urlscan.io logo urlscan.io
SecurityTrails logo

newstral.com Open in urlscan Pro
138.201.137.196  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://newstral.de/
Effective URL: https://newstral.com/
Submission: On February 07 via manual from ES
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 33 IPs in 8 countries across 32 domains to perform 98 HTTP transactions. The main IP is 138.201.137.196, located in Germany and belongs to HETZNER-AS, DE. The main domain is newstral.com.
TLS certificate: Issued by R3 on December 19th 2020. Valid for: 3 months.
This is the only time newstral.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 19 138.201.137.196 24940 (HETZNER-AS)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
12 151.101.13.44 54113 (FASTLY)
3 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
2 2606:4700::68... 13335 (CLOUDFLAR...)
1 2a00:1450:400... 15169 (GOOGLE)
3 142.250.185.194 15169 (GOOGLE)
3 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
3 2a00:1450:400... 15169 (GOOGLE)
6 2a00:1450:400... 15169 (GOOGLE)
1 151.101.14.110 54113 (FASTLY)
2 162.247.243.147 23467 (NEWRELIC-...)
2 2 18.158.93.70 16509 (AMAZON-02)
2 6 141.226.228.48 200478 (TABOOLA-AS)
1 69.173.144.138 26667 (RUBICONPR...)
1 2 198.148.27.139 19189 (PULSEPOINT)
1 185.33.221.90 29990 (ASN-APPNEX)
2 2 142.250.186.34 15169 (GOOGLE)
1 7 2a00:1450:400... 15169 (GOOGLE)
1 185.64.190.80 62713 (AS-PUBMATIC)
2 2 54.228.114.223 16509 (AMAZON-02)
1 2 216.52.2.39 30282 (AS-INAPCD...)
1 185.86.139.113 201081 (SMARTADSE...)
1 174.137.133.49 27257 (WEBAIR-IN...)
1 18.195.155.181 16509 (AMAZON-02)
1 1 178.250.2.151 44788 (ASN-CRITE...)
1 1 172.104.64.149 63949 (LINODE-AP...)
1 192.132.33.46 18568 (BIDTELLECT)
1 141.226.224.32 200478 (TABOOLA-AS)
3 3 35.157.13.124 16509 (AMAZON-02)
1 1 35.210.239.72 19527 (GOOGLE-2)
8 199.232.137.44 54113 (FASTLY)
5 2a00:1450:400... 15169 (GOOGLE)
1 2 2a00:1450:400... 15169 (GOOGLE)
98 33
19    138.201.137.196 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.196.137.201.138.clients.your-server.de
newstral.de
newstral.com
1    2a00:1450:4001:82a::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
1    2a00:1450:4001:802::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
ajax.googleapis.com
1    2a00:1450:4001:827::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
ajax.googleapis.com
12    151.101.13.44 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)
cdn.taboola.com
trc.taboola.com
match.taboola.com
3    2a00:1450:4001:828::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
1    2a00:1450:400c:c00::9b (Brussels, Belgium)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
2    2a00:1450:4001:827::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagservices.com
adservice.google.de
2    2606:4700::6811:1f5c (United States)

ASN13335 (CLOUDFLARENET, US)
widget.uservoice.com
by2.uservoice.com
1    2a00:1450:4001:812::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
3    142.250.185.194 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s52-in-f2.1e100.net
securepubads.g.doubleclick.net
3    2a00:1450:400c:c00::9a (Brussels, Belgium)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
2    2a00:1450:4001:803::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.com
pagead2.googlesyndication.com
3    2a00:1450:4001:82a::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
6e83410fdc7791b7bc4029de1bec63cc.safeframe.googlesyndication.com
6    2a00:1450:4001:80f::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
tpc.googlesyndication.com
cdn.ampproject.org
1    151.101.14.110 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)
js-agent.newrelic.com
2    162.247.243.147 (San Francisco, United States)

ASN23467 (NEWRELIC-AS-1, US)
bam-cell.nr-data.net
2    18.158.93.70 (United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-158-93-70.eu-central-1.compute.amazonaws.com
rtb.mfadsrvr.com
6    141.226.228.48 (Netherlands)

ASN200478 (TABOOLA-AS, IL)
sync.taboola.com
sync-t1.taboola.com
1    69.173.144.138 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)
pixel.rubiconproject.com
2    198.148.27.139 (New York, United States)

ASN19189 (PULSEPOINT, US)
bh.contextweb.com
1    185.33.221.90 (Netherlands)

ASN29990 (ASN-APPNEX, US)
PTR: 727.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
ib.adnxs.com
2    142.250.186.34 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s04-in-f2.1e100.net
cm.g.doubleclick.net
7    2a00:1450:4001:829::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
cm.g.doubleclick.net
www.googletagservices.com
pagead2.googlesyndication.com
googleads.g.doubleclick.net
1    185.64.190.80 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
simage2.pubmatic.com
2    54.228.114.223 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-228-114-223.eu-west-1.compute.amazonaws.com
match.adsrvr.org
2    216.52.2.39 (United States)

ASN30282 (AS-INAPCDN-OCY, US)
ce.lijit.com
1    185.86.139.113 (France)

ASN201081 (SMARTADSERVER, FR)
rtb-csync.smartadserver.com
1    174.137.133.49 (Garden City, United States)

ASN27257 (WEBAIR-INTERNET, US)
dsp.adkernel.com
1    18.195.155.181 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-195-155-181.eu-central-1.compute.amazonaws.com
e1.emxdgt.com
1    178.250.2.151 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
dis.criteo.com
1    172.104.64.149 (Tokyo, Japan)

ASN63949 (LINODE-AP Linode, LLC, US)
PTR: li1674-149.members.linode.com
s.c.appier.net
1    192.132.33.46 (United States)

ASN18568 (BIDTELLECT, US)
PTR: 46.bidtellect.com
bttrack.com
1    141.226.224.32 (United States)

ASN200478 (TABOOLA-AS, IL)
cds.taboola.com
3    35.157.13.124 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-35-157-13-124.eu-central-1.compute.amazonaws.com
x.bidswitch.net
1    35.210.239.72 (Mountain View, United States)

ASN19527 (GOOGLE-2, US)
PTR: 72.239.210.35.bc.googleusercontent.com
u.ipw.metadsp.co.uk
8    199.232.137.44 (United States)

ASN54113 (FASTLY, US)
images.taboola.com
5    2a00:1450:4001:829::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
tpc.googlesyndication.com
2    2a00:1450:4001:80f::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
Apex Domain
Subdomains		 Transfer
27 taboola.com
cdn.taboola.com
trc.taboola.com
sync.taboola.com
match.taboola.com
sync-t1.taboola.com
cds.taboola.com
images.taboola.com
260 KB
18 newstral.com
newstral.com
503 KB
13 googlesyndication.com
6e83410fdc7791b7bc4029de1bec63cc.safeframe.googlesyndication.com
tpc.googlesyndication.com
pagead2.googlesyndication.com
56 KB
12 doubleclick.net
stats.g.doubleclick.net
securepubads.g.doubleclick.net
cm.g.doubleclick.net
googleads.g.doubleclick.net
153 KB
5 ampproject.org
cdn.ampproject.org
97 KB
3 bidswitch.net
x.bidswitch.net
1 KB
3 google.com
adservice.google.com
www.google.com
241 B
3 gstatic.com
fonts.gstatic.com
35 KB
3 googleapis.com
fonts.googleapis.com
ajax.googleapis.com
85 KB
2 lijit.com
ce.lijit.com
1018 B
2 adsrvr.org
match.adsrvr.org
915 B
2 contextweb.com
bh.contextweb.com
828 B
2 mfadsrvr.com
rtb.mfadsrvr.com
1 KB
2 nr-data.net
bam-cell.nr-data.net
1 KB
2 uservoice.com
widget.uservoice.com
by2.uservoice.com
21 KB
2 googletagservices.com
www.googletagservices.com
47 KB
1 metadsp.co.uk
u.ipw.metadsp.co.uk
256 B
1 bttrack.com
bttrack.com
380 B
1 appier.net
s.c.appier.net
362 B
1 criteo.com
dis.criteo.com
525 B
1 emxdgt.com
e1.emxdgt.com
124 B
1 adkernel.com
dsp.adkernel.com
233 B
1 smartadserver.com
rtb-csync.smartadserver.com
697 B
1 pubmatic.com
simage2.pubmatic.com
1009 B
1 adnxs.com
ib.adnxs.com
692 B
1 rubiconproject.com
pixel.rubiconproject.com
239 B
1 newrelic.com
js-agent.newrelic.com
11 KB
1 google.de
adservice.google.de
169 B
1 google-analytics.com
www.google-analytics.com
849 B
1 newstral.de
newstral.de
196 B
0 tapad.com Failed
pixel.tapad.com Failed
0 twimg.com Failed
widgets.twimg.com Failed
98 32
Domain Requested by
18 newstral.com newstral.com
8 images.taboola.com newstral.com
6 tpc.googlesyndication.com securepubads.g.doubleclick.net
newstral.com
tpc.googlesyndication.com
6 cdn.taboola.com newstral.com
cdn.taboola.com
5 cdn.ampproject.org securepubads.g.doubleclick.net
5 trc.taboola.com cdn.taboola.com
4 pagead2.googlesyndication.com securepubads.g.doubleclick.net
4 cm.g.doubleclick.net 3 redirects
4 sync.taboola.com 2 redirects
4 stats.g.doubleclick.net newstral.com
3 x.bidswitch.net 3 redirects
3 6e83410fdc7791b7bc4029de1bec63cc.safeframe.googlesyndication.com securepubads.g.doubleclick.net
3 securepubads.g.doubleclick.net www.googletagservices.com
securepubads.g.doubleclick.net
newstral.com
3 fonts.gstatic.com fonts.googleapis.com
2 www.google.com 1 redirects newstral.com
2 sync-t1.taboola.com
2 ce.lijit.com 1 redirects
2 match.adsrvr.org 2 redirects
2 bh.contextweb.com 1 redirects
2 rtb.mfadsrvr.com 2 redirects
2 bam-cell.nr-data.net js-agent.newrelic.com
2 www.googletagservices.com newstral.com
securepubads.g.doubleclick.net
2 ajax.googleapis.com newstral.com
1 googleads.g.doubleclick.net newstral.com
1 u.ipw.metadsp.co.uk 1 redirects
1 cds.taboola.com
1 bttrack.com
1 s.c.appier.net 1 redirects
1 dis.criteo.com 1 redirects
1 e1.emxdgt.com
1 dsp.adkernel.com
1 rtb-csync.smartadserver.com
1 simage2.pubmatic.com
1 ib.adnxs.com
1 pixel.rubiconproject.com
1 match.taboola.com
1 by2.uservoice.com widget.uservoice.com
1 js-agent.newrelic.com newstral.com
1 adservice.google.com securepubads.g.doubleclick.net
1 adservice.google.de securepubads.g.doubleclick.net
1 www.google-analytics.com stats.g.doubleclick.net
1 widget.uservoice.com newstral.com
1 fonts.googleapis.com newstral.com
1 newstral.de 1 redirects
0 pixel.tapad.com Failed
0 widgets.twimg.com Failed newstral.com
98 46
Subject Issuer Validity Valid
dnnd.de
R3		 2020-12-19 -
2021-03-19		 3 months crt.sh
upload.video.google.com
GTS CA 1O1		 2021-01-19 -
2021-04-13		 3 months crt.sh
*.taboola.com
DigiCert TLS RSA SHA256 2020 CA1		 2020-11-25 -
2021-12-26		 a year crt.sh
*.gstatic.com
GTS CA 1O1		 2021-01-19 -
2021-04-13		 3 months crt.sh
*.g.doubleclick.net
GTS CA 1O1		 2021-01-19 -
2021-04-13		 3 months crt.sh
uservoice.com
Cloudflare Inc ECC CA-3		 2020-06-26 -
2021-06-26		 a year crt.sh
*.google-analytics.com
GTS CA 1O1		 2021-01-19 -
2021-04-13		 3 months crt.sh
*.google.de
GTS CA 1O1		 2021-01-19 -
2021-04-13		 3 months crt.sh
*.google.com
GTS CA 1O1		 2021-01-19 -
2021-04-13		 3 months crt.sh
tpc.googlesyndication.com
GTS CA 1O1		 2021-01-19 -
2021-04-13		 3 months crt.sh
f4.shared.global.fastly.net
GlobalSign CloudSSL CA - SHA256 - G3		 2020-12-28 -
2021-05-07		 4 months crt.sh
*.nr-data.net
DigiCert SHA2 Secure Server CA		 2020-02-05 -
2022-02-08		 2 years crt.sh
*.rubiconproject.com
DigiCert TLS RSA SHA256 2020 CA1		 2020-12-18 -
2022-01-18		 a year crt.sh
*.adnxs.com
DigiCert ECC Secure Server CA		 2019-01-23 -
2021-03-08		 2 years crt.sh
*.pubmatic.com
Sectigo RSA Organization Validation Secure Server CA		 2019-02-22 -
2021-02-21		 2 years crt.sh
*.lijit.com
Go Daddy Secure Certificate Authority - G2		 2020-03-11 -
2021-05-10		 a year crt.sh
*.contextweb.com
DigiCert SHA2 Secure Server CA		 2020-05-07 -
2022-05-12		 2 years crt.sh
*.smartadserver.com
DigiCert ECC Secure Server CA		 2020-01-30 -
2022-02-03		 2 years crt.sh
*.adkernel.com
Sectigo RSA Domain Validation Secure Server CA		 2020-12-22 -
2022-01-05		 a year crt.sh
*.emxdgt.com
Go Daddy Secure Certificate Authority - G2		 2020-05-18 -
2021-07-17		 a year crt.sh
*.bttrack.com
Sectigo RSA Domain Validation Secure Server CA		 2019-03-19 -
2021-04-13		 2 years crt.sh
misc-sni.google.com
GTS CA 1O1		 2021-01-19 -
2021-04-13		 3 months crt.sh
www.google.com
GTS CA 1O1		 2021-01-19 -
2021-04-13		 3 months crt.sh

This page contains 6 frames:

Primary Page: https://newstral.com/
Frame ID: 929BC996E271E0373881EB97B9D8E018
Requests: 64 HTTP requests in this frame

Frame: https://match.taboola.com/sg/mediaforcebidder-network/1/rtb-h?taboola_hm=0d5b6917-6e02-4e76-83fb-c8029445fa57&tbid=60c1ca51-6d9d-4a2b-a987-c378e4b5fd29-tuct7193816&query=taboola_hm%3D0d5b6917-6e02-4e76-83fb-c8029445fa57&isDirect=0
Frame ID: C923098A2BBA906921CCB740BD2E4562
Requests: 19 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/012010270040000/amp4ads-v0.mjs
Frame ID: 4967DBFCF08038E4ABB568A811D4CE4D
Requests: 13 HTTP requests in this frame

Frame: https://6e83410fdc7791b7bc4029de1bec63cc.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html
Frame ID: 3D0218F08C07A15C0B392A0276F838D6
Requests: 1 HTTP requests in this frame

Frame: https://6e83410fdc7791b7bc4029de1bec63cc.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html
Frame ID: DD90A5A5DAD98EC1D15086B7FB457161
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/221/runner.html
Frame ID: DEA94E73B2D3A520C77C65C02A1DAAF9
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. http://newstral.de/ HTTP 301
    https://newstral.com/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • headers server /nginx(?:\/([\d.]+))?/i
Overall confidence: 100%
Detected patterns
  • script /googletagservices\.com\/tag\/js\/gpt(?:_mobile)?\.js/i
Overall confidence: 100%
Detected patterns
  • html /<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com/i

Page Statistics

98
Requests

98 %
HTTPS

38 %
IPv6

32
Domains

46
Subdomains

33
IPs

8
Countries

1270 kB
Transfer

3211 kB
Size

8
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://newstral.de/ HTTP 301
    https://newstral.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 46
  • https://rtb.mfadsrvr.com/sync?ssp=taboola HTTP 302
  • https://rtb.mfadsrvr.com/ul_cb/sync?ssp=taboola HTTP 302
  • https://sync.taboola.com/sg/mediaforcebidder-network/1/rtb-h?taboola_hm=0d5b6917-6e02-4e76-83fb-c8029445fa57 HTTP 302
  • https://match.taboola.com/sg/mediaforcebidder-network/1/rtb-h?taboola_hm=0d5b6917-6e02-4e76-83fb-c8029445fa57&tbid=60c1ca51-6d9d-4a2b-a987-c378e4b5fd29-tuct7193816&query=taboola_hm%3D0d5b6917-6e02-4e76-83fb-c8029445fa57&isDirect=0
Request Chain 48
  • https://bh.contextweb.com/bh/rtset?pid=562107&ev=1&rurl=https%3A%2F%2Fsync.taboola.com/sg/pulsepointrtb-network/1/rtb-h/?taboola_hm=%%VGUID%%&orig=trc HTTP 302
  • https://sync.taboola.com/sg/pulsepointrtb-network/1/rtb-h/?taboola_hm=upOwROR6BxKp&ev=1&orig=trc&pid=562107
Request Chain 50
  • https://cm.g.doubleclick.net/pixel?google_nid=taboola_dbm&google_cm&google_sc HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=taboola_dbm&google_cm=&google_sc=&google_tc= HTTP 302
  • https://trc.taboola.com/sg/google-network/1/rtb-h/?taboola_hm=CAESEBm-FxyyrIbWeXN72RotptI&google_cver=1
Request Chain 52
  • https://sync.taboola.com/sg/google-network/1/rtb?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dtaboola_dbm%26google_sc%26gdpr%3D0%26gdpr_consent%3D&orig=trc HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=taboola_dbm&google_sc&gdpr=0&gdpr_consent=&google_hm=60c1ca51-6d9d-4a2b-a987-c378e4b5fd29-tuct7193816 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=taboola_dbm&google_sc=&gdpr=0&gdpr_consent=&google_hm=60c1ca51-6d9d-4a2b-a987-c378e4b5fd29-tuct7193816&google_tc=
Request Chain 53
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=054f32o&ttd_tpi=1 HTTP 302
  • https://match.adsrvr.org/track/cmb/generic?ttd_pid=054f32o&ttd_tpi=1 HTTP 302
  • https://trc.taboola.com/sg/thetradedesk-network/1/rtb-h/?taboola_hm=e70cf4eb-4e4b-4bbf-8e62-cc5ae104284b
Request Chain 54
  • https://ce.lijit.com/merge?pid=42&3pid=60c1ca51-6d9d-4a2b-a987-c378e4b5fd29-tuct7193816&us_privacy=&gdpr=0&gdpr_consent= HTTP 302
  • https://ce.lijit.com/merge?pid=42&3pid=60c1ca51-6d9d-4a2b-a987-c378e4b5fd29-tuct7193816&us_privacy=&gdpr=0&gdpr_consent=&dnr=1
Request Chain 59
  • https://dis.criteo.com/dis/usersync.aspx?r=29&p=282&cp=taboolaortb&cu=1&url=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fcriteortb-network%2F1%2Frtb-h%2F%3Ftaboola_hm%3D%40%40CRITEO_USERID%40%40 HTTP 302
  • https://sync-t1.taboola.com/sg/criteortb-network/1/rtb-h/?taboola_hm=b9fcec6d-8e16-4724-82db-da144cb5f21a
Request Chain 60
  • https://id5-sync.com/s/464/9.gif?puid=60c1ca51-6d9d-4a2b-a987-c378e4b5fd29-tuct7193816&gdpr=0&gdpr_consent=&callback=https%3A%2F%2Fsync.taboola.com%2Fsg%2Fid5-network%2F1%2Frtb-h%2F%3Ftaboola_hm%3D%7BID5UID%7D HTTP 302
  • https://id5-sync.com/c/464/464/7/1.gif?puid=60c1ca51-6d9d-4a2b-a987-c378e4b5fd29-tuct7193816&gdpr=1&gdpr_consent= HTTP 302
  • https://ice.360yield.com/match?publisher_dsp_id=79&dsp_callback=1&external_user_id=ID5-ZHMOE2YxYC-Cjl5Ry4IQYLvrl8kTzDI9ZMFciPx5_Q&r=https%3A%2F%2Fid5-sync.com%2Fcq%2F464%2F124%2F6%2F2.gif%3Fpuid%3D%7BPUB_USER_ID%7D%26gdpr%3D1%26gdpr_consent%3D&gdpr=1&gdpr_consent= HTTP 302
  • https://ice.360yield.com/ul_cb/match?publisher_dsp_id=79&dsp_callback=1&external_user_id=ID5-ZHMOE2YxYC-Cjl5Ry4IQYLvrl8kTzDI9ZMFciPx5_Q&r=https%3A%2F%2Fid5-sync.com%2Fcq%2F464%2F124%2F6%2F2.gif%3Fpuid%3D%7BPUB_USER_ID%7D%26gdpr%3D1%26gdpr_consent%3D&gdpr=1&gdpr_consent= HTTP 302
  • https://id5-sync.com/cq/464/124/6/2.gif?puid=ae373852-6fcc-4852-aa92-a6c0df3c9451&gdpr=1&gdpr_consent=&gdpr=1&gdpr_consent= HTTP 302
  • https://cookie-matching.mediarithmics.com/v1/get_user_agent_id?dom_token=id517&sd=Y2FzY2FkZXNSZW1haW5pbmc9NSZjYXNjYWRlc0RvbmU9MyZpbml0aWF0aW5nUGFydG5lcj00NjQmZm9ybWF0PWdpZiY HTTP 303
  • https://cookie-matching.mediarithmics.com/v1/get_or_create?sd=Y2FzY2FkZXNSZW1haW5pbmc9NSZjYXNjYWRlc0RvbmU9MyZpbml0aWF0aW5nUGFydG5lcj00NjQmZm9ybWF0PWdpZiY&domid=1033 HTTP 303
  • https://cm.g.doubleclick.net/pixel?google_nid=medr&google_cm&key=GOO&sd=Y2FzY2FkZXNSZW1haW5pbmc9NSZjYXNjYWRlc0RvbmU9MyZpbml0aWF0aW5nUGFydG5lcj00NjQmZm9ybWF0PWdpZiY&action=GET_ID&opid=goo&etid=&domid=1033&ops=apx HTTP 302
  • https://cookie-matching.mediarithmics.com/input?key=GOO&key=GOO&sd=Y2FzY2FkZXNSZW1haW5pbmc9NSZjYXNjYWRlc0RvbmU9MyZpbml0aWF0aW5nUGFydG5lcj00NjQmZm9ybWF0PWdpZiY&action=GET_ID&opid=goo&etid=&domid=1033&ops=apx&google_gid=CAESEDuwZvl-4q7W-p9i3nQh-5M&google_cver=1 HTTP 303
  • https://ib.adnxs.com/getuid?https://cookie-matching.mediarithmics.com/input?key=APX&apx_uid=$UID&opid=apx&ops=&utidl=tech:goo:CAESEDuwZvl-4q7W-p9i3nQh-5M&sd=Y2FzY2FkZXNSZW1haW5pbmc9NSZjYXNjYWRlc0RvbmU9MyZpbml0aWF0aW5nUGFydG5lcj00NjQmZm9ybWF0PWdpZiY&action=GET_ID&etid=&domid=1033 HTTP 307
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcookie-matching.mediarithmics.com%2Finput%3Fkey%3DAPX%26apx_uid%3D%24UID%26opid%3Dapx%26ops%3D%26utidl%3Dtech%3Agoo%3ACAESEDuwZvl-4q7W-p9i3nQh-5M%26sd%3DY2FzY2FkZXNSZW1haW5pbmc9NSZjYXNjYWRlc0RvbmU9MyZpbml0aWF0aW5nUGFydG5lcj00NjQmZm9ybWF0PWdpZiY%26action%3DGET_ID%26etid%3D%26domid%3D1033 HTTP 302
  • https://cookie-matching.mediarithmics.com/input?key=APX&apx_uid=1134878718735768552&opid=apx&ops=&utidl=tech:goo:CAESEDuwZvl-4q7W-p9i3nQh-5M&sd=Y2FzY2FkZXNSZW1haW5pbmc9NSZjYXNjYWRlc0RvbmU9MyZpbml0aWF0aW5nUGFydG5lcj00NjQmZm9ybWF0PWdpZiY&action=GET_ID&etid=&domid=1033 HTTP 303
  • https://id5-sync.com/qp/18.gif?puid=vec%3A11151523259&sd=Y2FzY2FkZXNSZW1haW5pbmc9NSZjYXNjYWRlc0RvbmU9MyZpbml0aWF0aW5nUGFydG5lcj00NjQmZm9ybWF0PWdpZiY HTTP 302
  • https://sync.crwdcntrl.net/map/c=13953/tp=IDFI/gdpr=1/gdpr_consent=?https://id5-sync.com/c/464/19/4/4.gif?puid=${profile_id}&gdpr=1&gdpr_consent= HTTP 302
  • https://sync.crwdcntrl.net/map/ct=y/c=13953/tp=IDFI/gdpr=1/gdpr_consent=?https://id5-sync.com/c/464/19/4/4.gif?puid=${profile_id}&gdpr=1&gdpr_consent= HTTP 302
  • https://id5-sync.com/c/464/19/4/4.gif?puid=beff360d2836f7fcc1291ff11341c167&gdpr=1&gdpr_consent= HTTP 302
  • https://ads.creative-serving.com/id5_cm?callback=https%3A%2F%2Fid5-sync.com%2Fc%2F464%2F101%2F3%2F5.gif%3Fpuid%3D%5BUID%5D%26gdpr%3D1%26gdpr_consent%3D HTTP 302
  • https://ads.creative-serving.com/ul_cb/id5_cm?callback=https%3A%2F%2Fid5-sync.com%2Fc%2F464%2F101%2F3%2F5.gif%3Fpuid%3D%5BUID%5D%26gdpr%3D1%26gdpr_consent%3D HTTP 302
  • https://id5-sync.com/c/464/101/3/5.gif?puid=dc67eb0c-39ee-46a7-8e79-993d557cb467&gdpr=1&gdpr_consent= HTTP 302
  • https://pixel.tapad.com/idsync/ex/push?partner_id=2922&partner_url=https%3A%2F%2Fid5-sync.com%2Fc%2F464%2F108%2F2%2F6.gif%3Fpuid%3D%24%7BTA_DEVICE_ID%7D%26gdpr%3D1%26gdpr_consent%3D&gdpr=1&gdpr_consent= HTTP 302
  • https://pixel.tapad.com/idsync/ex/push/check?partner_id=2922&partner_url=https%3A%2F%2Fid5-sync.com%2Fc%2F464%2F108%2F2%2F6.gif%3Fpuid%3D%24%7BTA_DEVICE_ID%7D%26gdpr%3D1%26gdpr_consent%3D&gdpr=1&gdpr_consent=
Request Chain 61
  • https://s.c.appier.net/taboola HTTP 302
  • https://sync.taboola.com/sg/appierrtb-network/1/rtb-h?taboola_hm=ZqcCvSvxC9-90UUyl7IfYA
Request Chain 64
  • https://x.bidswitch.net/sync?ssp=taboola&gdpr=0&gdpr_consent= HTTP 302
  • https://x.bidswitch.net/ul_cb/sync?ssp=taboola&gdpr=0&gdpr_consent= HTTP 302
  • https://u.ipw.metadsp.co.uk/sync?ssp=bidswitch&bidswitch_ssp_id=taboola&bsw_user_id=${BSW_USER_UD}&bsw_param=b3e88cc3-8e89-42e3-9097-5a1ed0a8d16d&gdpr=0&gdpr_consent=&gdpr_pd=&us_privacy= HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=339&expires=14&user_group=0&user_id=&ssp=taboola&bsw_param=b3e88cc3-8e89-42e3-9097-5a1ed0a8d16d HTTP 302
  • https://sync-t1.taboola.com/sg/bidswitch-network/1/rtb-h?taboola_hm=b3e88cc3-8e89-42e3-9097-5a1ed0a8d16d
Request Chain 91
  • https://www.google.com/pagead/drt/ui HTTP 302
  • https://googleads.g.doubleclick.net/pagead/drt/si

98 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
newstral.com/
Redirect Chain
  • http://newstral.de/
  • https://newstral.com/
171 KB
37 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://newstral.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
138.201.137.196 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.196.137.201.138.clients.your-server.de
Software
nginx/1.10.1 / Phusion Passenger 5.0.30
Resource Hash
83c87b0d5959419a7d9a1924b0307766d9423dd62d450b356a29a0040bcda58e
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

:method
GET
:authority
newstral.com
:scheme
https
:path
/
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
none
sec-fetch-mode
navigate
sec-fetch-user
?1
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

server
nginx/1.10.1
date
Sun, 07 Feb 2021 09:27:49 GMT
content-type
text/html; charset=utf-8
vary
Accept-Encoding Accept-Encoding
status
200 OK
x-request-id
c13df0be-02c2-475e-afd0-e0d316ffee3e
cache-control
no-cache, no-store, must-revalidate
x-runtime
0.187758
pragma
no-cache
expires
0
set-cookie
wildcard_guest=BAhsKwe9OxBG--3931ab797370e4eeed7cc10a4363c33d2956500b; domain=.newstral.com; path=/; expires=Thu, 07 Feb 2041 09:27:49 -0000 this_visit=2021-02-07+10%3A27%3A49+%2B0100; domain=.newstral.com; path=/; expires=Mon, 07 Feb 2022 09:27:49 -0000 _newstral_session=ejRDMkhqVzN4T1JGK2Jvekg3aWUwL0dia3NBWGhzYVZCUUQvSUlTa2VEOFhWM1MwK05nNUg0Tm52eXM5Y1IxaFdxMCsyMFBqcy8wMFBFbUxSZ2hoTzhCT1V1OVA4bW9uNjNZT2RqZTVYZk4yU3h6aEFhaHhCeEVYd0p4K2RVNTdoZUZ0c0g5UmNMWlJKV2FKbVpkUFVLdWkzNFBRSThGWll1SC9WWEQ1UDBzRjk2VUkzUG9maW00TmpJWEFxbHNObG9wN2Y0SmdaV08rUytUSC8yNSt2SVdPcUZGdFJ6VFFlSk5WNjA2aVRQVT0tLWx1eUJKZStBNmVDdXdFVmkwdWZQZ2c9PQ%3D%3D--086279cedb4599389142e276f75fdeadb90ab943; domain=.newstral.com; path=/; HttpOnly
x-powered-by
Phusion Passenger 5.0.30
strict-transport-security
max-age=15768000
content-encoding
gzip

Redirect headers

Server
nginx/1.10.1
Date
Sun, 07 Feb 2021 09:27:49 GMT
Content-Type
text/html
Content-Length
185
Connection
keep-alive
Location
https://newstral.com/
css
fonts.googleapis.com/ 		1 KB
479 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Droid+Sans:400,700|Droid+Serif
Requested by
Host: newstral.com
URL: https://newstral.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
e281c8b217c70047b73ba00f2c9f3885ea5ebc2025493f72ac6266df1c44b5d9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://newstral.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Sun, 07 Feb 2021 09:27:49 GMT
server
ESF
date
Sun, 07 Feb 2021 09:27:49 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sun, 07 Feb 2021 09:27:49 GMT
application_desktop_web-6371cecfe9bee7ec1e9d9b310168532f1ba0fbf3a8dbe0a52b972577d8e662bd.css
newstral.com/assets/ 		425 KB
64 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://newstral.com/assets/application_desktop_web-6371cecfe9bee7ec1e9d9b310168532f1ba0fbf3a8dbe0a52b972577d8e662bd.css
Requested by
Host: newstral.com
URL: https://newstral.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
138.201.137.196 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.196.137.201.138.clients.your-server.de
Software
nginx/1.10.1 /
Resource Hash
6371cecfe9bee7ec1e9d9b310168532f1ba0fbf3a8dbe0a52b972577d8e662bd
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

Referer
https://newstral.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sun, 07 Feb 2021 09:27:49 GMT
content-encoding
gzip
last-modified
Mon, 15 May 2017 05:59:10 GMT
server
nginx/1.10.1
vary
Accept-Encoding, Accept-Encoding
content-type
text/css
cache-control
max-age=31536000, public
strict-transport-security
max-age=15768000
expires
Thu, 23 Dec 2021 08:20:43 GMT
dummy-1ec9785808a9fa83fdeb0f05acb6886bf97adc60b80406fd4a61211dd01e1af7.png
newstral.com/assets/ 		968 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://newstral.com/assets/dummy-1ec9785808a9fa83fdeb0f05acb6886bf97adc60b80406fd4a61211dd01e1af7.png
Requested by
Host: newstral.com
URL: https://newstral.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
138.201.137.196 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.196.137.201.138.clients.your-server.de
Software
nginx/1.10.1 /
Resource Hash
1ec9785808a9fa83fdeb0f05acb6886bf97adc60b80406fd4a61211dd01e1af7
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

Referer
https://newstral.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sun, 07 Feb 2021 09:27:49 GMT
last-modified
Wed, 03 Aug 2016 13:05:53 GMT
server
nginx/1.10.1
strict-transport-security
max-age=15768000
content-type
image/png
cache-control
max-age=31536000, public
accept-ranges
bytes
content-length
968
expires
Sun, 26 Sep 2021 14:30:30 GMT
6_normal_1529233317.jpg
newstral.com/source-images/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://newstral.com/source-images/6_normal_1529233317.jpg
Requested by
Host: newstral.com
URL: https://newstral.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
138.201.137.196 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.196.137.201.138.clients.your-server.de
Software
nginx/1.10.1 /
Resource Hash
a8df692c8334a3b165e439b2da118dbffaa6f0f7f30c3fde9bbeacf9e8ed050a
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

Referer
https://newstral.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sun, 07 Feb 2021 09:27:49 GMT
last-modified
Sun, 17 Jun 2018 11:01:57 GMT
server
nginx/1.10.1
strict-transport-security
max-age=15768000
content-type
image/jpeg
cache-control
max-age=31536000, public
accept-ranges
bytes
content-length
2111
expires
Wed, 16 Jun 2021 11:02:46 GMT
9_normal_1529233336.jpg
newstral.com/source-images/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://newstral.com/source-images/9_normal_1529233336.jpg
Requested by
Host: newstral.com
URL: https://newstral.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
138.201.137.196 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.196.137.201.138.clients.your-server.de
Software
nginx/1.10.1 /
Resource Hash
69a9d4fb40dbea08b6d0352dc9e50fcde28e4918cb9d181987929a29e68ca37b
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

Referer
https://newstral.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sun, 07 Feb 2021 09:27:49 GMT
last-modified
Sun, 17 Jun 2018 11:02:16 GMT
server
nginx/1.10.1
strict-transport-security
max-age=15768000
content-type
image/jpeg
cache-control
max-age=31536000, public
accept-ranges
bytes
content-length
1731
expires
Wed, 16 Jun 2021 11:02:46 GMT
7_normal_1529233323.jpeg
newstral.com/source-images/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://newstral.com/source-images/7_normal_1529233323.jpeg
Requested by
Host: newstral.com
URL: https://newstral.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
138.201.137.196 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.196.137.201.138.clients.your-server.de
Software
nginx/1.10.1 /
Resource Hash
9b496f6af74a2f360ef712d02b63d29e20f2e3e1a5975004ead6a3674dfe457a
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

Referer
https://newstral.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sun, 07 Feb 2021 09:27:49 GMT
last-modified
Sun, 17 Jun 2018 11:02:03 GMT
server
nginx/1.10.1
strict-transport-security
max-age=15768000
content-type
image/jpeg
cache-control
max-age=31536000, public
accept-ranges
bytes
content-length
1427
expires
Wed, 16 Jun 2021 11:02:46 GMT
10_normal_1529233342.jpg
newstral.com/source-images/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://newstral.com/source-images/10_normal_1529233342.jpg
Requested by
Host: newstral.com
URL: https://newstral.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
138.201.137.196 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.196.137.201.138.clients.your-server.de
Software
nginx/1.10.1 /
Resource Hash
15c6d92851a3493d2346a3c93c7f8a2c62c04a3531dfdf2aed81055f0c261a3c
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

Referer
https://newstral.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sun, 07 Feb 2021 09:27:49 GMT
last-modified
Sun, 17 Jun 2018 11:02:22 GMT
server
nginx/1.10.1
strict-transport-security
max-age=15768000
content-type
image/jpeg
cache-control
max-age=31536000, public
accept-ranges
bytes
content-length
1883
expires
Wed, 16 Jun 2021 11:02:46 GMT
13_normal_1529233355.png
newstral.com/source-images/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://newstral.com/source-images/13_normal_1529233355.png
Requested by
Host: newstral.com
URL: https://newstral.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
138.201.137.196 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.196.137.201.138.clients.your-server.de
Software
nginx/1.10.1 /
Resource Hash
0683f27c0749c374c50308408bd1ac23c9d23031ef6a1090fc9a1156983a09e3
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

Referer
https://newstral.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sun, 07 Feb 2021 09:27:49 GMT
last-modified
Sun, 17 Jun 2018 11:02:36 GMT
server
nginx/1.10.1
strict-transport-security
max-age=15768000
content-type
image/png
cache-control
max-age=31536000, public
accept-ranges
bytes
content-length
7190
expires
Wed, 16 Jun 2021 11:03:13 GMT
15_normal_1529233368.jpg
newstral.com/source-images/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://newstral.com/source-images/15_normal_1529233368.jpg
Requested by
Host: newstral.com
URL: https://newstral.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
138.201.137.196 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.196.137.201.138.clients.your-server.de
Software
nginx/1.10.1 /
Resource Hash
a05357b13e36ae360acfe4d84a2848eee119362ef123d50c1f5badc3e0d7e55f
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

Referer
https://newstral.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sun, 07 Feb 2021 09:27:49 GMT
last-modified
Sun, 17 Jun 2018 11:02:48 GMT
server
nginx/1.10.1
strict-transport-security
max-age=15768000
content-type
image/jpeg
cache-control
max-age=31536000, public
accept-ranges
bytes
content-length
1807
expires
Wed, 16 Jun 2021 11:02:59 GMT
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/1.7.2/ 		93 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ajax.googleapis.com/ajax/libs/jquery/1.7.2/jquery.min.js
Requested by
Host: newstral.com
URL: https://newstral.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
47b68dce8cb6805ad5b3ea4d27af92a241f4e29a5c12a274c852e4346a0500b4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://newstral.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sun, 07 Feb 2021 05:22:05 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
14744
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
33845
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 19:15:00 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges
bytes
timing-allow-origin
*
expires
Mon, 07 Feb 2022 05:22:05 GMT
jquery-ui.min.js
ajax.googleapis.com/ajax/libs/jqueryui/1.8.21/ 		198 KB
51 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ajax.googleapis.com/ajax/libs/jqueryui/1.8.21/jquery-ui.min.js
Requested by
Host: newstral.com
URL: https://newstral.com/
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0ca12fe083d6e9ac3432b0e05680d5c8fbfa0d0814f861bcf90dee5b9bad3853
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://newstral.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 05 Feb 2021 15:35:58 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
150711
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
52004
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 19:15:00 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 05 Feb 2022 15:35:58 GMT
application_desktop_web-049f2b6d27aacbbcde1d18c6a93f5570018f478998a217523f304a1e31cc490f.js
newstral.com/assets/ 		323 KB
324 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://newstral.com/assets/application_desktop_web-049f2b6d27aacbbcde1d18c6a93f5570018f478998a217523f304a1e31cc490f.js
Requested by
Host: newstral.com
URL: https://newstral.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
138.201.137.196 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.196.137.201.138.clients.your-server.de
Software
nginx/1.10.1 /
Resource Hash
049f2b6d27aacbbcde1d18c6a93f5570018f478998a217523f304a1e31cc490f
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

Referer
https://newstral.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sun, 07 Feb 2021 09:27:49 GMT
last-modified
Sun, 22 Nov 2020 08:12:25 GMT
server
nginx/1.10.1
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=31536000, public
strict-transport-security
max-age=15768000
accept-ranges
bytes
content-length
331032
expires
Mon, 22 Nov 2021 08:14:01 GMT
widget.js
widgets.twimg.com/j/2/ 		0
0
loader.js
cdn.taboola.com/libtrc/newstralcom-network/ 		192 KB
24 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/newstralcom-network/loader.js
Requested by
Host: newstral.com
URL: https://newstral.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
672150d1240a9fbb8eb85df57d7290720fdc311e2464a6531fa955e23fac8056

Request headers

Referer
https://newstral.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-amz-version-id
GwuWA6_mxmhRrN4eu4Tzmo868USatDyN
content-encoding
gzip
etag
"f1e3684e5b8b28eaebf1b0bc5ddf25cc"
age
5
x-cache
HIT
content-length
24181
x-amz-id-2
yItyHa4txUoJOCXZ1tz2dvImDhmHmEmYjwl7KVS4hTlMNLYjvKmQEstXk6Mr4fh/9EK8iYuEJ2w=
x-served-by
cache-fra19164-FRA
last-modified
Mon, 01 Feb 2021 12:29:57 GMT
server
AmazonS3
x-timer
S1612690070.933489,VS0,VE1
date
Sun, 07 Feb 2021 09:27:49 GMT
vary
Accept-Encoding
x-amz-request-id
CD83F1876F46E918
via
1.1 varnish
cache-control
private,max-age=14401
accept-ranges
bytes
content-type
application/javascript; charset=utf-8
abp
60
x-cache-hits
1
SlGVmQWMvZQIdix7AFxXkHNSbRYXags.woff2
fonts.gstatic.com/s/droidsans/v12/ 		11 KB
11 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/droidsans/v12/SlGVmQWMvZQIdix7AFxXkHNSbRYXags.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Droid+Sans:400,700|Droid+Serif
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c8cb742dbb60decab090cf738bfef2d8a780141573e9a2a3854bf3f78919faed
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://newstral.com
Referer
https://fonts.googleapis.com/css?family=Droid+Sans:400,700|Droid+Serif
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 02 Feb 2021 05:55:39 GMT
x-content-type-options
nosniff
last-modified
Thu, 20 Feb 2020 02:00:07 GMT
server
sffe
age
444730
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11236
x-xss-protection
0
expires
Wed, 02 Feb 2022 05:55:39 GMT
SlGWmQWMvZQIdix7AFxXmMh3eDs1ZyHKpWg.woff2
fonts.gstatic.com/s/droidsans/v12/ 		11 KB
11 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/droidsans/v12/SlGWmQWMvZQIdix7AFxXmMh3eDs1ZyHKpWg.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Droid+Sans:400,700|Droid+Serif
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
bd33ffebb82d0e70371aedd27d79a993c98b29fb0d5e3d8c99c376cc9d57414d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://newstral.com
Referer
https://fonts.googleapis.com/css?family=Droid+Sans:400,700|Droid+Serif
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 02 Feb 2021 05:54:34 GMT
x-content-type-options
nosniff
last-modified
Thu, 20 Feb 2020 02:52:18 GMT
server
sffe
age
444795
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11396
x-xss-protection
0
expires
Wed, 02 Feb 2022 05:54:34 GMT
tDbI2oqRg1oM3QBjjcaDkOr9rAXWGQyH.woff2
fonts.gstatic.com/s/droidserif/v13/ 		12 KB
12 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/droidserif/v13/tDbI2oqRg1oM3QBjjcaDkOr9rAXWGQyH.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Droid+Sans:400,700|Droid+Serif
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c91e2af7df1a9d8a403108592949a68b78ccbb50c38561aeb4cd1d107ebed276
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://newstral.com
Referer
https://fonts.googleapis.com/css?family=Droid+Sans:400,700|Droid+Serif
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 03 Feb 2021 15:39:37 GMT
x-content-type-options
nosniff
last-modified
Thu, 10 Sep 2020 17:04:27 GMT
server
sffe
age
323292
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
12560
x-xss-protection
0
expires
Thu, 03 Feb 2022 15:39:37 GMT
fontawesome-webfont-18e6b5ff511b90edf098e62ac45ed9d6673a3eee10165d0de4164d4d02a3a77f.woff
newstral.com/assets/ 		43 KB
43 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://newstral.com/assets/fontawesome-webfont-18e6b5ff511b90edf098e62ac45ed9d6673a3eee10165d0de4164d4d02a3a77f.woff
Requested by
Host: newstral.com
URL: https://newstral.com/assets/application_desktop_web-6371cecfe9bee7ec1e9d9b310168532f1ba0fbf3a8dbe0a52b972577d8e662bd.css
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
138.201.137.196 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.196.137.201.138.clients.your-server.de
Software
nginx/1.10.1 /
Resource Hash
18e6b5ff511b90edf098e62ac45ed9d6673a3eee10165d0de4164d4d02a3a77f
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

Origin
https://newstral.com
Referer
https://newstral.com/assets/application_desktop_web-6371cecfe9bee7ec1e9d9b310168532f1ba0fbf3a8dbe0a52b972577d8e662bd.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sun, 07 Feb 2021 09:27:49 GMT
last-modified
Sat, 06 Aug 2016 00:17:57 GMT
server
nginx/1.10.1
strict-transport-security
max-age=15768000
content-type
application/font-woff
cache-control
max-age=31536000, public
accept-ranges
bytes
content-length
43572
expires
Sun, 26 Sep 2021 14:30:30 GMT
dc.js
stats.g.doubleclick.net/ 		45 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/dc.js
Requested by
Host: newstral.com
URL: https://newstral.com/assets/application_desktop_web-049f2b6d27aacbbcde1d18c6a93f5570018f478998a217523f304a1e31cc490f.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c00::9b Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6181cd98fe270c2826d416574446841f86778bc45a0ab0bdd0c667b4e70fd6e8
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://newstral.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Fri, 23 Oct 2020 03:00:57 GMT
server
Golfe2
age
3545
date
Sun, 07 Feb 2021 08:28:45 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
17093
expires
Sun, 07 Feb 2021 10:28:45 GMT
gpt.js
www.googletagservices.com/tag/js/ 		56 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/tag/js/gpt.js
Requested by
Host: newstral.com
URL: https://newstral.com/assets/application_desktop_web-049f2b6d27aacbbcde1d18c6a93f5570018f478998a217523f304a1e31cc490f.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c241340d584d42ac2b4c0cacacece9a7ab52d62319362ef9dc457fe42c83b0db
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://newstral.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sun, 07 Feb 2021 09:27:50 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"776 / 88 of 1000 / last-modified: 1612566683"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
alt-svc
h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
19151
x-xss-protection
0
expires
Sun, 07 Feb 2021 09:27:50 GMT
AUNrLOWSzBMYnU682kqklw.js
widget.uservoice.com/ 		73 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://widget.uservoice.com/AUNrLOWSzBMYnU682kqklw.js
Requested by
Host: newstral.com
URL: https://newstral.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:1f5c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
226b92672385808d3de1d634ad30806fef7cc28d0394940eb4afa5a209ab0b5a
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://newstral.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sun, 07 Feb 2021 09:27:50 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
x-permitted-cross-domain-policies
none
age
110
vary
Accept-Encoding
x-xss-protection
1; mode=block
x-request-id
5a83529a7418a58b5fdc7f1912061300
referrer-policy
strict-origin-when-cross-origin
server
cloudflare
x-frame-options
SAMEORIGIN
etag
W/"70198bcf0dfec587a575539720c851ef"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15724800; includeSubDomains
x-download-options
noopen
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=300
cf-request-id
081d6ab2470000d7096bb1c000000001
cf-ray
61dc13ca0b28d709-FRA
expires
Sun, 07 Feb 2021 09:32:50 GMT
ajax-loader-squares-f3af0877f9e717544ecfa6d30db33401654224efe4053fe2df1512e2ed76c99a.gif
newstral.com/assets/loaders/ 		404 B
625 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://newstral.com/assets/loaders/ajax-loader-squares-f3af0877f9e717544ecfa6d30db33401654224efe4053fe2df1512e2ed76c99a.gif
Requested by
Host: newstral.com
URL: https://newstral.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
138.201.137.196 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.196.137.201.138.clients.your-server.de
Software
nginx/1.10.1 /
Resource Hash
f3af0877f9e717544ecfa6d30db33401654224efe4053fe2df1512e2ed76c99a
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

Referer
https://newstral.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sun, 07 Feb 2021 09:27:50 GMT
last-modified
Wed, 03 Aug 2016 13:05:53 GMT
server
nginx/1.10.1
strict-transport-security
max-age=15768000
content-type
image/gif
cache-control
max-age=31536000, public
accept-ranges
bytes
content-length
404
expires
Sun, 26 Sep 2021 14:30:47 GMT
de-005705f46afd95fa9d1c7ec5e965bfdbae2d36f3fdded0286fa9728b6ab76e07.png
newstral.com/assets/flags/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://newstral.com/assets/flags/de-005705f46afd95fa9d1c7ec5e965bfdbae2d36f3fdded0286fa9728b6ab76e07.png
Requested by
Host: newstral.com
URL: https://newstral.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
138.201.137.196 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.196.137.201.138.clients.your-server.de
Software
nginx/1.10.1 /
Resource Hash
005705f46afd95fa9d1c7ec5e965bfdbae2d36f3fdded0286fa9728b6ab76e07
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

Referer
https://newstral.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sun, 07 Feb 2021 09:27:50 GMT
last-modified
Wed, 03 Aug 2016 13:05:53 GMT
server
nginx/1.10.1
strict-transport-security
max-age=15768000
content-type
image/png
cache-control
max-age=31536000, public
accept-ranges
bytes
content-length
2820
expires
Sun, 26 Sep 2021 14:30:41 GMT
en-b9c00a8a491ca69bf13b9a6aa459a7a35ce7c6c821f7a4204c4d4fab47a0407b.png
newstral.com/assets/flags/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://newstral.com/assets/flags/en-b9c00a8a491ca69bf13b9a6aa459a7a35ce7c6c821f7a4204c4d4fab47a0407b.png
Requested by
Host: newstral.com
URL: https://newstral.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
138.201.137.196 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.196.137.201.138.clients.your-server.de
Software
nginx/1.10.1 /
Resource Hash
b9c00a8a491ca69bf13b9a6aa459a7a35ce7c6c821f7a4204c4d4fab47a0407b
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

Referer
https://newstral.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sun, 07 Feb 2021 09:27:50 GMT
last-modified
Wed, 03 Aug 2016 13:05:53 GMT
server
nginx/1.10.1
strict-transport-security
max-age=15768000
content-type
image/png
cache-control
max-age=31536000, public
accept-ranges
bytes
content-length
2829
expires
Sun, 26 Sep 2021 14:30:41 GMT
es-0944b9477df8a1490559edbdbe2471b00c46a6aea636375741b29300a719d655.png
newstral.com/assets/flags/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://newstral.com/assets/flags/es-0944b9477df8a1490559edbdbe2471b00c46a6aea636375741b29300a719d655.png
Requested by
Host: newstral.com
URL: https://newstral.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
138.201.137.196 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.196.137.201.138.clients.your-server.de
Software
nginx/1.10.1 /
Resource Hash
0944b9477df8a1490559edbdbe2471b00c46a6aea636375741b29300a719d655
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

Referer
https://newstral.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sun, 07 Feb 2021 09:27:50 GMT
last-modified
Wed, 03 Aug 2016 13:05:53 GMT
server
nginx/1.10.1
strict-transport-security
max-age=15768000
content-type
image/png
cache-control
max-age=31536000, public
accept-ranges
bytes
content-length
2931
expires
Sun, 26 Sep 2021 14:30:41 GMT
nl-5030cc991a2d5db19484dee64829fa74ee064ee7cb122225bea642aa54c065ce.png
newstral.com/assets/flags/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://newstral.com/assets/flags/nl-5030cc991a2d5db19484dee64829fa74ee064ee7cb122225bea642aa54c065ce.png
Requested by
Host: newstral.com
URL: https://newstral.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
138.201.137.196 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.196.137.201.138.clients.your-server.de
Software
nginx/1.10.1 /
Resource Hash
5030cc991a2d5db19484dee64829fa74ee064ee7cb122225bea642aa54c065ce
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

Referer
https://newstral.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sun, 07 Feb 2021 09:27:50 GMT
last-modified
Wed, 03 Aug 2016 13:05:53 GMT
server
nginx/1.10.1
strict-transport-security
max-age=15768000
content-type
image/png
cache-control
max-age=31536000, public
accept-ranges
bytes
content-length
2812
expires
Sun, 26 Sep 2021 14:30:41 GMT
16_normal_1529233375.jpg
newstral.com/source-images/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://newstral.com/source-images/16_normal_1529233375.jpg
Requested by
Host: newstral.com
URL: https://newstral.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
138.201.137.196 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.196.137.201.138.clients.your-server.de
Software
nginx/1.10.1 /
Resource Hash
17d772158edf5224b3bf68b80a3af5d81eae0b15f2e5020d5f1beffa126cc5d3
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

Referer
https://newstral.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sun, 07 Feb 2021 09:27:50 GMT
last-modified
Sun, 17 Jun 2018 11:02:55 GMT
server
nginx/1.10.1
strict-transport-security
max-age=15768000
content-type
image/jpeg
cache-control
max-age=31536000, public
accept-ranges
bytes
content-length
2035
expires
Wed, 16 Jun 2021 11:03:44 GMT
8_normal_1529233330.png
newstral.com/source-images/ 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://newstral.com/source-images/8_normal_1529233330.png
Requested by
Host: newstral.com
URL: https://newstral.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
138.201.137.196 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.196.137.201.138.clients.your-server.de
Software
nginx/1.10.1 /
Resource Hash
5cb9fb31ab9fcb55ddc4b0df7164828ac9b37c6d41a545d48b2c831db99b1451
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

Referer
https://newstral.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sun, 07 Feb 2021 09:27:50 GMT
last-modified
Sun, 17 Jun 2018 11:02:10 GMT
server
nginx/1.10.1
strict-transport-security
max-age=15768000
content-type
image/png
cache-control
max-age=31536000, public
accept-ranges
bytes
content-length
2339
expires
Wed, 16 Jun 2021 11:02:30 GMT
impl.20210201-3-RELEASE.js
cdn.taboola.com/libtrc/ 		461 KB
106 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/impl.20210201-3-RELEASE.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/newstralcom-network/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3-br /
Resource Hash
a2252bdad795066b9fbeaa02ccec3a7352ffd19ffe77a3549a60188c921d13f5

Request headers

Referer
https://newstral.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-amz-version-id
msLZZkBKzXvo5fpHBODaKU8hxSUysK2A
content-encoding
br
etag
"d3ae6070e7c9aa710077d02780c9888d"
age
2379
x-cache
HIT
content-length
108570
x-amz-id-2
KNDYLUhFo/JrVbpmpltT93J8bvyn647XH18csR2rBcvyYrAy9u8efclq4uZBz4oSY0v9UBOMysg=
x-served-by
cache-fra19164-FRA
last-modified
Mon, 01 Feb 2021 08:44:35 GMT
server
AmazonS3-br
x-timer
S1612690070.239431,VS0,VE0
date
Sun, 07 Feb 2021 09:27:50 GMT
vary
Accept-Encoding
x-amz-request-id
996D2DE9F6854AC5
via
1.1 varnish
cache-control
private,max-age=31536000
accept-ranges
bytes
content-type
application/javascript
abp
92
x-cache-hits
10857
inpage_linkid.js
www.google-analytics.com/plugins/ga/ 		1 KB
849 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/plugins/ga/inpage_linkid.js
Requested by
Host: stats.g.doubleclick.net
URL: https://stats.g.doubleclick.net/dc.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
989a73eb9e9faa5bcf87eb500ba218549b0b1ef37dc53d9ac948b33010bd78da
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://newstral.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sun, 07 Feb 2021 08:55:14 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 22 Oct 2019 18:15:00 GMT
server
sffe
age
1956
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=3600
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
697
x-xss-protection
0
expires
Sun, 07 Feb 2021 09:55:14 GMT
pubads_impl_2021020201.js
securepubads.g.doubleclick.net/gpt/ 		288 KB
102 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021020201.js
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f2.1e100.net
Software
sffe /
Resource Hash
1b1668ce69dfbad0061c6a679474c5e5f60b76aa219d51efc7d6d28097094c4e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://newstral.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sun, 07 Feb 2021 09:27:50 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 02 Feb 2021 09:38:25 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, immutable, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
103509
x-xss-protection
0
expires
Sun, 07 Feb 2021 09:27:50 GMT
__utm.gif
stats.g.doubleclick.net/ 		35 B
384 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://stats.g.doubleclick.net/__utm.gif?utmwv=5.7.2dc&utms=1&utmn=1608739610&utmhn=newstral.com&utmt=event&utme=5(Scroll%20Depth*Percentage*Baseline)(1)&utmcs=UTF-8&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=Presse%C3%BCberblick%20-%20Newstral.com%20-%20Vergleichen%2C%20was%20die%20Presse%20schreibt&utmhid=92491995&utmr=-&utmp=%2F&utmht=1612690070264&utmac=UA-1505466-1&utmni=1&utmcc=__utma%3D264669456.1579545961.1612690070.1612690070.1612690070.1%3B%2B__utmz%3D264669456.1612690070.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)%3B&aip=1&utmjid=&utmu=4hQAAAAAAAAAAAAAAAAAAAAE~
Requested by
Host: newstral.com
URL: https://newstral.com/
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400c:c00::9a Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://newstral.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 07 Feb 2021 00:35:08 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
31962
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
__utm.gif
stats.g.doubleclick.net/r/ 		35 B
137 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://stats.g.doubleclick.net/r/__utm.gif?utmwv=5.7.2dc&utms=2&utmn=543666800&utmhn=newstral.com&utme=8(2!1_logged_in*4!1_has_favorites)9(2!no*4!no)&utmcs=UTF-8&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=Presse%C3%BCberblick%20-%20Newstral.com%20-%20Vergleichen%2C%20was%20die%20Presse%20schreibt&utmhid=92491995&utmr=-&utmp=%2F&utmht=1612690070269&utmac=UA-1505466-1&utmcc=__utma%3D264669456.1579545961.1612690070.1612690070.1612690070.1%3B%2B__utmz%3D264669456.1612690070.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)%3B&aip=1&utmjid=1200066363&utmredir=3&utmu=6xQAAAAAAAAAAAAAAAAAAABE~
Requested by
Host: newstral.com
URL: https://newstral.com/
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400c:c00::9a Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://newstral.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
date
Sun, 07 Feb 2021 09:27:50 GMT
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Fri, 01 Jan 1990 00:00:00 GMT
json
trc.taboola.com/newstralcom-network/trc/3/ 		10 KB
4 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://trc.taboola.com/newstralcom-network/trc/3/json?tim=10%3A27%3A50.345&lti=deflated&data=%7B%22id%22%3A318%2C%22ii%22%3A%22%2Fde%22%2C%22it%22%3A%22text%22%2C%22sd%22%3Anull%2C%22ui%22%3Anull%2C%22uifp%22%3Anull%2C%22lbt%22%3A1612182593496%2C%22vi%22%3A1612690070314%2C%22cv%22%3A%2220210201-3-RELEASE%22%2C%22uiv%22%3A%22default%22%2C%22u%22%3A%22https%3A%2F%2Fnewstral.com%2Fde%22%2C%22bv%22%3A%220%22%2C%22ul%22%3A%5B%22en-US%22%5D%2C%22btv%22%3A%220%22%2C%22cos%22%3A%224g%22%2C%22bad%22%3A-1%2C%22sw%22%3A1600%2C%22sh%22%3A1200%2C%22bw%22%3A1600%2C%22sde%22%3A%221.000%22%2C%22bh%22%3A1200%2C%22dw%22%3A1600%2C%22dh%22%3A4272%2C%22r%22%3A%5B%7B%22li%22%3A%22rbox-t2m%22%2C%22s%22%3A4%2C%22uim%22%3A%22thumbnails-rr%3Aabp%3D0%22%2C%22uip%22%3A%22Right%20Right%20Thumbnails%22%2C%22orig_uip%22%3A%22Right%20Right%20Thumbnails%22%2C%22cd%22%3A8%2C%22mw%22%3A300%7D%5D%2C%22cacheKey%22%3A%22text%3D%2Fde%2CRight%20Right%20Thumbnails%3Dthumbnails-rr%3Aabp%3D0%22%2C%22cb%22%3A%22TRC.callbacks.recommendations_1%22%2C%22lt%22%3A%22deflated%22%7D
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20210201-3-RELEASE.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
a651f71bd5726b4375b164b3c09b0b87d26230468981d6d2511d8ff0ead2b063

Request headers

Referer
https://newstral.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
text/plain

Response headers

x-vcl-time-ms
160
date
Sun, 07 Feb 2021 09:27:50 GMT
content-encoding
gzip
server
nginx
x-timer
S1612690070.359623,VS0,VE160
x-served-by
cache-fra19164-FRA
vary
Accept-Encoding
x-cache
MISS
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin
https://newstral.com
access-control-allow-credentials
true
accept-ranges
bytes
content-type
application/javascript; charset=utf-8
via
1.1 varnish
x-cache-hits
0
integrator.js
adservice.google.de/adsid/ 		109 B
169 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=newstral.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021020201.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://newstral.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin
*
date
Sun, 07 Feb 2021 09:27:50 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
104
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		109 B
169 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=newstral.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021020201.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://newstral.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin
*
date
Sun, 07 Feb 2021 09:27:50 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
104
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ 		126 KB
31 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=2050672389862766&correlator=1971015989972720&output=ldjh&impl=fifs&eid=21068773%2C21068891%2C21069919%2C21069971%2C21068766%2C21069803&vrg=2021020201&ptt=17&guci=1.2.0.0.2.2.0.0&sc=1&sfv=1-0-37&ecs=20210207&iu_parts=6722111%2Cnt_large_leaderboard%2Cleaderboard_panel_2%2Cundefined&enc_prev_ius=%2F0%2F1%2C%2F0%2F2%2C%2F0%2F3&prev_iu_szs=728x90%2C728x90%2C728x90&cookie_enabled=1&bc=31&abxe=1&lmt=1612690070&dt=1612690070395&dlt=1612690069822&idt=550&frm=20&biw=1600&bih=1200&oid=3&adxs=140%2C261%2C261&adys=28%2C1558%2C2665&adks=4171062558%2C1235111045%2C3071270125&ucis=1%7C2%7C3&ifi=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fnewstral.com%2F&vis=1&dmc=8&scr_x=0&scr_y=0&psz=970x108%7C728x108%7C728x108&msz=970x90%7C728x90%7C728x90&ga_vid=36694779.1612690070&ga_sid=1612690070&ga_hid=92491995&fws=0%2C0%2C0&ohw=0%2C0%2C0&tt_state=W3siaXNzdWVyT3JpZ2luIjoiaHR0cHM6Ly9hZHNlcnZpY2UuZ29vZ2xlLmNvbSIsInN0YXRlIjowfSx7Imlzc3Vlck9yaWdpbiI6Imh0dHBzOi8vYXR0ZXN0YXRpb24uYW5kcm9pZC5jb20iLCJzdGF0ZSI6MH1d
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021020201.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
142.250.185.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f2.1e100.net
Software
cafe /
Resource Hash
0060feaf2ce46b637773d552d76e49dc7316889e303a1b802b40fa7f2828d9ad
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://newstral.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sun, 07 Feb 2021 09:27:51 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
31221
x-xss-protection
0
google-lineitem-id
-1,-1,-1
pragma
no-cache
server
cafe
google-creative-id
-1,-1,-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://newstral.com
access-control-expose-headers
x-google-amp-ad-validated-version
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
6e83410fdc7791b7bc4029de1bec63cc.safeframe.googlesyndication.com/safeframe/1-0-37/html/ 		0
0 		Other
General
Check archive.org
Download Go to
Full URL
https://6e83410fdc7791b7bc4029de1bec63cc.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021020201.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://newstral.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers
container.html
tpc.googlesyndication.com/safeframe/1-0-37/html/ 		0
0 		Other
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/safeframe/1-0-37/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021020201.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://newstral.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers
nr-1198.min.js
js-agent.newrelic.com/ 		27 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js-agent.newrelic.com/nr-1198.min.js
Requested by
Host: newstral.com
URL: https://newstral.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.14.110 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
39893061747f88b837a34d0395d05fca83e7cd5bbf2d582d181a73c5c9a174c6

Request headers

Referer
https://newstral.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sun, 07 Feb 2021 09:27:50 GMT
content-encoding
gzip
x-amz-request-id
8FBF058EA70ADB98
x-cache
HIT
content-length
10682
x-amz-id-2
dCyln7OIf+i76Bn+clBUl8tM3pNPIGXfyNRvPHz5ZLwhdSBkIMjzducUvcecQ4BFCTB8K4VSAVo=
x-served-by
cache-fra19157-FRA
last-modified
Fri, 29 Jan 2021 19:19:08 GMT
server
AmazonS3
x-timer
S1612690070.478668,VS0,VE0
etag
"59c98195ba35e0b45cbe2e5beebd1ac8"
vary
Accept-Encoding
content-type
application/javascript
via
1.1 varnish
cache-control
public, max-age=7200, stale-if-error=604800
accept-ranges
bytes
x-cache-hits
1414
track.js
by2.uservoice.com/t2/154675/web/ 		66 B
279 B 		Script
General
Check archive.org
Download Go to
Full URL
https://by2.uservoice.com/t2/154675/web/track.js?_=1612690070424&s=0&c=__uvSessionData0&d=eyJlIjp7InUiOiJodHRwczovL25ld3N0cmFsLmNvbS8iLCJyIjoiIn19
Requested by
Host: widget.uservoice.com
URL: https://widget.uservoice.com/AUNrLOWSzBMYnU682kqklw.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:1f5c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6a07c99c3a37483d639d887bd003af4e623fe9edd09b36758e30da374225aba0
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

Referer
https://newstral.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sun, 07 Feb 2021 09:27:50 GMT
content-encoding
br
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15724800; includeSubDomains
content-type
application/javascript; charset=utf-8
cache-control
no-cache, private
cf-ray
61dc13cc3e7cd709-FRA
cf-request-id
081d6ab3a40000d70965913000000001
expires
Sun, 07 Feb 2021 09:27:49 GMT
__utm.gif
stats.g.doubleclick.net/ 		35 B
58 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://stats.g.doubleclick.net/__utm.gif?utmwv=5.7.2dc&utms=3&utmn=700438534&utmhn=newstral.com&utmt=event&utme=14(960*10*50*220*0*70*610*610)(968*10*51*228*7*76*611*611)8(2!1_logged_in*4!1_has_favorites)9(2!no*4!no)&utmcs=UTF-8&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=Presse%C3%BCberblick%20-%20Newstral.com%20-%20Vergleichen%2C%20was%20die%20Presse%20schreibt&utmhid=92491995&utmr=-&utmp=%2F&utmht=1612690070440&utmac=UA-1505466-1&utmcc=__utma%3D264669456.1579545961.1612690070.1612690070.1612690070.1%3B%2B__utmz%3D264669456.1612690070.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)%3B&aip=1&utmjid=&utmu=6xQAAAAAAAAAAAAAAAAAAABE~
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400c:c00::9a Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://newstral.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 07 Feb 2021 00:35:08 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
31962
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
5ae5ee799e
bam-cell.nr-data.net/1/ 		57 B
646 B 		Script
General
Check archive.org
Download Go to
Full URL
https://bam-cell.nr-data.net/1/5ae5ee799e?a=2167107&v=1198.fe6ec20&to=dwxbQEBdD19XE04VUVgAWllXHRNBVxISPUZRFVxRRQ%3D%3D&rst=1042&ck=1&ref=https://newstral.com/&ap=187&be=389&fe=968&dc=611&perf=%7B%22timing%22:%7B%22of%22:1612690069453,%22n%22:0,%22f%22:76,%22dn%22:77,%22dne%22:87,%22c%22:87,%22s%22:99,%22ce%22:138,%22rq%22:138,%22rp%22:366,%22rpe%22:373,%22dl%22:369,%22di%22:611,%22ds%22:611,%22de%22:743,%22dc%22:968,%22l%22:968,%22le%22:988%7D,%22navigation%22:%7B%7D%7D&fp=534&fcp=534&jsonp=NREUM.setToken
Requested by
Host: js-agent.newrelic.com
URL: https://js-agent.newrelic.com/nr-1198.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
162.247.243.147 San Francisco, United States, ASN23467 (NEWRELIC-AS-1, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d10c94b6cdb747904baee9070f003bb45849da46f8100b1320f286c21cbcaaa1

Request headers

Referer
https://newstral.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Sun, 07 Feb 2021 09:27:50 GMT
Content-Encoding
gzip
CF-Cache-Status
DYNAMIC
Server
cloudflare
Expect-CT
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
Vary
Accept-Encoding
Content-Type
text/javascript;charset=ISO-8859-1
Transfer-Encoding
chunked
Connection
keep-alive
CF-Ray
61dc13ccdb2e0c79-AMS
cf-request-id
081d6ab40c00000c79d5828000000001
Expires
Thu, 01 Jan 1970 00:00:00 GMT
cta-branding.js
cdn.taboola.com/demand-formats/cta-branding/ 		10 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/demand-formats/cta-branding/cta-branding.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20210201-3-RELEASE.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
3f5bb95acb874540892e54308a57b742c972dd7208d2cfd36b78b24304414b17

Request headers

Referer
https://newstral.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-amz-version-id
Gt9ONOOl6w1gx932ZPf3bX04EcW5suyt
content-encoding
gzip
etag
"67898628be9318ac53d0bf0f1ca789e2"
age
28632
x-cache
HIT
x-amz-replication-status
PENDING
content-length
3488
x-amz-id-2
DiPrZdxcqxqdMOeMjRaiiHfDfL37bEULzjDFCl4ZYrpPCCvJtjGmzWCfMtrVUpsto9+4+ePFunc=
x-served-by
cache-fra19164-FRA
last-modified
Thu, 04 Feb 2021 09:30:25 GMT
server
AmazonS3
x-timer
S1612690071.551826,VS0,VE0
date
Sun, 07 Feb 2021 09:27:50 GMT
vary
Accept-Encoding
x-amz-request-id
1C2EEFC81BCCEF4C
via
1.1 varnish
cache-control
private,max-age=14400
accept-ranges
bytes
content-type
application/javascript
abp
92
x-cache-hits
280646
cta-branding.css
cdn.taboola.com/demand-formats/cta-branding/ 		3 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/demand-formats/cta-branding/cta-branding.css
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20210201-3-RELEASE.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
488cac4f6ae3ffb05a7d88faeeba725526e1add78089d5a292fae1fd3db24718

Request headers

Referer
https://newstral.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-amz-version-id
kC8TO7GWq__3vebjKGnqxi6zn5.LmmLP
content-encoding
gzip
etag
"482da88cc0dc68ca822b427c66b502cf"
age
28609
x-cache
HIT
x-amz-replication-status
COMPLETED
content-length
749
x-amz-id-2
mo6pCn03KN9hmBLBIzig2aOoBGllSTOa3IYSmy9nCVLBVkhd0DpjSF0OC/3XXU9e1BF+ta0d4Uc=
x-served-by
cache-fra19164-FRA
last-modified
Thu, 04 Feb 2021 09:30:24 GMT
server
AmazonS3
x-timer
S1612690071.551823,VS0,VE0
date
Sun, 07 Feb 2021 09:27:50 GMT
vary
Accept-Encoding
x-amz-request-id
AD4262B7FD5DF48B
via
1.1 varnish
cache-control
private,max-age=14400
accept-ranges
bytes
content-type
text/css
abp
92
x-cache-hits
266909
userx.20210201-3-RELEASE.es6.js
cdn.taboola.com/libtrc/ 		23 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/userx.20210201-3-RELEASE.es6.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/newstralcom-network/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
84a8cde007334ea98b516068a756d6c9cfeec05f416337924184a92bc10cdc9e

Request headers

Referer
https://newstral.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-amz-version-id
4VteRSL70Phx3slD3_B_UEsfQihwE8dh
content-encoding
gzip
etag
"c4070cfec4be2ad221508d1b1db236b3"
age
5
x-cache
HIT
x-amz-replication-status
PENDING
content-length
7878
x-amz-id-2
Hs0XqlPspkH+S/vz/tuHxIr8PCzrFI/WSK9eYrcSFKFIZcEpva5+3RmY9hQvTJVcb79myd1tF9g=
x-served-by
cache-fra19164-FRA
last-modified
Mon, 01 Feb 2021 08:48:24 GMT
server
AmazonS3
x-timer
S1612690071.570455,VS0,VE0
date
Sun, 07 Feb 2021 09:27:50 GMT
vary
Accept-Encoding
x-amz-request-id
931B7A6993FDA184
via
1.1 varnish
cache-control
private,max-age=14400
accept-ranges
bytes
content-type
application/javascript; charset=utf-8
abp
92
x-cache-hits
10
rtb-h
match.taboola.com/sg/mediaforcebidder-network/1/ Frame C923
Redirect Chain
  • https://rtb.mfadsrvr.com/sync?ssp=taboola
  • https://rtb.mfadsrvr.com/ul_cb/sync?ssp=taboola
  • https://sync.taboola.com/sg/mediaforcebidder-network/1/rtb-h?taboola_hm=0d5b6917-6e02-4e76-83fb-c8029445fa57
  • https://match.taboola.com/sg/mediaforcebidder-network/1/rtb-h?taboola_hm=0d5b6917-6e02-4e76-83fb-c8029445fa57&tbid=60c1ca51-6d9d-4a2b-a987-c378e4b5fd29-tuct7193816&query=taboola_hm%3D0d5b6917-6e02-...
0
53 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.taboola.com/sg/mediaforcebidder-network/1/rtb-h?taboola_hm=0d5b6917-6e02-4e76-83fb-c8029445fa57&tbid=60c1ca51-6d9d-4a2b-a987-c378e4b5fd29-tuct7193816&query=taboola_hm%3D0d5b6917-6e02-4e76-83fb-c8029445fa57&isDirect=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sun, 07 Feb 2021 09:27:50 GMT
via
1.1 varnish
server
nginx
x-timer
S1612690071.734704,VS0,VE30
x-cache
MISS
x-cache-hits
0
accept-ranges
bytes
content-length
0
x-served-by
cache-fra19164-FRA

Redirect headers

location
https://match.taboola.com/sg/mediaforcebidder-network/1/rtb-h?taboola_hm=0d5b6917-6e02-4e76-83fb-c8029445fa57&tbid=60c1ca51-6d9d-4a2b-a987-c378e4b5fd29-tuct7193816&query=taboola_hm%3D0d5b6917-6e02-4e76-83fb-c8029445fa57&isDirect=0
tbl-x-upstream
10.40.0.134:10213
date
Sun, 07 Feb 2021 09:27:50 GMT
server
nginx
x-fastly-to-nlb-rtt
1870
sync.php
pixel.rubiconproject.com/exchange/ Frame C923 		0
239 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/exchange/sync.php?p=16698
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_GCM
Server
69.173.144.138 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost
4b510f0cc5fcbc9800016ef543086418
Content-Type
image/gif
/
sync.taboola.com/sg/pulsepointrtb-network/1/rtb-h/ Frame C923
Redirect Chain
  • https://bh.contextweb.com/bh/rtset?pid=562107&ev=1&rurl=https%3A%2F%2Fsync.taboola.com/sg/pulsepointrtb-network/1/rtb-h/?taboola_hm=%%VGUID%%&orig=trc
  • https://sync.taboola.com/sg/pulsepointrtb-network/1/rtb-h/?taboola_hm=upOwROR6BxKp&ev=1&orig=trc&pid=562107
0
218 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.taboola.com/sg/pulsepointrtb-network/1/rtb-h/?taboola_hm=upOwROR6BxKp&ev=1&orig=trc&pid=562107
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

tbl-x-upstream
10.41.22.181:10213
date
Sun, 07 Feb 2021 09:27:50 GMT
server
nginx
x-fastly-to-nlb-rtt
1872

Redirect headers

strict-transport-security
max-age=15768000
server
Jetty(9.4.14.v20181114)
p3p
policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
content-language
en-US
location
https://sync.taboola.com/sg/pulsepointrtb-network/1/rtb-h/?taboola_hm=upOwROR6BxKp&ev=1&orig=trc&pid=562107
cache-control
private, max-age=0, no-cache, no-store
cw-server
bh-deployment-64cc8d4c7f-knfmh
expires
-1
getuidnb
ib.adnxs.com/ Frame C923 		43 B
692 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/getuidnb?https://sync.taboola.com/sg/appnexus-network/1/rtb-h/?taboola_hm=$UID&orig=trc
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.221.90 , Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
727.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 07 Feb 2021 09:27:50 GMT
X-Proxy-Origin
185.212.171.75; 185.212.171.75; 727.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.220.56:80
AN-X-Request-Uuid
26725516-018b-463e-8c9d-63504353184e
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
/
trc.taboola.com/sg/google-network/1/rtb-h/ Frame C923
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=taboola_dbm&google_cm&google_sc
  • https://cm.g.doubleclick.net/pixel?google_nid=taboola_dbm&google_cm=&google_sc=&google_tc=
  • https://trc.taboola.com/sg/google-network/1/rtb-h/?taboola_hm=CAESEBm-FxyyrIbWeXN72RotptI&google_cver=1
0
228 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://trc.taboola.com/sg/google-network/1/rtb-h/?taboola_hm=CAESEBm-FxyyrIbWeXN72RotptI&google_cver=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-vcl-time-ms
9
date
Sun, 07 Feb 2021 09:27:50 GMT
via
1.1 varnish
server
nginx
x-timer
S1612690071.712670,VS0,VE9
x-cache
MISS
x-cache-hits
0
accept-ranges
bytes
content-length
0
x-served-by
cache-fra19164-FRA

Redirect headers

pragma
no-cache
date
Sun, 07 Feb 2021 09:27:50 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://trc.taboola.com/sg/google-network/1/rtb-h/?taboola_hm=CAESEBm-FxyyrIbWeXN72RotptI&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
304
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
Pug
simage2.pubmatic.com/AdServer/ Frame C923 		42 B
1009 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjcmdGw9MTI5NjAw&piggybackCookie=60c1ca51-6d9d-4a2b-a987-c378e4b5fd29-tuct7193816:$UID
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
Apache/2.2.24 (Unix) mod_ssl/2.2.24 OpenSSL/1.0.0-fips mod_fastcgi/2.4.6 /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

X-Cnection
close
Pragma
no-cache
Date
Sun, 07 Feb 2021 09:27:48 GMT
X-lat
Pug23050:0:264
Server
Apache/2.2.24 (Unix) mod_ssl/2.2.24 OpenSSL/1.0.0-fips mod_fastcgi/2.4.6
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control
no-store, no-cache, private
Content-Type
image/gif; charset=utf-8
Content-Length
42
pixel
cm.g.doubleclick.net/ Frame C923
Redirect Chain
  • https://sync.taboola.com/sg/google-network/1/rtb?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dtaboola_dbm%26google_sc%26gdpr%3D0%26gdpr_consent%3D&orig=trc
  • https://cm.g.doubleclick.net/pixel?google_nid=taboola_dbm&google_sc&gdpr=0&gdpr_consent=&google_hm=60c1ca51-6d9d-4a2b-a987-c378e4b5fd29-tuct7193816
  • https://cm.g.doubleclick.net/pixel?google_nid=taboola_dbm&google_sc=&gdpr=0&gdpr_consent=&google_hm=60c1ca51-6d9d-4a2b-a987-c378e4b5fd29-tuct7193816&google_tc=
170 B
201 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=taboola_dbm&google_sc=&gdpr=0&gdpr_consent=&google_hm=60c1ca51-6d9d-4a2b-a987-c378e4b5fd29-tuct7193816&google_tc=
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 07 Feb 2021 09:27:50 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Sun, 07 Feb 2021 09:27:50 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://cm.g.doubleclick.net/pixel?google_nid=taboola_dbm&google_sc=&gdpr=0&gdpr_consent=&google_hm=60c1ca51-6d9d-4a2b-a987-c378e4b5fd29-tuct7193816&google_tc=
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
376
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
trc.taboola.com/sg/thetradedesk-network/1/rtb-h/ Frame C923
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=054f32o&ttd_tpi=1
  • https://match.adsrvr.org/track/cmb/generic?ttd_pid=054f32o&ttd_tpi=1
  • https://trc.taboola.com/sg/thetradedesk-network/1/rtb-h/?taboola_hm=e70cf4eb-4e4b-4bbf-8e62-cc5ae104284b
0
55 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://trc.taboola.com/sg/thetradedesk-network/1/rtb-h/?taboola_hm=e70cf4eb-4e4b-4bbf-8e62-cc5ae104284b
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-vcl-time-ms
9
date
Sun, 07 Feb 2021 09:27:50 GMT
via
1.1 varnish
server
nginx
x-timer
S1612690071.718234,VS0,VE9
x-cache
MISS
x-cache-hits
0
accept-ranges
bytes
content-length
0
x-served-by
cache-fra19164-FRA

Redirect headers

pragma
no-cache
date
Sun, 07 Feb 2021 09:27:50 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://trc.taboola.com/sg/thetradedesk-network/1/rtb-h/?taboola_hm=e70cf4eb-4e4b-4bbf-8e62-cc5ae104284b
cache-control
private,no-cache, must-revalidate
content-type
text/html
content-length
239
merge
ce.lijit.com/ Frame C923
Redirect Chain
  • https://ce.lijit.com/merge?pid=42&3pid=60c1ca51-6d9d-4a2b-a987-c378e4b5fd29-tuct7193816&us_privacy=&gdpr=0&gdpr_consent=
  • https://ce.lijit.com/merge?pid=42&3pid=60c1ca51-6d9d-4a2b-a987-c378e4b5fd29-tuct7193816&us_privacy=&gdpr=0&gdpr_consent=&dnr=1
0
433 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ce.lijit.com/merge?pid=42&3pid=60c1ca51-6d9d-4a2b-a987-c378e4b5fd29-tuct7193816&us_privacy=&gdpr=0&gdpr_consent=&dnr=1
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
216.52.2.39 , United States, ASN30282 (AS-INAPCDN-OCY, US),
Reverse DNS
Software
nginx / raptor
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 07 Feb 2021 09:27:50 GMT
Server
nginx
X-Powered-By
raptor
P3P
CP="CUR ADM OUR NOR STA NID"
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod
ad_ap7ams1
Expires
Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Sun, 07 Feb 2021 09:27:50 GMT
Server
nginx
X-Powered-By
raptor
P3P
CP="CUR ADM OUR NOR STA NID"
Location
https://ce.lijit.com/merge?pid=42&3pid=60c1ca51-6d9d-4a2b-a987-c378e4b5fd29-tuct7193816&us_privacy=&gdpr=0&gdpr_consent=&dnr=1
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod
ad_ap7ams1
Content-Length
0
Expires
Fri, 20 Mar 2009 00:00:00 GMT
rtset
bh.contextweb.com/bh/ Frame C923 		49 B
406 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bh.contextweb.com/bh/rtset?do=add&pid=553204&ev=60c1ca51-6d9d-4a2b-a987-c378e4b5fd29-tuct7193816
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
198.148.27.139 New York, United States, ASN19189 (PULSEPOINT, US),
Reverse DNS
Software
Jetty(9.4.14.v20181114) /
Resource Hash
d0409a1b73dab4e29dc40f92fb431fa9133baa23b4a1ffae4897f39068110e32
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security
max-age=15768000
server
Jetty(9.4.14.v20181114)
content-language
en-US
p3p
policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
cache-control
private, max-age=0, no-cache, no-store
content-type
image/gif;charset=iso-8859-1
cw-server
bh-deployment-64cc8d4c7f-n8mgm
expires
-1
/
rtb-csync.smartadserver.com/redir/ Frame C923 		43 B
697 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb-csync.smartadserver.com/redir/?partnerid=107&partneruserid=60c1ca51-6d9d-4a2b-a987-c378e4b5fd29-tuct7193816&gdpr=0&gdpr_consent=
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.86.139.113 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 07 Feb 2021 09:27:50 GMT
cache-control
no-cache,no-store
content-type
image/gif
transfer-encoding
chunked
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
sync
dsp.adkernel.com/ Frame C923 		42 B
233 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsp.adkernel.com/sync?exchange=281&r=%2F%2Fsync.taboola.com%2Fsg%2Fadkernelrtb-network%2F1%2Frtb-h%3Ftaboola_hm%3D%7BUID%7D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
174.137.133.49 Garden City, United States, ASN27257 (WEBAIR-INTERNET, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 07 Feb 2021 09:27:50 GMT
Server
nginx
Age
0
Content-Type
image/gif
Cache-Control
no-store
Connection
keep-alive
Content-Length
42
put
e1.emxdgt.com/ Frame C923 		43 B
124 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://e1.emxdgt.com/put?d=d41&uid=60c1ca51-6d9d-4a2b-a987-c378e4b5fd29-tuct7193816
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.195.155.181 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-195-155-181.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sun, 07 Feb 2021 09:27:50 GMT
content-length
43
x-nosync
emp
content-type
image/gif
/
sync-t1.taboola.com/sg/criteortb-network/1/rtb-h/ Frame C923
Redirect Chain
  • https://dis.criteo.com/dis/usersync.aspx?r=29&p=282&cp=taboolaortb&cu=1&url=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fcriteortb-network%2F1%2Frtb-h%2F%3Ftaboola_hm%3D%40%40CRITEO_USERID%40%40
  • https://sync-t1.taboola.com/sg/criteortb-network/1/rtb-h/?taboola_hm=b9fcec6d-8e16-4724-82db-da144cb5f21a
0
226 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync-t1.taboola.com/sg/criteortb-network/1/rtb-h/?taboola_hm=b9fcec6d-8e16-4724-82db-da144cb5f21a
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

tbl-x-upstream
10.40.0.175:10213
date
Sun, 07 Feb 2021 09:27:50 GMT
server
nginx
x-fastly-to-nlb-rtt
1874

Redirect headers

pragma
no-cache
x-errorlevel
0
server
Microsoft-IIS/10.0
x-powered-by
ASP.NET
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
location
https://sync-t1.taboola.com/sg/criteortb-network/1/rtb-h/?taboola_hm=b9fcec6d-8e16-4724-82db-da144cb5f21a
cache-control
no-cache
date
Sun, 07 Feb 2021 09:27:49 GMT
server-processing-duration-in-ticks
3053
content-type
text/html; charset=utf-8
content-length
222
expires
Sun, 07 Feb 2021 00:00:00 GMT
check
pixel.tapad.com/idsync/ex/push/ Frame C923
Redirect Chain
  • https://id5-sync.com/s/464/9.gif?puid=60c1ca51-6d9d-4a2b-a987-c378e4b5fd29-tuct7193816&gdpr=0&gdpr_consent=&callback=https%3A%2F%2Fsync.taboola.com%2Fsg%2Fid5-network%2F1%2Frtb-h%2F%3Ftaboola_hm%3D...
  • https://id5-sync.com/c/464/464/7/1.gif?puid=60c1ca51-6d9d-4a2b-a987-c378e4b5fd29-tuct7193816&gdpr=1&gdpr_consent=
  • https://ice.360yield.com/match?publisher_dsp_id=79&dsp_callback=1&external_user_id=ID5-ZHMOE2YxYC-Cjl5Ry4IQYLvrl8kTzDI9ZMFciPx5_Q&r=https%3A%2F%2Fid5-sync.com%2Fcq%2F464%2F124%2F6%2F2.gif%3Fpuid%3D...
  • https://ice.360yield.com/ul_cb/match?publisher_dsp_id=79&dsp_callback=1&external_user_id=ID5-ZHMOE2YxYC-Cjl5Ry4IQYLvrl8kTzDI9ZMFciPx5_Q&r=https%3A%2F%2Fid5-sync.com%2Fcq%2F464%2F124%2F6%2F2.gif%3Fp...
  • https://id5-sync.com/cq/464/124/6/2.gif?puid=ae373852-6fcc-4852-aa92-a6c0df3c9451&gdpr=1&gdpr_consent=&gdpr=1&gdpr_consent=
  • https://cookie-matching.mediarithmics.com/v1/get_user_agent_id?dom_token=id517&sd=Y2FzY2FkZXNSZW1haW5pbmc9NSZjYXNjYWRlc0RvbmU9MyZpbml0aWF0aW5nUGFydG5lcj00NjQmZm9ybWF0PWdpZiY
  • https://cookie-matching.mediarithmics.com/v1/get_or_create?sd=Y2FzY2FkZXNSZW1haW5pbmc9NSZjYXNjYWRlc0RvbmU9MyZpbml0aWF0aW5nUGFydG5lcj00NjQmZm9ybWF0PWdpZiY&domid=1033
  • https://cm.g.doubleclick.net/pixel?google_nid=medr&google_cm&key=GOO&sd=Y2FzY2FkZXNSZW1haW5pbmc9NSZjYXNjYWRlc0RvbmU9MyZpbml0aWF0aW5nUGFydG5lcj00NjQmZm9ybWF0PWdpZiY&action=GET_ID&opid=goo&etid=&domi...
  • https://cookie-matching.mediarithmics.com/input?key=GOO&key=GOO&sd=Y2FzY2FkZXNSZW1haW5pbmc9NSZjYXNjYWRlc0RvbmU9MyZpbml0aWF0aW5nUGFydG5lcj00NjQmZm9ybWF0PWdpZiY&action=GET_ID&opid=goo&etid=&domid=103...
  • https://ib.adnxs.com/getuid?https://cookie-matching.mediarithmics.com/input?key=APX&apx_uid=$UID&opid=apx&ops=&utidl=tech:goo:CAESEDuwZvl-4q7W-p9i3nQh-5M&sd=Y2FzY2FkZXNSZW1haW5pbmc9NSZjYXNjYWRlc0Rv...
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcookie-matching.mediarithmics.com%2Finput%3Fkey%3DAPX%26apx_uid%3D%24UID%26opid%3Dapx%26ops%3D%26utidl%3Dtech%3Agoo%3ACAESEDuwZvl-4q7W-p9i3nQh-...
  • https://cookie-matching.mediarithmics.com/input?key=APX&apx_uid=1134878718735768552&opid=apx&ops=&utidl=tech:goo:CAESEDuwZvl-4q7W-p9i3nQh-5M&sd=Y2FzY2FkZXNSZW1haW5pbmc9NSZjYXNjYWRlc0RvbmU9MyZpbml0a...
  • https://id5-sync.com/qp/18.gif?puid=vec%3A11151523259&sd=Y2FzY2FkZXNSZW1haW5pbmc9NSZjYXNjYWRlc0RvbmU9MyZpbml0aWF0aW5nUGFydG5lcj00NjQmZm9ybWF0PWdpZiY
  • https://sync.crwdcntrl.net/map/c=13953/tp=IDFI/gdpr=1/gdpr_consent=?https://id5-sync.com/c/464/19/4/4.gif?puid=${profile_id}&gdpr=1&gdpr_consent=
  • https://sync.crwdcntrl.net/map/ct=y/c=13953/tp=IDFI/gdpr=1/gdpr_consent=?https://id5-sync.com/c/464/19/4/4.gif?puid=${profile_id}&gdpr=1&gdpr_consent=
  • https://id5-sync.com/c/464/19/4/4.gif?puid=beff360d2836f7fcc1291ff11341c167&gdpr=1&gdpr_consent=
  • https://ads.creative-serving.com/id5_cm?callback=https%3A%2F%2Fid5-sync.com%2Fc%2F464%2F101%2F3%2F5.gif%3Fpuid%3D%5BUID%5D%26gdpr%3D1%26gdpr_consent%3D
  • https://ads.creative-serving.com/ul_cb/id5_cm?callback=https%3A%2F%2Fid5-sync.com%2Fc%2F464%2F101%2F3%2F5.gif%3Fpuid%3D%5BUID%5D%26gdpr%3D1%26gdpr_consent%3D
  • https://id5-sync.com/c/464/101/3/5.gif?puid=dc67eb0c-39ee-46a7-8e79-993d557cb467&gdpr=1&gdpr_consent=
  • https://pixel.tapad.com/idsync/ex/push?partner_id=2922&partner_url=https%3A%2F%2Fid5-sync.com%2Fc%2F464%2F108%2F2%2F6.gif%3Fpuid%3D%24%7BTA_DEVICE_ID%7D%26gdpr%3D1%26gdpr_consent%3D&gdpr=1&gdpr_con...
  • https://pixel.tapad.com/idsync/ex/push/check?partner_id=2922&partner_url=https%3A%2F%2Fid5-sync.com%2Fc%2F464%2F108%2F2%2F6.gif%3Fpuid%3D%24%7BTA_DEVICE_ID%7D%26gdpr%3D1%26gdpr_consent%3D&gdpr=1&gd...
0
0
rtb-h
sync.taboola.com/sg/appierrtb-network/1/ Frame C923
Redirect Chain
  • https://s.c.appier.net/taboola
  • https://sync.taboola.com/sg/appierrtb-network/1/rtb-h?taboola_hm=ZqcCvSvxC9-90UUyl7IfYA
0
217 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.taboola.com/sg/appierrtb-network/1/rtb-h?taboola_hm=ZqcCvSvxC9-90UUyl7IfYA
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

tbl-x-upstream
10.40.0.175:10213
date
Sun, 07 Feb 2021 09:27:51 GMT
server
nginx
x-fastly-to-nlb-rtt
1883

Redirect headers

location
https://sync.taboola.com/sg/appierrtb-network/1/rtb-h?taboola_hm=ZqcCvSvxC9-90UUyl7IfYA
date
Sun, 07 Feb 2021 09:27:51 GMT
cache-control
no-store
server
nginx
content-type
text/html; charset=utf-8
content-length
110
p3p
CP="CUR ADM DEV TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cookiesync
bttrack.com/pixel/ Frame C923 		35 B
380 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bttrack.com/pixel/cookiesync?source=14b8c562-d12b-418b-b680-ad517d5839ec
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
192.132.33.46 , United States, ASN18568 (BIDTELLECT, US),
Reverse DNS
46.bidtellect.com
Software
Microsoft-IIS/8.5 /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

X-ServerName
Track001-dc3
Pragma
no-cache
Date
Sun, 07 Feb 2021 09:27:46 GMT
X-AspNetMvc-Version
5.2
Server
Microsoft-IIS/8.5
X-AspNet-Version
4.0.30319
P3P
CP="CAO DSP COR ADMo DEVo PSAo PSDo HISo IVAo IVDo OUR IND OTC"
Cache-Control
private,no-cache
Content-Type
image/gif
Content-Length
35
Expires
-1
/
cds.taboola.com/ Frame C923 		0
155 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cds.taboola.com/?uid=60c1ca51-6d9d-4a2b-a987-c378e4b5fd29-tuct7193816&_r=3883585
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.224.32 , United States, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Date
Sun, 07 Feb 2021 09:27:50 GMT
Cache-Control
no-store
Server
nginx
Connection
close
rtb-h
sync-t1.taboola.com/sg/bidswitch-network/1/ Frame C923
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=taboola&gdpr=0&gdpr_consent=
  • https://x.bidswitch.net/ul_cb/sync?ssp=taboola&gdpr=0&gdpr_consent=
  • https://u.ipw.metadsp.co.uk/sync?ssp=bidswitch&bidswitch_ssp_id=taboola&bsw_user_id=${BSW_USER_UD}&bsw_param=b3e88cc3-8e89-42e3-9097-5a1ed0a8d16d&gdpr=0&gdpr_consent=&gdpr_pd=&us_privacy=
  • https://x.bidswitch.net/sync?dsp_id=339&expires=14&user_group=0&user_id=&ssp=taboola&bsw_param=b3e88cc3-8e89-42e3-9097-5a1ed0a8d16d
  • https://sync-t1.taboola.com/sg/bidswitch-network/1/rtb-h?taboola_hm=b3e88cc3-8e89-42e3-9097-5a1ed0a8d16d
0
226 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync-t1.taboola.com/sg/bidswitch-network/1/rtb-h?taboola_hm=b3e88cc3-8e89-42e3-9097-5a1ed0a8d16d
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

tbl-x-upstream
10.40.0.175:10213
date
Sun, 07 Feb 2021 09:27:51 GMT
server
nginx
x-fastly-to-nlb-rtt
1882

Redirect headers

location
//sync-t1.taboola.com/sg/bidswitch-network/1/rtb-h?taboola_hm=b3e88cc3-8e89-42e3-9097-5a1ed0a8d16d
date
Sun, 07 Feb 2021 09:27:51 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
c5dbff36383f1689985bc66b6e47efad.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_240%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 		14 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_240%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/c5dbff36383f1689985bc66b6e47efad.jpg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
199.232.137.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
cloudinary /
Resource Hash
427f217c0e0f0b380e15d885356bf1094bc47019563e66bf46454264a2c5cdb8

Request headers

Referer
https://newstral.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-vcl-time-ms
1
date
Sun, 07 Feb 2021 09:27:50 GMT
via
1.1 varnish, 1.1 varnish, 1.1 varnish
age
1040400
edge-cache-tag
322225708252158650412406976584958651105,591629115298843029277391227329535378344,29ecf9b93bbf306179626feeda1fab70
expiration
expiry-date="Mon, 22 Feb 2021 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
x-cache
MISS, HIT, HIT
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_240%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/c5dbff36383f1689985bc66b6e47efad.jpg
content-length
14729
x-served-by
cache-dca17782-DCA, cache-dca17751-DCA, cache-hhn11539-HHN
last-modified
Fri, 22 Jan 2021 08:55:27 GMT
server
cloudinary
x-timer
S1612690071.848571,VS0,VE1
etag
"c7940c44aeb0f5ab620f6f011fd7f4ce"
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=7776000
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 1, 1
45281c6ebc417fd3ca6d296ade78aaf2.png
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_240%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 		10 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_240%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/45281c6ebc417fd3ca6d296ade78aaf2.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
199.232.137.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
cloudinary /
Resource Hash
5dd2c0a04b2cef04f0fcb4afc8778ebdb160dcd1c0595389b7649ffc69448f57

Request headers

Referer
https://newstral.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-vcl-time-ms
1
date
Sun, 07 Feb 2021 09:27:50 GMT
via
1.1 varnish, 1.1 varnish, 1.1 varnish
age
4609001
edge-cache-tag
435820716379162251301853592062657318456,591629115298843029277391227329535378344,29ecf9b93bbf306179626feeda1fab70
expiration
expiry-date="Mon, 21 Dec 2020 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
x-cache
MISS, HIT, HIT
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_240%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/45281c6ebc417fd3ca6d296ade78aaf2.png
content-length
10118
x-served-by
cache-dca17770-DCA, cache-dca17777-DCA, cache-hhn11539-HHN
last-modified
Fri, 20 Nov 2020 06:55:35 GMT
server
cloudinary
x-timer
S1612690071.848810,VS0,VE1
etag
"8349ce1d067190cb93f660cc3c9169e9"
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=7776000
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 1, 1
694767632__l11nh9S9.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_240%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/GETTY_IMAGES/EPL/ 		14 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_240%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/GETTY_IMAGES/EPL/694767632__l11nh9S9.jpg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
199.232.137.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
cloudinary /
Resource Hash
ef4de5e72046505e542d0768bac09497dcdfa21a3cff1c240376c770b01ebd09

Request headers

Referer
https://newstral.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-vcl-time-ms
1
date
Sun, 07 Feb 2021 09:27:50 GMT
via
1.1 varnish, 1.1 varnish, 1.1 varnish
age
340756
edge-cache-tag
470447414922481702059871054848085765359,591629115298843029277391227329535378344,29ecf9b93bbf306179626feeda1fab70
expiration
expiry-date="Mon, 15 Feb 2021 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
x-cache
MISS, HIT, HIT
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_240%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/GETTY_IMAGES/EPL/694767632__l11nh9S9.jpg
content-length
14213
x-served-by
cache-dca17761-DCA, cache-dca17756-DCA, cache-hhn11539-HHN
last-modified
Fri, 15 Jan 2021 12:10:03 GMT
server
cloudinary
x-timer
S1612690071.848783,VS0,VE1
etag
"84e2035ad54ffd89d33522ef698b575d"
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 1, 1
7c6fb24b57f41d07652c857bc415a6b1.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_240%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 		14 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_240%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/7c6fb24b57f41d07652c857bc415a6b1.jpg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
199.232.137.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
cloudinary /
Resource Hash
5e6c7ddc165e33c75ffbf62c0f928bfbcfb33457a7e6303c2bc0a404d16f4afd

Request headers

Referer
https://newstral.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-vcl-time-ms
1
date
Sun, 07 Feb 2021 09:27:50 GMT
via
1.1 varnish, 1.1 varnish, 1.1 varnish
age
2817822
edge-cache-tag
448228625007427010084828234612577648355,591629115298843029277391227329535378344,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-cache
MISS, HIT, HIT
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_240%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/7c6fb24b57f41d07652c857bc415a6b1.jpg
content-length
14814
x-request-id
0518ae9aba0557c08b822729451c0173
x-served-by
cache-dca17767-DCA, cache-dca17770-DCA, cache-hhn11539-HHN
last-modified
Wed, 23 Dec 2020 14:57:15 GMT
server
cloudinary
x-timer
S1612690071.864371,VS0,VE1
etag
"421e5ff7b3fcac25ff078382f33620d1"
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=7776000
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 1, 1
f539211219b796ffbb49949997c764f0.png
cdn.taboola.com/libtrc/static/thumbnails/ 		254 B
691 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.taboola.com/libtrc/static/thumbnails/f539211219b796ffbb49949997c764f0.png
Requested by
Host: newstral.com
URL: https://newstral.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
f68019eb4b4e5933301d4ee75969e0cb94ed8333bf514630fa749eb9c3e483c9

Request headers

Referer
https://newstral.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-amz-version-id
hL.cyLD7Q4TL5ceY.7JQwF9m5IYI8mkC
via
1.1 varnish
etag
"dfa7b52c86e56bd67fa4002f6ed19854"
age
19826
x-cache
HIT
x-amz-replication-status
COMPLETED
content-length
254
x-amz-id-2
Vjnfq2okxpLEG/cBVxSfv3DOOCGN7KTpixt29L7DwUhoZL6eRlgDSODZqhfatrYL58q01gaLKf4=
x-served-by
cache-fra19164-FRA
last-modified
Wed, 24 Jun 2015 07:14:11 GMT
server
AmazonS3
x-amz-meta-s3cmd-attrs
uid:0/gname:root/uname:root/gid:0/mode:33188/mtime:1377415166/atime:1435052450/md5:dfa7b52c86e56bd67fa4002f6ed19854/ctime:1422381567
x-timer
S1612690071.608020,VS0,VE0
date
Sun, 07 Feb 2021 09:27:50 GMT
x-amz-request-id
F6D91014AAA6CDC4
cache-control
private,max-age=31536000
accept-ranges
bytes
content-type
image/png
abp
92
x-cache-hits
10574
c5dbff36383f1689985bc66b6e47efad.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_240%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 		14 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_240%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/c5dbff36383f1689985bc66b6e47efad.jpg
Requested by
Host: newstral.com
URL: https://newstral.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
199.232.137.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
cloudinary /
Resource Hash
427f217c0e0f0b380e15d885356bf1094bc47019563e66bf46454264a2c5cdb8

Request headers

Referer
https://newstral.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-vcl-time-ms
0
date
Sun, 07 Feb 2021 09:27:50 GMT
via
1.1 varnish, 1.1 varnish, 1.1 varnish
age
1040400
edge-cache-tag
322225708252158650412406976584958651105,591629115298843029277391227329535378344,29ecf9b93bbf306179626feeda1fab70
expiration
expiry-date="Mon, 22 Feb 2021 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
x-cache
MISS, HIT, HIT
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_240%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/c5dbff36383f1689985bc66b6e47efad.jpg
content-length
14729
x-served-by
cache-dca17782-DCA, cache-dca17751-DCA, cache-hhn11539-HHN
last-modified
Fri, 22 Jan 2021 08:55:27 GMT
server
cloudinary
x-timer
S1612690071.875786,VS0,VE0
etag
"c7940c44aeb0f5ab620f6f011fd7f4ce"
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=7776000
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 1, 2
694767632__l11nh9S9.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_240%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/GETTY_IMAGES/EPL/ 		14 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_240%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/GETTY_IMAGES/EPL/694767632__l11nh9S9.jpg
Requested by
Host: newstral.com
URL: https://newstral.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
199.232.137.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
cloudinary /
Resource Hash
ef4de5e72046505e542d0768bac09497dcdfa21a3cff1c240376c770b01ebd09

Request headers

Referer
https://newstral.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-vcl-time-ms
0
date
Sun, 07 Feb 2021 09:27:50 GMT
via
1.1 varnish, 1.1 varnish, 1.1 varnish
age
340756
edge-cache-tag
470447414922481702059871054848085765359,591629115298843029277391227329535378344,29ecf9b93bbf306179626feeda1fab70
expiration
expiry-date="Mon, 15 Feb 2021 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
x-cache
MISS, HIT, HIT
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_240%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/GETTY_IMAGES/EPL/694767632__l11nh9S9.jpg
content-length
14213
x-served-by
cache-dca17761-DCA, cache-dca17756-DCA, cache-hhn11539-HHN
last-modified
Fri, 15 Jan 2021 12:10:03 GMT
server
cloudinary
x-timer
S1612690071.907138,VS0,VE0
etag
"84e2035ad54ffd89d33522ef698b575d"
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 1, 2
45281c6ebc417fd3ca6d296ade78aaf2.png
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_240%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 		10 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_240%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/45281c6ebc417fd3ca6d296ade78aaf2.png
Requested by
Host: newstral.com
URL: https://newstral.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
199.232.137.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
cloudinary /
Resource Hash
5dd2c0a04b2cef04f0fcb4afc8778ebdb160dcd1c0595389b7649ffc69448f57

Request headers

Referer
https://newstral.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-vcl-time-ms
0
date
Sun, 07 Feb 2021 09:27:50 GMT
via
1.1 varnish, 1.1 varnish, 1.1 varnish
age
4609001
edge-cache-tag
435820716379162251301853592062657318456,591629115298843029277391227329535378344,29ecf9b93bbf306179626feeda1fab70
expiration
expiry-date="Mon, 21 Dec 2020 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
x-cache
MISS, HIT, HIT
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_240%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/45281c6ebc417fd3ca6d296ade78aaf2.png
content-length
10118
x-served-by
cache-dca17770-DCA, cache-dca17777-DCA, cache-hhn11539-HHN
last-modified
Fri, 20 Nov 2020 06:55:35 GMT
server
cloudinary
x-timer
S1612690071.908227,VS0,VE0
etag
"8349ce1d067190cb93f660cc3c9169e9"
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=7776000
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 1, 2
7c6fb24b57f41d07652c857bc415a6b1.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_240%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 		14 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_240%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/7c6fb24b57f41d07652c857bc415a6b1.jpg
Requested by
Host: newstral.com
URL: https://newstral.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
199.232.137.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
cloudinary /
Resource Hash
5e6c7ddc165e33c75ffbf62c0f928bfbcfb33457a7e6303c2bc0a404d16f4afd

Request headers

Referer
https://newstral.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-vcl-time-ms
0
date
Sun, 07 Feb 2021 09:27:50 GMT
via
1.1 varnish, 1.1 varnish, 1.1 varnish
age
2817822
edge-cache-tag
448228625007427010084828234612577648355,591629115298843029277391227329535378344,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-cache
MISS, HIT, HIT
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_240%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/7c6fb24b57f41d07652c857bc415a6b1.jpg
content-length
14814
x-request-id
0518ae9aba0557c08b822729451c0173
x-served-by
cache-dca17767-DCA, cache-dca17770-DCA, cache-hhn11539-HHN
last-modified
Wed, 23 Dec 2020 14:57:15 GMT
server
cloudinary
x-timer
S1612690071.917876,VS0,VE0
etag
"421e5ff7b3fcac25ff078382f33620d1"
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=7776000
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 1, 2
amp4ads-v0.mjs
cdn.ampproject.org/rtv/012010270040000/ Frame 4967 		180 KB
50 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012010270040000/amp4ads-v0.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021020201.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b2ab9ac436910017b9a2ca7db0e981bad3638db97f576d713eaa9b302e06c094
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://newstral.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
164330
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
51478
x-xss-protection
0
server
sffe
date
Fri, 05 Feb 2021 11:49:01 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/javascript
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"0305d7d21a7fe4a1"
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 05 Feb 2022 11:49:01 GMT
amp-ad-exit-0.1.mjs
cdn.ampproject.org/rtv/012010270040000/v0/ Frame 4967 		13 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012010270040000/v0/amp-ad-exit-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021020201.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ebab910fdc7c7e9e079caa9f7321177b135b2e1542f86ce36937ceb41865086d
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://newstral.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
164352
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4850
x-xss-protection
0
server
sffe
date
Fri, 05 Feb 2021 11:48:39 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/javascript
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"77bd676d834aaa8d"
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 05 Feb 2022 11:48:39 GMT
amp-analytics-0.1.mjs
cdn.ampproject.org/rtv/012010270040000/v0/ Frame 4967 		90 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012010270040000/v0/amp-analytics-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021020201.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
477549a4d5fb644cda6bf64af01631b8411022d88e608bbd8e5a06e327b391cb
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://newstral.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
164359
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
27668
x-xss-protection
0
server
sffe
date
Fri, 05 Feb 2021 11:48:32 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/javascript
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"1304c1c0caf7ca3c"
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 05 Feb 2022 11:48:32 GMT
amp-fit-text-0.1.mjs
cdn.ampproject.org/rtv/012010270040000/v0/ Frame 4967 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012010270040000/v0/amp-fit-text-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021020201.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a86753d4effe5e607d4eaf03fe37eccb8cac743a528f874f736f4d7f35e094b1
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://newstral.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
164359
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1350
x-xss-protection
0
server
sffe
date
Fri, 05 Feb 2021 11:48:32 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/javascript
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"12c034eb739190af"
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 05 Feb 2022 11:48:32 GMT
amp-form-0.1.mjs
cdn.ampproject.org/rtv/012010270040000/v0/ Frame 4967 		41 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012010270040000/v0/amp-form-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021020201.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b61eb57ae77f31b91b04781da33023ecd897fda21f6c817e6c27623204046f42
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://newstral.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
162496
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13075
x-xss-protection
0
server
sffe
date
Fri, 05 Feb 2021 12:19:35 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/javascript
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"1e8a1dae72af56cd"
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 05 Feb 2022 12:19:35 GMT
truncated
/ Frame 4967 		215 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
0492f5696852a31a28cf93190f1f6d68620e65410d63436efff1625ce05d82b6

Request headers

Referer
https://newstral.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type
image/png
15442275016066752036
tpc.googlesyndication.com/simgad/ Frame 4967 		38 KB
38 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/15442275016066752036
Requested by
Host: newstral.com
URL: https://newstral.com/
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
89e98c78e5f6f22caf0cd50de5aec61335bff422f120373ff5b394ffd31d0a25
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://newstral.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 02 Feb 2021 12:00:23 GMT
x-content-type-options
nosniff
age
422848
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
39200
x-xss-protection
0
last-modified
Tue, 25 Aug 2020 11:20:48 GMT
server
sffe
content-type
image/gif
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 02 Feb 2022 12:00:23 GMT
de.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 4967 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/adchoices/de.png
Requested by
Host: newstral.com
URL: https://newstral.com/
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8471f381394962167d7d0cbbd9ffbd1f19d3ef6c48a7d9e3209142e674481368
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://newstral.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin
*
date
Sun, 07 Feb 2021 09:22:27 GMT
x-content-type-options
nosniff
server
cafe
age
324
etag
6601037253665971276
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
content-type
image/png
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2958
x-xss-protection
0
expires
Mon, 08 Feb 2021 09:22:27 GMT
icon.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 4967 		295 B
748 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png
Requested by
Host: newstral.com
URL: https://newstral.com/
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://newstral.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin
*
date
Sat, 06 Feb 2021 16:21:27 GMT
x-content-type-options
nosniff
server
cafe
age
61584
etag
426692510519060060
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
content-type
image/png
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
295
x-xss-protection
0
expires
Sun, 07 Feb 2021 16:21:27 GMT
l
www.google.com/ads/measurement/ Frame 4967 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaQTBv9MP9ZsoVE7dEso90aBJtt0-xasIxAQ8-w2Dj-IbqCdKlX0rlPcYU_v3fo7x6ZX-gn2
Requested by
Host: newstral.com
URL: https://newstral.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://newstral.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers
adview
securepubads.g.doubleclick.net/pagead/ Frame 4967 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=C5VhUlrIfYJGrHcKAjuwP-tyf6AXU94LEYKnWsJSaDL_oor3AARABIL-qxQhgkYSThfwXoAH7lLHtA8gBA6kCBuv2zag2tD7gAgCoAwHIAwiqBM0BT9D7Xg_ZwUukzHd6ClVIWgqZi_pEHk97uC-9PYIhHgpd-_YAq0Bq1oSEFzFocl-GYw7ZUHJvlW1hUnlfLmElbDKiYVOw2Ca6STC3QfZyj2IkoJ4zjmUNC1bb5PYKPyZTwsaCYDqOL6-Lafe5xl_ijqYc-Q-DlEeGiDEMYf_HrfTaKC522oTrcVNwW0cORut4aUiXs8LklhWQXefovcy9dNvxsVc8SeMyeMC7DWMK57Tzv48jv_1pcADZ3nHp9JyUdQC8u1jglrWQm_rtxcAEtfra-78C4AQBkgUECAQYAZIFBAgFGASgBgOAB-3qzhKoB9XJG6gH8NkbqAfy2RuoB47OG6gHk9gbqAe6BqgH7paxAqgHpr4bqAfs1RvYBwHyBwQQn8MJ0ggJCIDhgFAQARgdgAoByAsB2BMNshcaChgIABIUcHViLTI1ODE3MjI3MjY5NzI3MTI&sigh=VYmFBPdOnSc&tpd=AGWhJmtaaXpPmMCKsc8WPBzLliXw2vshHvd6lXRHPwzQKKs5jA
Requested by
Host: newstral.com
URL: https://newstral.com/
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
142.250.185.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f2.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://newstral.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers
gen_204
pagead2.googlesyndication.com/pagead/ 		0
121 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=gpt_sz&pvsid=2050672389862766&r=728x90&w=728&h=90&a=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://newstral.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 07 Feb 2021 09:27:51 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
6e83410fdc7791b7bc4029de1bec63cc.safeframe.googlesyndication.com/safeframe/1-0-37/html/ Frame 3D02 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://6e83410fdc7791b7bc4029de1bec63cc.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021020201.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
6e83410fdc7791b7bc4029de1bec63cc.safeframe.googlesyndication.com
:scheme
https
:path
/safeframe/1-0-37/html/container.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://newstral.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://newstral.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
2973
date
Sun, 07 Feb 2021 09:27:50 GMT
expires
Mon, 07 Feb 2022 09:27:50 GMT
last-modified
Thu, 21 Nov 2019 16:01:11 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, immutable, max-age=31536000
age
1
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
container.html
6e83410fdc7791b7bc4029de1bec63cc.safeframe.googlesyndication.com/safeframe/1-0-37/html/ Frame DD90 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://6e83410fdc7791b7bc4029de1bec63cc.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021020201.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
6e83410fdc7791b7bc4029de1bec63cc.safeframe.googlesyndication.com
:scheme
https
:path
/safeframe/1-0-37/html/container.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://newstral.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://newstral.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
2973
date
Sun, 07 Feb 2021 09:27:50 GMT
expires
Mon, 07 Feb 2022 09:27:50 GMT
last-modified
Thu, 21 Nov 2019 16:01:11 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, immutable, max-age=31536000
age
1
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
osd.js
www.googletagservices.com/activeview/js/current/ 		74 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/osd.js?cb=%2Fr20100101
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021020201.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7745c31d889bee13c0417bc929a1ccc247651891f86dbac0ca823855495d16a4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://newstral.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sun, 07 Feb 2021 09:27:51 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1612389176576780"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
28346
x-xss-protection
0
expires
Sun, 07 Feb 2021 09:27:51 GMT
sodar
pagead2.googlesyndication.com/getconfig/ 		9 KB
7 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2021020201&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021020201.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
1802b4d339502a7c7ea57e3a514726e2b10cc43879cdab481ee803ec9be7e2ff
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://newstral.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin
*
date
Sun, 07 Feb 2021 09:27:51 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
6791
x-xss-protection
0
sodar2.js
tpc.googlesyndication.com/sodar/ 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021020201.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d9cebb89ed3e16a74386f743f3fc12fe98cb4fc5c11f03af5febdf1141ca6a39
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://newstral.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sun, 07 Feb 2021 09:27:51 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1611170586013198"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6403
x-xss-protection
0
expires
Sun, 07 Feb 2021 09:27:51 GMT
si
googleads.g.doubleclick.net/pagead/drt/ Frame 4967
Redirect Chain
  • https://www.google.com/pagead/drt/ui
  • https://googleads.g.doubleclick.net/pagead/drt/si
0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://googleads.g.doubleclick.net/pagead/drt/si
Requested by
Host: newstral.com
URL: https://newstral.com/
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Redirect headers

date
Sun, 07 Feb 2021 09:27:51 GMT
x-content-type-options
nosniff
server
safe
content-type
text/html; charset=UTF-8
location
https://googleads.g.doubleclick.net/pagead/drt/si
cache-control
private
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
246
x-xss-protection
0
runner.html
tpc.googlesyndication.com/sodar/sodar2/221/ Frame DEA9 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/221/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
tpc.googlesyndication.com
:scheme
https
:path
/sodar/sodar2/221/runner.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://newstral.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://newstral.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
content-length
4984
date
Sat, 06 Feb 2021 21:24:31 GMT
expires
Sun, 06 Feb 2022 21:24:31 GMT
last-modified
Tue, 08 Dec 2020 21:41:15 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, max-age=31536000
age
43400
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
bulk
trc.taboola.com/newstralcom-network/log/3/ 		0
380 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://trc.taboola.com/newstralcom-network/log/3/bulk?route=AM%3AAM%3AV&lti=deflated&bulkSize=1
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20210201-3-RELEASE.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://newstral.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

x-vcl-time-ms
9
pragma
no-cache
date
Sun, 07 Feb 2021 09:27:51 GMT
via
1.1 varnish
server
nginx
x-timer
S1612690072.593679,VS0,VE9
x-served-by
cache-fra19164-FRA
x-cache
MISS
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin
https://newstral.com
cache-control
no-cache
access-control-allow-credentials
true
accept-ranges
bytes
content-type
image/gif
x-cache-hits
0
visible
trc.taboola.com/newstralcom-network/log/3/ 		0
61 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://trc.taboola.com/newstralcom-network/log/3/visible?route=AM%3AAM%3AV&lti=deflated
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20210201-3-RELEASE.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://newstral.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

x-vcl-time-ms
21
pragma
no-cache
date
Sun, 07 Feb 2021 09:27:51 GMT
via
1.1 varnish
server
nginx
x-timer
S1612690072.595441,VS0,VE21
x-served-by
cache-fra19164-FRA
x-cache
MISS
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin
https://newstral.com
cache-control
no-cache
access-control-allow-credentials
true
accept-ranges
bytes
content-type
image/gif
x-cache-hits
0
gen_204
pagead2.googlesyndication.com/pagead/ 		0
23 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=221&t=2&li=gpt_2021020201&jk=2050672389862766&bg=!HB-lH1zNAAWnsTPUpzsAKQB2-Dxam9T9jmjtrbE850P6HT3lGkY6N6poqDuqvLvR4yl2LfdOVrJFAgAAAIVSAAAAIWgBBwoAjdMZKtykKkfBMavVR8WnsBQUAwm9WOM1RB83ry2cZpO5dkvq9v7eL8IVBDprbS658VaVA2hByRpLuIUcfhsqq-tbyuYgZTEab4HBGDDIuSIneMyOYS2nVVqx_AyuulvXihIGs6PNosGIRTm0emz2Suz5AtqYvUSuep-Yr07vVJgI9rdrrk8ACcq19kNR0ZkBydGSpP1PaW9ssy9tPP-k_cGf-S7uUM5Wtl5w5q-_VNQnq3fh3J53Nq8CGZwjgZQX_3_MH6NwEB4AvzWPPjqpxttBEN6JqNAfeb9kC9iuB1UEtvLR4c6elYWGTkPqvSCkwfcw96jyqTExW69UuFwcKY7ZWykFJngcUlP2n_AIEAsF2JajTCG_yxDnO6ft89Au6RL5IH0mewFplid4KwhrnIqEQ-tqf0V90Q_LcYruGojwrfBAQ63KNh8woN0OW_s4C4QWZRGtM3UhkclfTz6vIl9hnTrRBqQm-hisja-NG5ytwrPIia3fUsKZAKksNNA60oc-rpCYP4wce6zgEV-tUcLlzvG-kDszxeSkXVxLJS9T7IDWv2_MxY05ZCb0a-HHNMTfpcvN8u2lrsgqRHyNMUhQOXsxdSEGGlDt2Xn25Mk135XmfsQU-u556kw1Dg47tcEe0u4lAayiZjZSg-fbnf8oDAmf-cYeN35pCrxcJ2m-yGUzgvVyRm-Or2Ju_7d5DMGaQIXpWbG6r62a5zgDEAeW66uSYlZPKKnnvT8utzSflKmtKrQjrxiZIMlqjmnk16KkvfQSRu3RvpVvnyb4_qeOFpOIxCg9IDM
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://newstral.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 07 Feb 2021 09:27:51 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame 4967 		42 B
91 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvpVZSgigQ8BsbK7E4jaaJTJyhnuIE26zNvtZU6h2R5UIz39GvUkToRL9VzPOC4jhuR4cWgd_NNmBgGVZUwjiZ-HEGMLsTkuvpcDDlE_8Yjh4SSSRPmJdnQx5cx6w&sai=AMfl-YSRN-KW7BmOnMqHcgjHzutrJuAHh0g_oXDA9GYhUI--Uj-Imy8SBJ-UFRqCsUSdBL8e9MKgZZUJHKGiT-hj-t1pQHRITqHAJmTKJCYvv-FuMRLXT93bMfeq5IEZgR4&sig=Cg0ArKJSzPOl5-R5PM-GEAE&cid=CAASPeRoe0NdhaA888JBQXtQtOHR0tTLOz_VXZ1tAjDWNnZq8yj8z9Qk_yV2kv4DxOhAGX7BWJOjNEA_wW2XSpw&id=ampim&o=261,28&d=728,90&ss=1600,1200&bs=1600,1200&mcvt=1000&mtos=0,0,1000,1000,1000&tos=0,0,1000,0,0&tfs=165&tls=1165&g=100&h=100&tt=1166&r=v&avms=ampa&adk=4171062558
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://newstral.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 07 Feb 2021 09:27:52 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
5ae5ee799e
bam-cell.nr-data.net/events/1/ 		24 B
488 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bam-cell.nr-data.net/events/1/5ae5ee799e?a=2167107&v=1198.fe6ec20&to=dwxbQEBdD19XE04VUVgAWllXHRNBVxISPUZRFVxRRQ%3D%3D&rst=11042&ck=1&ref=https://newstral.com/
Requested by
Host: js-agent.newrelic.com
URL: https://js-agent.newrelic.com/nr-1198.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
162.247.243.147 San Francisco, United States, ASN23467 (NEWRELIC-AS-1, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0c9cf152a0ad00d4f102c93c613c104914be5517ac8f8e0831727f8bfbe8b300

Request headers

Referer
https://newstral.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
content-type
text/plain

Response headers

Date
Sun, 07 Feb 2021 09:28:00 GMT
CF-Cache-Status
DYNAMIC
Server
cloudflare
Expect-CT
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
Vary
Accept-Encoding
Content-Type
image/gif
Access-Control-Allow-Origin
https://newstral.com
Access-Control-Allow-Credentials
true
Connection
keep-alive
CF-Ray
61dc140b2aa50c79-AMS
Content-Length
24
cf-request-id
081d6adaf900000c7912a7c000000001

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
widgets.twimg.com
URL
https://widgets.twimg.com/j/2/widget.js
Domain
pixel.tapad.com
URL
https://pixel.tapad.com/idsync/ex/push/check?partner_id=2922&partner_url=https%3A%2F%2Fid5-sync.com%2Fc%2F464%2F108%2F2%2F6.gif%3Fpuid%3D%24%7BTA_DEVICE_ID%7D%26gdpr%3D1%26gdpr_consent%3D&gdpr=1&gdpr_consent=

Verdicts & Comments Add Verdict or Comment

90 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| ontransitionrun object| ontransitionstart object| ontransitioncancel object| cookieStore function| showDirectoryPicker function| showOpenFilePicker function| showSaveFilePicker object| trustedTypes boolean| crossOriginIsolated object| NREUM object| newrelic function| __nr_require object| _taboola function| $ function| jQuery function| DP_jQuery_1612690070036 object| regexp object| Newstral object| _gaq string| pluginUrl object| bootbox object| jQuery172026226343907507643 function| AbstractChosen function| SelectParser object| html5 object| Modernizr function| yepnope object| L object| googletag object| uvOptions object| TRC object| _tblConsole undefined| msg object| _gat object| UserVoice object| __kombuchas function| __uvSessionData0 object| ggeac object| google_js_reporting_queue object| e function| f object| gaGlobal function| __trcCopyProps function| __trcFromError function| __trcClientTimestamp function| __trcLog function| __trcError function| __trcDebug function| __trcInfo function| __trcWarn function| __trcDOMWalker function| __trcJSONify function| __trcUnJSONify function| __trcTrim function| __trcGetElementsByClass function| __trcToArray function| __trcObjectCreate function| PageManager function| addHashParam number| trc_debug_level string| trc_article_id object| TRCImpl number| taboola_view_id function| Goog_AdSense_getAdAdapterInstance function| Goog_AdSense_OsdAdapter undefined| google_measure_js_timing object| googleToken object| googleIMState function| processGoogleToken number| __google_ad_urls_id number| google_unique_id object| placementData object| google_image_requests object| __google_ad_urls boolean| google_osd_loaded boolean| google_onload_fired object| ampInaboxIframes object| ampInaboxPendingMessages object| ampInaboxPositionObserver object| ampInaboxFrameOverlayManager object| GoogleGcLKhOms function| Goog_Osd_UnloadAdBlock function| Goog_Osd_UpdateElementToMeasure function| google_osd_amcb

8 Cookies

Domain/Path Name / Value
.newstral.com/ Name: __utmb
Value: 264669456.3.8.1612690070
.newstral.com/ Name: this_visit
Value: 2021-02-07+10%3A27%3A49+%2B0100
.newstral.com/ Name: __utmc
Value: 264669456
.newstral.com/ Name: __utmt
Value: 1
.newstral.com/ Name: __utma
Value: 264669456.1579545961.1612690070.1612690070.1612690070.1
.newstral.com/ Name: _newstral_session
Value: ejRDMkhqVzN4T1JGK2Jvekg3aWUwL0dia3NBWGhzYVZCUUQvSUlTa2VEOFhWM1MwK05nNUg0Tm52eXM5Y1IxaFdxMCsyMFBqcy8wMFBFbUxSZ2hoTzhCT1V1OVA4bW9uNjNZT2RqZTVYZk4yU3h6aEFhaHhCeEVYd0p4K2RVNTdoZUZ0c0g5UmNMWlJKV2FKbVpkUFVLdWkzNFBRSThGWll1SC9WWEQ1UDBzRjk2VUkzUG9maW00TmpJWEFxbHNObG9wN2Y0SmdaV08rUytUSC8yNSt2SVdPcUZGdFJ6VFFlSk5WNjA2aVRQVT0tLWx1eUJKZStBNmVDdXdFVmkwdWZQZ2c9PQ%3D%3D--086279cedb4599389142e276f75fdeadb90ab943
.newstral.com/ Name: __utmz
Value: 264669456.1612690070.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none)
.newstral.com/ Name: wildcard_guest
Value: BAhsKwe9OxBG--3931ab797370e4eeed7cc10a4363c33d2956500b

3 Console Messages

Source Level URL
Text
console-api log URL: https://newstral.com/(Line 51)
Message:
no cookie
console-api log URL: https://newstral.com/assets/application_desktop_web-049f2b6d27aacbbcde1d18c6a93f5570018f478998a217523f304a1e31cc490f.js(Line 307)
Message:
add taboola sky
console-api info URL: https://cdn.ampproject.org/rtv/012010270040000/amp4ads-v0.mjs(Line 9)
Message:
Powered by AMP ⚡ HTML – Version 2010270040000 https://newstral.com/

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=15768000

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

6e83410fdc7791b7bc4029de1bec63cc.safeframe.googlesyndication.com
adservice.google.com
adservice.google.de
ajax.googleapis.com
bam-cell.nr-data.net
bh.contextweb.com
bttrack.com
by2.uservoice.com
cdn.ampproject.org
cdn.taboola.com
cds.taboola.com
ce.lijit.com
cm.g.doubleclick.net
dis.criteo.com
dsp.adkernel.com
e1.emxdgt.com
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
ib.adnxs.com
images.taboola.com
js-agent.newrelic.com
match.adsrvr.org
match.taboola.com
newstral.com
newstral.de
pagead2.googlesyndication.com
pixel.rubiconproject.com
pixel.tapad.com
rtb-csync.smartadserver.com
rtb.mfadsrvr.com
s.c.appier.net
securepubads.g.doubleclick.net
simage2.pubmatic.com
stats.g.doubleclick.net
sync-t1.taboola.com
sync.taboola.com
tpc.googlesyndication.com
trc.taboola.com
u.ipw.metadsp.co.uk
widget.uservoice.com
widgets.twimg.com
www.google-analytics.com
www.google.com
www.googletagservices.com
x.bidswitch.net
pixel.tapad.com
widgets.twimg.com
138.201.137.196
141.226.224.32
141.226.228.48
142.250.185.194
142.250.186.34
151.101.13.44
151.101.14.110
162.247.243.147
172.104.64.149
174.137.133.49
178.250.2.151
18.158.93.70
18.195.155.181
185.33.221.90
185.64.190.80
185.86.139.113
192.132.33.46
198.148.27.139
199.232.137.44
216.52.2.39
2606:4700::6811:1f5c
2a00:1450:4001:802::200a
2a00:1450:4001:803::2002
2a00:1450:4001:80f::2001
2a00:1450:4001:80f::2004
2a00:1450:4001:812::200e
2a00:1450:4001:827::2002
2a00:1450:4001:827::200a
2a00:1450:4001:828::2003
2a00:1450:4001:829::2001
2a00:1450:4001:829::2002
2a00:1450:4001:82a::2001
2a00:1450:4001:82a::200a
2a00:1450:400c:c00::9a
2a00:1450:400c:c00::9b
35.157.13.124
35.210.239.72
54.228.114.223
69.173.144.138
005705f46afd95fa9d1c7ec5e965bfdbae2d36f3fdded0286fa9728b6ab76e07
0060feaf2ce46b637773d552d76e49dc7316889e303a1b802b40fa7f2828d9ad
0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073
0492f5696852a31a28cf93190f1f6d68620e65410d63436efff1625ce05d82b6
049f2b6d27aacbbcde1d18c6a93f5570018f478998a217523f304a1e31cc490f
0683f27c0749c374c50308408bd1ac23c9d23031ef6a1090fc9a1156983a09e3
0944b9477df8a1490559edbdbe2471b00c46a6aea636375741b29300a719d655
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0c9cf152a0ad00d4f102c93c613c104914be5517ac8f8e0831727f8bfbe8b300
0ca12fe083d6e9ac3432b0e05680d5c8fbfa0d0814f861bcf90dee5b9bad3853
15c6d92851a3493d2346a3c93c7f8a2c62c04a3531dfdf2aed81055f0c261a3c
17d772158edf5224b3bf68b80a3af5d81eae0b15f2e5020d5f1beffa126cc5d3
1802b4d339502a7c7ea57e3a514726e2b10cc43879cdab481ee803ec9be7e2ff
18e6b5ff511b90edf098e62ac45ed9d6673a3eee10165d0de4164d4d02a3a77f
1b1668ce69dfbad0061c6a679474c5e5f60b76aa219d51efc7d6d28097094c4e
1ec9785808a9fa83fdeb0f05acb6886bf97adc60b80406fd4a61211dd01e1af7
226b92672385808d3de1d634ad30806fef7cc28d0394940eb4afa5a209ab0b5a
39893061747f88b837a34d0395d05fca83e7cd5bbf2d582d181a73c5c9a174c6
3f5bb95acb874540892e54308a57b742c972dd7208d2cfd36b78b24304414b17
427f217c0e0f0b380e15d885356bf1094bc47019563e66bf46454264a2c5cdb8
477549a4d5fb644cda6bf64af01631b8411022d88e608bbd8e5a06e327b391cb
47b68dce8cb6805ad5b3ea4d27af92a241f4e29a5c12a274c852e4346a0500b4
488cac4f6ae3ffb05a7d88faeeba725526e1add78089d5a292fae1fd3db24718
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
5030cc991a2d5db19484dee64829fa74ee064ee7cb122225bea642aa54c065ce
5cb9fb31ab9fcb55ddc4b0df7164828ac9b37c6d41a545d48b2c831db99b1451
5dd2c0a04b2cef04f0fcb4afc8778ebdb160dcd1c0595389b7649ffc69448f57
5e6c7ddc165e33c75ffbf62c0f928bfbcfb33457a7e6303c2bc0a404d16f4afd
6181cd98fe270c2826d416574446841f86778bc45a0ab0bdd0c667b4e70fd6e8
6371cecfe9bee7ec1e9d9b310168532f1ba0fbf3a8dbe0a52b972577d8e662bd
672150d1240a9fbb8eb85df57d7290720fdc311e2464a6531fa955e23fac8056
69a9d4fb40dbea08b6d0352dc9e50fcde28e4918cb9d181987929a29e68ca37b
6a07c99c3a37483d639d887bd003af4e623fe9edd09b36758e30da374225aba0
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
7745c31d889bee13c0417bc929a1ccc247651891f86dbac0ca823855495d16a4
7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
83c87b0d5959419a7d9a1924b0307766d9423dd62d450b356a29a0040bcda58e
8471f381394962167d7d0cbbd9ffbd1f19d3ef6c48a7d9e3209142e674481368
84a8cde007334ea98b516068a756d6c9cfeec05f416337924184a92bc10cdc9e
89e98c78e5f6f22caf0cd50de5aec61335bff422f120373ff5b394ffd31d0a25
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7
989a73eb9e9faa5bcf87eb500ba218549b0b1ef37dc53d9ac948b33010bd78da
9b496f6af74a2f360ef712d02b63d29e20f2e3e1a5975004ead6a3674dfe457a
a05357b13e36ae360acfe4d84a2848eee119362ef123d50c1f5badc3e0d7e55f
a2252bdad795066b9fbeaa02ccec3a7352ffd19ffe77a3549a60188c921d13f5
a651f71bd5726b4375b164b3c09b0b87d26230468981d6d2511d8ff0ead2b063
a86753d4effe5e607d4eaf03fe37eccb8cac743a528f874f736f4d7f35e094b1
a8df692c8334a3b165e439b2da118dbffaa6f0f7f30c3fde9bbeacf9e8ed050a
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b2ab9ac436910017b9a2ca7db0e981bad3638db97f576d713eaa9b302e06c094
b61eb57ae77f31b91b04781da33023ecd897fda21f6c817e6c27623204046f42
b9c00a8a491ca69bf13b9a6aa459a7a35ce7c6c821f7a4204c4d4fab47a0407b
bd33ffebb82d0e70371aedd27d79a993c98b29fb0d5e3d8c99c376cc9d57414d
c241340d584d42ac2b4c0cacacece9a7ab52d62319362ef9dc457fe42c83b0db
c8cb742dbb60decab090cf738bfef2d8a780141573e9a2a3854bf3f78919faed
c91e2af7df1a9d8a403108592949a68b78ccbb50c38561aeb4cd1d107ebed276
d0409a1b73dab4e29dc40f92fb431fa9133baa23b4a1ffae4897f39068110e32
d10c94b6cdb747904baee9070f003bb45849da46f8100b1320f286c21cbcaaa1
d9cebb89ed3e16a74386f743f3fc12fe98cb4fc5c11f03af5febdf1141ca6a39
e281c8b217c70047b73ba00f2c9f3885ea5ebc2025493f72ac6266df1c44b5d9
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ebab910fdc7c7e9e079caa9f7321177b135b2e1542f86ce36937ceb41865086d
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef4de5e72046505e542d0768bac09497dcdfa21a3cff1c240376c770b01ebd09
f3af0877f9e717544ecfa6d30db33401654224efe4053fe2df1512e2ed76c99a
f68019eb4b4e5933301d4ee75969e0cb94ed8333bf514630fa749eb9c3e483c9