:06:36	Name: IDE Value: AHWqTUnZl1lhFoAAy74ZYhONbASt76Oa3Qr66dCrzP90KvZ44cQi9ZhMkU8lQdFwXHc
.doubleclick.net/	1970-01-20 05:45:01	Name: test_cookie Value: CheckForPermission
.analytics.yahoo.com/	1970-01-20 14:30:36	Name: IDSYNC Value: 195y~26z2
.yahoo.com/	1970-01-20 14:30:58	Name: A3 Value: d=AQABBDmzFGMCENNRadiVwov_g-3u6Wr3XjYFEgEBAQEEFmMeYwAAAAAA_eMAAA&S=AQAAAq80BOTrlub6hi3cMBMMaNM
.spotxchange.com/	1970-01-20 06:25:20	Name: audience Value: 28f3c2e2-2c5c-11ed-8180-1bf9ad920206
.onenewspage.com/	1970-01-20 14:30:36	Name: FCNEC Value: [["AKsRol_5QujLWJmfjQjeotzv0VeslYfzlH0nAxlOe4TsEjN_Zxf7wS0gvx564NVrYFYsD8_q3Duyv2bm2XwfyUca4evj6qckEM2bjmqM15exKuno2TZDGUstt-quCYoHcCbugzwl772k6lqib9QzvMAbnbtTPf2J1Q=="],null,[]]

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Frame-Options	DENY

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

15.taboola.com
adservice.google.com
adservice.google.de
am-match.taboola.com
am-trc-events.taboola.com
am-vid-events.taboola.com
cdn.taboola.com
fonts.googleapis.com
fonts.gstatic.com
fundingchoicesmessages.google.com
googleads.g.doubleclick.net
images.taboola.com
imasdk.googleapis.com
imprammp.taboola.com
match.adsrvr.org
pagead2.googlesyndication.com
partner.googleadservices.com
region1.analytics.google.com
rumble.com
s0.2mdn.net
sb.scorecardresearch.com
sp.rmbl.ws
static.cloudflareinsights.com
stats.g.doubleclick.net
sync-t1.taboola.com
sync.search.spotxchange.com
sync.taboola.com
taboola-supply-partners.tremorhub.com
tpc.googlesyndication.com
trc-events.taboola.com
trc.taboola.com
ups.analytics.yahoo.com
video.newsserve.net
vidstat.taboola.com
vidstatb.taboola.com
wf.taboola.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
www.onenewspage.com
x.bidswitch.net
13.32.121.37
141.226.228.48
142.250.181.226
15.197.193.217
151.101.65.44
151.139.128.11
172.98.59.21
18.156.0.31
185.94.180.126
2001:4860:4802:34::36
2600:1f18:612b:4264:562f:45f1:d263:2a9f
2606:4700:3032::6815:5c0f
2606:4700:3033::ac43:938a
2606:4700:440e::6812:2fe6
2a00:1450:4001:800::2002
2a00:1450:4001:803::2002
2a00:1450:4001:803::2003
2a00:1450:4001:80b::2002
2a00:1450:4001:80e::2001
2a00:1450:4001:80e::200a
2a00:1450:4001:80f::2003
2a00:1450:4001:810::2002
2a00:1450:4001:812::2003
2a00:1450:4001:812::200a
2a00:1450:4001:812::200e
2a00:1450:4001:827::200e
2a00:1450:4001:82a::2002
2a00:1450:4001:82f::2008
2a00:1450:4001:831::2004
2a00:1450:4001:831::2006
2a00:1450:400c:c07::9d
52.57.12.251
0176092cab47e7b4a4998bfdaec0ebd46f9d93eed1e932a02aff6987834ea2ac
0407dafc112212a135d1aa4dd9b40ba0208c6bb6b1959f5535af093254189d66
0949d7c871a48d5a4d1f5a86b4bb4bfd7f37958653a02009a8260028a4f87867
0a0113be1c9721892c8e956e64e882598645af74cd89c02dcfa86c8d854c1c24
0be502b9446e16b338d36ccadac232f4a68ab74655f98fec415ccdbbccbf5729
0e39772fd4ab2ea007f5b93277960107e5a96696c53eef90c6e694e556ff5c26
0e5cc0e72c3b89f5345e3e04ae5db4fbcb91daff763a05f6fbc1d0783f90918d
21e4b36c8ff9685816c32854027a548a59af9ab7f1dc33fc3893dc5be1b0f87e
224b545c48a4d06757fc2d20f7b7164c5ec65153767650a7aed54b210423c6b2
24302eeb5b736bcc9f610299a37ac5dcf7e5b4c11591489fe9ad89f1533bd09b
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df
2c30eaf6a99cbfc3f723d1b7becf6c5617e7c9b4f11b8ab3fae76dfb8adfdd79
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
376dd78b0a9611070abca5b4dca8c5497cc263a969779273d20c3ee9a1d01711
380c8dd7c2b23d5b7572ed28bb68013004e8b81fd50a43c631475afb9760f5c8
3b1e0babe6e6f4b6c2667285f60b4b4d2a13233d5cbc3fa3ea9491515808305d
3c276a9c094495f11466b5aaedf043dc9f54d8ef3499941df8317880ee036699
3e416550cf9fb839b9e0ebe347e37275729bba4509b3f8eba626dc4d24188108
3ebd5678eab937997f10ae8df14e4e4a457dc99f02c972e2ae3615d4d0a82cec
4052bdc457a2ebf44a0671f11a91ef88f3b70ddfc706b5ae289365877dfd7d75
442dcd88f4bdc4ece55828688a60c1030764879891ce11b362667cf71ddac127
44eefef34507164f4234b958d8f6906488a2521071379498041568bae9499b2e
4651ba21a63c750036ab727c39e79f9a4aa5766b1a9fb2c785a45e9b5f4ec55b
4a6fab14bfe7b33fe5dc5349a2bb3720037e0ed7ebe621b352340f9514d83c08
4cf6f3dffbc65f9231255bf31f40ddc84a45bc57428b41d6786afc7153b90b7a
505d9b3074db90b6fcd6d986967a191e500ffd37d8ef0f3d76d6800d581613f6
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
55ec61416209045ce56677b61465117ccb08f44f8f4b848a6ee49c3f53ef4122
5629aebfa220435bc1b51a9b18af8d487cc13e3892ea459b64a0186af6ca64ea
57000ea03bfb53734d0858b8fe992e6742226f23f311eb0f9d2177e2a84a5621
5e73d17e5fe7f221c967e002f8ca63713e1552d5cf4bb7fb3b525948f05b75b7
613603afe8c5203c59d7f9df1cbac87109df7ffdf245fd20becfa6bd95b92155
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
62b94db65072277cbe04a753e028c7f9e9c9ebfccf8eea12b7037d9ef5096381
632d07eedff2c41430cd3be28e3a57fc192468a60abedcd5a22e1391c7415101
66447cfc636542b4acdb280f4d41993dd18718ba71c208ef9b74f24ca508353d
6c7e019de017ab41b74f5183b07e22ae7f768d120e5826ab682c745e70a31a88
738465a35668cea4cf13644bbaf6eeb18dfe494d6941a242d138ee87280c8a9c
749c0ea61f6f22a29c9179b30569ddf83673e775f3d04f0f18faafa2ffc4ada6
751a66a488dc5a86880b2bbd5e8a4d730e99db3e4fd72d77324fffcaf4e82f35
79c599dd760cec0c1621a1af49d9a2a49da5d45e1b37d4575bace0a5e0226582
7d73df125b6991b7a8b208099692eca05b549d0fb7ad9546fe3823749ca6fbaf
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
84c692f5b218c59f2066d6a392f426aa7862a0f573a24835d95edca6d26fd4d6
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
86be52bdb7547413cafb3ed175a806a798c65de98b40849e0b974c47d187de65
87db7952f6b0c476eda69d55beacf9cd60f50f8f804ddd85311743856dc1f245
8a5dc38cec076d349128944270877cc436cf084bb9ea8130ad55a644c40b35f5
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
8ae91721d9c9feee4e3e1d0f7cbd076d386a3089dbdd44e52ea0445f2de4b6bc
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
8e5222350bd22079ba76a819e20ccea6be4235110a4b8cebd33564fdda18cab7
90252ef0aa9e3d36c861bbeaa1bd57b7f855333edf2957ab9473838a52e2dd7f
981c0bff12cb03203363a70e8ffe9b7fdf4af3b0b10c7a02a639eb13327574c0
9e9caa35261591338460d1ce140a0f6807ba8eab9c7056ca6b239a6e6c4a3614
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a111570f7b52650f56ea88bde2a636f2cdc5159442a92c43c798ae88d07d1dde
a12a50065cb1838c2e3178ff9ae6e9c6b6306c45c9e580427cba477f0fd40585
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a53c43f834b32309b084ea9314df8307e9c78cee2202c6e07f216ae4ae5b704d
ad4c23e8782e5720780823209df28a9f8f7c6e6ad55b478cab6ddc387a2d6d38
ad6ddedc5b8923c00ee689345ce8d18638b36f58b7200774d8adb8f49377d88b
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
b45b1f54443f399081dcd0e2011ccffbc68bce9e7d631da57fcb71c5cc49d3a1
b4da6bbaea4f040947644ef2b15d28437e461623399ccfdcf3747a790c9a6040
becc5b70362a71d6951f71eceaff9fd3a89fce23f8e4885d00be7371860c102a
c25d9ac04c763de9528cd0a6774fa77fbd3541b7468604e3b47e507bcb7a725c
c67ee99bd0e49d9c71dbc05ce1dd6e91d61aaa4f39eb51a282277242070eb1b2
c74210c6fbbed7af7c82b7d3277e3fb39a4cb0237b4e5e5da2229a7e78803ba4
c7d4e24937bd1729e639ec6f1f9cc2789d2cb9d20cea69247fb02f87ff58d3b0
ca3cd09c654dda72c31b5c668675220794bce187289eca46873eaf38d505f3f6
ca5ddc59a0cf97b651c6840f2a5a532be4bd502e3aa1cf168253ef3fb3c43fc2
ccc44a513e2cbb17b310523bd0ce8ed05b4210de34a9dca4156881aba60dd66c
cee951f16e0c0a2483c94e07da6adfd3b4549ce3279979a6c9c054b4f4d7c1cf
d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54
d14b13ba1a41f52c612003fe16d2235f5db502804483147f22d47536968bce2f
d1afde4119681731d643192853bbbcb8e251ad415d364de687ebf8072781837d
d379fe32aecadb2984eda4618b35dc0e0aa9ddee71a5bdad44388b535f63320d
d4465cdc982cccbc22aff9ea594e01829c763695b45fdf9a12c2858f7d58f68f
d47de24627977982d10fe40cbbb0ae15a4620c460799aa82da8a7408dc382ed3
d7779d95203bed5280ee3281f856607f95ac5df680547356656c7109d7d0a6a6
dc3c4438932c08049825bbbfb17a850a1103187658f5bb7f5e6f3a80a2f91d3d
de317176fa6b64a8e89bbd45d20b6be2560bbfa96e7e53e63eb754e18bfe6c1f
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
e0be1d222e2e367ac5106f4aee4830c3de18af1d266f8cde53915e11e8b01bfd
e12e6dd6cbf8d13a7d08527e8225b11080ba3bf50f1118de59a9ce20f4a34784
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e851345505ee432c9397d60e5d91929ab4e5921f75c91f359b0939a879304b7a
e9387b3291b43f880a8ea516dc697287c61574c6b49c4529ee3217bf0cad18f1
e9bca797e35294210a471d8fedbcb73598cecbdb14fc19b93eae0f1b5ccffdf5
ed05971a38adba61ff8bb8e7a29a6092d3f6a07e45f23ff3b015bacfe8847870
ee54b51af15f1f68f707da981f3c135c249a25e9293871e1e0cbd2c24c7b6117
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
eff7537d68a9d0433d28c120c35ed2b8e55f1d9b0f47d595d8098ccf75bf0ce7
f42c11edae05ec91eb4ead37ff76211850c8dc5b4a53668aa3473f9717094e16
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
f68019eb4b4e5933301d4ee75969e0cb94ed8333bf514630fa749eb9c3e483c9
f75911313e1c7802c23345ab57e754d87801581706780c993fb23ff4e0fe62ef
f7cda432fd42a7521a36ef8ea1cf96b14d1049e16f25c32d9fb78d71113267c1
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d
f8443fb133c418ee6d289e9154925030671535863e05229b9e4e8274f8d0685b
fd0a1ac929c11b08e819fe4b0a18c5574012c44f09de8987c6be99a0f055a505
fe710309411d02b1e3b754d38e786ed8b4242c38f200c00bf931ff0f53665922

www.onenewspage.com Open in urlscan Pro 2606:4700:3033::ac43:938a Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

170 Requests

96 %HTTPS

69 %IPv6

23 Domains

44 Subdomains

31 IPs

5 Countries

2624 kBTransfer

13360 kBSize

16 Cookies

20 Outgoing links

Redirected requests

170 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 6 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

www.onenewspage.com Open in urlscan Pro
2606:4700:3033::ac43:938a Public Scan

Screenshot
Live screenshot

Full Image

170
Requests

96 %
HTTPS

69 %
IPv6

23
Domains

44
Subdomains

31
IPs

5
Countries

2624 kB
Transfer

13360 kB
Size

16
Cookies

170 HTTP transactions
6 data transactions