www.halqat.news Open in urlscan Pro
2606:4700:3037::ac43:ccfb Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://www.halqat.news/read331/?rand&hash=2LPZitix2YHYsSAxID0__IGh0dHBzOi8vdi5hZmxhbS5uZXdzL2VtYmVkLWplbDFqbTVldXZyOS5o...
Effective URL:
https://www.halqat.news/read331/38.php?hash=2LPZitix2YHYsSAxID0__IGh0dHBzOi8vdi5hZmxhbS5uZXdzL2VtYmVkLWplbDFqbTVldXZyOS5...
Submission: On March 16 via manual (March 16th 2023, 1:23:43 pm UTC) from IL — Scanned from DE

Summary HTTP 139 Redirects Behaviour Indicators

Summary

This website contacted 43 IPs in 8 countries across 31 domains to perform 139 HTTP transactions. The main IP is 2606:4700:3037::ac43:ccfb, located in United States and belongs to CLOUDFLARENET, US. The main domain is www.halqat.news.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on March 2nd 2023. Valid for: a year.

This is the only time www.halqat.news was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 9	2606:4700:303... 2606:4700:3037::ac43:ccfb	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:812::200a	15169 (GOOGLE) (GOOGLE)
1	205.185.216.10 205.185.216.10	20446 (STACKPATH...) (STACKPATH-CDN)
1	2a02:26f0:350... 2a02:26f0:3500:c::5c7b:680c	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
3	2a00:1450:400... 2a00:1450:4001:813::200a	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:801::2003	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:82f::2002	15169 (GOOGLE) (GOOGLE)
6	2a00:1450:400... 2a00:1450:4001:802::2002	15169 (GOOGLE) (GOOGLE)
2	69.16.175.42 69.16.175.42	20446 (STACKPATH...) (STACKPATH-CDN)
2	69.16.175.10 69.16.175.10	20446 (STACKPATH...) (STACKPATH-CDN)
2	52.200.140.242 52.200.140.242	14618 (AMAZON-AES) (AMAZON-AES)
1	2a00:1450:400... 2a00:1450:4001:828::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:829::2002	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:831::2001	15169 (GOOGLE) (GOOGLE)
1	141.95.4.196 141.95.4.196	16276 (OVH) (OVH)
1	54.164.120.100 54.164.120.100	14618 (AMAZON-AES) (AMAZON-AES)
26	2a00:1450:400... 2a00:1450:4001:811::2002	15169 (GOOGLE) (GOOGLE)
16	2a00:1450:400... 2a00:1450:4001:811::2001	15169 (GOOGLE) (GOOGLE)
1 2	2a00:1450:400... 2a00:1450:4001:806::2004	15169 (GOOGLE) (GOOGLE)
1	23.35.236.201 23.35.236.201	16625 (AKAMAI-AS) (AKAMAI-AS)
1	3.71.149.231 3.71.149.231	16509 (AMAZON-02) (AMAZON-02)
2 2	52.208.99.252 52.208.99.252	16509 (AMAZON-02) (AMAZON-02)
5	52.86.99.111 52.86.99.111	14618 (AMAZON-AES) (AMAZON-AES)
1 1	213.19.147.45 213.19.147.45	26120 (RHYTHMONE) (RHYTHMONE)
1	2603:c020:400... 2603:c020:400d:3000:bf17:cd18:9a23:846c	31898 (ORACLE-BM...) (ORACLE-BMC-31898)
1 1	198.148.27.139 198.148.27.139	19189 (PULSEPOINT) (PULSEPOINT)
1 2	2.16.238.19 2.16.238.19	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	54.196.150.187 54.196.150.187	14618 (AMAZON-AES) (AMAZON-AES)
2	2a02:6ea0:c70... 2a02:6ea0:c700::19	60068 (CDN77 ^_^) (CDN77 ^_^)
1 1	23.56.202.187 23.56.202.187	16625 (AKAMAI-AS) (AKAMAI-AS)
2	104.126.125.209 104.126.125.209	16625 (AKAMAI-AS) (AKAMAI-AS)
1 1	35.214.223.115 35.214.223.115	15169 (GOOGLE) (GOOGLE)
1	51.89.9.252 51.89.9.252	16276 (OVH) (OVH)
3	3.65.209.188 3.65.209.188	16509 (AMAZON-02) (AMAZON-02)
3	2a00:1450:400... 2a00:1450:4001:800::2003	15169 (GOOGLE) (GOOGLE)
1	198.47.127.19 198.47.127.19	3257 (GTT-BACKB...) (GTT-BACKBONE GTT)
6	2a00:1450:400... 2a00:1450:4001:827::2002	15169 (GOOGLE) (GOOGLE)
1	69.173.144.165 69.173.144.165	26667 (RUBICONPR...) (RUBICONPROJECT)
6 8	142.250.185.162 142.250.185.162	15169 (GOOGLE) (GOOGLE)
3 7	185.80.39.216 185.80.39.216	27381 (CASALE-MEDIA) (CASALE-MEDIA)
3 5	185.89.211.132 185.89.211.132	29990 (ASN-APPNEX) (ASN-APPNEX)
4	172.217.16.194 172.217.16.194	15169 (GOOGLE) (GOOGLE)
10	2a00:1450:400... 2a00:1450:4001:806::2006	15169 (GOOGLE) (GOOGLE)
1 2	37.157.4.24 37.157.4.24	198622 (ADFORM) (ADFORM)
1	69.173.144.138 69.173.144.138	26667 (RUBICONPR...) (RUBICONPROJECT)
1	35.227.252.103 35.227.252.103	15169 (GOOGLE) (GOOGLE)
1	54.82.181.0 54.82.181.0	() ()
139	43

9 2606:4700:3037::ac43:ccfb (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

www.halqat.news	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:812::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 205.185.216.10 (United States)

ASN20446 (STACKPATH-CDN, US)
PTR: map2.hwcdn.net

jscdn.greeter.me	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:3500:c::5c7b:680c (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

tg1.modoro360.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:813::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:801::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:82f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:802::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 69.16.175.42 (United States)

ASN20446 (STACKPATH-CDN, US)
PTR: hwcdn.net

feed.avplayer.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
player.aniview.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 69.16.175.10 (United States)

ASN20446 (STACKPATH-CDN, US)
PTR: tlb.hwcdn.net

player.avplayer.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
content1.avplayer.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.200.140.242 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-200-140-242.compute-1.amazonaws.com

servt.modoro360.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:828::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:829::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:831::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

a11d860c95e6036c7ad329cf125f7ca8.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 141.95.4.196 (France)

ASN16276 (OVH, FR)
PTR: ip196.ip-141-95-4.eu

storage.de.cloud.ovh.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.164.120.100 (United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-164-120-100.compute-1.amazonaws.com

serv.modoro360.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

26 2a00:1450:4001:811::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

16 2a00:1450:4001:811::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:806::2004 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.35.236.201 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-35-236-201.deploy.static.akamaitechnologies.com

ads.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.71.149.231 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-71-149-231.eu-central-1.compute.amazonaws.com

ups.analytics.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.208.99.252 (Dublin, Ireland) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-208-99-252.eu-west-1.compute.amazonaws.com

ad.360yield.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 52.86.99.111 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-86-99-111.compute-1.amazonaws.com

servs.modoro360.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 213.19.147.45 (Castricum, Netherlands) 1 redirects

ASN26120 (RHYTHMONE, US)

sync.1rx.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2603:c020:400d:3000:bf17:cd18:9a23:846c (Ashburn, United States)

ASN31898 (ORACLE-BMC-31898, US)

sync.technoratimedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 198.148.27.139 (New York, United States) 1 redirects

ASN19189 (PULSEPOINT, US)

bh.contextweb.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2.16.238.19 (Frankfurt am Main, Germany) 1 redirects

ASN20940 (AKAMAI-ASN1, NL)
PTR: a2-16-238-19.deploy.static.akamaitechnologies.com

ads.stickyadstv.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.196.150.187 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-196-150-187.compute-1.amazonaws.com

sync.aniview.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:6ea0:c700::19 (Frankfurt am Main, Germany)

ASN60068 (CDN77 ^_^, GB)

vid.vidoomy.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
vpaid.vidoomy.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.56.202.187 (Frankfurt am Main, Germany) 1 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a23-56-202-187.deploy.static.akamaitechnologies.com

secure-assets.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.126.125.209 (Haarlem, Netherlands)

ASN16625 (AKAMAI-AS, US)
PTR: a104-126-125-209.deploy.static.akamaitechnologies.com

eus.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.214.223.115 (Groningen, Netherlands) 1 redirects

ASN15169 (GOOGLE, US)
PTR: 115.223.214.35.bc.googleusercontent.com

csync.loopme.me	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 51.89.9.252 (London, United Kingdom)

ASN16276 (OVH, FR)
PTR: ip252.ip-51-89-9.eu

onetag-sys.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 3.65.209.188 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-65-209-188.eu-central-1.compute.amazonaws.com

x.bidswitch.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:800::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 198.47.127.19 (United States)

ASN3257 (GTT-BACKBONE GTT, US)

image6.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:827::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 69.173.144.165 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)

token.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 142.250.185.162 (United States) 6 redirects

ASN15169 (GOOGLE, US)
PTR: fra16s51-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 185.80.39.216 (Canada) 3 redirects

ASN27381 (CASALE-MEDIA, CA)

dsum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 185.89.211.132 (Frankfurt am Main, Germany) 3 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 961.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 172.217.16.194 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s65-in-f2.1e100.net

googleads4.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2a00:1450:4001:806::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

s0.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 37.157.4.24 (Denmark) 1 redirects

ASN198622 (ADFORM, DK)

track.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 69.173.144.138 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)

pixel.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.227.252.103 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 103.252.227.35.bc.googleusercontent.com

rtb.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.82.181.0 (None, )

ASN- ()

track1.aniview.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
46	googlesyndication.com a11d860c95e6036c7ad329cf125f7ca8.safeframe.googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 104 tpc.googlesyndication.com — Cisco Umbrella Rank: 134	267 KB
24	doubleclick.net 6 redirects securepubads.g.doubleclick.net — Cisco Umbrella Rank: 188 googleads.g.doubleclick.net — Cisco Umbrella Rank: 32 cm.g.doubleclick.net — Cisco Umbrella Rank: 210 googleads4.g.doubleclick.net — Cisco Umbrella Rank: 310	282 KB
10	2mdn.net s0.2mdn.net — Cisco Umbrella Rank: 272	104 KB
9	modoro360.com tg1.modoro360.com — Cisco Umbrella Rank: 140166 servt.modoro360.com — Cisco Umbrella Rank: 150482 serv.modoro360.com — Cisco Umbrella Rank: 176694 servs.modoro360.com — Cisco Umbrella Rank: 258191	13 KB
9	halqat.news 1 redirects www.halqat.news	34 KB
7	casalemedia.com 3 redirects dsum-sec.casalemedia.com — Cisco Umbrella Rank: 524	5 KB
5	adnxs.com 3 redirects ib.adnxs.com — Cisco Umbrella Rank: 214	5 KB
5	rubiconproject.com 1 redirects secure-assets.rubiconproject.com — Cisco Umbrella Rank: 939 eus.rubiconproject.com — Cisco Umbrella Rank: 526 token.rubiconproject.com — Cisco Umbrella Rank: 531 pixel.rubiconproject.com — Cisco Umbrella Rank: 317	12 KB
5	gstatic.com fonts.gstatic.com www.gstatic.com	50 KB
4	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 185	173 KB
4	googleapis.com ajax.googleapis.com — Cisco Umbrella Rank: 305 fonts.googleapis.com — Cisco Umbrella Rank: 34	36 KB
3	bidswitch.net x.bidswitch.net — Cisco Umbrella Rank: 285	436 B
3	aniview.com player.aniview.com — Cisco Umbrella Rank: 1994 sync.aniview.com — Cisco Umbrella Rank: 1964 track1.aniview.com	122 KB
3	google.com 1 redirects adservice.google.com — Cisco Umbrella Rank: 68 www.google.com — Cisco Umbrella Rank: 2	2 KB
3	avplayer.com feed.avplayer.com — Cisco Umbrella Rank: 22034 player.avplayer.com — Cisco Umbrella Rank: 14043 content1.avplayer.com — Cisco Umbrella Rank: 23716	78 KB
2	adform.net 1 redirects track.adform.net — Cisco Umbrella Rank: 3946	1 KB
2	vidoomy.com vid.vidoomy.com — Cisco Umbrella Rank: 2237 vpaid.vidoomy.com — Cisco Umbrella Rank: 3698	19 KB
2	stickyadstv.com 1 redirects ads.stickyadstv.com — Cisco Umbrella Rank: 617	1 KB
2	360yield.com 2 redirects ad.360yield.com — Cisco Umbrella Rank: 675	773 B
2	pubmatic.com ads.pubmatic.com — Cisco Umbrella Rank: 457 image6.pubmatic.com — Cisco Umbrella Rank: 717	6 KB
1	openx.net rtb.openx.net — Cisco Umbrella Rank: 1462	350 B
1	onetag-sys.com onetag-sys.com — Cisco Umbrella Rank: 706
1	loopme.me 1 redirects csync.loopme.me — Cisco Umbrella Rank: 857	315 B
1	contextweb.com 1 redirects bh.contextweb.com — Cisco Umbrella Rank: 547	665 B
1	technoratimedia.com sync.technoratimedia.com — Cisco Umbrella Rank: 1308
1	1rx.io 1 redirects sync.1rx.io — Cisco Umbrella Rank: 497	276 B
1	yahoo.com ups.analytics.yahoo.com — Cisco Umbrella Rank: 271
1	ovh.net storage.de.cloud.ovh.net — Cisco Umbrella Rank: 191182	15 KB
1	google.de adservice.google.de — Cisco Umbrella Rank: 8720	531 B
1	greeter.me jscdn.greeter.me — Cisco Umbrella Rank: 145702	7 KB
0	Failed function sub() { [native code] }. Failed
139	31

	Domain	Requested by
26	pagead2.googlesyndication.com	securepubads.g.doubleclick.net tpc.googlesyndication.com a11d860c95e6036c7ad329cf125f7ca8.safeframe.googlesyndication.com www.halqat.news pagead2.googlesyndication.com googleads.g.doubleclick.net www.googletagservices.com
16	tpc.googlesyndication.com	securepubads.g.doubleclick.net tpc.googlesyndication.com www.halqat.news a11d860c95e6036c7ad329cf125f7ca8.safeframe.googlesyndication.com googleads.g.doubleclick.net
10	s0.2mdn.net	a11d860c95e6036c7ad329cf125f7ca8.safeframe.googlesyndication.com www.halqat.news s0.2mdn.net
9	www.halqat.news	1 redirects www.halqat.news
8	cm.g.doubleclick.net	6 redirects googleads.g.doubleclick.net
7	dsum-sec.casalemedia.com	3 redirects googleads.g.doubleclick.net
6	googleads.g.doubleclick.net	a11d860c95e6036c7ad329cf125f7ca8.safeframe.googlesyndication.com www.halqat.news pagead2.googlesyndication.com
6	securepubads.g.doubleclick.net	www.googletagservices.com securepubads.g.doubleclick.net
5	ib.adnxs.com	3 redirects googleads.g.doubleclick.net
5	servs.modoro360.com	player.aniview.com vid.vidoomy.com
4	googleads4.g.doubleclick.net	googleads.g.doubleclick.net www.halqat.news
4	a11d860c95e6036c7ad329cf125f7ca8.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
4	www.googletagservices.com	jscdn.greeter.me www.halqat.news a11d860c95e6036c7ad329cf125f7ca8.safeframe.googlesyndication.com
3	www.gstatic.com	www.halqat.news a11d860c95e6036c7ad329cf125f7ca8.safeframe.googlesyndication.com
3	x.bidswitch.net
3	fonts.googleapis.com	www.halqat.news a11d860c95e6036c7ad329cf125f7ca8.safeframe.googlesyndication.com
2	track.adform.net	1 redirects a11d860c95e6036c7ad329cf125f7ca8.safeframe.googlesyndication.com
2	eus.rubiconproject.com	player.aniview.com eus.rubiconproject.com
2	ads.stickyadstv.com	1 redirects player.aniview.com
2	ad.360yield.com	2 redirects
2	www.google.com	1 redirects tpc.googlesyndication.com
2	servt.modoro360.com	www.halqat.news
2	fonts.gstatic.com	fonts.googleapis.com
1	track1.aniview.com	player.aniview.com
1	rtb.openx.net
1	pixel.rubiconproject.com
1	vpaid.vidoomy.com	vid.vidoomy.com
1	token.rubiconproject.com	eus.rubiconproject.com
1	image6.pubmatic.com	ads.pubmatic.com
1	onetag-sys.com	player.aniview.com
1	csync.loopme.me	1 redirects
1	secure-assets.rubiconproject.com	1 redirects
1	vid.vidoomy.com	player.aniview.com
1	sync.aniview.com	player.aniview.com
1	bh.contextweb.com	1 redirects
1	sync.technoratimedia.com	player.aniview.com
1	sync.1rx.io	1 redirects
1	ups.analytics.yahoo.com	player.aniview.com
1	ads.pubmatic.com	player.aniview.com
1	serv.modoro360.com	player.aniview.com
1	player.aniview.com	player.avplayer.com
1	content1.avplayer.com	www.halqat.news
1	storage.de.cloud.ovh.net	www.halqat.news
1	adservice.google.com	securepubads.g.doubleclick.net
1	adservice.google.de	securepubads.g.doubleclick.net
1	player.avplayer.com	tg1.modoro360.com
1	feed.avplayer.com	tg1.modoro360.com
1	tg1.modoro360.com	www.halqat.news
1	jscdn.greeter.me	www.halqat.news
1	ajax.googleapis.com	www.halqat.news
0	us_privacyfa9f4b3548d146d8b0584acce84c4fec.gif Failed	player.aniview.com
139	51

This site contains no links.

Subject Issuer	Validity	Valid
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-03-02` - `2024-02-29`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2023-03-02` - `2023-05-25`	3 months	crt.sh
greeter.me E1	`2023-02-14` - `2023-05-15`	3 months	crt.sh
wl1.aniview.com R3	`2023-02-23` - `2023-05-24`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2023-03-02` - `2023-05-25`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-03-02` - `2023-05-25`	3 months	crt.sh
*.avplayer.com GeoTrust Global TLS RSA4096 SHA256 2022 CA1	`2022-08-08` - `2023-09-08`	a year	crt.sh
*.adservrs.com Amazon RSA 2048 M01	`2023-02-22` - `2023-05-25`	3 months	crt.sh
*.google.de GTS CA 1C3	`2023-03-02` - `2023-05-25`	3 months	crt.sh
*.google.com GTS CA 1C3	`2023-03-02` - `2023-05-25`	3 months	crt.sh
storage.de.cloud.ovh.net Sectigo RSA Domain Validation Secure Server CA	`2023-01-25` - `2024-01-25`	a year	crt.sh
*.aniview.com GeoTrust Global TLS RSA4096 SHA256 2022 CA1	`2022-07-14` - `2023-08-14`	a year	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2023-03-02` - `2023-05-25`	3 months	crt.sh
www.google.com GTS CA 1C3	`2023-03-02` - `2023-05-25`	3 months	crt.sh
*.pubmatic.com DigiCert TLS RSA SHA256 2020 CA1	`2023-01-25` - `2024-01-24`	a year	crt.sh
ups.analytics.yahoo.com DigiCert SHA2 High Assurance Server CA	`2023-02-21` - `2023-08-16`	6 months	crt.sh
*.technoratimedia.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-09-15` - `2023-09-15`	a year	crt.sh
*.ads.stickyadstv.com DigiCert TLS RSA SHA256 2020 CA1	`2022-06-14` - `2023-06-16`	a year	crt.sh
*.vidoomy.com Sectigo RSA Domain Validation Secure Server CA	`2022-09-01` - `2023-10-02`	a year	crt.sh
*.rubiconproject.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2023-03-07` - `2024-04-03`	a year	crt.sh
*.onetag-sys.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-12-28` - `2024-01-28`	a year	crt.sh
*.bidswitch.net Sectigo RSA Domain Validation Secure Server CA	`2022-04-05` - `2023-05-04`	a year	crt.sh
*.doubleclick.net GTS CA 1C3	`2023-03-02` - `2023-05-25`	3 months	crt.sh
*.openx.net GeoTrust RSA CA 2018	`2022-07-21` - `2023-08-21`	a year	crt.sh

This page contains 30 frames:

Primary Page: https://www.halqat.news/read331/38.php?hash=2LPZitix2YHYsSAxID0__IGh0dHBzOi8vdi5hZmxhbS5uZXdzL2VtYmVkLWplbDFqbTVldXZyOS5odG1sCtiz2YrYsdmB2LEgMiA9PiBodHRwczovL2FuYW1vdi5jYy9lbWJlZC02dHE1dnhwcGl2eXYuaHRtbArYs9mK2LHZgdixIDMgPT4gaHR0cHM6Ly92aWRzcGVlZC5jYy9lbWJlZC02YmlmNDJnbWZjNjkuaHRtbA==
Frame ID: 9E6801DCEAC8180B5EF36A637205359A
Requests: 39 HTTP requests in this frame

Frame: https://a11d860c95e6036c7ad329cf125f7ca8.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: F6BED0198FC73832D387BD514EE34F97
Requests: 1 HTTP requests in this frame

Frame: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=60095c900c0799791c46d8d4
Frame ID: B967CF4F28BCFD721970BD2307ED29C9
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 0820D87B8385EE932CE46D5D00079AE3
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: D8887391539132C4CE269B91850D37FC
Requests: 2 HTTP requests in this frame

Frame: https://a11d860c95e6036c7ad329cf125f7ca8.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 8A17F3C65F8668F99DCDA2971CFC1DCF
Requests: 5 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=160993&gdpr=1&gdpr_consent=&predirect=https%3A%2F%2Fservs.modoro360.com%2Fcookiesyncendpoint%3Fpid%3D59c9148628a0612da3689288%26biddername%3D1%26auid%3D1678973018405-943813335787-001192-003-003148%26key%3D
Frame ID: 3E7E1D683926813DC3ADDDD8B97245F7
Requests: 2 HTTP requests in this frame

Frame: https://ups.analytics.yahoo.com/ups/58543/occ?gdpr=1&gdpr_consent=
Frame ID: 766E50FD9905AF5BB958B816C8A60D49
Requests: 1 HTTP requests in this frame

Frame: https://servs.modoro360.com/cookiesyncendpoint?pid=59c9148628a0612da3689288&biddername=22&auid=1678973018405-943813335787-001192-003-003148&key=8ef4cfdc-b14c-4751-b882-fc930d8f2d6d
Frame ID: F035E45FEA1B34298616DF834433DD7D
Requests: 1 HTTP requests in this frame

Frame: https://servs.modoro360.com/cookiesyncendpoint?pid=59c9148628a0612da3689288&biddername=200&auid=1678973018405-943813335787-001192-003-003148&key=OPTOUT
Frame ID: A40C0BE0ECD91D9DBA6DBD7DB0A939B5
Requests: 1 HTTP requests in this frame

Frame: https://sync.technoratimedia.com/services?srv=cs&pid=70&uid=1678973018405-943813335787-001192-003-003148&cb=https%3A%2F%2Fservs.modoro360.com%2Fcookiesyncendpoint%3Fpid%3D59c9148628a0612da3689288%26biddername%3D3%26auid%3D1678973018405-943813335787-001192-003-003148%26key%3D%5BUSER_ID%5D
Frame ID: 500D25809D8CA404383C910FEC2128AC
Requests: 1 HTTP requests in this frame

Frame: https://servs.modoro360.com/cookiesyncendpoint?pid=59c9148628a0612da3689288&biddername=10&auid=1678973018405-943813335787-001192-003-003148&key=ajQezX06W0OE&ev=1&us_privacy=1---&pid=562704
Frame ID: 42ACFAB214CCE0D5815EE497DD4518BC
Requests: 1 HTTP requests in this frame

Frame: https://sync.aniview.com/cookiesyncendpoint?biddername=9&key=c3662b2b82681c6b624c48aad232b14&_fw_gdpr=1&_fw_gdpr_consent=
Frame ID: E3337BB55DB098C35392D297B3124527
Requests: 1 HTTP requests in this frame

Frame: https://ads.stickyadstv.com/auto-user-sync?px=1953&_fw_gdpr=1&_fw_gdpr_consent=
Frame ID: FEF05AC094886C980DF90943D1EAD284
Requests: 1 HTTP requests in this frame

Frame: https://servs.modoro360.com/cookiesyncendpoint?pid=59c9148628a0612da3689288&biddername=133&auid=1678973018405-943813335787-001192-003-003148&key=a6f37f0123013099a595be2217fc435a
Frame ID: 01D51209CFC47D6E81872847A2BA388F
Requests: 6 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=aniview&endpoint=us-east
Frame ID: 09E11AA117AF29D9AC0C3D069ABA6D57
Requests: 3 HTTP requests in this frame

Frame: https://us_privacyfa9f4b3548d146d8b0584acce84c4fec.gif/?gdpr=1&gdpr_consent=&us_privacy=1---&coppa=0&puid=1678973018405-943813335787-001192-003-003148&redir=https%3A%2F%2Fservs.modoro360.com%2Fcookiesyncendpoint%3Fpid%3D59c9148628a0612da3689288%26biddername%3D57%26auid%3D1678973018405-943813335787-001192-003-003148%26key%3D%24%7BUID%7D
Frame ID: 498C12262E2A8A5899F6E8BB6B2E739D
Requests: 1 HTTP requests in this frame

Frame: https://servs.modoro360.com/cookiesyncendpoint?pid=59c9148628a0612da3689288&biddername=56&auid=1678973018405-943813335787-001192-003-003148&key=e0f1aff4-88c8-4415-869d-210ace899bf2&gdpr_consent=null&gdpr=1
Frame ID: 3E13D4EEFFED01C9B4B2C0CF7875E64A
Requests: 1 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?pubId=57e618150c70d90&gdpr=1&gdpr_consent=&us_privacy=1---
Frame ID: 930960B74BB10CD397E2CFE56F17AEEB
Requests: 1 HTTP requests in this frame

Frame: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Frame ID: E76C8B7D11686831572B753B7AA30CBD
Requests: 7 HTTP requests in this frame

Frame: https://a11d860c95e6036c7ad329cf125f7ca8.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: D299FBBE84F1AE089633864D090AA6BB
Requests: 19 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: FB252B08E2B3DC503CF4E80D79E2EBE9
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CMXlgQEQsv3gjgMYxO_X4AEwAQ&v=APEucNUt0UZLzW-sQZCjI_Ss3ZrLZaXtqCBc_EmKoGgl_6MiSdBixdyHR_Gi5Bm4GdXTTy5zWtPeLdqg--UQz4TWxBVDEgleRdzdSzGul2uP76jJ2B_fyGRdi6VOSz76_7C078WsH6B428n0r2mCz0cp1MCze9eEG9T7tE8ZJn80lu2kyCpoWkY
Frame ID: C784D03E9C6CBF59060E0E72BC0BD06B
Requests: 5 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/sArRvrN6I189drjF6Of_TQ6Xi_0Jr1YUSK6Bd2dnyeI.js
Frame ID: 97C3CEF1DF382DC744A0B7D77280ADCD
Requests: 1 HTTP requests in this frame

Frame: https://a11d860c95e6036c7ad329cf125f7ca8.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 45174174DD57097FC9B3100F6E07B2CB
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=COD5IRDDhCYYwbKQ0AEwAQ&v=APEucNX8jxS-lyRy5e1iyM92jFm4TAp8pPHpDv2ooPvFGS3CRe-qZXTseFUqbmP7JLuZz0KFRo9fBBN8yzw-WREpBOrh-an0jMEPLb-ycULk8QhKbxtoX0NsKSCQyjDV2apluGp-qYktSiR1Kl__LXhKLrkeNDsH0Pj4bAJtjfLtHq969mNw5_M
Frame ID: E64CEED173B3206D67B4F23D155E5DBE
Requests: 5 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Frame ID: CA7133D7BA263556381E2B62DB23B789
Requests: 17 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 7AA8B116DA91635869B4A9ACFB100DA1
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 5B6962B1D330E247730B69DA90624053
Requests: 3 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/5426868114681039537/index.html
Frame ID: 2710C1744691F6ED53A061E7D935653D
Requests: 8 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Top 5 Considerations Startup Business Loans

Page URL History Show full URLs

https://www.halqat.news/read331/?rand&hash=2LPZitix2YHYsSAxID0__IGh0dHBzOi8vdi5hZmxhbS5uZXdzL2VtYmVk... HTTP 302
https://www.halqat.news/read331/38.php?hash=2LPZitix2YHYsSAxID0__IGh0dHBzOi8vdi5hZmxhbS5uZXdzL2VtYmV... Page URL

Detected technologies

PHP (Programming Languages) Expand

Overall confidence: 100%
Detected patterns

\.php(?:$|\?)

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

DoubleClick Campaign Manager (DCM) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

2mdn\.net

DoubleClick for Publishers (DFP) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googletagservices\.com/tag/js/gpt(?:_mobile)?\.js

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/
2mdn\.net

OpenX (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.openx\.net

PubMatic (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.pubmatic\.com

Rubicon Project (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.rubiconproject\.com

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

/([\d.]+)/jquery(?:\.min)?\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

139
Requests

93 %
HTTPS

38 %
IPv6

31
Domains

51
Subdomains

43
IPs

8
Countries

1225 kB
Transfer

3539 kB
Size

31
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://www.halqat.news/read331/?rand&hash=2LPZitix2YHYsSAxID0__IGh0dHBzOi8vdi5hZmxhbS5uZXdzL2VtYmVkLWplbDFqbTVldXZyOS5odG1sCtiz2YrYsdmB2LEgMiA9PiBodHRwczovL2FuYW1vdi5jYy9lbWJlZC02dHE1dnhwcGl2eXYuaHRtbArYs9mK2LHZgdixIDMgPT4gaHR0cHM6Ly92aWRzcGVlZC5jYy9lbWJlZC02YmlmNDJnbWZjNjkuaHRtbA== HTTP 302
https://www.halqat.news/read331/38.php?hash=2LPZitix2YHYsSAxID0__IGh0dHBzOi8vdi5hZmxhbS5uZXdzL2VtYmVkLWplbDFqbTVldXZyOS5odG1sCtiz2YrYsdmB2LEgMiA9PiBodHRwczovL2FuYW1vdi5jYy9lbWJlZC02dHE1dnhwcGl2eXYuaHRtbArYs9mK2LHZgdixIDMgPT4gaHR0cHM6Ly92aWRzcGVlZC5jYy9lbWJlZC02YmlmNDJnbWZjNjkuaHRtbA== Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 43

https://ad.360yield.com/server_match?partner_id=1581&r=https%3A%2F%2Fservs.modoro360.com%2Fcookiesyncendpoint%3Fpid%3D59c9148628a0612da3689288%26biddername%3D22%26auid%3D1678973018405-943813335787-001192-003-003148%26key%3D%7BPUB_USER_ID%7D HTTP 302
https://ad.360yield.com/ul_cb/server_match?partner_id=1581&r=https%3A%2F%2Fservs.modoro360.com%2Fcookiesyncendpoint%3Fpid%3D59c9148628a0612da3689288%26biddername%3D22%26auid%3D1678973018405-943813335787-001192-003-003148%26key%3D%7BPUB_USER_ID%7D HTTP 302
https://servs.modoro360.com/cookiesyncendpoint?pid=59c9148628a0612da3689288&biddername=22&auid=1678973018405-943813335787-001192-003-003148&key=8ef4cfdc-b14c-4751-b882-fc930d8f2d6d

Request Chain 44

https://sync.1rx.io/usersync2/rmpssp?sub=aniview&gdpr=1&gdpr_pd=0&gdpr_consent=&redir=https%3A%2F%2Fservs.modoro360.com%2Fcookiesyncendpoint%3Fpid%3D59c9148628a0612da3689288%26biddername%3D200%26auid%3D1678973018405-943813335787-001192-003-003148%26key%3D%5BRX_UUID%5D HTTP 302
https://servs.modoro360.com/cookiesyncendpoint?pid=59c9148628a0612da3689288&biddername=200&auid=1678973018405-943813335787-001192-003-003148&key=OPTOUT

Request Chain 46

https://bh.contextweb.com/bh/rtset?pid=562704&ev=1&us_privacy=1---&rurl=https%3A%2F%2Fservs.modoro360.com%2Fcookiesyncendpoint%3Fpid%3D59c9148628a0612da3689288%26biddername%3D10%26auid%3D1678973018405-943813335787-001192-003-003148%26key%3D%25%25VGUID%25%25 HTTP 302
https://servs.modoro360.com/cookiesyncendpoint?pid=59c9148628a0612da3689288&biddername=10&auid=1678973018405-943813335787-001192-003-003148&key=ajQezX06W0OE&ev=1&us_privacy=1---&pid=562704

Request Chain 47

https://ads.stickyadstv.com/user-matching?id=3655&_fw_gdpr=1&_fw_gdpr_consent= HTTP 302
https://sync.aniview.com/cookiesyncendpoint?biddername=9&key=c3662b2b82681c6b624c48aad232b14&_fw_gdpr=1&_fw_gdpr_consent=

Request Chain 50

https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=aniview&endpoint=us-east HTTP 301
https://eus.rubiconproject.com/usync.html?p=aniview&endpoint=us-east

Request Chain 52

https://csync.loopme.me/?pubid=11455&gdpr=1&gdpr_consent=&redirect=https%3A%2F%2Fservs.modoro360.com%2Fcookiesyncendpoint%3Fpid%3D59c9148628a0612da3689288%26biddername%3D56%26auid%3D1678973018405-943813335787-001192-003-003148%26key%3D%7Bdevice_id%7D HTTP 307
https://servs.modoro360.com/cookiesyncendpoint?pid=59c9148628a0612da3689288&biddername=56&auid=1678973018405-943813335787-001192-003-003148&key=e0f1aff4-88c8-4415-869d-210ace899bf2&gdpr_consent=null&gdpr=1

Request Chain 81

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 83

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEKKNtWhz4np9m_hM6CxzqKM&google_cver=1

Request Chain 84

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZBMYWvhIv1irSdUdlF7FTAAA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEKKNtWhz4np9m_hM6CxzqKM&google_cver=1

Request Chain 85

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
https://ib.adnxs.com/setuid?entity=101&code=CAESEDhttl7q-RgEDcDwn4cgi0Q&google_cver=1

Request Chain 86

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NjQxMDIxOTUzMjM4NDM2OTI2Nw%3D%3D

Request Chain 98

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEKKNtWhz4np9m_hM6CxzqKM&google_cver=1

Request Chain 99

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZBMYWvhIv1irSdUdlF7FTAAA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEKKNtWhz4np9m_hM6CxzqKM&google_cver=1

Request Chain 100

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
https://ib.adnxs.com/setuid?entity=101&code=CAESEDhttl7q-RgEDcDwn4cgi0Q&google_cver=1

Request Chain 101

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NjQxMDIxOTUzMjM4NDM2OTI2Nw%3D%3D

Request Chain 121

https://track.adform.net/adfserve/?bn=60060210;1x1inv=1;srctype=3;ord=3313071101 HTTP 302
https://track.adform.net/adfserve/?CC=1&bn=60060210;1x1inv=1;srctype=3;ord=3313071101

139 HTTP transactions
5 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request 38.php Show response
www.halqat.news/read331/
Redirect Chain

https://www.halqat.news/read331/?rand&hash=2LPZitix2YHYsSAxID0__IGh0dHBzOi8vdi5hZmxhbS5uZXdzL2VtYmVkLWplbDFqbTVldXZyOS5odG1sCtiz2YrYsdmB2LEgMiA9PiBodHRwczovL2FuYW1vdi5jYy9lbWJlZC02dHE1dnhwcGl2eXYua...
https://www.halqat.news/read331/38.php?hash=2LPZitix2YHYsSAxID0__IGh0dHBzOi8vdi5hZmxhbS5uZXdzL2VtYmVkLWplbDFqbTVldXZyOS5odG1sCtiz2YrYsdmB2LEgMiA9PiBodHRwczovL2FuYW1vdi5jYy9lbWJlZC02dHE1dnhwcGl2eXYu...

12 KB
4 KB

116ms
115ms

Document
text/html

2606:4700:3037::ac43:ccfb
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.halqat.news/read331/38.php?hash=2LPZitix2YHYsSAxID0__IGh0dHBzOi8vdi5hZmxhbS5uZXdzL2VtYmVkLWplbDFqbTVldXZyOS5odG1sCtiz2YrYsdmB2LEgMiA9PiBodHRwczovL2FuYW1vdi5jYy9lbWJlZC02dHE1dnhwcGl2eXYuaHRtbArYs9mK2LHZgdixIDMgPT4gaHR0cHM6Ly92aWRzcGVlZC5jYy9lbWJlZC02YmlmNDJnbWZjNjkuaHRtbA==
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::ac43:ccfb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ed77a3f8089f94902d2b9901e747f1bfb3df703c33b71f5b96adac7d33714aad

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 7a8d4fcd7adabb56-FRA
content-encoding: br
content-type: text/html; charset=UTF-8
date: Thu, 16 Mar 2023 13:23:37 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WNZ6D2R0dFpJyL8ncmC8w4VZS6DjvVLKmuDl%2FSlctAZ0vmNpp%2B5XwxGdOJG%2BzC3mjKgTovpaiL2dgmmoXtKO9FlawMi%2FFjVs3tV%2FurGB95jO1%2BWiFmrDN%2BBNZQFb74aBKwSO64ho0r7uogDYUUY%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare

Redirect headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 7a8d4fccb9dfbb56-FRA
content-type: text/html; charset=UTF-8
date: Thu, 16 Mar 2023 13:23:37 GMT
location: 38.php?hash=2LPZitix2YHYsSAxID0__IGh0dHBzOi8vdi5hZmxhbS5uZXdzL2VtYmVkLWplbDFqbTVldXZyOS5odG1sCtiz2YrYsdmB2LEgMiA9PiBodHRwczovL2FuYW1vdi5jYy9lbWJlZC02dHE1dnhwcGl2eXYuaHRtbArYs9mK2LHZgdixIDMgPT4gaHR0cHM6Ly92aWRzcGVlZC5jYy9lbWJlZC02YmlmNDJnbWZjNjkuaHRtbA==
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=s0oGe%2Bw6mt1%2FyA5Gk4pM99ARbGQgCQtMNKymoNZQCjW9JcEx5VcrAD5lgee9xi8BXg0H%2Bq%2FZKf0Iy6GkhLnQqsTyTybd05Mh4lI2PcLChsGJyBAXBrdgTsFonRBMrqHcDUlNbbNr3kK91aEJkDY%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare

GET
H3 200 bootstrap.min.css
www.halqat.news/read331/css/ 119 KB
20 KB 29ms
28ms Stylesheet
text/css 2606:4700:3037::ac43:ccfb
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.halqat.news/read331/css/bootstrap.min.css
Requested by: Host: www.halqat.news
URL: https://www.halqat.news/read331/38.php?hash=2LPZitix2YHYsSAxID0__IGh0dHBzOi8vdi5hZmxhbS5uZXdzL2VtYmVkLWplbDFqbTVldXZyOS5odG1sCtiz2YrYsdmB2LEgMiA9PiBodHRwczovL2FuYW1vdi5jYy9lbWJlZC02dHE1dnhwcGl2eXYuaHRtbArYs9mK2LHZgdixIDMgPT4gaHR0cHM6Ly92aWRzcGVlZC5jYy9lbWJlZC02YmlmNDJnbWZjNjkuaHRtbA==
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::ac43:ccfb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 28eaacdfa5ee23061edff4657bea922696eef87e0be98e6cd4332261e2dfa619

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.halqat.news/read331/38.php?hash=2LPZitix2YHYsSAxID0__IGh0dHBzOi8vdi5hZmxhbS5uZXdzL2VtYmVkLWplbDFqbTVldXZyOS5odG1sCtiz2YrYsdmB2LEgMiA9PiBodHRwczovL2FuYW1vdi5jYy9lbWJlZC02dHE1dnhwcGl2eXYuaHRtbArYs9mK2LHZgdixIDMgPT4gaHR0cHM6Ly92aWRzcGVlZC5jYy9lbWJlZC02YmlmNDJnbWZjNjkuaHRtbA==
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 16 Mar 2023 13:23:37 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Thu, 29 Dec 2022 17:58:24 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 6303
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=iGeSqSRU2avJYipB5Ccc5q%2BuYpELMjmBM%2Br3vpKtMS%2F4edM1%2FfRt7ur5DVL5jdPs6d2mXoq1xksLxMgQsM16JqpXSORjpjP8CGNAyGOZYcWc8QaX%2BPdUXMzDFcagE26QFmeJZ335pwcRPpaHu7w%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=14400
cf-ray: 7a8d4fce3bf43a72-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 slicknav.min.css
www.halqat.news/read331/css/ 2 KB
1 KB 27ms
26ms Stylesheet
text/css 2606:4700:3037::ac43:ccfb
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.halqat.news/read331/css/slicknav.min.css
Requested by: Host: www.halqat.news
URL: https://www.halqat.news/read331/38.php?hash=2LPZitix2YHYsSAxID0__IGh0dHBzOi8vdi5hZmxhbS5uZXdzL2VtYmVkLWplbDFqbTVldXZyOS5odG1sCtiz2YrYsdmB2LEgMiA9PiBodHRwczovL2FuYW1vdi5jYy9lbWJlZC02dHE1dnhwcGl2eXYuaHRtbArYs9mK2LHZgdixIDMgPT4gaHR0cHM6Ly92aWRzcGVlZC5jYy9lbWJlZC02YmlmNDJnbWZjNjkuaHRtbA==
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::ac43:ccfb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 99c9faa603219cebe987cc0d0262320ff6a927f5cd9716d552ae12b597a4d5e0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.halqat.news/read331/38.php?hash=2LPZitix2YHYsSAxID0__IGh0dHBzOi8vdi5hZmxhbS5uZXdzL2VtYmVkLWplbDFqbTVldXZyOS5odG1sCtiz2YrYsdmB2LEgMiA9PiBodHRwczovL2FuYW1vdi5jYy9lbWJlZC02dHE1dnhwcGl2eXYuaHRtbArYs9mK2LHZgdixIDMgPT4gaHR0cHM6Ly92aWRzcGVlZC5jYy9lbWJlZC02YmlmNDJnbWZjNjkuaHRtbA==
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 16 Mar 2023 13:23:37 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Thu, 29 Dec 2022 17:58:24 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 6279
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=30BtAtf7KZVnjUI55JM5MOnJShf3kWEqbkY%2BUO0%2BNkqg1Mt8DpF3kIM8Jb9uB%2FdJFG8By3fSlG%2BimmJoUGPWBC0wfztNn3fMdxiDiIZvb%2BPB0Cv3Lk%2BIpSwfpZHrsFmA2FHg1WpZe4CAKkJeeOc%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=14400
cf-ray: 7a8d4fce3bf53a72-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 the220px.css
www.halqat.news/read331/ 4 KB
1 KB 51ms
50ms Stylesheet
text/css 2606:4700:3037::ac43:ccfb
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.halqat.news/read331/the220px.css
Requested by: Host: www.halqat.news
URL: https://www.halqat.news/read331/38.php?hash=2LPZitix2YHYsSAxID0__IGh0dHBzOi8vdi5hZmxhbS5uZXdzL2VtYmVkLWplbDFqbTVldXZyOS5odG1sCtiz2YrYsdmB2LEgMiA9PiBodHRwczovL2FuYW1vdi5jYy9lbWJlZC02dHE1dnhwcGl2eXYuaHRtbArYs9mK2LHZgdixIDMgPT4gaHR0cHM6Ly92aWRzcGVlZC5jYy9lbWJlZC02YmlmNDJnbWZjNjkuaHRtbA==
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::ac43:ccfb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3232f4b385e743d3c5e3b029401e2d48bb595c24593404eea2f8ea943891b7e5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.halqat.news/read331/38.php?hash=2LPZitix2YHYsSAxID0__IGh0dHBzOi8vdi5hZmxhbS5uZXdzL2VtYmVkLWplbDFqbTVldXZyOS5odG1sCtiz2YrYsdmB2LEgMiA9PiBodHRwczovL2FuYW1vdi5jYy9lbWJlZC02dHE1dnhwcGl2eXYuaHRtbArYs9mK2LHZgdixIDMgPT4gaHR0cHM6Ly92aWRzcGVlZC5jYy9lbWJlZC02YmlmNDJnbWZjNjkuaHRtbA==
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 16 Mar 2023 13:23:37 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Thu, 29 Dec 2022 17:58:24 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 1808
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jOEiVVWmn9FVaj9HySaCh%2FaxghshgHBLpkSt0U7QI9NIup9Ou0%2B0CRWQHxfivXjyEJdQPrfIKOm9gHL%2BNT9C9dtt02HY37ujwpI%2B3w3ZoPZ7cYwvBxbEp%2BkFYuMCXiTKKXrthdWOl3kygPDLtdI%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=14400
cf-ray: 7a8d4fce3bf73a72-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 responsive.css
www.halqat.news/read331/ 1 KB
844 B 28ms
27ms Stylesheet
text/css 2606:4700:3037::ac43:ccfb
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.halqat.news/read331/responsive.css
Requested by: Host: www.halqat.news
URL: https://www.halqat.news/read331/38.php?hash=2LPZitix2YHYsSAxID0__IGh0dHBzOi8vdi5hZmxhbS5uZXdzL2VtYmVkLWplbDFqbTVldXZyOS5odG1sCtiz2YrYsdmB2LEgMiA9PiBodHRwczovL2FuYW1vdi5jYy9lbWJlZC02dHE1dnhwcGl2eXYuaHRtbArYs9mK2LHZgdixIDMgPT4gaHR0cHM6Ly92aWRzcGVlZC5jYy9lbWJlZC02YmlmNDJnbWZjNjkuaHRtbA==
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::ac43:ccfb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ba82735185f3aecb4c6914ebe2f64367484cdda59273ca94152553b4ab54d226

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.halqat.news/read331/38.php?hash=2LPZitix2YHYsSAxID0__IGh0dHBzOi8vdi5hZmxhbS5uZXdzL2VtYmVkLWplbDFqbTVldXZyOS5odG1sCtiz2YrYsdmB2LEgMiA9PiBodHRwczovL2FuYW1vdi5jYy9lbWJlZC02dHE1dnhwcGl2eXYuaHRtbArYs9mK2LHZgdixIDMgPT4gaHR0cHM6Ly92aWRzcGVlZC5jYy9lbWJlZC02YmlmNDJnbWZjNjkuaHRtbA==
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 16 Mar 2023 13:23:37 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Thu, 29 Dec 2022 17:58:24 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 6279
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4pIWS6Ok9FXoeQXtUITMNtYRlYBoYSzXz0f4oeE9NZZ5K48XjEMA4BDkG72GAVIyHpn1A89uN61F1uSSdVRGjrwwaDs4vEtdcSFl8Hh145aaphv73zGZ4y2i4ZZZAhcFjmLOgSf%2BYpeB3XiKDyE%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=14400
cf-ray: 7a8d4fce3bf93a72-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/1.11.1/ 94 KB
33 KB 99ms
32ms Script
text/javascript 2a00:1450:4001:812::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/1.11.1/jquery.min.js

Requested by

Host: www.halqat.news
URL: https://www.halqat.news/read331/38.php?hash=2LPZitix2YHYsSAxID0__IGh0dHBzOi8vdi5hZmxhbS5uZXdzL2VtYmVkLWplbDFqbTVldXZyOS5odG1sCtiz2YrYsdmB2LEgMiA9PiBodHRwczovL2FuYW1vdi5jYy9lbWJlZC02dHE1dnhwcGl2eXYuaHRtbArYs9mK2LHZgdixIDMgPT4gaHR0cHM6Ly92aWRzcGVlZC5jYy9lbWJlZC02YmlmNDJnbWZjNjkuaHRtbA==

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

540bc6dec1dd4b92ea4d3fb903f69eabf6d919afd48f4e312b163c28cff0f441

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.halqat.news/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Fri, 10 Mar 2023 19:36:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 496047
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 33434
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
vary: Accept-Encoding
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 09 Mar 2024 19:36:10 GMT

GET
H3 200 jquery.slicknav.min.js Show response
www.halqat.news/read331/js/ 8 KB
3 KB 51ms
50ms Script
application/javascript 2606:4700:3037::ac43:ccfb
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.halqat.news/read331/js/jquery.slicknav.min.js
Requested by: Host: www.halqat.news
URL: https://www.halqat.news/read331/38.php?hash=2LPZitix2YHYsSAxID0__IGh0dHBzOi8vdi5hZmxhbS5uZXdzL2VtYmVkLWplbDFqbTVldXZyOS5odG1sCtiz2YrYsdmB2LEgMiA9PiBodHRwczovL2FuYW1vdi5jYy9lbWJlZC02dHE1dnhwcGl2eXYuaHRtbArYs9mK2LHZgdixIDMgPT4gaHR0cHM6Ly92aWRzcGVlZC5jYy9lbWJlZC02YmlmNDJnbWZjNjkuaHRtbA==
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::ac43:ccfb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1fd1e7c1f102c491fcbcbe53eca8601df80663b293b8ef8d8683b9da0d3587e1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.halqat.news/read331/38.php?hash=2LPZitix2YHYsSAxID0__IGh0dHBzOi8vdi5hZmxhbS5uZXdzL2VtYmVkLWplbDFqbTVldXZyOS5odG1sCtiz2YrYsdmB2LEgMiA9PiBodHRwczovL2FuYW1vdi5jYy9lbWJlZC02dHE1dnhwcGl2eXYuaHRtbArYs9mK2LHZgdixIDMgPT4gaHR0cHM6Ly92aWRzcGVlZC5jYy9lbWJlZC02YmlmNDJnbWZjNjkuaHRtbA==
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 16 Mar 2023 13:23:37 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Thu, 29 Dec 2022 17:58:24 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 6279
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1z4CPuwQJKBgUlCOpcdEL3wJWmFb706e2XqBj7kZYcRTz67Ub%2FnGN8%2FhOW377zn8dSDviLb78cMkcgi8Jk7mVmggr6Ma8mRnRuB%2Bw1UkUA2OuLgUUNfmL2cpgOlHfWhxNHk1VlYsf8pOTH8tI2M%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 7a8d4fce3bfc3a72-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 the220px.js Show response
www.halqat.news/read331/js/ 664 B
803 B 51ms
50ms Script
application/javascript 2606:4700:3037::ac43:ccfb
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.halqat.news/read331/js/the220px.js
Requested by: Host: www.halqat.news
URL: https://www.halqat.news/read331/38.php?hash=2LPZitix2YHYsSAxID0__IGh0dHBzOi8vdi5hZmxhbS5uZXdzL2VtYmVkLWplbDFqbTVldXZyOS5odG1sCtiz2YrYsdmB2LEgMiA9PiBodHRwczovL2FuYW1vdi5jYy9lbWJlZC02dHE1dnhwcGl2eXYuaHRtbArYs9mK2LHZgdixIDMgPT4gaHR0cHM6Ly92aWRzcGVlZC5jYy9lbWJlZC02YmlmNDJnbWZjNjkuaHRtbA==
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::ac43:ccfb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 363181158af4b1671b7f8e4f9c20a71ea0526b26617436fb4f78a0283049af63

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.halqat.news/read331/38.php?hash=2LPZitix2YHYsSAxID0__IGh0dHBzOi8vdi5hZmxhbS5uZXdzL2VtYmVkLWplbDFqbTVldXZyOS5odG1sCtiz2YrYsdmB2LEgMiA9PiBodHRwczovL2FuYW1vdi5jYy9lbWJlZC02dHE1dnhwcGl2eXYuaHRtbArYs9mK2LHZgdixIDMgPT4gaHR0cHM6Ly92aWRzcGVlZC5jYy9lbWJlZC02YmlmNDJnbWZjNjkuaHRtbA==
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 16 Mar 2023 13:23:37 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Thu, 29 Dec 2022 17:58:24 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 6303
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JFBAWiCwu9juYC8TS3SLfM48v%2FoloIV0Zz5a2B1vA0kCWTxJ3GsH%2FONzE%2BLdpv2uG5ytl0wpZJ1jrzaMZDQ%2FX%2FROpTdCss4i3gWgSMfPh25FNWYnDm79NSIRi4oAhmOo5l9S5MSfAuF3U8exp3s%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 7a8d4fce3bfd3a72-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 halqat.newshead.js Show response
jscdn.greeter.me/ 6 KB
7 KB 107ms
22ms Script
text/javascript 205.185.216.10
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to

Full URL

https://jscdn.greeter.me/halqat.newshead.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

205.185.216.10 , United States, ASN20446 (STACKPATH-CDN, US),

Reverse DNS

map2.hwcdn.net

Software

Resource Hash

f2ca256c2a497bf6cfce165bbbe64483719df33ad1c7ab2ce8b94b24f65c3b2f

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.halqat.news/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 16 Mar 2023 13:23:37 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
last-modified: Wed, 07 Dec 2022 09:57:56 GMT
x-amz-request-id: tx00000000000007269d500-0064131243-87151b72-fra1b
etag: "81231429f44e287d3a9a2a5071703348"
vary: Access-Control-Request-Headers,Access-Control-Request-Method,Origin
x-hw: 1678973017.dop012.fr8.t,1678973017.cds215.fr8.hn,1678973017.cds273.fr8.c
content-type: text/javascript
cache-control: max-age=2042
x-rgw-object-type: Normal
accept-ranges: bytes
content-length: 6437

GET
H/1.1 200
OK spt Show response
tg1.modoro360.com/api/adserver/ 26 KB
7 KB 216ms
42ms Script
text/javascript 2a02:26f0:3500:c::5c7b:680c
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://tg1.modoro360.com/api/adserver/spt?AV_TAGID=624d76f0c470237a604a78c5&AV_PUBLISHERID=60095c900c0799791c46d8d4
Requested by: Host: www.halqat.news
URL: https://www.halqat.news/read331/38.php?hash=2LPZitix2YHYsSAxID0__IGh0dHBzOi8vdi5hZmxhbS5uZXdzL2VtYmVkLWplbDFqbTVldXZyOS5odG1sCtiz2YrYsdmB2LEgMiA9PiBodHRwczovL2FuYW1vdi5jYy9lbWJlZC02dHE1dnhwcGl2eXYuaHRtbArYs9mK2LHZgdixIDMgPT4gaHR0cHM6Ly92aWRzcGVlZC5jYy9lbWJlZC02YmlmNDJnbWZjNjkuaHRtbA==
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3500:c::5c7b:680c Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: 1df77d25ad442175f7c9f0507229cd9de201ea493a7b2a6b3ca2ec363073ad26

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.halqat.news/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

X-Bamboo-C-SkSt: 1
Content-Encoding: gzip
X-Bamboo-C-SkFe: 1
X-Bamboo-C-S: BYPASS
Date: Thu, 16 Mar 2023 13:23:37 GMT
Access-Control-Max-Age: 1728000
Access-Control-Allow-Methods: GET, POST, DELETE, PUT, OPTIONS, INDEX
Content-Type: text/javascript
Vary: Accept-Encoding
Cache-Control: max-age=300
Access-Control-Allow-Credentials: true
Connection: keep-alive
Access-Control-Allow-Headers: Keep-Alive,User-Agent,If-Modified-Since,Cache-Control,Content-Type,Authorization,X-Bamboo-Token,Event-Id,X-Requested-With
Content-Length: 6764
Expires: Thu, 16 Mar 2023 13:28:37 GMT

GET
H3 200 logo.png
www.halqat.news/read331/images/ 2 KB
2 KB 27ms
26ms Image
image/png 2606:4700:3037::ac43:ccfb
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.halqat.news/read331/images/logo.png
Requested by: Host: www.halqat.news
URL: https://www.halqat.news/read331/38.php?hash=2LPZitix2YHYsSAxID0__IGh0dHBzOi8vdi5hZmxhbS5uZXdzL2VtYmVkLWplbDFqbTVldXZyOS5odG1sCtiz2YrYsdmB2LEgMiA9PiBodHRwczovL2FuYW1vdi5jYy9lbWJlZC02dHE1dnhwcGl2eXYuaHRtbArYs9mK2LHZgdixIDMgPT4gaHR0cHM6Ly92aWRzcGVlZC5jYy9lbWJlZC02YmlmNDJnbWZjNjkuaHRtbA==
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::ac43:ccfb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cb843e505153522d6d0ed1f1c8bd73ce8aaef6c6974d8ad49af62583bfec38a8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.halqat.news/read331/38.php?hash=2LPZitix2YHYsSAxID0__IGh0dHBzOi8vdi5hZmxhbS5uZXdzL2VtYmVkLWplbDFqbTVldXZyOS5odG1sCtiz2YrYsdmB2LEgMiA9PiBodHRwczovL2FuYW1vdi5jYy9lbWJlZC02dHE1dnhwcGl2eXYuaHRtbArYs9mK2LHZgdixIDMgPT4gaHR0cHM6Ly92aWRzcGVlZC5jYy9lbWJlZC02YmlmNDJnbWZjNjkuaHRtbA==
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 16 Mar 2023 13:23:37 GMT
cf-cache-status: HIT
last-modified: Thu, 29 Dec 2022 17:58:24 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 6302
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4bEhREI85TYvXNtouYRaJ6Dntt6ePt41Twi1cbfCTEWmLGrwbsvS89B7Fl5g7KEF8oUoQZttrkxyJ%2BFTsCL1tkcHT1jSO1giCUxEmLTM01s3xWB2uZFJUw5XoR4QmdXKnZqFpLYic4YBnHZYDy8%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 7a8d4fcf3d7d3a72-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 1728

GET
H2 200 css
fonts.googleapis.com/ 6 KB
1 KB 82ms
31ms Stylesheet
text/css 2a00:1450:4001:813::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Nunito+Sans:300,400,600,700

Requested by

Host: www.halqat.news
URL: https://www.halqat.news/read331/the220px.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

aaf5e3e49f2ae070d9195ddec81f3ee9046b220d9901579ec896759a9d924446

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.halqat.news/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Thu, 16 Mar 2023 13:23:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Thu, 16 Mar 2023 12:26:44 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 16 Mar 2023 13:23:37 GMT

GET
H2 200 pe03MImSLYBIv1o4X1M8cc8GBs5tU1E.woff2
fonts.gstatic.com/s/nunitosans/v12/ 17 KB
17 KB 72ms
20ms Font
font/woff2 2a00:1450:4001:801::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/nunitosans/v12/pe03MImSLYBIv1o4X1M8cc8GBs5tU1E.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Nunito+Sans:300,400,600,700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

280aaa8929329764ac3213ca093c63505cfcc665347939c79905c426d33867c5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.halqat.news
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 16 Mar 2023 09:08:30 GMT
x-content-type-options: nosniff
age: 15307
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 17116
x-xss-protection: 0
last-modified: Mon, 09 May 2022 18:31:19 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 15 Mar 2024 09:08:30 GMT

GET
H2 200 pe0qMImSLYBIv1o4X1M8cce9I9s.woff2
fonts.gstatic.com/s/nunitosans/v12/ 17 KB
17 KB 78ms
26ms Font
font/woff2 2a00:1450:4001:801::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/nunitosans/v12/pe0qMImSLYBIv1o4X1M8cce9I9s.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Nunito+Sans:300,400,600,700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

97d5a594e7f76c7e50045b67667fd6b74b268515efe6425097be1b2647079787

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.halqat.news
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Fri, 10 Mar 2023 07:55:02 GMT
x-content-type-options: nosniff
age: 538115
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 16980
x-xss-protection: 0
last-modified: Mon, 09 May 2022 18:33:54 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 09 Mar 2024 07:55:02 GMT

GET
H2 200 gpt.js Show response
www.googletagservices.com/tag/js/ 79 KB
27 KB 78ms
30ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/tag/js/gpt.js

Requested by

Host: jscdn.greeter.me
URL: https://jscdn.greeter.me/halqat.newshead.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5fc814f76311281ae957d4e6df3a27c3ce41fb8f436311c147a1486c325af8f2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.halqat.news/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 16 Mar 2023 13:23:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 27405
x-xss-protection: 0
server: sffe
etag: "1512 / 80 of 1000 / last-modified: 1678964715"
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Thu, 16 Mar 2023 13:23:37 GMT

GET
H2 200 pubads_impl_2023030901.js Show response
securepubads.g.doubleclick.net/gpt/ 395 KB
134 KB 75ms
23ms Script
text/javascript 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023030901.js

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2940fc3e4be1c44c42429926fd8144235bee8fde8e590386bc0b8900482b82d2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.halqat.news/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 16 Mar 2023 12:37:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2790
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 136293
x-xss-protection: 0
last-modified: Thu, 09 Mar 2023 09:39:14 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Fri, 15 Mar 2024 12:37:07 GMT

GET
H2 200 ppub_config Show response
securepubads.g.doubleclick.net/pagead/ 2 KB
1 KB 108ms
58ms XHR
application/json 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=www.halqat.news

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3cda23532dc110f0f4625ff794e1c3338b8989cd4861830ec54b303007688ff8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.halqat.news/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 16 Mar 2023 13:23:37 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 545
x-xss-protection: 0
expires: Thu, 16 Mar 2023 13:23:37 GMT

GET
H2 200 get Show response
feed.avplayer.com/backend/ 4 KB
813 B 95ms
29ms XHR
application/json 69.16.175.42
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to

Full URL: https://feed.avplayer.com/backend/get?cmsType=playlist&id=631a2480b3d08269680f4be2&AV_TAGID=624d76f0c470237a604a78c5&pid=60095c900c0799791c46d8d4&cid=621c939b784b445b9a1a7898&AV_TEMPID=60bceb5ae580aa6950275314&AV_PUBLISHERID=60095c900c0799791c46d8d4
Requested by: Host: tg1.modoro360.com
URL: https://tg1.modoro360.com/api/adserver/spt?AV_TAGID=624d76f0c470237a604a78c5&AV_PUBLISHERID=60095c900c0799791c46d8d4
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 69.16.175.42 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS: hwcdn.net
Software: /
Resource Hash: cce1aee65b9f2093ba86119d6ef979fd5183c77b513a1f6c735e0cd56f951070

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.halqat.news/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 16 Mar 2023 13:23:37 GMT
content-encoding: gzip
x-hw: 1678973017.dop261.fr8.t,1678973017.cds265.fr8.hn,1678973017.cds279.fr8.c
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.halqat.news
cache-control: max-age=1800
access-control-allow-credentials: true
accept-ranges: bytes
content-length: 608

GET
H2 200 avcplayer.js Show response
player.avplayer.com/script/2/v/ 251 KB
60 KB 96ms
24ms Script
application/javascript 69.16.175.10
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to

Full URL: https://player.avplayer.com/script/2/v/avcplayer.js
Requested by: Host: tg1.modoro360.com
URL: https://tg1.modoro360.com/api/adserver/spt?AV_TAGID=624d76f0c470237a604a78c5&AV_PUBLISHERID=60095c900c0799791c46d8d4
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 69.16.175.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS: tlb.hwcdn.net
Software: /
Resource Hash: 4fb80b7bf623f709e8773d63406d7d20cbb8dda584d2259f86b7cc94050923d1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.halqat.news/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 16 Mar 2023 13:23:37 GMT
content-encoding: gzip
last-modified: Thu, 03 Mar 2022 17:18:44 GMT
etag: "1646327924"
x-hw: 1678973017.dop138.fr8.t,1678973017.cds164.fr8.hn,1678973017.cds249.fr8.c
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=600
accept-ranges: bytes
content-length: 61326

GET
H2 200 track
servt.modoro360.com/ 0
71 B 387ms
117ms Image
text/plain 52.200.140.242
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://servt.modoro360.com/track?pid=60095c900c0799791c46d8d4&cid=621c939b784b445b9a1a7898&cb=1678973017675&r=www.halqat.news&stagid=624d76f0c470237a604a78c5&stplid=60bceb5ae580aa6950275314&d35=&d65=Floor&d66=7&e=playerLoaded&cpid=631a2480b3d08269680f4be2&str=viewable
Requested by: Host: www.halqat.news
URL: https://www.halqat.news/read331/38.php?hash=2LPZitix2YHYsSAxID0__IGh0dHBzOi8vdi5hZmxhbS5uZXdzL2VtYmVkLWplbDFqbTVldXZyOS5odG1sCtiz2YrYsdmB2LEgMiA9PiBodHRwczovL2FuYW1vdi5jYy9lbWJlZC02dHE1dnhwcGl2eXYuaHRtbArYs9mK2LHZgdixIDMgPT4gaHR0cHM6Ly92aWRzcGVlZC5jYy9lbWJlZC02YmlmNDJnbWZjNjkuaHRtbA==
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.200.140.242 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-200-140-242.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.halqat.news/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 16 Mar 2023 13:23:38 GMT
cache-control: max-age=0, no-cache, no-store
content-length: 0

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
531 B 77ms
28ms Script
application/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=www.halqat.news

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023030901.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.halqat.news/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 16 Mar 2023 13:23:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
456 B 108ms
29ms Script
application/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.halqat.news

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023030901.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.halqat.news/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 16 Mar 2023 13:23:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H2 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 16 KB
7 KB 796ms
795ms XHR
text/plain 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3543975897320736&correlator=495206649834347&eid=31072029%2C31072878%2C31073111%2C44782505%2C21065725&output=ldjh&gdfp_req=1&vrg=2023030901&ptt=17&impl=fif&iu_parts=22692101250%2Capl%2Ccube9&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=970x90%7C728x90&ifi=1&adks=152591927&didk=1959687422&sfv=1-0-40&prev_scp=test%3Drefresh&sc=1&cookie_enabled=1&abxe=1&dt=1678973017847&lmt=1678973017&dlt=1678973017306&idt=490&adxs=315&adys=1110&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=1&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fwww.halqat.news%2Fread331%2F38.php%3Fhash%3D2LPZitix2YHYsSAxID0__IGh0dHBzOi8vdi5hZmxhbS5uZXdzL2VtYmVkLWplbDFqbTVldXZyOS5odG1sCtiz2YrYsdmB2LEgMiA9PiBodHRwczovL2FuYW1vdi5jYy9lbWJlZC02dHE1dnhwcGl2eXYuaHRtbArYs9mK2LHZgdixIDMgPT4gaHR0cHM6Ly92aWRzcGVlZC5jYy9lbWJlZC02YmlmNDJnbWZjNjkuaHRtbA%3D%3D&frm=20&vis=1&psz=970x-1&msz=970x-1&fws=512&ohw=0&ga_vid=1482712116.1678973018&ga_sid=1678973018&ga_hid=1106013644&ga_fc=false

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023030901.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

2c43ca796e2e5229c27046c05140e5a122826f326ca56ee6c1972fc2f2a54d2a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.halqat.news/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 16 Mar 2023 13:23:38 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6986
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.halqat.news
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 151 KB
45 KB 598ms
598ms XHR
text/plain 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3543975897320736&correlator=495206649834347&eid=31072029%2C31072878%2C31073111%2C44782505%2C21065725&output=ldjh&gdfp_req=1&vrg=2023030901&ptt=17&impl=fif&iu_parts=22692101250%2Capl&enc_prev_ius=%2F0%2F1&prev_iu_szs=1x1&ifi=2&adks=1317952821&didk=3661191484&sfv=1-0-40&ists=1&fas=8&sc=1&cookie_enabled=1&abxe=1&dt=1678973017854&lmt=1678973017&dlt=1678973017306&idt=490&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=-1&ucis=2&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fwww.halqat.news%2Fread331%2F38.php%3Fhash%3D2LPZitix2YHYsSAxID0__IGh0dHBzOi8vdi5hZmxhbS5uZXdzL2VtYmVkLWplbDFqbTVldXZyOS5odG1sCtiz2YrYsdmB2LEgMiA9PiBodHRwczovL2FuYW1vdi5jYy9lbWJlZC02dHE1dnhwcGl2eXYuaHRtbArYs9mK2LHZgdixIDMgPT4gaHR0cHM6Ly92aWRzcGVlZC5jYy9lbWJlZC02YmlmNDJnbWZjNjkuaHRtbA%3D%3D&frm=20&vis=1&psz=0x-1&msz=0x-1&fws=2&ohw=0&ga_vid=1482712116.1678973018&ga_sid=1678973018&ga_hid=1106013644&ga_fc=false

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023030901.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

6ee3ee743e1fcf711173778e054eebd8e2cefeda6f5005dccee2b3cc77b3455d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.halqat.news/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 16 Mar 2023 13:23:38 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 45202
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.halqat.news
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 33 KB
12 KB 1005ms
1005ms XHR
text/plain 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3543975897320736&correlator=495206649834347&eid=31072029%2C31072878%2C31073111%2C44782505%2C21065725&output=ldjh&gdfp_req=1&vrg=2023030901&ptt=17&impl=fif&iu_parts=22692101250%2Capl&enc_prev_ius=%2F0%2F1&prev_iu_szs=1x1&ifi=3&adks=1317952822&didk=3661191487&sfv=1-0-40&ists=1&fas=2&sc=1&cookie_enabled=1&abxe=1&dt=1678973017857&lmt=1678973017&dlt=1678973017306&idt=490&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=-1&ucis=3&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fwww.halqat.news%2Fread331%2F38.php%3Fhash%3D2LPZitix2YHYsSAxID0__IGh0dHBzOi8vdi5hZmxhbS5uZXdzL2VtYmVkLWplbDFqbTVldXZyOS5odG1sCtiz2YrYsdmB2LEgMiA9PiBodHRwczovL2FuYW1vdi5jYy9lbWJlZC02dHE1dnhwcGl2eXYuaHRtbArYs9mK2LHZgdixIDMgPT4gaHR0cHM6Ly92aWRzcGVlZC5jYy9lbWJlZC02YmlmNDJnbWZjNjkuaHRtbA%3D%3D&frm=20&vis=1&psz=0x-1&msz=0x-1&fws=2&ohw=0&ga_vid=1482712116.1678973018&ga_sid=1678973018&ga_hid=1106013644&ga_fc=false

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023030901.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

59d6f595f0d34a25a953468d0ce7b207d5404965820c55cb72aacce1e9859423

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.halqat.news/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 16 Mar 2023 13:23:38 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12212
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.halqat.news
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html Show response
a11d860c95e6036c7ad329cf125f7ca8.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame F6BE 6 KB
3 KB 107ms
29ms Document
text/html 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://a11d860c95e6036c7ad329cf125f7ca8.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023030901.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.halqat.news/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Thu, 16 Mar 2023 13:23:37 GMT
expires: Fri, 15 Mar 2024 13:23:37 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 pubads_impl_page_level_ads_2023030901.js Show response
securepubads.g.doubleclick.net/gpt/ 33 KB
12 KB 22ms
22ms Script
text/javascript 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_page_level_ads_2023030901.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023030901.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d04a9ebcf5396233d88fbd891e94070d6f9909f177c7f936e87a8022898dafff

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.halqat.news/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 09 Mar 2023 18:37:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 585994
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12340
x-xss-protection: 0
last-modified: Thu, 09 Mar 2023 09:39:14 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Fri, 08 Mar 2024 18:37:03 GMT

GET
DATA 200
OK truncated
/ 385 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 82df16c2b9566862302bf45688a07667a9e658325d3fb54e5dcf9482306a39fa

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 240 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: eaa3d12c6890efadb732d28d679f37a9d9f513ac686e7de453e82000612a7536

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H/1.1 200
OK favicon.ico
storage.de.cloud.ovh.net/v1/AUTH_4b1b323ce19643f985895cf772add44b/js/ 15 KB
15 KB 138ms
39ms Image
image/x-icon 141.95.4.196
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://storage.de.cloud.ovh.net/v1/AUTH_4b1b323ce19643f985895cf772add44b/js/favicon.ico
Requested by: Host: www.halqat.news
URL: https://www.halqat.news/read331/38.php?hash=2LPZitix2YHYsSAxID0__IGh0dHBzOi8vdi5hZmxhbS5uZXdzL2VtYmVkLWplbDFqbTVldXZyOS5odG1sCtiz2YrYsdmB2LEgMiA9PiBodHRwczovL2FuYW1vdi5jYy9lbWJlZC02dHE1dnhwcGl2eXYuaHRtbArYs9mK2LHZgdixIDMgPT4gaHR0cHM6Ly92aWRzcGVlZC5jYy9lbWJlZC02YmlmNDJnbWZjNjkuaHRtbA==
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 141.95.4.196 , France, ASN16276 (OVH, FR),
Reverse DNS: ip196.ip-141-95-4.eu
Software: /
Resource Hash: fb20da3761f50927006a6f6303ae6fceec0b3cb5f4c532ba5845bcd5392112d8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.halqat.news/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Date: Thu, 16 Mar 2023 13:23:38 GMT
X-Openstack-Request-Id: tx5d3aaf2dacf44ad09d1b3-0064131859
Last-Modified: Sun, 31 Jan 2021 12:57:34 GMT
Etag: 7bf4f6782dee3b520a65ff84286e3691
Content-Type: image/x-icon
X-Timestamp: 1612097853.12655
Accept-Ranges: bytes
Content-Length: 15086
X-Trans-Id: tx5d3aaf2dacf44ad09d1b3-0064131859

GET
H2 200 large-poster.jpg
content1.avplayer.com/60095c900c0799791c46d8d4/videos/631a0c74c080af4ad20201d2/ 17 KB
17 KB 52ms
25ms Image
image/jpeg 69.16.175.10
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://content1.avplayer.com/60095c900c0799791c46d8d4/videos/631a0c74c080af4ad20201d2/large-poster.jpg
Requested by: Host: www.halqat.news
URL: https://www.halqat.news/read331/38.php?hash=2LPZitix2YHYsSAxID0__IGh0dHBzOi8vdi5hZmxhbS5uZXdzL2VtYmVkLWplbDFqbTVldXZyOS5odG1sCtiz2YrYsdmB2LEgMiA9PiBodHRwczovL2FuYW1vdi5jYy9lbWJlZC02dHE1dnhwcGl2eXYuaHRtbArYs9mK2LHZgdixIDMgPT4gaHR0cHM6Ly92aWRzcGVlZC5jYy9lbWJlZC02YmlmNDJnbWZjNjkuaHRtbA==
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 69.16.175.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS: tlb.hwcdn.net
Software: UploadServer /
Resource Hash: 9f66145fbaf681859fb04fc4cdedf358806d85dd27355199545b97db90d48829

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.halqat.news/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 16 Mar 2023 13:23:37 GMT
x-guploader-uploadid: ADPycdsdg-Rl0f3wBuz8hILgX72sCU2sGg_MisOYWb8_36YLad9K9GVXtfZE4QQX8rzG0Drj5yL5pdwFE5JxiXxnsPlp3s-kSZEO
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
content-length: 16959
last-modified: Thu, 08 Sep 2022 15:38:37 GMT
server: UploadServer
etag: "0ee97d2dcd219d582aee0cecbb70cafd"
x-goog-generation: 1662651517684609
content-type: image/jpeg
access-control-allow-origin: *
x-goog-hash: crc32c=SZ/7Cg==, md5=Dul9Lc0hnVgq7gzsu3DK/Q==
access-control-expose-headers: Content-Type, range
cache-control: public, max-age=2592000
x-hw: 1678973017.dop138.fr8.t,1678973017.cds164.fr8.hn,1678973017.cds324.fr8.c
x-goog-stored-content-length: 16959
accept-ranges: bytes

GET
DATA 200
OK truncated
/ 480 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ee9a49aae5d1fc7602361ae5c6d69fc8eb128d007b4dee67d42ce19bbf2c87e0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 216 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 41c8460c9c718fb0e8c275b7baa9083f5477ec0919bab552ef952ecee74c567b

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 AVmanager.js Show response
player.aniview.com/script/6.1/ Frame B967 451 KB
122 KB 89ms
23ms Script
application/javascript 69.16.175.42
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to

Full URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=60095c900c0799791c46d8d4
Requested by: Host: player.avplayer.com
URL: https://player.avplayer.com/script/2/v/avcplayer.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 69.16.175.42 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS: hwcdn.net
Software: /
Resource Hash: 30570c5435c39dc8f7da31fe7ea8dc3ba7329fed622a7051d3f60c53ef45fd05

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.halqat.news/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 16 Mar 2023 13:23:37 GMT
content-encoding: gzip
last-modified: Tue, 14 Mar 2023 09:06:30 GMT
etag: "1678784790"
x-hw: 1678973017.dop009.fr8.t,1678973017.cds097.fr8.hn,1678973017.cds275.fr8.c
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=600
accept-ranges: bytes
content-length: 124322

GET
H2 200 / Show response
serv.modoro360.com/api/adserver/tag/ 24 KB
5 KB 403ms
148ms XHR
application/json 54.164.120.100
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://serv.modoro360.com/api/adserver/tag/?AV_TAGID=624d76f0c470237a604a78c5&AV_PUBLISHERID=60095c900c0799791c46d8d4&AV_SLOTT=-2&AV_SECURED=1&AV_LANGUAGE=en&AV_URL=https%3A%2F%2Fwww.halqat.news%2Fread331%2F38.php%3Fhash%3D2LPZitix2YHYsSAxID0__IGh0dHBzOi8vdi5hZmxhbS5uZXdzL2VtYmVkLWplbDFqbTVldXZyOS5odG1sCtiz2YrYsdmB2LEgMiA9PiBodHRwczovL2FuYW1vdi5jYy9lbWJlZC02dHE1dnhwcGl2eXYuaHRtbArYs9mK2LHZgdixIDMgPT4gaHR0cHM6Ly92aWRzcGVlZC5jYy9lbWJlZC02YmlmNDJnbWZjNjkuaHRtbA%3D%3D&AV_CHANNELID=621c939b784b445b9a1a7898&tgt=0&AV_SUBID=&AV_CDIM1=&AV_CDIM2=&AV_CDIM3=&AV_ABT=&pce=1&npx=1&AV_DETDOMAIN=www.halqat.news&AV_DADPOS=1&AV_TAG=624d76f0c470237a604a78c5&AV_TEMPLATE=60bceb5ae580aa6950275314&d36=6.2.89&responsive=1&sver=4&avtoken=18086&omv=1.0.1&AV_D65=Floor&clsid=af0c70e9-2497-44a4-9d94-4581b7c930bb&rando=81&AV_WIDTH=600&AV_HEIGHT=338&AV_DNT=0&cb=1678973018089&AV_CGUID=01ftrvrvyj4bm5fq8f05&AV_CGUIDLIST=01ftrvrvyj4bm5fq8f05,01ftrvrvyj4bm5fq8f06,01ftrvrvyj4bm5fq8f04&wfc=1
Requested by: Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=60095c900c0799791c46d8d4
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.164.120.100 , United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-164-120-100.compute-1.amazonaws.com
Software: /
Resource Hash: 38539fcb89fcd309cea7f213248a19a55a26087ae1e60517e4b6d7153b79f9a4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.halqat.news/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 16 Mar 2023 13:23:38 GMT
x-bamboo-c-skst: 1
content-encoding: gzip
x-bamboo-c-skfe: 1
x-bamboo-c-s: BYPASS
access-control-max-age: 1728000
vary: Accept-Encoding
access-control-allow-methods: GET, POST, DELETE, PUT, OPTIONS, INDEX
access-control-allow-origin: https://www.halqat.news
content-type: application/json
cache-control: no-cache
access-control-allow-credentials: true
access-control-allow-headers: Keep-Alive,User-Agent,If-Modified-Since,Cache-Control,Content-Type,Authorization,X-Bamboo-Token,Event-Id,X-Requested-With
expires: Sat, 04 Mar 2023 23:36:58 GMT

GET
H2 200 track
servt.modoro360.com/ 0
70 B 115ms
115ms Image
text/plain 52.200.140.242
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://servt.modoro360.com/track?r=www.halqat.news&sn=&ic=0&tgt=0&app=&wi=600&he=338&test=&d36=6.2.89&apppkg=&fv=1&proto=https&d65=Floor&clsid=af0c70e9-2497-44a4-9d94-4581b7c930bb&rando=81&pid=60095c900c0799791c46d8d4&cid=621c939b784b445b9a1a7898&stagid=624d76f0c470237a604a78c5&stplid=60bceb5ae580aa6950275314&e=inventory&vi=100&cb=1678973018088
Requested by: Host: www.halqat.news
URL: https://www.halqat.news/read331/38.php?hash=2LPZitix2YHYsSAxID0__IGh0dHBzOi8vdi5hZmxhbS5uZXdzL2VtYmVkLWplbDFqbTVldXZyOS5odG1sCtiz2YrYsdmB2LEgMiA9PiBodHRwczovL2FuYW1vdi5jYy9lbWJlZC02dHE1dnhwcGl2eXYuaHRtbArYs9mK2LHZgdixIDMgPT4gaHR0cHM6Ly92aWRzcGVlZC5jYy9lbWJlZC02YmlmNDJnbWZjNjkuaHRtbA==
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.200.140.242 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-200-140-242.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.halqat.news/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 16 Mar 2023 13:23:38 GMT
cache-control: max-age=0, no-cache, no-store
content-length: 0

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 15 KB
11 KB 117ms
67ms XHR
application/json 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2023030901&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023030901.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

bd395fae819f4844eaedeb0e08d622e9ef9a7a87acc3087ed2b7cf7d8c829e23

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.halqat.news/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 16 Mar 2023 13:23:38 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11302
x-xss-protection: 0

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
7 KB 84ms
29ms Script
text/javascript 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023030901.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.halqat.news/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 16 Mar 2023 13:23:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Thu, 16 Mar 2023 13:23:38 GMT

GET
H2 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 0820 13 KB
5 KB 23ms
21ms Document
text/html 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.halqat.news/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 3663
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Thu, 16 Mar 2023 12:22:35 GMT
expires: Fri, 15 Mar 2024 12:22:35 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame D888 783 B
1 KB 91ms
30ms Document
text/html 2a00:1450:4001:806::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

61f1b690dba175604b0278cdaaeb9bebe75d6b57d5523f03f90d1a3da2913475

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-5V3igkRpPo0yIk_u5UzMBQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.halqat.news/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-length: 514
content-security-policy: script-src 'report-sample' 'nonce-5V3igkRpPo0yIk_u5UzMBQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Thu, 16 Mar 2023 13:23:38 GMT
expires: Thu, 16 Mar 2023 13:23:38 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 sArRvrN6I189drjF6Of_TQ6Xi_0Jr1YUSK6Bd2dnyeI.js Show response
pagead2.googlesyndication.com/bg/ Frame 0820 36 KB
14 KB 65ms
21ms Script
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/sArRvrN6I189drjF6Of_TQ6Xi_0Jr1YUSK6Bd2dnyeI.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b00ad1beb37a235f3d76b8c5e8e7ff4d0e978bfd09af561448ae81776767c9e2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Wed, 15 Mar 2023 22:31:10 GMT
content-encoding: br
x-content-type-options: nosniff
age: 53548
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14292
x-xss-protection: 0
last-modified: Mon, 06 Mar 2023 11:38:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 14 Mar 2024 22:31:10 GMT

GET
H2 200 container.html Show response
a11d860c95e6036c7ad329cf125f7ca8.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 8A17 6 KB
3 KB 25ms
24ms Document
text/html 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://a11d860c95e6036c7ad329cf125f7ca8.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023030901.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.halqat.news/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Thu, 16 Mar 2023 13:23:37 GMT
expires: Fri, 15 Mar 2024 13:23:37 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 user_sync.html Show response
ads.pubmatic.com/AdServer/js/ Frame 3E7E 16 KB
6 KB 79ms
21ms Document
text/html 23.35.236.201
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=160993&gdpr=1&gdpr_consent=&predirect=https%3A%2F%2Fservs.modoro360.com%2Fcookiesyncendpoint%3Fpid%3D59c9148628a0612da3689288%26biddername%3D1%26auid%3D1678973018405-943813335787-001192-003-003148%26key%3D
Requested by: Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=60095c900c0799791c46d8d4
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.35.236.201 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-35-236-201.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 72a64af6c85d8ab9bb2b508571c6a70080750c4891634dcbe36cb95737ca0f48

Request headers

Referer: https://www.halqat.news/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
cache-control: max-age=92531
content-encoding: gzip
content-length: 5554
content-type: text/html
date: Thu, 16 Mar 2023 13:23:38 GMT
expires: Fri, 17 Mar 2023 15:05:49 GMT
last-modified: Fri, 16 Dec 2022 06:36:49 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: Apache
vary: Accept-Encoding

GET
H2 204 occ
ups.analytics.yahoo.com/ups/58543/ Frame 766E 0
0 105ms
24ms Document
text/plain 3.71.149.231
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://ups.analytics.yahoo.com/ups/58543/occ?gdpr=1&gdpr_consent=

Requested by

Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=60095c900c0799791c46d8d4

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

3.71.149.231 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-71-149-231.eu-central-1.compute.amazonaws.com

Software

ATS/9.1.10.25 /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://www.halqat.news/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 0
date: Thu, 16 Mar 2023 13:23:38 GMT
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
server: ATS/9.1.10.25
strict-transport-security: max-age=31536000

GET
H2

200

cookiesyncendpoint Show response
servs.modoro360.com/ Frame F035
Redirect Chain

https://ad.360yield.com/server_match?partner_id=1581&r=https%3A%2F%2Fservs.modoro360.com%2Fcookiesyncendpoint%3Fpid%3D59c9148628a0612da3689288%26biddername%3D22%26auid%3D1678973018405-943813335787-...
https://ad.360yield.com/ul_cb/server_match?partner_id=1581&r=https%3A%2F%2Fservs.modoro360.com%2Fcookiesyncendpoint%3Fpid%3D59c9148628a0612da3689288%26biddername%3D22%26auid%3D1678973018405-9438133...
https://servs.modoro360.com/cookiesyncendpoint?pid=59c9148628a0612da3689288&biddername=22&auid=1678973018405-943813335787-001192-003-003148&key=8ef4cfdc-b14c-4751-b882-fc930d8f2d6d

0
241 B

276ms
112ms

Document
text/plain

52.86.99.111
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://servs.modoro360.com/cookiesyncendpoint?pid=59c9148628a0612da3689288&biddername=22&auid=1678973018405-943813335787-001192-003-003148&key=8ef4cfdc-b14c-4751-b882-fc930d8f2d6d
Requested by: Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=60095c900c0799791c46d8d4
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.86.99.111 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-86-99-111.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.halqat.news/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

content-length: 0
date: Thu, 16 Mar 2023 13:23:38 GMT

Redirect headers

access-control-allow-origin: *
content-length: 0
content-type: text/plain
date: Thu, 16 Mar 2023 13:23:38 GMT
location: https://servs.modoro360.com/cookiesyncendpoint?pid=59c9148628a0612da3689288&biddername=22&auid=1678973018405-943813335787-001192-003-003148&key=8ef4cfdc-b14c-4751-b882-fc930d8f2d6d
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"

GET
H2

200

cookiesyncendpoint Show response
servs.modoro360.com/ Frame A40C
Redirect Chain

https://sync.1rx.io/usersync2/rmpssp?sub=aniview&gdpr=1&gdpr_pd=0&gdpr_consent=&redir=https%3A%2F%2Fservs.modoro360.com%2Fcookiesyncendpoint%3Fpid%3D59c9148628a0612da3689288%26biddername%3D200%26au...
https://servs.modoro360.com/cookiesyncendpoint?pid=59c9148628a0612da3689288&biddername=200&auid=1678973018405-943813335787-001192-003-003148&key=OPTOUT

0
202 B

373ms
111ms

Document
text/plain

52.86.99.111
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://servs.modoro360.com/cookiesyncendpoint?pid=59c9148628a0612da3689288&biddername=200&auid=1678973018405-943813335787-001192-003-003148&key=OPTOUT
Requested by: Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=60095c900c0799791c46d8d4
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.86.99.111 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-86-99-111.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.halqat.news/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

content-length: 0
date: Thu, 16 Mar 2023 13:23:38 GMT

Redirect headers

cache-control: no-store, no-cache, must-revalidate
content-type: text/html
date: Thu, 16 Mar 2023 13:23:38 GMT
etag: OPTOUT
expires: 0
location: https://servs.modoro360.com/cookiesyncendpoint?pid=59c9148628a0612da3689288&biddername=200&auid=1678973018405-943813335787-001192-003-003148&key=OPTOUT
pragma: no-cache

GET
H2 204 services
sync.technoratimedia.com/ Frame 500D 0
0 358ms
116ms Document
text/plain 2603:c020:400d:3000:bf17:cd18:9a23:846c
ORACLE-BMC-31898

General

Check archive.org

Show headers Download Go to

Full URL: https://sync.technoratimedia.com/services?srv=cs&pid=70&uid=1678973018405-943813335787-001192-003-003148&cb=https%3A%2F%2Fservs.modoro360.com%2Fcookiesyncendpoint%3Fpid%3D59c9148628a0612da3689288%26biddername%3D3%26auid%3D1678973018405-943813335787-001192-003-003148%26key%3D%5BUSER_ID%5D
Requested by: Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=60095c900c0799791c46d8d4
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2603:c020:400d:3000:bf17:cd18:9a23:846c Ashburn, United States, ASN31898 (ORACLE-BMC-31898, US),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Referer: https://www.halqat.news/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-methods: POST,GET,HEAD,OPTIONS
access-control-allow-origin: https://www.halqat.news/
age: 0
date: Thu, 16 Mar 2023 13:23:38 GMT
server: nginx
via: 1.1 varnish
x-varnish: 234908230

GET
H2

200

cookiesyncendpoint Show response
servs.modoro360.com/ Frame 42AC
Redirect Chain

https://bh.contextweb.com/bh/rtset?pid=562704&ev=1&us_privacy=1---&rurl=https%3A%2F%2Fservs.modoro360.com%2Fcookiesyncendpoint%3Fpid%3D59c9148628a0612da3689288%26biddername%3D10%26auid%3D1678973018...
https://servs.modoro360.com/cookiesyncendpoint?pid=59c9148628a0612da3689288&biddername=10&auid=1678973018405-943813335787-001192-003-003148&key=ajQezX06W0OE&ev=1&us_privacy=1---&pid=562704

0
208 B

135ms
113ms

Document
text/plain

52.86.99.111
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://servs.modoro360.com/cookiesyncendpoint?pid=59c9148628a0612da3689288&biddername=10&auid=1678973018405-943813335787-001192-003-003148&key=ajQezX06W0OE&ev=1&us_privacy=1---&pid=562704
Requested by: Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=60095c900c0799791c46d8d4
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.86.99.111 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-86-99-111.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.halqat.news/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

content-length: 0
date: Thu, 16 Mar 2023 13:23:38 GMT

Redirect headers

accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform-Version
cache-control: private, max-age=0, no-cache, no-store
content-language: de-DE
cw-server: bh-deployment-7bbb45b5f-w72kh
expires: -1
location: https://servs.modoro360.com/cookiesyncendpoint?pid=59c9148628a0612da3689288&biddername=10&auid=1678973018405-943813335787-001192-003-003148&key=ajQezX06W0OE&ev=1&us_privacy=1---&pid=562704
p3p: policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
server: Jetty(9.4.50.v20221201)
strict-transport-security: max-age=15768000

GET
H2

200

cookiesyncendpoint Show response
sync.aniview.com/ Frame E333
Redirect Chain

https://ads.stickyadstv.com/user-matching?id=3655&_fw_gdpr=1&_fw_gdpr_consent=
https://sync.aniview.com/cookiesyncendpoint?biddername=9&key=c3662b2b82681c6b624c48aad232b14&_fw_gdpr=1&_fw_gdpr_consent=

0
231 B

353ms
111ms

Document
text/plain

54.196.150.187
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://sync.aniview.com/cookiesyncendpoint?biddername=9&key=c3662b2b82681c6b624c48aad232b14&_fw_gdpr=1&_fw_gdpr_consent=
Requested by: Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=60095c900c0799791c46d8d4
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.196.150.187 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-196-150-187.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.halqat.news/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

content-length: 0
date: Thu, 16 Mar 2023 13:23:39 GMT

Redirect headers

Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: *
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Length: 0
Date: Thu, 16 Mar 2023 13:23:38 GMT
Expires: Thu, 16 Mar 2023 13:23:38 GMT
Location: https://sync.aniview.com/cookiesyncendpoint?biddername=9&key=c3662b2b82681c6b624c48aad232b14&_fw_gdpr=1&_fw_gdpr_consent=
Pragma: no-cache
Server: nginx
x-sticky-vk: 1678973018748034-585

GET
H/1.1 200
OK auto-user-sync Show response
ads.stickyadstv.com/ Frame FEF0 43 B
623 B 282ms
31ms Document
image/gif 2.16.238.19
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.stickyadstv.com/auto-user-sync?px=1953&_fw_gdpr=1&_fw_gdpr_consent=
Requested by: Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=60095c900c0799791c46d8d4
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2.16.238.19 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-16-238-19.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Referer: https://www.halqat.news/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: *
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Length: 43
Content-Type: image/gif
Date: Thu, 16 Mar 2023 13:23:38 GMT
Expires: Thu, 16 Mar 2023 13:23:38 GMT
Pragma: no-cache
Server: nginx
x-sticky-vk: 1678973018681074-559

GET
H2 200 sync Show response
vid.vidoomy.com/ Frame 01D5 49 KB
18 KB 1051ms
951ms Document
text/html 2a02:6ea0:c700::19
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://vid.vidoomy.com/sync?gdpr=1&gdpr_consent=&us_privacy=1---&redirect=https%3A%2F%2Fservs.modoro360.com%2Fcookiesyncendpoint%3Fpid%3D59c9148628a0612da3689288%26biddername%3D133%26auid%3D1678973018405-943813335787-001192-003-003148%26key%3D%7B%7BVID%7D%7D
Requested by: Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=60095c900c0799791c46d8d4
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::19 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: 7e9e84cfacbfd1f40751fb754c9ac00f8a49435e1829de0933dd02c1687fcc97

Request headers

Referer: https://www.halqat.news/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-origin: *
content-encoding: gzip
content-type: text/html
date: Thu, 16 Mar 2023 13:23:39 GMT
etag: W/"640615ca-c23d"
last-modified: Mon, 06 Mar 2023 16:33:14 GMT
server: CDN77-Turbo
vary: Accept-Encoding
x-77-cache: MISS
x-77-nzt: AcO1qhHbza+h
x-77-nzt-ray: 4c15622495d5cc885a1813640940d124
x-77-pop: frankfurtDE
x-cache: MISS

GET
H/1.1

200
OK

usync.html Show response
eus.rubiconproject.com/ Frame 09E1
Redirect Chain

https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=aniview&endpoint=us-east
https://eus.rubiconproject.com/usync.html?p=aniview&endpoint=us-east

281 B
554 B

102ms
26ms

Document
text/html

104.126.125.209
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.html?p=aniview&endpoint=us-east
Requested by: Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=60095c900c0799791c46d8d4
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.126.125.209 Haarlem, Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-126-125-209.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer: https://www.halqat.news/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Accept-Ranges: bytes
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 233
Content-Type: text/html; charset=UTF-8
Date: Thu, 16 Mar 2023 13:23:38 GMT
ETag: "403b9-119-5ec73a0a33d00"
Last-Modified: Wed, 02 Nov 2022 02:30:44 GMT
Server: Apache/2.2.15 (CentOS)
Vary: Accept-Encoding

Redirect headers

access-control-allow-credentials: true
access-control-allow-origin: *
content-length: 0
date: Thu, 16 Mar 2023 13:23:38 GMT
location: https://eus.rubiconproject.com/usync.html?p=aniview&endpoint=us-east
server: AkamaiGHost

GET /
us_privacyfa9f4b3548d146d8b0584acce84c4fec.gif/ Frame 498C 0
0

GET
H2

200

cookiesyncendpoint Show response
servs.modoro360.com/ Frame 3E13
Redirect Chain

https://csync.loopme.me/?pubid=11455&gdpr=1&gdpr_consent=&redirect=https%3A%2F%2Fservs.modoro360.com%2Fcookiesyncendpoint%3Fpid%3D59c9148628a0612da3689288%26biddername%3D56%26auid%3D1678973018405-9...
https://servs.modoro360.com/cookiesyncendpoint?pid=59c9148628a0612da3689288&biddername=56&auid=1678973018405-943813335787-001192-003-003148&key=e0f1aff4-88c8-4415-869d-210ace899bf2&gdpr_consent=nul...

0
241 B

354ms
112ms

Document
text/plain

52.86.99.111
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://servs.modoro360.com/cookiesyncendpoint?pid=59c9148628a0612da3689288&biddername=56&auid=1678973018405-943813335787-001192-003-003148&key=e0f1aff4-88c8-4415-869d-210ace899bf2&gdpr_consent=null&gdpr=1
Requested by: Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=60095c900c0799791c46d8d4
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.86.99.111 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-86-99-111.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.halqat.news/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

content-length: 0
date: Thu, 16 Mar 2023 13:23:38 GMT

Redirect headers

content-length: 0
date: Thu, 16 Mar 2023 13:23:38 GMT
location: https://servs.modoro360.com/cookiesyncendpoint?pid=59c9148628a0612da3689288&biddername=56&auid=1678973018405-943813335787-001192-003-003148&key=e0f1aff4-88c8-4415-869d-210ace899bf2&gdpr_consent=null&gdpr=1
server: _

GET
H2 204 /
onetag-sys.com/usync/ Frame 9309 0
0 77ms
21ms Document
text/plain 51.89.9.252
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://onetag-sys.com/usync/?pubId=57e618150c70d90&gdpr=1&gdpr_consent=&us_privacy=1---

Requested by

Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=60095c900c0799791c46d8d4

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

51.89.9.252 London, United Kingdom, ASN16276 (OVH, FR),

Reverse DNS

ip252.ip-51-89-9.eu

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Referer: https://www.halqat.news/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: no-store
strict-transport-security: max-age=15552000

GET
H2 200 sync
x.bidswitch.net/ 43 B
146 B 82ms
23ms Image
image/gif 3.65.209.188
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://x.bidswitch.net/sync?ssp=&user_id=1678973018405-943813335787-001192-003-003148&gdpr=1&gdpr_consent=&us_privacy=1---
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.65.209.188 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-65-209-188.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.halqat.news/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 16 Mar 2023 13:23:38 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 43
content-type: image/gif

GET
H2 200 https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1678973018405-943813335787-001192-003-003148%26biddername%3D24%26pid%3D59c9148628a0612da3689288%26key%3D%24%7BBSW_UUID%7D
x.bidswitch.net/check_uuid/ 43 B
145 B 83ms
23ms Image
image/gif 3.65.209.188
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://x.bidswitch.net/check_uuid/https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1678973018405-943813335787-001192-003-003148%26biddername%3D24%26pid%3D59c9148628a0612da3689288%26key%3D%24%7BBSW_UUID%7D?gdpr=1&gdpr_consent=&us_privacy=1---
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.65.209.188 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-65-209-188.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.halqat.news/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 16 Mar 2023 13:23:38 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 43
content-type: image/gif

GET
H2 200 css2
fonts.googleapis.com/ Frame 8A17 4 KB
732 B 32ms
32ms Stylesheet
text/css 2a00:1450:4001:813::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Roboto:wght@400;700&display=swap

Requested by

Host: a11d860c95e6036c7ad329cf125f7ca8.safeframe.googlesyndication.com
URL: https://a11d860c95e6036c7ad329cf125f7ca8.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

c2777526a216d9692dd29697ebee7836fe8ae65f3a290faa20b75b64c0625205

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://a11d860c95e6036c7ad329cf125f7ca8.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Thu, 16 Mar 2023 13:23:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Thu, 16 Mar 2023 12:00:02 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 16 Mar 2023 13:23:38 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame E76C 8 KB
968 B 31ms
31ms Stylesheet
text/css 2a00:1450:4001:813::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

a84fb0803620acdf77c0f41d652eb5538002ed610424bd0be051203ee50cf940

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://a11d860c95e6036c7ad329cf125f7ca8.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Thu, 16 Mar 2023 13:23:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Thu, 16 Mar 2023 11:46:57 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 16 Mar 2023 13:23:38 GMT

GET
H3 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230314/r20110914/client/ Frame E76C 2 KB
765 B 22ms
21ms Script
text/javascript 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230314/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f50e59fa7a264b1674e5f94591375a26e9aea318036b2a629e5ba182df01b54f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://a11d860c95e6036c7ad329cf125f7ca8.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Wed, 15 Mar 2023 18:10:32 GMT
content-encoding: br
x-content-type-options: nosniff
age: 69186
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 738
x-xss-protection: 0
server: cafe
etag: 1394486882873449110
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 29 Mar 2023 18:10:32 GMT

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230314/r20110914/ Frame E76C 22 KB
9 KB 21ms
21ms Script
text/javascript 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230314/r20110914/abg_lite_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

41f2d67bc7d54d1fc7714c567d05bc33b34173e8088bd52d521d3e8f3b506c9e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://a11d860c95e6036c7ad329cf125f7ca8.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Wed, 15 Mar 2023 18:10:32 GMT
content-encoding: br
x-content-type-options: nosniff
age: 69186
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9097
x-xss-protection: 0
server: cafe
etag: 6133207136504656605
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 29 Mar 2023 18:10:32 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230314/r20110914/client/ Frame E76C 3 KB
1 KB 22ms
21ms Script
text/javascript 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230314/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://a11d860c95e6036c7ad329cf125f7ca8.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 16 Mar 2023 12:22:35 GMT
content-encoding: br
x-content-type-options: nosniff
age: 3663
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 30 Mar 2023 12:22:35 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230314/r20110914/client/ Frame E76C 20 KB
8 KB 23ms
21ms Script
text/javascript 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230314/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a9161954861bb1fd7d5044d99f9ce04137b3836979ce8c5c75d224642f57c3f9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://a11d860c95e6036c7ad329cf125f7ca8.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Wed, 15 Mar 2023 18:10:32 GMT
content-encoding: br
x-content-type-options: nosniff
age: 69186
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8559
x-xss-protection: 0
server: cafe
etag: 11326455550778179109
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 29 Mar 2023 18:10:32 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame E76C 158 KB
49 KB 33ms
32ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3456dcd3eb25196e68e2822cca66a20c2f123bedf5986f159be674e4c40a05cb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://a11d860c95e6036c7ad329cf125f7ca8.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 16 Mar 2023 13:23:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 49519
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1678880156327103"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 16 Mar 2023 13:23:38 GMT

GET
H2 200 cbfababd91166e5076a7e33bfb78f317.js Show response
www.gstatic.com/mysidia/ Frame E76C 34 KB
15 KB 76ms
21ms Script
text/javascript 2a00:1450:4001:800::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/cbfababd91166e5076a7e33bfb78f317.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4d9e50379350abb45769a5049fc416a2ad6455c413756833d1e1249b617e6550

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://a11d860c95e6036c7ad329cf125f7ca8.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Tue, 14 Mar 2023 01:51:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 214309
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14337
x-xss-protection: 0
last-modified: Wed, 08 Mar 2023 21:42:43 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Mon, 12 Jun 2023 01:51:49 GMT

GET
H3 200 interstitial_ad_frame_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230314/r20110914/elements/html/ Frame 8A17 20 KB
8 KB 23ms
23ms Script
text/javascript 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230314/r20110914/elements/html/interstitial_ad_frame_fy2021.js

Requested by

Host: a11d860c95e6036c7ad329cf125f7ca8.safeframe.googlesyndication.com
URL: https://a11d860c95e6036c7ad329cf125f7ca8.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

317f149045d69a8bf445de8bbd3ff61b2cc95da746998e97f4381dfe3326c7f7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://a11d860c95e6036c7ad329cf125f7ca8.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Wed, 15 Mar 2023 18:13:44 GMT
content-encoding: br
x-content-type-options: nosniff
age: 68994
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8549
x-xss-protection: 0
server: cafe
etag: 16448057571289220057
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 29 Mar 2023 18:13:44 GMT

GET
H2 200 feedback_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame 8A17 205 B
518 B 76ms
26ms Image
image/png 2a00:1450:4001:800::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/icons/material/system/2x/feedback_grey600_24dp.png

Requested by

Host: a11d860c95e6036c7ad329cf125f7ca8.safeframe.googlesyndication.com
URL: https://a11d860c95e6036c7ad329cf125f7ca8.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://a11d860c95e6036c7ad329cf125f7ca8.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 16 Mar 2023 13:03:22 GMT
x-content-type-options: nosniff
age: 1216
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 205
x-xss-protection: 0
last-modified: Tue, 22 Oct 2019 18:15:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Fri, 15 Mar 2024 13:03:22 GMT

GET
H2 200 settings_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame 8A17 604 B
694 B 77ms
27ms Image
image/png 2a00:1450:4001:800::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/icons/material/system/2x/settings_grey600_24dp.png

Requested by

Host: a11d860c95e6036c7ad329cf125f7ca8.safeframe.googlesyndication.com
URL: https://a11d860c95e6036c7ad329cf125f7ca8.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://a11d860c95e6036c7ad329cf125f7ca8.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 16 Mar 2023 12:41:27 GMT
x-content-type-options: nosniff
age: 2531
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 604
x-xss-protection: 0
last-modified: Tue, 22 Oct 2019 18:15:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Fri, 15 Mar 2024 12:41:27 GMT

GET
H2 200 PugMaster Show response
image6.pubmatic.com/AdServer/ Frame 3E7E 0
42 B 114ms
27ms Script
text/plain 198.47.127.19
GTT-BACKBONE GTT

General

Check archive.org

Show headers Download Go to

Full URL: https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=24631758&p=160993&s=0&a=0&ptask=ALL&np=0&fp=0&rp=0&mpc=0&spug=1&coppa=0&gdpr=1&gdpr_consent=&us_privacy=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=160993&gdpr=1&gdpr_consent=&predirect=https%3A%2F%2Fservs.modoro360.com%2Fcookiesyncendpoint%3Fpid%3D59c9148628a0612da3689288%26biddername%3D1%26auid%3D1678973018405-943813335787-001192-003-003148%26key%3D
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 198.47.127.19 , United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 16 Mar 2023 13:23:38 GMT
content-length: 0

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame D888 0
0 56ms
56ms Image
text/html 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_2023030901&jk=3543975897320736&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

GET
H3 200 container.html Show response
a11d860c95e6036c7ad329cf125f7ca8.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame D299 6 KB
3 KB 22ms
21ms Document
text/html 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://a11d860c95e6036c7ad329cf125f7ca8.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023030901.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.halqat.news/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Thu, 16 Mar 2023 13:23:37 GMT
expires: Fri, 15 Mar 2024 13:23:37 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame FB25 143 B
383 B 73ms
21ms Document
text/html 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Host: a11d860c95e6036c7ad329cf125f7ca8.safeframe.googlesyndication.com
URL: https://a11d860c95e6036c7ad329cf125f7ca8.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://a11d860c95e6036c7ad329cf125f7ca8.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 1616
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 16 Mar 2023 12:56:42 GMT
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H/1.1 200
OK usync.js Show response
eus.rubiconproject.com/ Frame 09E1 33 KB
10 KB 31ms
31ms Script
text/html 104.126.125.209
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.js
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=aniview&endpoint=us-east
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.126.125.209 Haarlem, Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-126-125-209.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash: c563ed27eb4d764c0fc7f7b74c5042ba1e6b1f4bfa9f4ffdbfb19a4b993af84b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/usync.html?p=aniview&endpoint=us-east
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Date: Thu, 16 Mar 2023 13:23:38 GMT
Content-Encoding: gzip
Last-Modified: Thu, 16 Mar 2023 02:42:22 GMT
Server: Apache/2.2.15 (CentOS)
X-Powered-By: PHP/5.3.3
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8
p3p: CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control: max-age=47932
Connection: keep-alive
Content-Length: 9996
Expires: Fri, 17 Mar 2023 02:42:30 GMT

GET
H2 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame C784 624 B
671 B 65ms
61ms Document
text/html 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CMXlgQEQsv3gjgMYxO_X4AEwAQ&v=APEucNUt0UZLzW-sQZCjI_Ss3ZrLZaXtqCBc_EmKoGgl_6MiSdBixdyHR_Gi5Bm4GdXTTy5zWtPeLdqg--UQz4TWxBVDEgleRdzdSzGul2uP76jJ2B_fyGRdi6VOSz76_7C078WsH6B428n0r2mCz0cp1MCze9eEG9T7tE8ZJn80lu2kyCpoWkY

Requested by

Host: a11d860c95e6036c7ad329cf125f7ca8.safeframe.googlesyndication.com
URL: https://a11d860c95e6036c7ad329cf125f7ca8.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://a11d860c95e6036c7ad329cf125f7ca8.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 222
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 16 Mar 2023 13:23:38 GMT
expires: Thu, 16 Mar 2023 13:23:38 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 dv3.js Show response
pagead2.googlesyndication.com/pagead/js/ Frame D299 78 KB
27 KB 174ms
173ms Script
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/dv3.js

Requested by

Host: a11d860c95e6036c7ad329cf125f7ca8.safeframe.googlesyndication.com
URL: https://a11d860c95e6036c7ad329cf125f7ca8.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

16b432ac8f43a6b2d8aa358f41ee60e2ef5923b2645bf2c37f3a06f8334b1557

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://a11d860c95e6036c7ad329cf125f7ca8.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 16 Mar 2023 13:23:38 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 27790
x-xss-protection: 0
server: cafe
etag: 3677590245327912432
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=600
timing-allow-origin: *
expires: Thu, 16 Mar 2023 13:23:38 GMT

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame D299 42 B
63 B 55ms
53ms Image
image/gif 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-C3LUOzPl1JnuCdAdJRxXz6VbdpMND-N4uRxg9J2wFZvE6cy1RCLC_nTF79yjNZI4TQRGGdUylNcIEhc4E3XykbCDudUsEHnzCJxro5q2NRswhtYL8

Requested by

Host: a11d860c95e6036c7ad329cf125f7ca8.safeframe.googlesyndication.com
URL: https://a11d860c95e6036c7ad329cf125f7ca8.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://a11d860c95e6036c7ad329cf125f7ca8.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 16 Mar 2023 13:23:38 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame D299 0
20 B 55ms
54ms Image
image/gif 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=fetch&cor=4398985395793032155&x=1&ct=76

Requested by

Host: a11d860c95e6036c7ad329cf125f7ca8.safeframe.googlesyndication.com
URL: https://a11d860c95e6036c7ad329cf125f7ca8.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://a11d860c95e6036c7ad329cf125f7ca8.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 16 Mar 2023 13:23:38 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230314/r20110914/client/ Frame D299 3 KB
1 KB 22ms
21ms Script
text/javascript 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230314/r20110914/client/window_focus_fy2021.js

Requested by

Host: a11d860c95e6036c7ad329cf125f7ca8.safeframe.googlesyndication.com
URL: https://a11d860c95e6036c7ad329cf125f7ca8.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://a11d860c95e6036c7ad329cf125f7ca8.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 16 Mar 2023 12:22:35 GMT
content-encoding: br
x-content-type-options: nosniff
age: 3663
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 30 Mar 2023 12:22:35 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230314/r20110914/client/ Frame D299 20 KB
8 KB 23ms
22ms Script
text/javascript 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230314/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: a11d860c95e6036c7ad329cf125f7ca8.safeframe.googlesyndication.com
URL: https://a11d860c95e6036c7ad329cf125f7ca8.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a9161954861bb1fd7d5044d99f9ce04137b3836979ce8c5c75d224642f57c3f9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://a11d860c95e6036c7ad329cf125f7ca8.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Wed, 15 Mar 2023 18:10:32 GMT
content-encoding: br
x-content-type-options: nosniff
age: 69186
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8559
x-xss-protection: 0
server: cafe
etag: 11326455550778179109
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 29 Mar 2023 18:10:32 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame D299 158 KB
48 KB 34ms
33ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: a11d860c95e6036c7ad329cf125f7ca8.safeframe.googlesyndication.com
URL: https://a11d860c95e6036c7ad329cf125f7ca8.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3456dcd3eb25196e68e2822cca66a20c2f123bedf5986f159be674e4c40a05cb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://a11d860c95e6036c7ad329cf125f7ca8.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 16 Mar 2023 13:23:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 49519
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1678880156327103"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 16 Mar 2023 13:23:38 GMT

GET
H/1.1 200
OK khaos.jpg
token.rubiconproject.com/ Frame 09E1 284 B
536 B 135ms
22ms Image
image/jpg 69.173.144.165
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://token.rubiconproject.com/khaos.jpg?
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=aniview&endpoint=us-east
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: 492abbc30ace41332a8f68b7f34f56333a037aebac34e0bc9b9cedb0d1c3b032

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Content-Type: image/jpg
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 284
X-RPHost: 3bafef7aa4e37890defcd73f0a080481
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 0820 0
10 B 21ms
21ms Image
text/plain 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?EmKyqA
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 16 Mar 2023 13:23:38 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H2

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame FB25
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
147 B

39ms
38ms

Document
text/html

2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Host: a11d860c95e6036c7ad329cf125f7ca8.safeframe.googlesyndication.com
URL: https://a11d860c95e6036c7ad329cf125f7ca8.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 16 Mar 2023 13:23:38 GMT
expires: Thu, 16 Mar 2023 13:23:38 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 16 Mar 2023 13:23:38 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 sArRvrN6I189drjF6Of_TQ6Xi_0Jr1YUSK6Bd2dnyeI.js Show response
pagead2.googlesyndication.com/bg/ Frame 97C3 36 KB
14 KB 21ms
20ms Script
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/sArRvrN6I189drjF6Of_TQ6Xi_0Jr1YUSK6Bd2dnyeI.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b00ad1beb37a235f3d76b8c5e8e7ff4d0e978bfd09af561448ae81776767c9e2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://a11d860c95e6036c7ad329cf125f7ca8.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Wed, 15 Mar 2023 22:31:10 GMT
content-encoding: br
x-content-type-options: nosniff
age: 53548
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14292
x-xss-protection: 0
last-modified: Mon, 06 Mar 2023 11:38:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 14 Mar 2024 22:31:10 GMT

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame C784
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEKKNtWhz4np9m_hM6CxzqKM&google_cver=1

43 B
766 B

23ms
22ms

Image
image/gif

185.80.39.216
CASALE-MEDIA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEKKNtWhz4np9m_hM6CxzqKM&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CMXlgQEQsv3gjgMYxO_X4AEwAQ&v=APEucNUt0UZLzW-sQZCjI_Ss3ZrLZaXtqCBc_EmKoGgl_6MiSdBixdyHR_Gi5Bm4GdXTTy5zWtPeLdqg--UQz4TWxBVDEgleRdzdSzGul2uP76jJ2B_fyGRdi6VOSz76_7C078WsH6B428n0r2mCz0cp1MCze9eEG9T7tE8ZJn80lu2kyCpoWkY
Protocol: HTTP/1.1
Server: 185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 16 Mar 2023 13:23:39 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: image/gif
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=499
Content-Length: 43
Expires: 0

Redirect headers

pragma: no-cache
date: Thu, 16 Mar 2023 13:23:38 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEKKNtWhz4np9m_hM6CxzqKM&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame C784
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZBMYWvhIv1irSdUdlF7FTAAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEKKNtWhz4np9m_hM6CxzqKM&google_cver=1

43 B
766 B

22ms
22ms

Image
image/gif

185.80.39.216
CASALE-MEDIA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEKKNtWhz4np9m_hM6CxzqKM&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CMXlgQEQsv3gjgMYxO_X4AEwAQ&v=APEucNUt0UZLzW-sQZCjI_Ss3ZrLZaXtqCBc_EmKoGgl_6MiSdBixdyHR_Gi5Bm4GdXTTy5zWtPeLdqg--UQz4TWxBVDEgleRdzdSzGul2uP76jJ2B_fyGRdi6VOSz76_7C078WsH6B428n0r2mCz0cp1MCze9eEG9T7tE8ZJn80lu2kyCpoWkY
Protocol: HTTP/1.1
Server: 185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 16 Mar 2023 13:23:39 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: image/gif
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=497
Content-Length: 43
Expires: 0

Redirect headers

pragma: no-cache
date: Thu, 16 Mar 2023 13:23:39 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEKKNtWhz4np9m_hM6CxzqKM&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

setuid
ib.adnxs.com/ Frame C784
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
https://ib.adnxs.com/setuid?entity=101&code=CAESEDhttl7q-RgEDcDwn4cgi0Q&google_cver=1

43 B
1 KB

43ms
30ms

Image
image/gif

185.89.211.132
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/setuid?entity=101&code=CAESEDhttl7q-RgEDcDwn4cgi0Q&google_cver=1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CMXlgQEQsv3gjgMYxO_X4AEwAQ&v=APEucNUt0UZLzW-sQZCjI_Ss3ZrLZaXtqCBc_EmKoGgl_6MiSdBixdyHR_Gi5Bm4GdXTTy5zWtPeLdqg--UQz4TWxBVDEgleRdzdSzGul2uP76jJ2B_fyGRdi6VOSz76_7C078WsH6B428n0r2mCz0cp1MCze9eEG9T7tE8ZJn80lu2kyCpoWkY

Protocol

HTTP/1.1

Server

185.89.211.132 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

961.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 16 Mar 2023 13:23:39 GMT
AN-X-Request-Uuid: 89bb0872-c411-4037-85a7-b9cb4f899b73
Server: nginx/1.21.3
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type: image/gif
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
X-Proxy-Origin: 217.114.218.28; 217.114.218.28; 961.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length: 43
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Thu, 16 Mar 2023 13:23:38 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://ib.adnxs.com/setuid?entity=101&code=CAESEDhttl7q-RgEDcDwn4cgi0Q&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 290
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame C784
Redirect Chain

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NjQxMDIxOTUzMjM4NDM2OTI2Nw%3D%3D

170 B
188 B

32ms
31ms

Image
image/png

142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NjQxMDIxOTUzMjM4NDM2OTI2Nw%3D%3D

Requested by

Protocol

Server

142.250.185.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 16 Mar 2023 13:23:39 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date: Thu, 16 Mar 2023 13:23:39 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection: keep-alive
X-Proxy-Origin: 217.114.218.28; 217.114.218.28; 961.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Pragma: no-cache
AN-X-Request-Uuid: 0beaeeb3-3bd9-4eca-9db8-6b94f2017c4b
Server: nginx/1.21.3
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type: text/html; charset=utf-8
Access-Control-Allow-Origin: *
Location: https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NjQxMDIxOTUzMjM4NDM2OTI2Nw%3D%3D
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3 200 container.html Show response
a11d860c95e6036c7ad329cf125f7ca8.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 4517 6 KB
3 KB 21ms
20ms Document
text/html 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://a11d860c95e6036c7ad329cf125f7ca8.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023030901.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.halqat.news/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Thu, 16 Mar 2023 13:23:37 GMT
expires: Fri, 15 Mar 2024 13:23:37 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame E64C 624 B
245 B 67ms
61ms Document
text/html 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=COD5IRDDhCYYwbKQ0AEwAQ&v=APEucNX8jxS-lyRy5e1iyM92jFm4TAp8pPHpDv2ooPvFGS3CRe-qZXTseFUqbmP7JLuZz0KFRo9fBBN8yzw-WREpBOrh-an0jMEPLb-ycULk8QhKbxtoX0NsKSCQyjDV2apluGp-qYktSiR1Kl__LXhKLrkeNDsH0Pj4bAJtjfLtHq969mNw5_M

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://a11d860c95e6036c7ad329cf125f7ca8.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 222
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 16 Mar 2023 13:23:39 GMT
expires: Thu, 16 Mar 2023 13:23:39 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 dv3.js Show response
pagead2.googlesyndication.com/pagead/js/ Frame CA71 78 KB
27 KB 98ms
96ms Script
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/dv3.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

16b432ac8f43a6b2d8aa358f41ee60e2ef5923b2645bf2c37f3a06f8334b1557

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://a11d860c95e6036c7ad329cf125f7ca8.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 16 Mar 2023 13:23:39 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 27790
x-xss-protection: 0
server: cafe
etag: 3677590245327912432
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=600
timing-allow-origin: *
expires: Thu, 16 Mar 2023 13:23:39 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230314/r20110914/client/ Frame CA71 3 KB
1 KB 24ms
21ms Script
text/javascript 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230314/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://a11d860c95e6036c7ad329cf125f7ca8.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 16 Mar 2023 12:22:35 GMT
content-encoding: br
x-content-type-options: nosniff
age: 3663
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 30 Mar 2023 12:22:35 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230314/r20110914/client/ Frame CA71 20 KB
8 KB 26ms
23ms Script
text/javascript 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230314/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a9161954861bb1fd7d5044d99f9ce04137b3836979ce8c5c75d224642f57c3f9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://a11d860c95e6036c7ad329cf125f7ca8.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Wed, 15 Mar 2023 18:10:32 GMT
content-encoding: br
x-content-type-options: nosniff
age: 69186
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8559
x-xss-protection: 0
server: cafe
etag: 11326455550778179109
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 29 Mar 2023 18:10:32 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame CA71 158 KB
48 KB 36ms
35ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3456dcd3eb25196e68e2822cca66a20c2f123bedf5986f159be674e4c40a05cb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://a11d860c95e6036c7ad329cf125f7ca8.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 16 Mar 2023 13:23:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 49519
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1678880156327103"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 16 Mar 2023 13:23:39 GMT

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame CA71 42 B
63 B 55ms
53ms Image
image/gif 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-DAnSigcG7FhO91s8QG6UQTaSus6qgTWegfyLhCadblGIUIr3MfuAUDhKnTEOWHyHtSbFqnW_qxa2u23kYlhFk_ZPDy_ku-WdXdQzrtW6-q-GcvUPs

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://a11d860c95e6036c7ad329cf125f7ca8.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 16 Mar 2023 13:23:39 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame CA71 0
20 B 56ms
54ms Image
image/gif 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=fetch&cor=4151790939205341170&x=1&ct=76

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://a11d860c95e6036c7ad329cf125f7ca8.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 16 Mar 2023 13:23:39 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame D299 0
20 B 54ms
53ms Ping
image/gif 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=9478367381824&version=m202301230201

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://a11d860c95e6036c7ad329cf125f7ca8.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 16 Mar 2023 13:23:39 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame D299 0
20 B 55ms
55ms Ping
image/gif 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=9478367381824&version=m202301230201&ct=76&x=1&cor=4398985395793032000

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://a11d860c95e6036c7ad329cf125f7ca8.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 16 Mar 2023 13:23:39 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame D299 71 KB
34 KB 58ms
58ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-AzyRwSfeKavYIyC8uPiA31qPhSS8E24T7VOtaUHdJBcm852MA5gAUTq_yhJrImPhgEigrDjse7i0Ywos24vBABReX0vw&cry=1&dbm_d=AKAmf-AgDE_Zi6wjeMIpkvwWYKiBAQ6bzSl-YqvUMS-7PlrsUmHWKvBePLM8LA4hDyJBh_N_iazhpvBZwX6DbUO1ZD8opibqH7GaSpLJMx93CbVpYr34UjgABeGvGb4UVdgmK1BlXCIV4veATaFddCpnMPtPj9AAg974LUJ-VU9eNXPHRyV4gSC2wwKxUjyr7hlPst1-eeEf-lp3f6NzkDlp4fHRCLXIfIorDxsxHTCrFHHrzOMHQinFxQa--ShK7skLBeWHUF6Y-0SDzWey0Gda2jBgOA55Re9yq_D696i3llTlSzQ7jS4DnrVniK3KtaR3gmYnoaZzfGpVI9jbf3s_Ocrj0S9yOrFymYcYu36MB0r_Kb-L0Zjs7QoYZm5jDgFQ0Qj8ulO5r5YkY0KAzyRtFl5Jjh_xfmmMYODyCW-X8F6fWbdp2dU_VG3AdeHKOXiFz3IuzhCB7QIgpbqFWYSMvADNYZhIJPwMu_n2BvYJNI78pIrR2JPEFHcgkBugBJqfDW_Nb1lMuG1tAGNx05lYTrjgPAPKzcbdX_RTbs0_SjY94IPp13tKt7VKY_Cw3PRNCvmOqcHR6YQ5reMZ5FGdi2AwdKbGd50cLUjfpA0BgNskHoHP8x7nT-BUcYUc1gjZMN0Ly6OpqSkkxazTrv570qrhy-qDFbeN99IY4coMusKvlWzeFdFErxA6dHMP69nEb2vFKWEjP7L_aLuVLjXaJVfqblSjeSCmu2uQ2gkUEXb1qQPnaC2y0jPeYtsD2eMpXEmaWDssekPn0lfgCFiO-71SWG8u60iikRiab4rD10fwG_W954eu35hd3NEEe9KPZKbz9MpXccL1nPEIx0yspa2O4JIiuox5OMsSftA0h9dZBMOjq79f4cARZpqLMBNnpEEryBNcr_6Mv6dIGsAp0wCazVuAxirjCfyclbL-X6ItU4BFR2-kPh1rRNFUrTZb_QUsslUUBEuITxZzzHItOtZ6jNDTeZgu2j-NJPg8OdY7whGDrAsvRHQadaZDYj-islMZynq0s5jGpAQgAV1FVeyJ0cAhRUaioWkhPAy_Iy3NkZ5-MZAyIZfZXTrk_wwmsD0_ssCfLg9GmSu2YyBgwTgnKV7WCRMgUa8O_5WNb_jjFT78Bzg_Yp6VrBf-fcuXZ2sOlHrzPqH43kyLMLiSLWZ2qrl9O_C959YJP6wKJw8Sp03ksgNEeWJo0JQzJZF5hIabiANGq1hrMZ2Sw41guAnNyt9fUmZ-I2Nsou55yz-mfPIc4-oMM0CoSCUo20E_4eSnwKdnpFBgYjcYVvBG9zlBV5PNtS2OBCpAd69v5bEKbOKA3Jtr3zV8FAnahRtrjYB4ni7oiNcL7PKjbdausmGvROn31KE5-Zh7yEAUKdaW7Kul7VK9dYXnOPmjFb0Vj7u9YTCZEozZKKhtUZ4B9gOmWyGKRilUxDKKC9cGrrmPacHh4gkSZgWTUYOaK0UaKAHATnfDB6dZ08urNxsFKdKCu7Xd8u2yllA4ZDhYhip2Rpc36PcaLQ_zJqwocK7WCGuzlkmqGub_r1CPyMrVOM3biGELvUUmEH4Qn5sUSFxvRQeK2kBja9JmxnRgYDnQ_lj_xiG9TCksIqbHWCnhgF1l4EvuCtwFJzbansT5TiqVZ1MBRof1azdjiwqhPJM9jxnzHfMRWVqaLN8T5wMaXRM-LwzGZXh7V_L5EIcO2AbOgJDHmYSksj-8cJFf95Mz9LAPiadsLX_jmri9J4EjLuw2ZNTfeojHpwv6HeLMyA2XUg44cyCfFpbtERUdYhxa5wUo55R2q-3hpOj_KYkPXO9hgvSfp-YX9oFi0f6BB_uke2QfSWT7Ih_IeVRw9OEf94uAES0CI00tjVO3PnBT32yVFUBIHj4Uwc86VO55Ai8-rL5wn-rIg5v-iE7XA8KMwRakWh1oOKKF_NUy3qP4nr94k0YwVBhVJrgc-Me4-e7_TKwbO40WfbiVa5BqrrxVcFPJVv8fRNolmW6PZaWWgHwZeEBww975xS2KkpifGIgdNhRaq3rvXAB_xFahIWbMZxP7Bu62mMl_fvUui9WxrJ-tIX97-vbztP7ey3Qj1Q06MQ1_GM0BxSKJfQ0qeurDuhwV4VPR_DZbJvmE2bkk5Ko4hc2YWx_xCH6P6LDxLF5RouVACe9UpZ9xzTjoUs2a6vq6Ip_tYxPpVxtsr4Mnz1SR76XwBTZ0Jj_d77Z0ja-N5G3lmaFSrc0ij4IwiOxF8NBvf97BnBr7fgEE63AHXtlt-b6fCsduSjK2jRnCVHsxgZn8qXOT4kE2HFFhLf9y72VpZORpH1aWrBs8anovZp4OMGqSmLXQ5_G9PYpJXfUxdiekWVAH01HG5HB-5F4PElfeXotkQzuUilVrnTzYPe1mVdiovffXtq1RIRc71c-YUIutgoky7sgieveJLHv18S7RKE_KwvuAZstK_JlnCMfp4oJiRiN5L4f_DkvidNCJGhqy3U5uNqY1ZpriXAFzsUT_jfkwTzQLqK0x6b1gytCEfiDFhZBNmhS-TDdyP8SxubINX6wSzrqUs3UWKeTcWuTW3KOG80pKuuAX5W6jhCZS-n0-CGhEKMiDOfN7gWyqvZRZ-YkIAS3SEDCxYeozgluNfycM4H3bgq4XPqTVCzNlH5-w3Q3LdRXuyAdZZfTanDLZz3rt-4o6P6RDRxmYIbvT8ecyknqs01r1J5VpMsdjxwblD-v2HmaLPZ-oNE_o3FTmnBkEeC9RS4IZ7S7Bgh3MBn_5kdiaktnRRg_r2L27NRcvoRx-OWLVaZhVcKg2TVy1fio3QaVpWImwvns-JhZAhSPEQRoSoQV79hMApjBUWu4r-eGFx6uIjOOF1FxYQ7HghvcAF8mzcyNWp9SczJtBk5ki-ypQc3U6K7TgayK7-xhPPtOlovz6Fpl31IZ7Pnd0v1BvujzreSTvxuIxNOW_tM9KYkCgXwVVYexqwrt2MsscL7Wp2WRuNKDeH_g3bbsjOP3yqDMvdbjsugv2Oxg2YxKTfwBkVH1oT19crsQG-fKMgfzBQvtNf-OOrNzw-Th21BJ7qniVuUjyJ4IbhlkqtITDC_VytpjYe-IEmOucMQ0MGjV8s7tIHwC9rbNlSAuVIhbGvGi2ZMjbQc8nupKXDBENUFUBCiO6d3JSxcbXc2tnsutn5cvVzus_lKukp_JR0ENck_XcfdMPesBtZ8MMPYga808u5ZEQ-6uBAbXUeacd6idkSjyScm7Vbhoj5CGIQPgqKEU5g8kqUUE6b02rp_HDWe2w2ntcEfJHyXbe0IhvUjqWEVusYq8GXc-4kM8NbwmOHSsXYWBuc-WRn25e9lVG8-xS4DnOQjXqabg1WQLrSmMW74IPLKZakt2lafISraQybkG-jBtPsjvQWwQhqXDRdIu1UOGCpJ5oN3RAEtKbIMlDu1YHblk8Fxfct3IiVO3pru1VI8Eg-6pyHeVjMDG4UegaUVI-13a68JdeZirgusfsmMSYtbneM5TClfRlAu0tupW2AoUC3_bAGYgETh1Pigi5mJedae-1Y7TBBnWKqROzuox1Gw9bplk5_jIelcKASNjniXjeV7wJovo-HCSK6EDJ1S_8o31HLHHR_KUHDA&cid=CAQSSwDUE5ym_niQLntdJbHIcjcKpFmagZ8Esea_p0YrX9qq0w5FEG8WB6lolIReilr3kOoFCa2qoXlzmx91RQt9vt7uhMiWc9kIwjMBKxgB&dv3_ver=m202301230201&rfl=https%3A%2F%2Fwww.halqat.news%2F&ds=l&xdt=1&iif=1&cor=4398985395793032000&adk=943508955&idt=183&cac=0&dtd=16

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8d4e15799ddd4956096d869393ae6e2b729dda804f2b8450fcb56de72b3f8ab5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://a11d860c95e6036c7ad329cf125f7ca8.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 16 Mar 2023 13:23:39 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 34661
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame E64C
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEKKNtWhz4np9m_hM6CxzqKM&google_cver=1

43 B
632 B

23ms
23ms

Image
image/gif

185.80.39.216
CASALE-MEDIA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEKKNtWhz4np9m_hM6CxzqKM&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=COD5IRDDhCYYwbKQ0AEwAQ&v=APEucNX8jxS-lyRy5e1iyM92jFm4TAp8pPHpDv2ooPvFGS3CRe-qZXTseFUqbmP7JLuZz0KFRo9fBBN8yzw-WREpBOrh-an0jMEPLb-ycULk8QhKbxtoX0NsKSCQyjDV2apluGp-qYktSiR1Kl__LXhKLrkeNDsH0Pj4bAJtjfLtHq969mNw5_M
Protocol: HTTP/1.1
Server: 185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 16 Mar 2023 13:23:39 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: image/gif
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=499
Content-Length: 43
Expires: 0

Redirect headers

pragma: no-cache
date: Thu, 16 Mar 2023 13:23:39 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEKKNtWhz4np9m_hM6CxzqKM&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame E64C
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZBMYWvhIv1irSdUdlF7FTAAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEKKNtWhz4np9m_hM6CxzqKM&google_cver=1

43 B
766 B

23ms
22ms

Image
image/gif

185.80.39.216
CASALE-MEDIA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEKKNtWhz4np9m_hM6CxzqKM&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=COD5IRDDhCYYwbKQ0AEwAQ&v=APEucNX8jxS-lyRy5e1iyM92jFm4TAp8pPHpDv2ooPvFGS3CRe-qZXTseFUqbmP7JLuZz0KFRo9fBBN8yzw-WREpBOrh-an0jMEPLb-ycULk8QhKbxtoX0NsKSCQyjDV2apluGp-qYktSiR1Kl__LXhKLrkeNDsH0Pj4bAJtjfLtHq969mNw5_M
Protocol: HTTP/1.1
Server: 185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 16 Mar 2023 13:23:39 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: image/gif
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=496
Content-Length: 43
Expires: 0

Redirect headers

pragma: no-cache
date: Thu, 16 Mar 2023 13:23:39 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEKKNtWhz4np9m_hM6CxzqKM&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

setuid
ib.adnxs.com/ Frame E64C
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
https://ib.adnxs.com/setuid?entity=101&code=CAESEDhttl7q-RgEDcDwn4cgi0Q&google_cver=1

43 B
1 KB

31ms
30ms

Image
image/gif

185.89.211.132
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/setuid?entity=101&code=CAESEDhttl7q-RgEDcDwn4cgi0Q&google_cver=1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=COD5IRDDhCYYwbKQ0AEwAQ&v=APEucNX8jxS-lyRy5e1iyM92jFm4TAp8pPHpDv2ooPvFGS3CRe-qZXTseFUqbmP7JLuZz0KFRo9fBBN8yzw-WREpBOrh-an0jMEPLb-ycULk8QhKbxtoX0NsKSCQyjDV2apluGp-qYktSiR1Kl__LXhKLrkeNDsH0Pj4bAJtjfLtHq969mNw5_M

Protocol

HTTP/1.1

Server

185.89.211.132 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

961.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 16 Mar 2023 13:23:39 GMT
AN-X-Request-Uuid: c80afe86-9fca-4150-b660-4297ca277518
Server: nginx/1.21.3
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type: image/gif
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
X-Proxy-Origin: 217.114.218.28; 217.114.218.28; 961.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length: 43
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Thu, 16 Mar 2023 13:23:39 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://ib.adnxs.com/setuid?entity=101&code=CAESEDhttl7q-RgEDcDwn4cgi0Q&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 290
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame E64C
Redirect Chain

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NjQxMDIxOTUzMjM4NDM2OTI2Nw%3D%3D

170 B
188 B

34ms
33ms

Image
image/png

142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NjQxMDIxOTUzMjM4NDM2OTI2Nw%3D%3D

Requested by

Protocol

Server

142.250.185.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 16 Mar 2023 13:23:39 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date: Thu, 16 Mar 2023 13:23:39 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection: keep-alive
X-Proxy-Origin: 217.114.218.28; 217.114.218.28; 961.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Pragma: no-cache
AN-X-Request-Uuid: e9575758-d1d8-4764-8cf6-c58cb04eaff7
Server: nginx/1.21.3
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type: text/html; charset=utf-8
Access-Control-Allow-Origin: *
Location: https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NjQxMDIxOTUzMjM4NDM2OTI2Nw%3D%3D
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3 200 abg_lite.js Show response
pagead2.googlesyndication.com/pagead/js/r20230314/r20110914/ Frame D299 28 KB
11 KB 20ms
19ms Script
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20230314/r20110914/abg_lite.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-AzyRwSfeKavYIyC8uPiA31qPhSS8E24T7VOtaUHdJBcm852MA5gAUTq_yhJrImPhgEigrDjse7i0Ywos24vBABReX0vw&cry=1&dbm_d=AKAmf-AgDE_Zi6wjeMIpkvwWYKiBAQ6bzSl-YqvUMS-7PlrsUmHWKvBePLM8LA4hDyJBh_N_iazhpvBZwX6DbUO1ZD8opibqH7GaSpLJMx93CbVpYr34UjgABeGvGb4UVdgmK1BlXCIV4veATaFddCpnMPtPj9AAg974LUJ-VU9eNXPHRyV4gSC2wwKxUjyr7hlPst1-eeEf-lp3f6NzkDlp4fHRCLXIfIorDxsxHTCrFHHrzOMHQinFxQa--ShK7skLBeWHUF6Y-0SDzWey0Gda2jBgOA55Re9yq_D696i3llTlSzQ7jS4DnrVniK3KtaR3gmYnoaZzfGpVI9jbf3s_Ocrj0S9yOrFymYcYu36MB0r_Kb-L0Zjs7QoYZm5jDgFQ0Qj8ulO5r5YkY0KAzyRtFl5Jjh_xfmmMYODyCW-X8F6fWbdp2dU_VG3AdeHKOXiFz3IuzhCB7QIgpbqFWYSMvADNYZhIJPwMu_n2BvYJNI78pIrR2JPEFHcgkBugBJqfDW_Nb1lMuG1tAGNx05lYTrjgPAPKzcbdX_RTbs0_SjY94IPp13tKt7VKY_Cw3PRNCvmOqcHR6YQ5reMZ5FGdi2AwdKbGd50cLUjfpA0BgNskHoHP8x7nT-BUcYUc1gjZMN0Ly6OpqSkkxazTrv570qrhy-qDFbeN99IY4coMusKvlWzeFdFErxA6dHMP69nEb2vFKWEjP7L_aLuVLjXaJVfqblSjeSCmu2uQ2gkUEXb1qQPnaC2y0jPeYtsD2eMpXEmaWDssekPn0lfgCFiO-71SWG8u60iikRiab4rD10fwG_W954eu35hd3NEEe9KPZKbz9MpXccL1nPEIx0yspa2O4JIiuox5OMsSftA0h9dZBMOjq79f4cARZpqLMBNnpEEryBNcr_6Mv6dIGsAp0wCazVuAxirjCfyclbL-X6ItU4BFR2-kPh1rRNFUrTZb_QUsslUUBEuITxZzzHItOtZ6jNDTeZgu2j-NJPg8OdY7whGDrAsvRHQadaZDYj-islMZynq0s5jGpAQgAV1FVeyJ0cAhRUaioWkhPAy_Iy3NkZ5-MZAyIZfZXTrk_wwmsD0_ssCfLg9GmSu2YyBgwTgnKV7WCRMgUa8O_5WNb_jjFT78Bzg_Yp6VrBf-fcuXZ2sOlHrzPqH43kyLMLiSLWZ2qrl9O_C959YJP6wKJw8Sp03ksgNEeWJo0JQzJZF5hIabiANGq1hrMZ2Sw41guAnNyt9fUmZ-I2Nsou55yz-mfPIc4-oMM0CoSCUo20E_4eSnwKdnpFBgYjcYVvBG9zlBV5PNtS2OBCpAd69v5bEKbOKA3Jtr3zV8FAnahRtrjYB4ni7oiNcL7PKjbdausmGvROn31KE5-Zh7yEAUKdaW7Kul7VK9dYXnOPmjFb0Vj7u9YTCZEozZKKhtUZ4B9gOmWyGKRilUxDKKC9cGrrmPacHh4gkSZgWTUYOaK0UaKAHATnfDB6dZ08urNxsFKdKCu7Xd8u2yllA4ZDhYhip2Rpc36PcaLQ_zJqwocK7WCGuzlkmqGub_r1CPyMrVOM3biGELvUUmEH4Qn5sUSFxvRQeK2kBja9JmxnRgYDnQ_lj_xiG9TCksIqbHWCnhgF1l4EvuCtwFJzbansT5TiqVZ1MBRof1azdjiwqhPJM9jxnzHfMRWVqaLN8T5wMaXRM-LwzGZXh7V_L5EIcO2AbOgJDHmYSksj-8cJFf95Mz9LAPiadsLX_jmri9J4EjLuw2ZNTfeojHpwv6HeLMyA2XUg44cyCfFpbtERUdYhxa5wUo55R2q-3hpOj_KYkPXO9hgvSfp-YX9oFi0f6BB_uke2QfSWT7Ih_IeVRw9OEf94uAES0CI00tjVO3PnBT32yVFUBIHj4Uwc86VO55Ai8-rL5wn-rIg5v-iE7XA8KMwRakWh1oOKKF_NUy3qP4nr94k0YwVBhVJrgc-Me4-e7_TKwbO40WfbiVa5BqrrxVcFPJVv8fRNolmW6PZaWWgHwZeEBww975xS2KkpifGIgdNhRaq3rvXAB_xFahIWbMZxP7Bu62mMl_fvUui9WxrJ-tIX97-vbztP7ey3Qj1Q06MQ1_GM0BxSKJfQ0qeurDuhwV4VPR_DZbJvmE2bkk5Ko4hc2YWx_xCH6P6LDxLF5RouVACe9UpZ9xzTjoUs2a6vq6Ip_tYxPpVxtsr4Mnz1SR76XwBTZ0Jj_d77Z0ja-N5G3lmaFSrc0ij4IwiOxF8NBvf97BnBr7fgEE63AHXtlt-b6fCsduSjK2jRnCVHsxgZn8qXOT4kE2HFFhLf9y72VpZORpH1aWrBs8anovZp4OMGqSmLXQ5_G9PYpJXfUxdiekWVAH01HG5HB-5F4PElfeXotkQzuUilVrnTzYPe1mVdiovffXtq1RIRc71c-YUIutgoky7sgieveJLHv18S7RKE_KwvuAZstK_JlnCMfp4oJiRiN5L4f_DkvidNCJGhqy3U5uNqY1ZpriXAFzsUT_jfkwTzQLqK0x6b1gytCEfiDFhZBNmhS-TDdyP8SxubINX6wSzrqUs3UWKeTcWuTW3KOG80pKuuAX5W6jhCZS-n0-CGhEKMiDOfN7gWyqvZRZ-YkIAS3SEDCxYeozgluNfycM4H3bgq4XPqTVCzNlH5-w3Q3LdRXuyAdZZfTanDLZz3rt-4o6P6RDRxmYIbvT8ecyknqs01r1J5VpMsdjxwblD-v2HmaLPZ-oNE_o3FTmnBkEeC9RS4IZ7S7Bgh3MBn_5kdiaktnRRg_r2L27NRcvoRx-OWLVaZhVcKg2TVy1fio3QaVpWImwvns-JhZAhSPEQRoSoQV79hMApjBUWu4r-eGFx6uIjOOF1FxYQ7HghvcAF8mzcyNWp9SczJtBk5ki-ypQc3U6K7TgayK7-xhPPtOlovz6Fpl31IZ7Pnd0v1BvujzreSTvxuIxNOW_tM9KYkCgXwVVYexqwrt2MsscL7Wp2WRuNKDeH_g3bbsjOP3yqDMvdbjsugv2Oxg2YxKTfwBkVH1oT19crsQG-fKMgfzBQvtNf-OOrNzw-Th21BJ7qniVuUjyJ4IbhlkqtITDC_VytpjYe-IEmOucMQ0MGjV8s7tIHwC9rbNlSAuVIhbGvGi2ZMjbQc8nupKXDBENUFUBCiO6d3JSxcbXc2tnsutn5cvVzus_lKukp_JR0ENck_XcfdMPesBtZ8MMPYga808u5ZEQ-6uBAbXUeacd6idkSjyScm7Vbhoj5CGIQPgqKEU5g8kqUUE6b02rp_HDWe2w2ntcEfJHyXbe0IhvUjqWEVusYq8GXc-4kM8NbwmOHSsXYWBuc-WRn25e9lVG8-xS4DnOQjXqabg1WQLrSmMW74IPLKZakt2lafISraQybkG-jBtPsjvQWwQhqXDRdIu1UOGCpJ5oN3RAEtKbIMlDu1YHblk8Fxfct3IiVO3pru1VI8Eg-6pyHeVjMDG4UegaUVI-13a68JdeZirgusfsmMSYtbneM5TClfRlAu0tupW2AoUC3_bAGYgETh1Pigi5mJedae-1Y7TBBnWKqROzuox1Gw9bplk5_jIelcKASNjniXjeV7wJovo-HCSK6EDJ1S_8o31HLHHR_KUHDA&cid=CAQSSwDUE5ym_niQLntdJbHIcjcKpFmagZ8Esea_p0YrX9qq0w5FEG8WB6lolIReilr3kOoFCa2qoXlzmx91RQt9vt7uhMiWc9kIwjMBKxgB&dv3_ver=m202301230201&rfl=https%3A%2F%2Fwww.halqat.news%2F&ds=l&xdt=1&iif=1&cor=4398985395793032000&adk=943508955&idt=183&cac=0&dtd=16

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3727bbba645c1b78bd9a4c551b680ba853bc89dfc1b452cc41b75b9ec3c112b7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://a11d860c95e6036c7ad329cf125f7ca8.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Wed, 15 Mar 2023 18:16:30 GMT
content-encoding: br
x-content-type-options: nosniff
age: 68829
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 10957
x-xss-protection: 0
server: cafe
etag: 8900138052650900789
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 29 Mar 2023 18:16:30 GMT

GET
H3 200 omrhp.js Show response
pagead2.googlesyndication.com/pagead/js/r20230314/r20110914/elements/html/ Frame D299 11 KB
4 KB 23ms
23ms Script
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20230314/r20110914/elements/html/omrhp.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4144ebe7750ce431762e797618a6b8c57cf6b173987519641fed9dfba7c56359

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://a11d860c95e6036c7ad329cf125f7ca8.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Wed, 15 Mar 2023 18:13:15 GMT
content-encoding: br
x-content-type-options: nosniff
age: 69024
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4092
x-xss-protection: 0
server: cafe
etag: 18105782571274344576
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 29 Mar 2023 18:13:15 GMT

GET
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame D299 0
0 154ms
65ms Fetch
image/gif 172.217.16.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjssISKpe-5b3XScPtZjhuVp-YLCtPoAlgGvq_LTE3cuPYLf_PbK4Xy-tFWgPoESt6ngjdADMlc7BJgH1vwXDwrGcHedohny8N-VR2dDdxxdIw2ww1EG-LddIebCDRG8UCPZC2egCzHNC_nlBObwef7f_ocKZ8C6TDrhQqv0glHGKgobGVU4DPHhPKWLfiNsWOPvN14qHSZApQloQGb-4A5i7QZm5JlIaOF_qlJSFHLeYBNXEAXJOuQgMT3D9o6__o1AHs-KRhQNOF97gK0ZEiJQjTcSJedA9jqxgsCkwIOYO86EM8TieGmKjODc4XOnGmApfuF23BNGIMR6tXJw_NK9uJWplG3A3_gqYuN0b6kL2YLYFdVwLe8bVw6EHerTzsob07TpXJLmHDZgEGcOQM0BL8T8cCkLbF3IS-BmtbUXwOC1cCKEhh6W8OjhIgWVgWffyG_gey1BGEcXrMd-kP_kQzvO4Umibfa9XYDfbjRgBWbYT_mvfUueqVOrI9TvnQnjQwQT8qOBz5ntxYXCDYcz9EjZxnT_C2Tud2wCKsKxLJHrpyC5v8CGSjFMloGqomn9_CDbCVXxg-2fjL0N2jsipmOi_y0Y9SUf1Touwsyor3d9UC-12lThaPDw7bs1zVGflNSu3kF9MYXu5tIGj0g79LlIKbwa4SYmSThiBYqCZv2fzr7MNkFtBimDnTwipvbHcUhsJoU9V5Y5an2jW28m620_4DClfcD-gjwOHaNPdipXy-TynXfVv6aDUuVhhOsEkb2wCySWbBWVS-yqm-NlPfdyvLvRkSflmC4PwGHn43UZJLGqvt1Ip_cyaM1KPbd548hTpKAWF7NLEsXumxI_1KrO--doTgM-7xnGn9bcC6XVv2Mvv3i2uDs50G7xnZohVlGE6KUae6OR51FUIt1gsliHOypqASdCwzhVInw-XumrfsO5kXMVhrl5RQsTJl26vMCztzDd4BLKXpecIMJzX0bYaPtzSB5THn-HjI8igJpt1Ptu6Tgjp_o-g4ND91Gcdw9rFAlTjfKpAe_AhwmdnMWPROe_v7L5nfHMPX0RBxW2XDKtSVOPA5HhF9LlFq5XEjEKwGQgOt1Zun1t9VEU7rfCIcAMICKpSXbmXDU9CenBS4taihw49eBVsJN_XVgsy-VhUg_FktVGQQJl0Bl0e9ob8pHGBZcK2JnIt9_O2MqEggdQKeH109L4q6c3BHi1C0ITWxdCxsPmnnud9e2S88mQBVBBu1DnR7GlBxd8KAa4k11CwK4YNTRNVz4S_nKLrW4PZb51rgdHd5jfi0ftKVkBIyKE&sai=AMfl-YQGdHaVCgW0r5PAF33QPj9TPDaza3XeANa-_wU9GMxS1xF159Pw4PkWkpE1pB4JTPvVA-6KxWYGYd99OgwXBinUREXdadkN-IY5ldzbvk8UvI0bQSFuLFmYfWI9c6zaRMJczwsc43CUgegaSPvGphf3-iKNzy8ycUJDeTYeHs4H9CWaZiO3vhCEhA29hyTRr5eRWA2hvig1ne6T_42-uSfSwfeuar_xB9hjpn7_vUgV6IgDRiyV2YBfZs7bOLsm4hb5rCbj2j54uhXdDpLVsfNp51NLjv8HV_iiVHl6yUzGEMZ3uNy9bVvte0E&sig=Cg0ArKJSzH9Hw2lypSbYEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=2&cbvp=1&cstd=0&cisv=r20230314.48973&arae=0&ftch=1&adurl=

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s65-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://a11d860c95e6036c7ad329cf125f7ca8.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Thu, 16 Mar 2023 13:23:39 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Thu, 16 Mar 2023 13:23:39 GMT

GET
H3 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame D299 41 KB
15 KB 22ms
21ms Script
text/javascript 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://a11d860c95e6036c7ad329cf125f7ca8.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Sat, 11 Mar 2023 06:47:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 455796
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15207
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 10 Mar 2024 06:47:03 GMT

GET
H2 200 892608194529460806
s0.2mdn.net/simgad/ Frame D299 15 KB
16 KB 97ms
20ms Image
image/png 2a00:1450:4001:806::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/simgad/892608194529460806

Requested by

Host: a11d860c95e6036c7ad329cf125f7ca8.safeframe.googlesyndication.com
URL: https://a11d860c95e6036c7ad329cf125f7ca8.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c48c6f6366b529ea9d5e0abcc2edd45735e90af4e845fd429a0dcf3aad1ab833

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://a11d860c95e6036c7ad329cf125f7ca8.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 16 Mar 2023 09:23:50 GMT
x-content-type-options: nosniff
age: 14389
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15727
x-xss-protection: 0
last-modified: Wed, 08 Feb 2023 11:13:55 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 15 Mar 2024 09:23:50 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame CA71 0
20 B 59ms
58ms Ping
image/gif 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=5803934120088&version=m202301230201

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://a11d860c95e6036c7ad329cf125f7ca8.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 16 Mar 2023 13:23:39 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame CA71 0
20 B 60ms
59ms Ping
image/gif 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=5803934120088&version=m202301230201&ct=76&x=1&cor=4151790939205341000

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://a11d860c95e6036c7ad329cf125f7ca8.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 16 Mar 2023 13:23:39 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame CA71 83 KB
35 KB 59ms
58ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-Atdzph7PAIIeUNJmm5_VNRh0QceKEk4f8-iTvLasqRZqAibA1SKpL0zyZpOLdiz3viXvbQXY-udKBEBWa11C1loKki2g&cry=1&dbm_d=AKAmf-DBnG0y2x1ejzP_gsiOp42K0AdpDgqpcPca59ckLzgBMAzY4C9An1p9gDiRQl0AjMBjhibLzB8qBLoLsC5wgCDXYllcvXLBaGyIyCcxAchtX0yxYpcZrooQpt7idomjScAOEL3HBE9wYv8nbtUZcpJ7mDqpkN_07MjufsOedCB7wnV4tX8gJVTL1oxF_mkcoIjY52iff8IyzvPvhuSr5pYJ19tu0rxx5eqUszHZSw8x9vxsZPKBaQnJsXLDnI0MXRLgxPB7Lv12AonMxwuOud9yR0nWmRhbeOJ4DsknLFG23nzafLmS-Jr0uZOIbkUzkOkoMmYhRmbNM2EzW9I8z8mKSpSqOXUb4q-pf4jmzK5pNRDH3Zxm0Rl1JDBB7D_MmOdOC7MrBQ1DY-U3_Vf2jsOt2zMmLttzi80B6tndt6xNa63LEkcle_HTMyWUNAhueOWN9dUU0doFRMInMELoYroCPeWUnkyGFl6POYXF-kiamZmLPAylWi7hJAjjU-rk2mzbBFVFrvpGOn3PUyLSsdszXR_wSJVXjvNGAv5vC3RLkCFvC-0Arhj8TRBycEwR5vZWlGpFd4kt2MzCwLIzYQAG4wSXurivGvOOfFmX8ifL1-oAtkrdwWsAVJnh8bPgZNckmXdCZMmzez8SaJpHQrPD5OWWKilfMVfdbJh_uYpGwMuIBUi_ZAEQzYB0s4l0EB03Q7whFoHY8qJx58A38aXDEcsZ-XMIobJd0HKugTVB3IVVwt7z3RGXwZMTHR5CDw9eh91j-g6ACEp-VJvaIRIl14qYp8Uox-HxS9r7kfCN0DyrHdeewAJTCe8niQewvoDvRbSG2k1kS17UDIaoO_a5kDw_41LqOyLVaZuDEiGxqYZkYh15UfM7mtz-Ov-nNAPamBeqkwPaMLIarhCztdfa3WSmDINrOLIame1it4t9l_aLsozN03OfCgkHp405Ful3Z7uo574W2oKgnjeC6_Ov9g5ZWVbCa3T3flAQzleB-_qrfDigbF0D5pr0IjCtONSelqaSHcw8D0Qyd1qRSFRu6YzhxQuYMasKllWXNpf_HH_Ek1g_jc8_FDu8iL3lGFWtBv2U-6A6YEeG-sM_MjoLB1dd3mVwMHrN94dYCMnWvPhfhZ_3ImKHn386S-_VYxPHNUyRaYB3xSx81TUduNOplbTaMQXtJfwPbULdJLlvjjzYaHAyJWlF40rwpt3n-k-simhpV-ob_Sp6piBEZP6qgezM4bFq_aWo51Epb2oHWkVSj6Gj7DDeCfNzIHyrW0paOD5ebHZw6HyZqRX1ISReB6kxwjqPmu19Sbooeii4_2sF61wBO06v2LKdpZjnywqExs260T_ePDgo4licoHoFTOhLl-_qNRekK7G4JVAN8XiqryhUE9ZKFeVR5qLjvo5feuAMhqDqBIa36DQjXCxhW970w7nHL9rGyPy5Ia003dqsrmxn62cTUyUhfNSzr6gG4DU6LGTQa8GVH2G_q_kRLkAkF5JDc_MlyYvC4W21j-D8l8pBYQrl0YhmjN02HpLrkh6YtrEBebGm8hCc-nB3FGv3wJ_0oEuxKGOUmm-hINnor19ETmEZuDA8eJRi4IQJbfgRH4wkew3-jsYDX0r8oPQJ5V_ABkGDMKKgZG5L4sP1x-7u5TYP1bVYmRwuxplkIB6ha0Pg9Rv8_HugwJffyKRuRNjXrBBlp7cjHosku6I4Ll_ywPagiX4y_8qlDxKwxxSc2-wdp6L5ULGc1NnOGZs_1SsEzgxR-MDqWbpSJ-bifSQIfrgti3XTP30PPhQ98cspHpmEXNpMUDo9ycqZXMsIyQWw60Wf3JrJ5rMc-ASarRbVTPVpe_aVoGi4AErBaorQ9ZnxXZQy2e8b3KDM3mFrvu-sh9lxGKkw5jUQiVd4VES__aI3tgJYTDzB4EjFBEB4rxIda6h5604new1OrO2pK1R7o8ooWSXTyioIvXyJd795FM00q36T5SCX6Kbf-3OHGYVI0KRAIXMc2uD6jZsYv-u2C3AwqwgErHmcA6tDYlI-8W8OzbHBfllRcTWieRsSh3cNIizuveZeyKPiYdgw1fbImQRtpnnPLJ0lCGvGLCAU-fJPKhy9igj0Epk8mp6bO-F6Woz4hu77fMgq-onJgcpp9SXgZNAlcXCSJwFkVTcCNIS1LqhFFY-_RPgsy7SmfA14W7WFrQ_LMWc9T9deEy-Oq-Hk9n_n3Z_f9IhVmxMfYRCkCcXDzXaxUQXObd7lvtrSKsBA5InWfZwfKJka54RLaQdzuZq8xxQL5nk9r0nOEsMC0zpPdDP22aZhV3AMgvPZONcvF3Ln-3-41MtIf4-53yZpxrmv3QXxpjvcbAlPbTdGuPiSajYpNY1i5H20UzZzL5aIvt7TO6vTfmNj3uNlaYOzlqTlNUTE8TtJxxqEfrN80khdyR3-WlEelya-fWX71GppCuHcp-BkXOfh0G0rgqeYRcifmkGeD7qf3Z_Nlt4BpYzAyps4hOWDbyvO8ltH1cDmMbvKMDQcIHKlY5Ivvbf6cK_mME9h42_v3H_QD_WdkXN8LA05CR1UTwIokLR0LLk9lGOjHcBdPAH88HZ1wKVCiQKJAWGT0v4G31qwsDq__mdJ48u27Z23Pdi53udRlcEGkf9EVVzyztF589cN7XF_HICYom8WU_LURXxecTg8LAKeo2XN8B3BKgOjnfec12C3STt-Y762MZaZ3SnCZSUeZjfvfKVCw_VizUuhf3u5Dp4tA5zi8W9o77efclBNwbuWVnnsMgmppFgrsI2rb8gz2tmaOGBKkrMw2QJUrR26it2LbihyWmf7K9iJxHck_VNdLKgiHVRGJADQew1uF3oRM4Q0E0yBZ3nCNy8yObvefhLVoMhsBlAe0yHFVdukXON-J6Roczhc6-e4h7wi5qpSXonSIlkrEnALpD5uFRbWgpkElVX1GgxBhPkFxM9LAFRIGwvWoP1iV0VcdAhWQ_twSop_AcYXtQIyia4zdZL-NC-Lg5tQfz0HgAkHHF98N0qC-Z3yb39dAUzl64HNjeHkrilJy4E0t50F9TYxb2jbvg7wcEfkYk07in7ZIqQWy9E_v8H1PF9dpcF1DjrGrE_PNH2FyNkwmMJZ1kWkQInDqHQQ7Vq2Q896ehSY1mMc7V8vEI_Fy_HizSOCbccKoyOM47s6Q4JM39FAgBG7iHi7rls_3kVF5BFNTtDS2R6tZhuOF0U4r2LBl5aY969ivlABASjCEuOcaIumBGZw-ixgds6GkdcPt_YPVSqgYKzyoSAoL24DRSGOu5ZKoH71pfJcU6zAjRssQMQtgFsRibm4cQf089vVc35yLJHOfZHjBUfujdf5YjakC3NxB-RZHaz7EJL4OWB5YzHtF7g2HOfBXOS4CmtdZA0fWQ_LXLK7ZcJK8upwGZ3S_qi5vsFdqFFLzc4tej2-dpUbSjzK7-e7a32q8i1sqqJwTZpHiN_2-kVv0MjZaiGBiCZbCbpPItwIteEqtmFGiUmBcEW6x0AzBFphasmEw0A3LHbAOSLeIu0AFM7FMyIT39cY_qNWJ_N-4x2nOj29vg0TRrW9PPtBAWnzHHLazWwigzMGjGYJmwUOwUlIWTha6ET_4XW3qRCpWxKbeA-mCYnRI3vtpA-XFk2fVVVVZ9FekloyeCIKNat69MhhtNZSj_iOvJdJJ1jpY7o3gzAfaHuTAcv-FWLZs09a5eUrMoA92fTs&cid=CAQSSwDUE5ymXMqvMFcmvX99pUXdMt07s7hdJ94QxdUpKFBQdcezpqPvljKa8JgjcBR_oF5_VeujmsrZOPWVnPASGRsDy-TEN8BgjsI5UBgB&dv3_ver=m202301230201&rfl=https%3A%2F%2Fwww.halqat.news%2F&ds=l&xdt=1&iif=1&cor=4151790939205341000&adk=2515327512&idt=107&cac=0&dtd=3

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

2f4561d9a2c945d738dbc97326ee6f5ba2f9ed8911499f2cdf312af26981f378

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://a11d860c95e6036c7ad329cf125f7ca8.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 16 Mar 2023 13:23:39 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35991
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
DATA 200
OK truncated
/ Frame D299 202 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: acf7eac535a0456e2c2a1499fcd26f683d9e3543ba8d5d2882a235b9452f6631

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame 7AA8 22 KB
8 KB 22ms
21ms Document
text/html 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://a11d860c95e6036c7ad329cf125f7ca8.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 457653
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 8395
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Sat, 11 Mar 2023 06:16:06 GMT
expires: Sun, 10 Mar 2024 06:16:06 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 express_html_inpage_rendering_lib_200_276.js Show response
s0.2mdn.net/879366/ Frame CA71 106 KB
37 KB 67ms
20ms Script
text/javascript 2a00:1450:4001:806::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_276.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e41d1ae45acbf836b8dcc29544c7e41cced4211214df601d5284a7e9c7134c73

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://a11d860c95e6036c7ad329cf125f7ca8.safeframe.googlesyndication.com/
Origin: https://a11d860c95e6036c7ad329cf125f7ca8.safeframe.googlesyndication.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 16 Mar 2023 07:16:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 22047
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 37872
x-xss-protection: 0
last-modified: Wed, 02 Mar 2022 23:07:26 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 17 Mar 2023 07:16:12 GMT

GET
H3 200 omrhp.js Show response
pagead2.googlesyndication.com/pagead/js/r20230314/r20110914/elements/html/ Frame CA71 11 KB
4 KB 20ms
20ms Script
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20230314/r20110914/elements/html/omrhp.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-Atdzph7PAIIeUNJmm5_VNRh0QceKEk4f8-iTvLasqRZqAibA1SKpL0zyZpOLdiz3viXvbQXY-udKBEBWa11C1loKki2g&cry=1&dbm_d=AKAmf-DBnG0y2x1ejzP_gsiOp42K0AdpDgqpcPca59ckLzgBMAzY4C9An1p9gDiRQl0AjMBjhibLzB8qBLoLsC5wgCDXYllcvXLBaGyIyCcxAchtX0yxYpcZrooQpt7idomjScAOEL3HBE9wYv8nbtUZcpJ7mDqpkN_07MjufsOedCB7wnV4tX8gJVTL1oxF_mkcoIjY52iff8IyzvPvhuSr5pYJ19tu0rxx5eqUszHZSw8x9vxsZPKBaQnJsXLDnI0MXRLgxPB7Lv12AonMxwuOud9yR0nWmRhbeOJ4DsknLFG23nzafLmS-Jr0uZOIbkUzkOkoMmYhRmbNM2EzW9I8z8mKSpSqOXUb4q-pf4jmzK5pNRDH3Zxm0Rl1JDBB7D_MmOdOC7MrBQ1DY-U3_Vf2jsOt2zMmLttzi80B6tndt6xNa63LEkcle_HTMyWUNAhueOWN9dUU0doFRMInMELoYroCPeWUnkyGFl6POYXF-kiamZmLPAylWi7hJAjjU-rk2mzbBFVFrvpGOn3PUyLSsdszXR_wSJVXjvNGAv5vC3RLkCFvC-0Arhj8TRBycEwR5vZWlGpFd4kt2MzCwLIzYQAG4wSXurivGvOOfFmX8ifL1-oAtkrdwWsAVJnh8bPgZNckmXdCZMmzez8SaJpHQrPD5OWWKilfMVfdbJh_uYpGwMuIBUi_ZAEQzYB0s4l0EB03Q7whFoHY8qJx58A38aXDEcsZ-XMIobJd0HKugTVB3IVVwt7z3RGXwZMTHR5CDw9eh91j-g6ACEp-VJvaIRIl14qYp8Uox-HxS9r7kfCN0DyrHdeewAJTCe8niQewvoDvRbSG2k1kS17UDIaoO_a5kDw_41LqOyLVaZuDEiGxqYZkYh15UfM7mtz-Ov-nNAPamBeqkwPaMLIarhCztdfa3WSmDINrOLIame1it4t9l_aLsozN03OfCgkHp405Ful3Z7uo574W2oKgnjeC6_Ov9g5ZWVbCa3T3flAQzleB-_qrfDigbF0D5pr0IjCtONSelqaSHcw8D0Qyd1qRSFRu6YzhxQuYMasKllWXNpf_HH_Ek1g_jc8_FDu8iL3lGFWtBv2U-6A6YEeG-sM_MjoLB1dd3mVwMHrN94dYCMnWvPhfhZ_3ImKHn386S-_VYxPHNUyRaYB3xSx81TUduNOplbTaMQXtJfwPbULdJLlvjjzYaHAyJWlF40rwpt3n-k-simhpV-ob_Sp6piBEZP6qgezM4bFq_aWo51Epb2oHWkVSj6Gj7DDeCfNzIHyrW0paOD5ebHZw6HyZqRX1ISReB6kxwjqPmu19Sbooeii4_2sF61wBO06v2LKdpZjnywqExs260T_ePDgo4licoHoFTOhLl-_qNRekK7G4JVAN8XiqryhUE9ZKFeVR5qLjvo5feuAMhqDqBIa36DQjXCxhW970w7nHL9rGyPy5Ia003dqsrmxn62cTUyUhfNSzr6gG4DU6LGTQa8GVH2G_q_kRLkAkF5JDc_MlyYvC4W21j-D8l8pBYQrl0YhmjN02HpLrkh6YtrEBebGm8hCc-nB3FGv3wJ_0oEuxKGOUmm-hINnor19ETmEZuDA8eJRi4IQJbfgRH4wkew3-jsYDX0r8oPQJ5V_ABkGDMKKgZG5L4sP1x-7u5TYP1bVYmRwuxplkIB6ha0Pg9Rv8_HugwJffyKRuRNjXrBBlp7cjHosku6I4Ll_ywPagiX4y_8qlDxKwxxSc2-wdp6L5ULGc1NnOGZs_1SsEzgxR-MDqWbpSJ-bifSQIfrgti3XTP30PPhQ98cspHpmEXNpMUDo9ycqZXMsIyQWw60Wf3JrJ5rMc-ASarRbVTPVpe_aVoGi4AErBaorQ9ZnxXZQy2e8b3KDM3mFrvu-sh9lxGKkw5jUQiVd4VES__aI3tgJYTDzB4EjFBEB4rxIda6h5604new1OrO2pK1R7o8ooWSXTyioIvXyJd795FM00q36T5SCX6Kbf-3OHGYVI0KRAIXMc2uD6jZsYv-u2C3AwqwgErHmcA6tDYlI-8W8OzbHBfllRcTWieRsSh3cNIizuveZeyKPiYdgw1fbImQRtpnnPLJ0lCGvGLCAU-fJPKhy9igj0Epk8mp6bO-F6Woz4hu77fMgq-onJgcpp9SXgZNAlcXCSJwFkVTcCNIS1LqhFFY-_RPgsy7SmfA14W7WFrQ_LMWc9T9deEy-Oq-Hk9n_n3Z_f9IhVmxMfYRCkCcXDzXaxUQXObd7lvtrSKsBA5InWfZwfKJka54RLaQdzuZq8xxQL5nk9r0nOEsMC0zpPdDP22aZhV3AMgvPZONcvF3Ln-3-41MtIf4-53yZpxrmv3QXxpjvcbAlPbTdGuPiSajYpNY1i5H20UzZzL5aIvt7TO6vTfmNj3uNlaYOzlqTlNUTE8TtJxxqEfrN80khdyR3-WlEelya-fWX71GppCuHcp-BkXOfh0G0rgqeYRcifmkGeD7qf3Z_Nlt4BpYzAyps4hOWDbyvO8ltH1cDmMbvKMDQcIHKlY5Ivvbf6cK_mME9h42_v3H_QD_WdkXN8LA05CR1UTwIokLR0LLk9lGOjHcBdPAH88HZ1wKVCiQKJAWGT0v4G31qwsDq__mdJ48u27Z23Pdi53udRlcEGkf9EVVzyztF589cN7XF_HICYom8WU_LURXxecTg8LAKeo2XN8B3BKgOjnfec12C3STt-Y762MZaZ3SnCZSUeZjfvfKVCw_VizUuhf3u5Dp4tA5zi8W9o77efclBNwbuWVnnsMgmppFgrsI2rb8gz2tmaOGBKkrMw2QJUrR26it2LbihyWmf7K9iJxHck_VNdLKgiHVRGJADQew1uF3oRM4Q0E0yBZ3nCNy8yObvefhLVoMhsBlAe0yHFVdukXON-J6Roczhc6-e4h7wi5qpSXonSIlkrEnALpD5uFRbWgpkElVX1GgxBhPkFxM9LAFRIGwvWoP1iV0VcdAhWQ_twSop_AcYXtQIyia4zdZL-NC-Lg5tQfz0HgAkHHF98N0qC-Z3yb39dAUzl64HNjeHkrilJy4E0t50F9TYxb2jbvg7wcEfkYk07in7ZIqQWy9E_v8H1PF9dpcF1DjrGrE_PNH2FyNkwmMJZ1kWkQInDqHQQ7Vq2Q896ehSY1mMc7V8vEI_Fy_HizSOCbccKoyOM47s6Q4JM39FAgBG7iHi7rls_3kVF5BFNTtDS2R6tZhuOF0U4r2LBl5aY969ivlABASjCEuOcaIumBGZw-ixgds6GkdcPt_YPVSqgYKzyoSAoL24DRSGOu5ZKoH71pfJcU6zAjRssQMQtgFsRibm4cQf089vVc35yLJHOfZHjBUfujdf5YjakC3NxB-RZHaz7EJL4OWB5YzHtF7g2HOfBXOS4CmtdZA0fWQ_LXLK7ZcJK8upwGZ3S_qi5vsFdqFFLzc4tej2-dpUbSjzK7-e7a32q8i1sqqJwTZpHiN_2-kVv0MjZaiGBiCZbCbpPItwIteEqtmFGiUmBcEW6x0AzBFphasmEw0A3LHbAOSLeIu0AFM7FMyIT39cY_qNWJ_N-4x2nOj29vg0TRrW9PPtBAWnzHHLazWwigzMGjGYJmwUOwUlIWTha6ET_4XW3qRCpWxKbeA-mCYnRI3vtpA-XFk2fVVVVZ9FekloyeCIKNat69MhhtNZSj_iOvJdJJ1jpY7o3gzAfaHuTAcv-FWLZs09a5eUrMoA92fTs&cid=CAQSSwDUE5ymXMqvMFcmvX99pUXdMt07s7hdJ94QxdUpKFBQdcezpqPvljKa8JgjcBR_oF5_VeujmsrZOPWVnPASGRsDy-TEN8BgjsI5UBgB&dv3_ver=m202301230201&rfl=https%3A%2F%2Fwww.halqat.news%2F&ds=l&xdt=1&iif=1&cor=4151790939205341000&adk=2515327512&idt=107&cac=0&dtd=3

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4144ebe7750ce431762e797618a6b8c57cf6b173987519641fed9dfba7c56359

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://a11d860c95e6036c7ad329cf125f7ca8.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Wed, 15 Mar 2023 18:13:15 GMT
content-encoding: br
x-content-type-options: nosniff
age: 69024
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4092
x-xss-protection: 0
server: cafe
etag: 18105782571274344576
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 29 Mar 2023 18:13:15 GMT

GET
H3 200 abg_lite.js Show response
pagead2.googlesyndication.com/pagead/js/r20230314/r20110914/ Frame CA71 28 KB
11 KB 20ms
20ms Script
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20230314/r20110914/abg_lite.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3727bbba645c1b78bd9a4c551b680ba853bc89dfc1b452cc41b75b9ec3c112b7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://a11d860c95e6036c7ad329cf125f7ca8.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Wed, 15 Mar 2023 18:16:30 GMT
content-encoding: br
x-content-type-options: nosniff
age: 68829
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 10957
x-xss-protection: 0
server: cafe
etag: 8900138052650900789
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 29 Mar 2023 18:16:30 GMT

GET
H3 200 sArRvrN6I189drjF6Of_TQ6Xi_0Jr1YUSK6Bd2dnyeI.js Show response
pagead2.googlesyndication.com/bg/ Frame 7AA8 36 KB
14 KB 20ms
20ms Script
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/sArRvrN6I189drjF6Of_TQ6Xi_0Jr1YUSK6Bd2dnyeI.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b00ad1beb37a235f3d76b8c5e8e7ff4d0e978bfd09af561448ae81776767c9e2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Wed, 15 Mar 2023 22:31:10 GMT
content-encoding: br
x-content-type-options: nosniff
age: 53549
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14292
x-xss-protection: 0
last-modified: Mon, 06 Mar 2023 11:38:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 14 Mar 2024 22:31:10 GMT

GET
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame D299 0
0 58ms
58ms Fetch
image/gif 172.217.16.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjssISKpe-5b3XScPtZjhuVp-YLCtPoAlgGvq_LTE3cuPYLf_PbK4Xy-tFWgPoESt6ngjdADMlc7BJgH1vwXDwrGcHedohny8N-VR2dDdxxdIw2ww1EG-LddIebCDRG8UCPZC2egCzHNC_nlBObwef7f_ocKZ8C6TDrhQqv0glHGKgobGVU4DPHhPKWLfiNsWOPvN14qHSZApQloQGb-4A5i7QZm5JlIaOF_qlJSFHLeYBNXEAXJOuQgMT3D9o6__o1AHs-KRhQNOF97gK0ZEiJQjTcSJedA9jqxgsCkwIOYO86EM8TieGmKjODc4XOnGmApfuF23BNGIMR6tXJw_NK9uJWplG3A3_gqYuN0b6kL2YLYFdVwLe8bVw6EHerTzsob07TpXJLmHDZgEGcOQM0BL8T8cCkLbF3IS-BmtbUXwOC1cCKEhh6W8OjhIgWVgWffyG_gey1BGEcXrMd-kP_kQzvO4Umibfa9XYDfbjRgBWbYT_mvfUueqVOrI9TvnQnjQwQT8qOBz5ntxYXCDYcz9EjZxnT_C2Tud2wCKsKxLJHrpyC5v8CGSjFMloGqomn9_CDbCVXxg-2fjL0N2jsipmOi_y0Y9SUf1Touwsyor3d9UC-12lThaPDw7bs1zVGflNSu3kF9MYXu5tIGj0g79LlIKbwa4SYmSThiBYqCZv2fzr7MNkFtBimDnTwipvbHcUhsJoU9V5Y5an2jW28m620_4DClfcD-gjwOHaNPdipXy-TynXfVv6aDUuVhhOsEkb2wCySWbBWVS-yqm-NlPfdyvLvRkSflmC4PwGHn43UZJLGqvt1Ip_cyaM1KPbd548hTpKAWF7NLEsXumxI_1KrO--doTgM-7xnGn9bcC6XVv2Mvv3i2uDs50G7xnZohVlGE6KUae6OR51FUIt1gsliHOypqASdCwzhVInw-XumrfsO5kXMVhrl5RQsTJl26vMCztzDd4BLKXpecIMJzX0bYaPtzSB5THn-HjI8igJpt1Ptu6Tgjp_o-g4ND91Gcdw9rFAlTjfKpAe_AhwmdnMWPROe_v7L5nfHMPX0RBxW2XDKtSVOPA5HhF9LlFq5XEjEKwGQgOt1Zun1t9VEU7rfCIcAMICKpSXbmXDU9CenBS4taihw49eBVsJN_XVgsy-VhUg_FktVGQQJl0Bl0e9ob8pHGBZcK2JnIt9_O2MqEggdQKeH109L4q6c3BHi1C0ITWxdCxsPmnnud9e2S88mQBVBBu1DnR7GlBxd8KAa4k11CwK4YNTRNVz4S_nKLrW4PZb51rgdHd5jfi0ftKVkBIyKE&sai=AMfl-YQGdHaVCgW0r5PAF33QPj9TPDaza3XeANa-_wU9GMxS1xF159Pw4PkWkpE1pB4JTPvVA-6KxWYGYd99OgwXBinUREXdadkN-IY5ldzbvk8UvI0bQSFuLFmYfWI9c6zaRMJczwsc43CUgegaSPvGphf3-iKNzy8ycUJDeTYeHs4H9CWaZiO3vhCEhA29hyTRr5eRWA2hvig1ne6T_42-uSfSwfeuar_xB9hjpn7_vUgV6IgDRiyV2YBfZs7bOLsm4hb5rCbj2j54uhXdDpLVsfNp51NLjv8HV_iiVHl6yUzGEMZ3uNy9bVvte0E&sig=Cg0ArKJSzH9Hw2lypSbYEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=106&vt=11&dtpt=104&dett=2&cstd=0&cisv=r20230314.48973&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&arae=0&ftch=1&adurl=

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s65-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://a11d860c95e6036c7ad329cf125f7ca8.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 16 Mar 2023 13:23:39 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Thu, 16 Mar 2023 13:23:39 GMT

GET
H3 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame CA71 41 KB
15 KB 22ms
21ms Script
text/javascript 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Host: a11d860c95e6036c7ad329cf125f7ca8.safeframe.googlesyndication.com
URL: https://a11d860c95e6036c7ad329cf125f7ca8.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://a11d860c95e6036c7ad329cf125f7ca8.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Sat, 11 Mar 2023 06:47:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 455796
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15207
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 10 Mar 2024 06:47:03 GMT

GET
H3 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame 5B69 22 KB
8 KB 22ms
21ms Document
text/html 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://a11d860c95e6036c7ad329cf125f7ca8.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 457653
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 8395
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Sat, 11 Mar 2023 06:16:06 GMT
expires: Sun, 10 Mar 2024 06:16:06 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 index.html Show response
s0.2mdn.net/sadbundle/5426868114681039537/ Frame 2710 97 KB
24 KB 21ms
21ms Document
text/html 2a00:1450:4001:806::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/5426868114681039537/index.html

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_276.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7ff6b6ddcfe1ec382c5edd89d2c2b6328cd8a83aab101b83cdd916e6152ab60b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://a11d860c95e6036c7ad329cf125f7ca8.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 29821
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 24370
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy: cross-origin
date: Thu, 16 Mar 2023 05:06:38 GMT
expires: Fri, 15 Mar 2024 05:06:38 GMT
last-modified: Wed, 21 Dec 2022 09:32:34 GMT
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-dns-prefetch-control: off
x-xss-protection: 0

GET
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame CA71 0
0 64ms
63ms Fetch
image/gif 172.217.16.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsvv-jH7RLnb1iCz1544Srsp_grx82zxKhB9s46NxJ8YEhhkO82JRfhKKmmDgmDS0pYhoPgPXDyXKf2Dgy7sOY68TYMh1Zte0UpDn1zGkZ2TrwISS3AOAx8lwMYyvSBQG7rqUZB4pTNEuL-InnXq9WMDzfKph2rwRFYJsTPDocPYzOlBebRr0SivgrpngOItxPxHUokg0Q8ZClTs_UiPVaJ3v9MNvxAX0oy9PL3DnGHnOYP-bB_SkMF-l5-EkJqdMu0Jg_oqRiIepkb9vf49XYv_-LcNxD9Gwq5PFBCT7WeGaeG3ki3ElDXQk3eM0Z-pSSSlDfdBcCJTyXjJf3zuZOslCH4sYv0kJjgQ8iLlG54jS3PWImRqns74mZ7ko2xXxtt2ViAPbr-q2R5p_bnzsKuL2S8QrYSot-Fb6v3qdt3E0OGHX4MGsu7Kt6SBpYiUAqbkfp-fCVhPsrgETMdbvYJumQ5upnHWQjdihg2kXTHTsAAGlQdyNY0xyS7Z9u-GM8wPseavKs0iu2rZNGdEJTwoGqxjUsqD9VFIxu75OOVyQmmeuXOGfFdhnhgteN8ybrU-8s_Nn0Ezc26iFvdMvzD8SC8p_As7ivfkEcEyS--QUkC0uom_bFojI9zzCySCo8QnrvfZRWzTNx7PCjX861LAG3qMAYsIoH11dObI8I7Q-PqL9BXZr2o76i8_zfBe4PKdXps9uMgHM2V9Y0pm4M5PhrEkl0qFtfr7Hk-pfN3pwO1Cw7GjNbyCqPwBGyFThUC5kxP6DEs_vMLt9GeqHkGrdPoNNC8rvxyb-hiKmaBhRFT53h6AvHr5w78qa9707TRD87Nd05fYpKDkFznaYhF_nnfKvu2VlGpW-rYw8OIjUo6m8WwNmvCD_9RIelmazrWg7i874ZtWjeJHv77Q7Vnczb5g1HlgnLhQyOPdn9N713Lak26AoeIcEGtQgJBGROaTzshUcW-fOBPTo7t7A5JH-ZYGlrMt_HYCNshrMuUmctnoeWPFLvhGlKEu0Ag7a8gAsHNjM2EHDbTBwf_cKGx0iF0rAFaFh-HWBKm3fcVT_ynlIsNgEMU8BQxRXx-wmtElaiTYFqn7NqPScPQz35pPMKAwb2yNMOe6O3d9Fjajxaa8nQsJR0ut5mdNL5oGlxlxyJcvdIszcxQD5CUzMIyrmFFu05XDa1vEc20u7OE6FMhxqeO5ZDr4u9s7GcbV5-bjt6DSHgH1asx8tgbbFqsUyI4KtDXEz7LhUP9mkI6AItIynrGxYDg&sai=AMfl-YR-3hRV16UlcAhiKpaCRg8Nbw8NLXuBGekH7lSl0rZGoezjxYliZZ7OnTmlKGz2-QDPYiHPcENw_rEGEXZE3W2pC2BfYZUwlcvlhEIvPIXFrv8vXxaAFNgs_xym-ZYwqWXIFHHKC8RR8U6VhXQrNoWwu-Xe2kurxRfGDBeJ0348qs0vopMPGCoZUfAvnQJuykrxSfs3e4DIGf0cS_kc_6xkq6daO8oI4kVsZxkkcGSyF5jrGFZUTDT7CrheWRrZUjxpDbE5gQGs6VIWLIXzVNiw5hUYqVH4&sig=Cg0ArKJSzGkb9uLa8z4QEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=136&cbvp=1&cstd=133&cisv=r20230314.84947&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&arae=0&ftch=1&adurl=

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s65-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://a11d860c95e6036c7ad329cf125f7ca8.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Thu, 16 Mar 2023 13:23:39 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Thu, 16 Mar 2023 13:23:39 GMT

GET
H2

200

/
track.adform.net/adfserve/ Frame CA71
Redirect Chain

https://track.adform.net/adfserve/?bn=60060210;1x1inv=1;srctype=3;ord=3313071101
https://track.adform.net/adfserve/?CC=1&bn=60060210;1x1inv=1;srctype=3;ord=3313071101

35 B
518 B

33ms
33ms

Image
image/gif

37.157.4.24
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://track.adform.net/adfserve/?CC=1&bn=60060210;1x1inv=1;srctype=3;ord=3313071101

Requested by

Host: a11d860c95e6036c7ad329cf125f7ca8.safeframe.googlesyndication.com
URL: https://a11d860c95e6036c7ad329cf125f7ca8.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

37.157.4.24 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://a11d860c95e6036c7ad329cf125f7ca8.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 16 Mar 2023 13:23:39 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
content-type: image/gif
access-control-allow-origin: *
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
cache-control: no-cache, no-store, must-revalidate, no-transform
expires: -1

Redirect headers

pragma: no-cache
date: Thu, 16 Mar 2023 13:23:39 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
content-type: text/html; charset=utf-8
location: https://track.adform.net/adfserve/?CC=1&bn=60060210;1x1inv=1;srctype=3;ord=3313071101
access-control-allow-origin: *
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
cache-control: no-cache, no-store, must-revalidate, no-transform
expires: -1

GET
H3 200 sArRvrN6I189drjF6Of_TQ6Xi_0Jr1YUSK6Bd2dnyeI.js Show response
pagead2.googlesyndication.com/bg/ Frame 5B69 36 KB
14 KB 21ms
20ms Script
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/sArRvrN6I189drjF6Of_TQ6Xi_0Jr1YUSK6Bd2dnyeI.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b00ad1beb37a235f3d76b8c5e8e7ff4d0e978bfd09af561448ae81776767c9e2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Wed, 15 Mar 2023 22:31:10 GMT
content-encoding: br
x-content-type-options: nosniff
age: 53549
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14292
x-xss-protection: 0
last-modified: Mon, 06 Mar 2023 11:38:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 14 Mar 2024 22:31:10 GMT

GET
H2 200 DcmEnabler_01_247.js Show response
s0.2mdn.net/879366/ Frame 2710 29 KB
10 KB 20ms
20ms Script
text/javascript 2a00:1450:4001:806::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/DcmEnabler_01_247.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/5426868114681039537/index.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

467a5b06cb117035f7882e8c71d80e093f04ce586c1ac2b84e7e4adf978edb30

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/5426868114681039537/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 16 Mar 2023 05:53:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 26981
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 10136
x-xss-protection: 0
last-modified: Mon, 27 Sep 2021 18:45:03 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 17 Mar 2023 05:53:58 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 7AA8 0
20 B 58ms
57ms Image
image/gif 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BaP8ZWxgTZM_cAfC39u8Pwf-csAIAAAAAOAHgBAI&bg=!wsGlwZXNAAZKh9k7aoc7ADkAdvg8WuLMNmdg_sP_4h5XgDch1wFHT6ba-KqCn93hHV05BTh1gmnMU9jDrxAT3LjvGZsNTvlCu6UCAAAAgFIAAAADaAEHCgB3YtoF0tm-L3HiPQlh8L1EgH1UJC9KS8tVBMj5Jwfl21DfUcJIZX5qEIvSiwrV7rgpNJYQFUwkmVrChcxSeFQEtEvBPMxpo1o5lgHTAy43h7NPJ4Ck7mwpbUgJrI_1yQAlKVf92aOqPYcnuMDzfre7azT3hkVqMQaZAvN9PkCzvSV526EoIicHMgRoBTx3Mi4io2KX6gM3NozK10M4j0l5VznzumAvX-C-jl7d1bd0nP-iKnHZ2MuLZzJ5oOkI8X6OaZELQ89lJQJYc0A_oJJBN6V9U652PLkqHjBtKg8SwPaCry-MSFOcDfxoAQoWN9QII2YQT_Ncf6h9QFqmuRTyVXEB7iL7-lSpdNDXMV0bVFzXwNOB0PhRDSTzIu_pthc2FJt8loVp_PDKtqsUrjbay8Kq47UAGVgST10tnvBirrxyxyipoJYkn4neUNtPfvnVy3VQBlLTEus4l1k6NYmcUPxCETGXG8D94qWJTC0cRyARIhkYKrdL_V0Bn19ckczfPUi26uNFsR1dscmT7e2294l-861-R6sLXTXpsoKe2dI1JV0AuOaIQVDiGfT5zwBQfdPIjBe5xqVQi8Pd2sdj6xcZjc61rdO4GJOS8DzFuugPto8yc1E0wrXz2vo-C__StihW4sNJYS3zqeVA5blVltYE-t11MmclAxkpKwbiTf1HX4ZZO2MGbhB80_ekvuWs2mxY5SvoCH09xpPERTqN9Arw9g8GQpaP7Tz9AAvPNYzx1NZCryKBL7GIDm-EqXAcS5YX9CZVh-OfNzCjySFp5fxIwRO7aJidKyPlJFZUHb905e1tr5KlrdcLkRdiMDxPvbFcbRhV_aE44FHR6sie_psA8KKonxtfXN2QXcUhFUYrxzpL2oAFJuemajebb6uTDjRITRfCIf7VSSGqhgrvzMNSbqTAqt8jLnEry2jseIgD8Wbg6cLx57Y2P2FsX3aIxrsU17BhDaXVNsFjyvOCHENecG4EopCOHDxfGVZ9aC-C5CJu9OJerROm5WXjNw8pNPZzRAdjNtF8scPekkOqOPzshhKFcDBuK_kCDY8vNOSJKgG9ECXYHrIYmzXUxIwLykq_9p7sS7s_QJvFQ1UvaZ7b1wImf0vXY4JemjVF6Am5zi9gJ925KDgyS2pNeNRSyAWJizslnXruloH9fA

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 16 Mar 2023 13:23:39 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 view
googleads4.g.doubleclick.net/pcs/ Frame CA71 0
0 59ms
59ms Fetch
image/gif 172.217.16.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsvv-jH7RLnb1iCz1544Srsp_grx82zxKhB9s46NxJ8YEhhkO82JRfhKKmmDgmDS0pYhoPgPXDyXKf2Dgy7sOY68TYMh1Zte0UpDn1zGkZ2TrwISS3AOAx8lwMYyvSBQG7rqUZB4pTNEuL-InnXq9WMDzfKph2rwRFYJsTPDocPYzOlBebRr0SivgrpngOItxPxHUokg0Q8ZClTs_UiPVaJ3v9MNvxAX0oy9PL3DnGHnOYP-bB_SkMF-l5-EkJqdMu0Jg_oqRiIepkb9vf49XYv_-LcNxD9Gwq5PFBCT7WeGaeG3ki3ElDXQk3eM0Z-pSSSlDfdBcCJTyXjJf3zuZOslCH4sYv0kJjgQ8iLlG54jS3PWImRqns74mZ7ko2xXxtt2ViAPbr-q2R5p_bnzsKuL2S8QrYSot-Fb6v3qdt3E0OGHX4MGsu7Kt6SBpYiUAqbkfp-fCVhPsrgETMdbvYJumQ5upnHWQjdihg2kXTHTsAAGlQdyNY0xyS7Z9u-GM8wPseavKs0iu2rZNGdEJTwoGqxjUsqD9VFIxu75OOVyQmmeuXOGfFdhnhgteN8ybrU-8s_Nn0Ezc26iFvdMvzD8SC8p_As7ivfkEcEyS--QUkC0uom_bFojI9zzCySCo8QnrvfZRWzTNx7PCjX861LAG3qMAYsIoH11dObI8I7Q-PqL9BXZr2o76i8_zfBe4PKdXps9uMgHM2V9Y0pm4M5PhrEkl0qFtfr7Hk-pfN3pwO1Cw7GjNbyCqPwBGyFThUC5kxP6DEs_vMLt9GeqHkGrdPoNNC8rvxyb-hiKmaBhRFT53h6AvHr5w78qa9707TRD87Nd05fYpKDkFznaYhF_nnfKvu2VlGpW-rYw8OIjUo6m8WwNmvCD_9RIelmazrWg7i874ZtWjeJHv77Q7Vnczb5g1HlgnLhQyOPdn9N713Lak26AoeIcEGtQgJBGROaTzshUcW-fOBPTo7t7A5JH-ZYGlrMt_HYCNshrMuUmctnoeWPFLvhGlKEu0Ag7a8gAsHNjM2EHDbTBwf_cKGx0iF0rAFaFh-HWBKm3fcVT_ynlIsNgEMU8BQxRXx-wmtElaiTYFqn7NqPScPQz35pPMKAwb2yNMOe6O3d9Fjajxaa8nQsJR0ut5mdNL5oGlxlxyJcvdIszcxQD5CUzMIyrmFFu05XDa1vEc20u7OE6FMhxqeO5ZDr4u9s7GcbV5-bjt6DSHgH1asx8tgbbFqsUyI4KtDXEz7LhUP9mkI6AItIynrGxYDg&sai=AMfl-YR-3hRV16UlcAhiKpaCRg8Nbw8NLXuBGekH7lSl0rZGoezjxYliZZ7OnTmlKGz2-QDPYiHPcENw_rEGEXZE3W2pC2BfYZUwlcvlhEIvPIXFrv8vXxaAFNgs_xym-ZYwqWXIFHHKC8RR8U6VhXQrNoWwu-Xe2kurxRfGDBeJ0348qs0vopMPGCoZUfAvnQJuykrxSfs3e4DIGf0cS_kc_6xkq6daO8oI4kVsZxkkcGSyF5jrGFZUTDT7CrheWRrZUjxpDbE5gQGs6VIWLIXzVNiw5hUYqVH4&sig=Cg0ArKJSzGkb9uLa8z4QEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=234&vt=11&dtpt=98&dett=3&cstd=133&cisv=r20230314.84947&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&arae=0&ftch=1&adurl=

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.16.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s65-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://a11d860c95e6036c7ad329cf125f7ca8.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 16 Mar 2023 13:23:39 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Thu, 16 Mar 2023 13:23:39 GMT

GET
H3 200 cta-hover.svg
s0.2mdn.net/sadbundle/5426868114681039537/ Frame 2710 8 KB
3 KB 23ms
22ms Image
image/svg+xml 2a00:1450:4001:806::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/5426868114681039537/cta-hover.svg

Requested by

Host: a11d860c95e6036c7ad329cf125f7ca8.safeframe.googlesyndication.com
URL: https://a11d860c95e6036c7ad329cf125f7ca8.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4728a6993742acffc485390de9d33b722c478de74bb1e9dc5df28f439509b7a6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/5426868114681039537/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Fri, 10 Mar 2023 05:00:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 548592
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2952
x-xss-protection: 0
last-modified: Wed, 21 Dec 2022 09:32:34 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 09 Mar 2024 05:00:27 GMT

GET
H3 200 cta.svg
s0.2mdn.net/sadbundle/5426868114681039537/ Frame 2710 8 KB
3 KB 24ms
23ms Image
image/svg+xml 2a00:1450:4001:806::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/5426868114681039537/cta.svg

Requested by

Host: a11d860c95e6036c7ad329cf125f7ca8.safeframe.googlesyndication.com
URL: https://a11d860c95e6036c7ad329cf125f7ca8.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d483807c092a9cf0e40ac2c93986098556dca4548fbb56a7cf1e37984a7a7d67

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/5426868114681039537/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 09 Mar 2023 15:25:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 597499
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2954
x-xss-protection: 0
last-modified: Wed, 21 Dec 2022 09:32:34 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 08 Mar 2024 15:25:20 GMT

GET
H3 200 sh1.svg
s0.2mdn.net/sadbundle/5426868114681039537/ Frame 2710 6 KB
3 KB 24ms
23ms Image
image/svg+xml 2a00:1450:4001:806::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/5426868114681039537/sh1.svg

Requested by

Host: a11d860c95e6036c7ad329cf125f7ca8.safeframe.googlesyndication.com
URL: https://a11d860c95e6036c7ad329cf125f7ca8.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d5bb207917862e6543bb8baaadb1d761993e19d30b3b8baf80784163085c4b0b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/5426868114681039537/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Sun, 12 Mar 2023 05:14:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 374944
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2539
x-xss-protection: 0
last-modified: Wed, 21 Dec 2022 09:32:34 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Mon, 11 Mar 2024 05:14:35 GMT

GET
H3 200 h1.svg
s0.2mdn.net/sadbundle/5426868114681039537/ Frame 2710 10 KB
4 KB 26ms
25ms Image
image/svg+xml 2a00:1450:4001:806::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/5426868114681039537/h1.svg

Requested by

Host: a11d860c95e6036c7ad329cf125f7ca8.safeframe.googlesyndication.com
URL: https://a11d860c95e6036c7ad329cf125f7ca8.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d4f124f2703f988920f05ddfc7fc670eb977c60448f208b1e3d7b78d4d28d517

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/5426868114681039537/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 16 Mar 2023 05:03:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 30002
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3850
x-xss-protection: 0
last-modified: Wed, 21 Dec 2022 09:32:34 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 15 Mar 2024 05:03:37 GMT

GET
H3 200 logo.svg
s0.2mdn.net/sadbundle/5426868114681039537/ Frame 2710 10 KB
4 KB 24ms
24ms Image
image/svg+xml 2a00:1450:4001:806::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/5426868114681039537/logo.svg

Requested by

Host: a11d860c95e6036c7ad329cf125f7ca8.safeframe.googlesyndication.com
URL: https://a11d860c95e6036c7ad329cf125f7ca8.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6dcbd8a34ab7d7d3d457ce13529434ef9ff40e59b2848480d0c88b8ca730b748

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/5426868114681039537/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 16 Mar 2023 05:03:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 30002
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3870
x-xss-protection: 0
last-modified: Wed, 21 Dec 2022 09:32:34 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 15 Mar 2024 05:03:37 GMT

GET
H3 200 bg-728x90.png
s0.2mdn.net/sadbundle/5426868114681039537/ Frame 2710 573 B
600 B 28ms
28ms Image
image/png 2a00:1450:4001:806::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/5426868114681039537/bg-728x90.png

Requested by

Host: a11d860c95e6036c7ad329cf125f7ca8.safeframe.googlesyndication.com
URL: https://a11d860c95e6036c7ad329cf125f7ca8.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

18c30c89772d494d7a3c219680500c41e4c021b04a9f261689aee5a47fb912a4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/5426868114681039537/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 16 Mar 2023 10:13:46 GMT
x-content-type-options: nosniff
age: 11393
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 573
x-xss-protection: 0
last-modified: Wed, 21 Dec 2022 09:32:34 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 15 Mar 2024 10:13:46 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 58ms
58ms Image
text/html 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_2023030901&jk=3543975897320736&bg=!kpGlkcXNAAZKh9k7aoc7ADkAdvg8WphcfmotTNlQDl8yvUvE23F8sTx5R1HGPyN_9KIZ9wRDSestSvFxz4YsowD9S5OLbJj2UP8CAAAA8FIAAAAIaAEHmQKPPDdflSN_L7NGsCJhCQMgZx049Y59T334f_Yrw4tA16iUwVI4YOTuEPm86mMHmgmR01u0Y5l2HFUpXcy29O_fwBJK-Wsc7YX2ymrvNU7f10C2_0b-1oc0AvujjQNY6PB9hwqxG2ZEwGpuLYToVZvwmflX4CsM8ZTvRWMNhyPzYYpyi7Dr03M9SAO9bnWnaWnklwC9fskyZyyuLP9kXXaBiYoWoKl7sZl77jqBs5bGFsK2O3JzxeJwLRegyqwZU96aw0A8Y3hbyCh5t3puJPOS1YndCCRYQfhruUEN113DxrMujITqnyCLWUTKmC4XVH0GHGFdBKXaO4ATRz00vDRzLU1bAZw-O2Oru_RclqBFBxA56_efHzjjSNxYxoONZDknjy_3NBS1eTHuK1JSW5p6poj04KNJXA-yFagD2tIPe1-ubPZhOUQ52PQVC7uZ5iyTVOcxRt4gSo1FeI--ru417skYjp3Ppa0K2iJ1Yb02AfUfJBQwKY7_MIbqW6B4VWESnLsmO5hk10jbpeqyrncFs3RMrGFs3V5zddEHMUHQK_Qy-i_Y2XRs6BkNZW8fUG5zKeGhCJ4OEF4MmQcaMMSNKCnVv1gnZkhrk0BioDQ3vMWyn3Y0adcvLFTcRcaHwdz79n1z1Bd-Ijj-NetX-OaOd1JZUuCp-KAda_dhK8rAA8HTNhmH-CVKu8-boLt4dE49n2th15MZ2EOD1-jWkXbF6yymlNnlYg-khPuFd8wAQ0e_1MRX6cKJWZACLJeirGfLNEWlDEh2tRJ_L6qVoBd4zwHhbb4tAx1-le6Rdu6jDD1fyMm4ZXpt08KbMhOdf-1vcmXE-CW7ND7nqamJpK40EnKiNdkbPgvJ1LnOP-VbIw
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.halqat.news/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 5B69 0
20 B 60ms
60ms Image
image/gif 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=B9kP1WxgTZJT9BtSnx_APpOC0yAwAAAAAOAHgBAI&bg=!MTKlMmbNAAZKh9k7aoc7ADkAdvg8WszbLOWQlnMaOnfmi2PJkJqkLIKNCbRzHKbiwy2dy3YKzj9CZnza8LqkBpTgIbOPOgDAfpgCAAAAelIAAAADaAEHCgAOoNRX8o_kk4rqr5pq11SZAzQdyXy3yzwU1_6-4ejQzyluEPtQiPPuC2l70H0pajXLXT2T36rP_mSzgZxBaXRXjcKIiIFpszG93NCFiPuJHkxcfPkcCS2rc5twxfckdfzLShW1sB-Rt_jS1UdHXhSottkHoBqzVl7G-18oJG2_Ai1R9X5MNobhEejx5XwzH75GJ58M1OmSI5f-S3aRu51EmvbD8QDJ0dQK6r7RGgYUs8nTlVsPUSozg1hikwkaSDIBRzGLwnOf67SVacis4xyUMYuAwcGcZGtWx0SX21oelFf7O9sqxSkST25ey-fUVp7TUhsCAyHYkl1lxf1W52kW9HpZT585Zkrb3-2XzkE85tgUZNt3e719KGvgFg2YytfwUXQUAFVz_ZWnKW9rtJqm-OUFQHzGPm81WK_BWsi9XryacJ0ZfuJ1s4MF-6fRneS9ByGzL6xS6pVU9DicHGi43uZKIAa1vHDNzMdjYtkor9Fsx69N3CHRKzFx6-B-klRoVD_rzi1VOS2m_BZ5WksK5NyexN71YGpBpwDn80596JR9FtRhu6hyr7y6BXkHvIIGMe8yY5TlRoJRxE-cbinMhq_bpta16nPKRy9ZpxsWEwr-IszLuNqyZIqObwUsIvzLhKbdMUPKMZajyiKVVrkHe4efWjcOBqk8ZDtqe_GQMPEF-4nkxhLzEZqJqjwYVGM1oUDvK_0YZWYgLk8eSOWPb-2Jc4pWUOSxZP-z7nwaasnWVeChyyukmt_Yh9OZYERC1QQlmltvqPWuxXtoDiqKNLk1eR78l1nZnaGz8aaY6M4Zh8mPUq9AUpBRnGGPX1hsq3yTw_6yZNl87NOrrMN4QZa14amwuuGMs7fVeRQB2YvPHnpdT5uZpxNvErOZyTYssB8UdMNxhlat7wmNTCvttxU1JQIFOK0uzWjn2tPfI8dI_YWIEtw0BJuibEqZI34Rp8SXYefJ9TxsL1h2n2G-juhDYvHRCNsMssqU6dpxhrbDo-ctICIGpOQ1SUDg0ykoKpAZvefuE_PXFRDlNWNU1KX-dI8zMcQly4-4Irt75zx6bhoajJcMI9NVrpbzGEXUqc8dRcU2_5vG-gbJPA48u6vqVMQy

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 16 Mar 2023 13:23:39 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 urlsvid.json Show response
vpaid.vidoomy.com/sync/ Frame 01D5 1 KB
737 B 149ms
41ms XHR
application/json 2a02:6ea0:c700::19
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://vpaid.vidoomy.com/sync/urlsvid.json
Requested by: Host: vid.vidoomy.com
URL: https://vid.vidoomy.com/sync?gdpr=1&gdpr_consent=&us_privacy=1---&redirect=https%3A%2F%2Fservs.modoro360.com%2Fcookiesyncendpoint%3Fpid%3D59c9148628a0612da3689288%26biddername%3D133%26auid%3D1678973018405-943813335787-001192-003-003148%26key%3D%7B%7BVID%7D%7D
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::19 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: 79adcf5d728d216874b367b40d662ba0d00c67de3c6a921a91a6233e59c7da9c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vid.vidoomy.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

x-77-pop: frankfurtDE
date: Thu, 16 Mar 2023 13:23:39 GMT
content-encoding: gzip
x-cache: HIT
x-77-cache: HIT
x-age: 79353
x-77-nzt: AcO1qhGmFNb/+TUBAA
x-accel-expires: @1679930466
last-modified: Thu, 09 Feb 2023 09:51:05 GMT
server: CDN77-Turbo
etag: W/"63e4c209-42e"
x-77-nzt-ray: 4c1562241bdaf5a45b181364079a3c32
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
access-control-allow-credentials: true

GET
H/1.1 204
No Content sync.php
pixel.rubiconproject.com/exchange/ Frame 01D5 0
239 B 91ms
22ms Image
image/gif 69.173.144.138
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/exchange/sync.php?p=pbs-vidoomy&gdpr=1&gdpr_consent=&us_privacy=
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 69.173.144.138 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vid.vidoomy.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Content-Type: image/gif
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
X-RPHost: 37b22a0c36bd84993dd2cda4a5e04b1d
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H2 200 prebid
rtb.openx.net/sync/ Frame 01D5 43 B
350 B 91ms
37ms Image
image/gif 35.227.252.103
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb.openx.net/sync/prebid?gdpr=1&gdpr_consent=&r=https%3A%2F%2Fa.vidoomy.com%2Fapi%2Frtbserver%2Fpbscookie%3Fuid%3D$%7BUID%7D%26vid%3Da6f37f0123013099a595be2217fc435a%26dspid%3Dopenx
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.227.252.103 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 103.252.227.35.bc.googleusercontent.com
Software: Cowboy /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vid.vidoomy.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 16 Mar 2023 13:23:39 GMT
via: 1.1 google
server: Cowboy
vary: Origin
p3p: CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin: null
access-control-expose-headers
cache-control: private, max-age=0, no-cache, must-revalidate
access-control-allow-credentials: true
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
x-request-id: gapon5teuiclfrpl7p5ig334mvj0joct

GET
H2 200 sync
x.bidswitch.net/ Frame 01D5 43 B
145 B 22ms
22ms Image
image/gif 3.65.209.188
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://x.bidswitch.net/sync?ssp=vidoomy&gdpr=1&gdpr_consent=
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.65.209.188 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-65-209-188.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vid.vidoomy.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 16 Mar 2023 13:23:39 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 43
content-type: image/gif

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame D299 0
20 B 55ms
55ms Ping
image/gif 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tler&ord=9478367381824&version=m202301230201&ct=76&x=1&cor=4398985395793032000

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://a11d860c95e6036c7ad329cf125f7ca8.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 16 Mar 2023 13:23:40 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame D299 42 B
174 B 58ms
57ms Fetch
image/gif 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvZ-hURvs6DMJk739EVUGnvRJuCTN2LQjtVTqav4pqD5vWFdQ8Oq02KvdhZt7_0r7HDNL7mGusKJrlKzv_MUExwwUU4fGoluc21VKYbQXG6GHm7uvx-clkWPMikeVdcvOya_iXsLg&sai=AMfl-YTEctRcb6TjIBIjXY3N8LpbB3AH-20XOCZfWr6W2A0BiMx21-u9tK5bSnFUkodH9sG5jhkHn1nQ6hPtMay1dL6pRO535lJfHuJvPA9qW_7vPZho-U8PVZjPzN8pVAPr1DWyr4MgzN86_W-S&sig=Cg0ArKJSzDrKgTa_1mw3EAE&cid=CAQSSwDUE5ym_niQLntdJbHIcjcKpFmagZ8Esea_p0YrX9qq0w5FEG8WB6lolIReilr3kOoFCa2qoXlzmx91RQt9vt7uhMiWc9kIwjMBKxgB&id=lidar2&mcvt=1011&p=1110,436,1200,1164&mtos=1011,1011,1011,1011,1011&tos=1011,0,0,0,0&v=20230315&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=152591927&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1678973018683&rpt=506&isd=0&lsd=0&met=ie&wmsd=0&pbe=0&vae=0&spb=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://a11d860c95e6036c7ad329cf125f7ca8.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 16 Mar 2023 13:23:40 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame CA71 0
20 B 54ms
54ms Ping
image/gif 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tler&ord=5803934120088&version=m202301230201&ct=76&x=1&cor=4151790939205341000

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://a11d860c95e6036c7ad329cf125f7ca8.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 16 Mar 2023 13:23:40 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 cookiesyncendpoint Show response
servs.modoro360.com/ Frame 01D5 0
235 B 316ms
316ms Document
text/plain 52.86.99.111
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://servs.modoro360.com/cookiesyncendpoint?pid=59c9148628a0612da3689288&biddername=133&auid=1678973018405-943813335787-001192-003-003148&key=a6f37f0123013099a595be2217fc435a
Requested by: Host: vid.vidoomy.com
URL: https://vid.vidoomy.com/sync?gdpr=1&gdpr_consent=&us_privacy=1---&redirect=https%3A%2F%2Fservs.modoro360.com%2Fcookiesyncendpoint%3Fpid%3D59c9148628a0612da3689288%26biddername%3D133%26auid%3D1678973018405-943813335787-001192-003-003148%26key%3D%7B%7BVID%7D%7D
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.86.99.111 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-86-99-111.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://vid.vidoomy.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

content-length: 0
date: Thu, 16 Mar 2023 13:23:42 GMT

POST
H2 200 track
track1.aniview.com/ Frame B967 0
94 B 362ms
115ms Ping
text/plain 54.82.181.0

General

Check archive.org

Show headers Download Go to

Full URL: https://track1.aniview.com/track?d=Chrome&cou=DE&cos=Windows&r=www.halqat.news&rs=www.halqat.news&sid=56455&t=1678973018&cip=217.114.218.28&sn=&tgt=0&osv=10&bv=111.0&brn=Chrome&wi=600&he=338&app=&AV_PUBLISHERID=60095c900c0799791c46d8d4&test=&d64=71cf994af45c2c0fc11d27930371931d&d63=71cf994af45c2c0fc11d27930371931d&aafaid=&proto=https&uid=1678973018405-943813335787-001192-003-003148&cha=0.7&stagid=624d76f0c470237a604a78c5&stplid=60bceb5ae580aa6950275314&d35=&d36=6.2.89&cb=57266611581&d39=&d65=Floor&d66=&apppkg=&d9=1000&prbdres=&prbdlevDB=&prebdlevEnt=&prbdsup=whiteOps&d16=2&d37=realtime&AV_WIDTH=420&AV_HEIGHT=236
Requested by: Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=60095c900c0799791c46d8d4
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.82.181.0 -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.halqat.news/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Thu, 16 Mar 2023 13:23:43 GMT
cache-control: max-age=0, no-cache, no-store
content-length: 0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: us_privacyfa9f4b3548d146d8b0584acce84c4fec.gif
URL: https://us_privacyfa9f4b3548d146d8b0584acce84c4fec.gif/?gdpr=1&gdpr_consent=&us_privacy=1---&coppa=0&puid=1678973018405-943813335787-001192-003-003148&redir=https%3A%2F%2Fservs.modoro360.com%2Fcookiesyncendpoint%3Fpid%3D59c9148628a0612da3689288%26biddername%3D57%26auid%3D1678973018405-943813335787-001192-003-003148%26key%3D%24%7BUID%7D

Verdicts & Comments Add Verdict or Comment

38 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

31 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.modoro360.com/	1970-01-20 10:51:41	Name: aniC Value:
.csync.loopme.me/	1970-01-20 12:35:21	Name: viewer_token Value: e0f1aff4-88c8-4415-869d-210ace899bf2
.360yield.com/	1970-01-20 12:32:29	Name: tuuid Value: 8ef4cfdc-b14c-4751-b882-fc930d8f2d6d
.360yield.com/	1970-01-20 12:32:29	Name: tuuid_lu Value: 1678973018
.ads.stickyadstv.com/	1970-01-20 11:06:05	Name: UID Value: c3662b2b82681c6b624c48aad232b14
.ads.stickyadstv.com/	1969-12-31 23:59:59	Name: pxId Value: 1953
.doubleclick.net/	1970-01-20 19:44:29	Name: IDE Value: AHWqTUkm5jyFcnULwHLP16cAuknDRWq0R-8GsJlypNsAs633_UJp2rDguLXoSq1r
bh.contextweb.com/	1969-12-31 23:59:59	Name: INGRESSCOOKIE Value: 7eff09f3461e0db9
.technoratimedia.com/	1970-01-20 19:58:53	Name: tads_uid Value: GDPR
.halqat.news/	1970-01-20 19:44:29	Name: __gads Value: ID=545cdd683e32c37a:T=1678973017:S=ALNI_MbJhrLmTIycfJT4Bp5sjLTGPuXkJg
.halqat.news/	1970-01-20 19:44:29	Name: __gpi Value: UID=00000bed493773d1:T=1678973017:RT=1678973017:S=ALNI_Ma20G8zFvJ55arFQfdaMntYEBc7Lg
.doubleclick.net/	1970-01-20 10:22:56	Name: DSID Value: NO_DATA
.modoro360.com/	1970-01-20 10:37:17	Name: 1_C_200 Value: OPTOUT
servs.modoro360.com/	1970-01-20 10:37:17	Name: 1_C_200 Value: OPTOUT
.modoro360.com/	1970-01-20 10:37:17	Name: 1_C_56 Value: e0f1aff4-88c8-4415-869d-210ace899bf2
servs.modoro360.com/	1970-01-20 10:37:17	Name: 1_C_56 Value: e0f1aff4-88c8-4415-869d-210ace899bf2
.modoro360.com/	1970-01-20 10:37:17	Name: 1_C_22 Value: 8ef4cfdc-b14c-4751-b882-fc930d8f2d6d
servs.modoro360.com/	1970-01-20 10:37:17	Name: 1_C_22 Value: 8ef4cfdc-b14c-4751-b882-fc930d8f2d6d
.modoro360.com/	1970-01-20 10:37:17	Name: 1_C_10 Value: ajQezX06W0OE
servs.modoro360.com/	1970-01-20 10:37:17	Name: 1_C_10 Value: ajQezX06W0OE
.casalemedia.com/	1970-01-20 19:08:29	Name: CMID Value: ZBMYWvhIv1irSdUdlF7FTAAA
.casalemedia.com/	1970-01-20 12:32:29	Name: CMPS Value: 1112
.casalemedia.com/	1970-01-20 12:32:29	Name: CMPRO Value: 1112
.adnxs.com/	1970-01-20 12:32:29	Name: uuid2 Value: 6410219532384369267
.adnxs.com/	1970-01-20 12:32:29	Name: anj Value: dTM7k!M41.D>6NRF']wIg2GVTnNeGS!]tbPl1M>e)ZlrFUfJ+tGXxo7:W046Lk.TazWO3=9r.$IiJXOX^XvF/:cG3If)y3KL9D3I?+G1QiS:
.aniview.com/	1970-01-20 10:37:17	Name: 1_C_9 Value: c3662b2b82681c6b624c48aad232b14
sync.aniview.com/	1970-01-20 10:37:17	Name: 1_C_9 Value: c3662b2b82681c6b624c48aad232b14
.adform.net/	1970-01-20 11:07:27	Name: C Value: 1
.adform.net/	1970-01-20 11:49:13	Name: uid Value: 178397690677498891
.modoro360.com/	1970-01-20 10:37:17	Name: 1_C_133 Value: a6f37f0123013099a595be2217fc435a
servs.modoro360.com/	1970-01-20 10:37:17	Name: 1_C_133 Value: a6f37f0123013099a595be2217fc435a

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a11d860c95e6036c7ad329cf125f7ca8.safeframe.googlesyndication.com
ad.360yield.com
ads.pubmatic.com
ads.stickyadstv.com
adservice.google.com
adservice.google.de
ajax.googleapis.com
bh.contextweb.com
cm.g.doubleclick.net
content1.avplayer.com
csync.loopme.me
dsum-sec.casalemedia.com
eus.rubiconproject.com
feed.avplayer.com
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
ib.adnxs.com
image6.pubmatic.com
jscdn.greeter.me
onetag-sys.com
pagead2.googlesyndication.com
pixel.rubiconproject.com
player.aniview.com
player.avplayer.com
rtb.openx.net
s0.2mdn.net
secure-assets.rubiconproject.com
securepubads.g.doubleclick.net
serv.modoro360.com
servs.modoro360.com
servt.modoro360.com
storage.de.cloud.ovh.net
sync.1rx.io
sync.aniview.com
sync.technoratimedia.com
tg1.modoro360.com
token.rubiconproject.com
tpc.googlesyndication.com
track.adform.net
track1.aniview.com
ups.analytics.yahoo.com
us_privacyfa9f4b3548d146d8b0584acce84c4fec.gif
vid.vidoomy.com
vpaid.vidoomy.com
www.google.com
www.googletagservices.com
www.gstatic.com
www.halqat.news
x.bidswitch.net
us_privacyfa9f4b3548d146d8b0584acce84c4fec.gif
104.126.125.209
141.95.4.196
142.250.185.162
172.217.16.194
185.80.39.216
185.89.211.132
198.148.27.139
198.47.127.19
2.16.238.19
205.185.216.10
213.19.147.45
23.35.236.201
23.56.202.187
2603:c020:400d:3000:bf17:cd18:9a23:846c
2606:4700:3037::ac43:ccfb
2a00:1450:4001:800::2003
2a00:1450:4001:801::2003
2a00:1450:4001:802::2002
2a00:1450:4001:806::2004
2a00:1450:4001:806::2006
2a00:1450:4001:811::2001
2a00:1450:4001:811::2002
2a00:1450:4001:812::200a
2a00:1450:4001:813::200a
2a00:1450:4001:827::2002
2a00:1450:4001:828::2002
2a00:1450:4001:829::2002
2a00:1450:4001:82f::2002
2a00:1450:4001:831::2001
2a02:26f0:3500:c::5c7b:680c
2a02:6ea0:c700::19
3.65.209.188
3.71.149.231
35.214.223.115
35.227.252.103
37.157.4.24
51.89.9.252
52.200.140.242
52.208.99.252
52.86.99.111
54.164.120.100
54.196.150.187
54.82.181.0
69.16.175.10
69.16.175.42
69.173.144.138
69.173.144.165
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
16b432ac8f43a6b2d8aa358f41ee60e2ef5923b2645bf2c37f3a06f8334b1557
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
18c30c89772d494d7a3c219680500c41e4c021b04a9f261689aee5a47fb912a4
1df77d25ad442175f7c9f0507229cd9de201ea493a7b2a6b3ca2ec363073ad26
1fd1e7c1f102c491fcbcbe53eca8601df80663b293b8ef8d8683b9da0d3587e1
280aaa8929329764ac3213ca093c63505cfcc665347939c79905c426d33867c5
28eaacdfa5ee23061edff4657bea922696eef87e0be98e6cd4332261e2dfa619
2940fc3e4be1c44c42429926fd8144235bee8fde8e590386bc0b8900482b82d2
2c43ca796e2e5229c27046c05140e5a122826f326ca56ee6c1972fc2f2a54d2a
2f4561d9a2c945d738dbc97326ee6f5ba2f9ed8911499f2cdf312af26981f378
30570c5435c39dc8f7da31fe7ea8dc3ba7329fed622a7051d3f60c53ef45fd05
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
317f149045d69a8bf445de8bbd3ff61b2cc95da746998e97f4381dfe3326c7f7
3232f4b385e743d3c5e3b029401e2d48bb595c24593404eea2f8ea943891b7e5
3456dcd3eb25196e68e2822cca66a20c2f123bedf5986f159be674e4c40a05cb
363181158af4b1671b7f8e4f9c20a71ea0526b26617436fb4f78a0283049af63
3727bbba645c1b78bd9a4c551b680ba853bc89dfc1b452cc41b75b9ec3c112b7
38539fcb89fcd309cea7f213248a19a55a26087ae1e60517e4b6d7153b79f9a4
3cda23532dc110f0f4625ff794e1c3338b8989cd4861830ec54b303007688ff8
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390
4144ebe7750ce431762e797618a6b8c57cf6b173987519641fed9dfba7c56359
41c8460c9c718fb0e8c275b7baa9083f5477ec0919bab552ef952ecee74c567b
41f2d67bc7d54d1fc7714c567d05bc33b34173e8088bd52d521d3e8f3b506c9e
467a5b06cb117035f7882e8c71d80e093f04ce586c1ac2b84e7e4adf978edb30
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
4728a6993742acffc485390de9d33b722c478de74bb1e9dc5df28f439509b7a6
492abbc30ace41332a8f68b7f34f56333a037aebac34e0bc9b9cedb0d1c3b032
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840
4d9e50379350abb45769a5049fc416a2ad6455c413756833d1e1249b617e6550
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4fb80b7bf623f709e8773d63406d7d20cbb8dda584d2259f86b7cc94050923d1
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
540bc6dec1dd4b92ea4d3fb903f69eabf6d919afd48f4e312b163c28cff0f441
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
59d6f595f0d34a25a953468d0ce7b207d5404965820c55cb72aacce1e9859423
5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b
5fc814f76311281ae957d4e6df3a27c3ce41fb8f436311c147a1486c325af8f2
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
61f1b690dba175604b0278cdaaeb9bebe75d6b57d5523f03f90d1a3da2913475
6dcbd8a34ab7d7d3d457ce13529434ef9ff40e59b2848480d0c88b8ca730b748
6ee3ee743e1fcf711173778e054eebd8e2cefeda6f5005dccee2b3cc77b3455d
72a64af6c85d8ab9bb2b508571c6a70080750c4891634dcbe36cb95737ca0f48
79adcf5d728d216874b367b40d662ba0d00c67de3c6a921a91a6233e59c7da9c
7e9e84cfacbfd1f40751fb754c9ac00f8a49435e1829de0933dd02c1687fcc97
7ff6b6ddcfe1ec382c5edd89d2c2b6328cd8a83aab101b83cdd916e6152ab60b
82df16c2b9566862302bf45688a07667a9e658325d3fb54e5dcf9482306a39fa
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
8d4e15799ddd4956096d869393ae6e2b729dda804f2b8450fcb56de72b3f8ab5
97d5a594e7f76c7e50045b67667fd6b74b268515efe6425097be1b2647079787
99c9faa603219cebe987cc0d0262320ff6a927f5cd9716d552ae12b597a4d5e0
9f66145fbaf681859fb04fc4cdedf358806d85dd27355199545b97db90d48829
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a84fb0803620acdf77c0f41d652eb5538002ed610424bd0be051203ee50cf940
a9161954861bb1fd7d5044d99f9ce04137b3836979ce8c5c75d224642f57c3f9
aaf5e3e49f2ae070d9195ddec81f3ee9046b220d9901579ec896759a9d924446
acf7eac535a0456e2c2a1499fcd26f683d9e3543ba8d5d2882a235b9452f6631
b00ad1beb37a235f3d76b8c5e8e7ff4d0e978bfd09af561448ae81776767c9e2
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
ba82735185f3aecb4c6914ebe2f64367484cdda59273ca94152553b4ab54d226
bd395fae819f4844eaedeb0e08d622e9ef9a7a87acc3087ed2b7cf7d8c829e23
c2777526a216d9692dd29697ebee7836fe8ae65f3a290faa20b75b64c0625205
c48c6f6366b529ea9d5e0abcc2edd45735e90af4e845fd429a0dcf3aad1ab833
c563ed27eb4d764c0fc7f7b74c5042ba1e6b1f4bfa9f4ffdbfb19a4b993af84b
cb843e505153522d6d0ed1f1c8bd73ce8aaef6c6974d8ad49af62583bfec38a8
cce1aee65b9f2093ba86119d6ef979fd5183c77b513a1f6c735e0cd56f951070
d04a9ebcf5396233d88fbd891e94070d6f9909f177c7f936e87a8022898dafff
d483807c092a9cf0e40ac2c93986098556dca4548fbb56a7cf1e37984a7a7d67
d4f124f2703f988920f05ddfc7fc670eb977c60448f208b1e3d7b78d4d28d517
d5bb207917862e6543bb8baaadb1d761993e19d30b3b8baf80784163085c4b0b
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e41d1ae45acbf836b8dcc29544c7e41cced4211214df601d5284a7e9c7134c73
eaa3d12c6890efadb732d28d679f37a9d9f513ac686e7de453e82000612a7536
ed77a3f8089f94902d2b9901e747f1bfb3df703c33b71f5b96adac7d33714aad
ee9a49aae5d1fc7602361ae5c6d69fc8eb128d007b4dee67d42ce19bbf2c87e0
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f2ca256c2a497bf6cfce165bbbe64483719df33ad1c7ab2ce8b94b24f65c3b2f
f50e59fa7a264b1674e5f94591375a26e9aea318036b2a629e5ba182df01b54f
fb20da3761f50927006a6f6303ae6fceec0b3cb5f4c532ba5845bcd5392112d8

www.halqat.news Open in urlscan Pro 2606:4700:3037::ac43:ccfb Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

139 Requests

93 %HTTPS

38 %IPv6

31 Domains

51 Subdomains

43 IPs

8 Countries

1225 kBTransfer

3539 kBSize

31 Cookies

0 Outgoing links

Page URL History

Redirected requests

139 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 5 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

www.halqat.news Open in urlscan Pro
2606:4700:3037::ac43:ccfb Public Scan

Screenshot
Live screenshot

Full Image

139
Requests

93 %
HTTPS

38 %
IPv6

31
Domains

51
Subdomains

43
IPs

8
Countries

1225 kB
Transfer

3539 kB
Size

31
Cookies

139 HTTP transactions
5 data transactions