www.upmedia.mg Open in urlscan Pro
192.124.249.65 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://www.upmedia.mg/news_info.php?SerialNo=61811
Effective URL:
https://www.upmedia.mg/news_info.php?SerialNo=61811&Type=12
Submission: On February 07 via manual (February 7th 2022, 7:35:44 am UTC) from TW — Scanned from DE

Summary HTTP 360 Redirects Links 24 Behaviour Indicators

Summary

This website contacted 75 IPs in 10 countries across 61 domains to perform 360 HTTP transactions. The main IP is 192.124.249.65, located in Menifee, United States and belongs to SUCURI-SEC, US. The main domain is www.upmedia.mg. The Cisco Umbrella rank of the primary domain is 226925.
TLS certificate: Issued by Starfield Secure Certificate Authorit... on May 11th 2021. Valid for: a year.

This is the only time www.upmedia.mg was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 42	192.124.249.65 192.124.249.65	30148 (SUCURI-SEC) (SUCURI-SEC)
1	69.16.175.10 69.16.175.10	20446 (HIGHWINDS3) (HIGHWINDS3)
6	2a00:1450:400... 2a00:1450:4001:812::2002	15169 (GOOGLE) (GOOGLE)
11	2a00:1450:400... 2a00:1450:4001:801::2002	15169 (GOOGLE) (GOOGLE)
5 35	142.250.186.34 142.250.186.34	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:808::200e	15169 (GOOGLE) (GOOGLE)
1	18.66.97.14 18.66.97.14	16509 (AMAZON-02) (AMAZON-02)
1 3	108.157.4.80 108.157.4.80	16509 (AMAZON-02) (AMAZON-02)
3	2a00:1450:400... 2a00:1450:4001:831::2008	15169 (GOOGLE) (GOOGLE)
4	2606:4700:10:... 2606:4700:10::6816:4a44	13335 (CLOUDFLAR...) (CLOUDFLARENET)
13	2a03:2880:f01... 2a03:2880:f01c:8012:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
1	2600:9000:223... 2600:9000:223f:400:3:7e1c:5b40:93a1	16509 (AMAZON-02) (AMAZON-02)
2	2606:4700::68... 2606:4700::6810:135e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2606:2800:234... 2606:2800:234:59:254c:406:2366:268c	15133 (EDGECAST) (EDGECAST)
1	2001:4de0:ac1... 2001:4de0:ac18::1:a:2a	20446 (HIGHWINDS3) (HIGHWINDS3)
1	69.16.175.42 69.16.175.42	20446 (HIGHWINDS3) (HIGHWINDS3)
8	2a00:1450:400... 2a00:1450:4001:827::2002	15169 (GOOGLE) (GOOGLE)
1	13.32.99.94 13.32.99.94	16509 (AMAZON-02) (AMAZON-02)
1	54.213.59.33 54.213.59.33	16509 (AMAZON-02) (AMAZON-02)
1	35.186.245.165 35.186.245.165	15169 (GOOGLE) (GOOGLE)
2	34.96.95.4 34.96.95.4	15169 (GOOGLE) (GOOGLE)
1	34.107.213.174 34.107.213.174	15169 (GOOGLE) (GOOGLE)
1	35.190.46.27 35.190.46.27	15169 (GOOGLE) (GOOGLE)
4	2606:4700:10:... 2606:4700:10::6816:3bf9	13335 (CLOUDFLAR...) (CLOUDFLARENET)
7	2606:4700:10:... 2606:4700:10::6816:2a5e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
39	2a00:1450:400... 2a00:1450:4001:810::2003	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:811::200e	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:400c:c03::9d	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:809::2002	15169 (GOOGLE) (GOOGLE)
5	2a00:1450:400... 2a00:1450:4001:82b::2002	15169 (GOOGLE) (GOOGLE)
6	2a00:1450:400... 2a00:1450:4001:808::2001	15169 (GOOGLE) (GOOGLE)
1	2606:4700:303... 2606:4700:3034::ac43:baa1	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	52.222.214.49 52.222.214.49	16509 (AMAZON-02) (AMAZON-02)
3 8	2a03:2880:f11... 2a03:2880:f11c:8183:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
1	108.128.127.158 108.128.127.158	16509 (AMAZON-02) (AMAZON-02)
1	104.244.42.136 104.244.42.136	13414 (TWITTER) (TWITTER)
1	2600:9000:225... 2600:9000:2251:1c00:d:3c0f:bcc0:93a1	16509 (AMAZON-02) (AMAZON-02)
1	34.107.231.31 34.107.231.31	15169 (GOOGLE) (GOOGLE)
1	130.211.115.4 130.211.115.4	15169 (GOOGLE) (GOOGLE)
12	37.157.4.39 37.157.4.39	198622 (ADFORM) (ADFORM)
20	2a00:1450:400... 2a00:1450:4001:812::2001	15169 (GOOGLE) (GOOGLE)
1 8	2a00:1450:400... 2a00:1450:4001:82b::2004	15169 (GOOGLE) (GOOGLE)
9	37.157.5.72 37.157.5.72	198622 (ADFORM) (ADFORM)
2	54.76.155.32 54.76.155.32	16509 (AMAZON-02) (AMAZON-02)
1	34.98.64.218 34.98.64.218	15169 (GOOGLE) (GOOGLE)
2	2606:4700:10:... 2606:4700:10::6816:8ee	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a00:1450:400... 2a00:1450:4001:809::200a	15169 (GOOGLE) (GOOGLE)
8	54.174.237.181 54.174.237.181	14618 (AMAZON-AES) (AMAZON-AES)
1	2600:9000:225... 2600:9000:2251:6600:c:41fa:6240:93a1	16509 (AMAZON-02) (AMAZON-02)
2 3	13.76.34.51 13.76.34.51	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
6	211.21.190.218 211.21.190.218	3462 (HINET Dat...) (HINET Data Communication Business Group)
1 1	2.19.35.65 2.19.35.65	16625 (AKAMAI-AS) (AKAMAI-AS)
2	104.117.200.100 104.117.200.100	16625 (AKAMAI-AS) (AKAMAI-AS)
3 3	3.66.195.154 3.66.195.154	16509 (AMAZON-02) (AMAZON-02)
2 3	3.126.56.137 3.126.56.137	16509 (AMAZON-02) (AMAZON-02)
3	2a00:1450:400... 2a00:1450:4001:828::2006	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:827::2003	15169 (GOOGLE) (GOOGLE)
2	2600:1901:0:7... 2600:1901:0:76b9::	15169 (GOOGLE) (GOOGLE)
24	2606:4700:20:... 2606:4700:20::ac43:4a81	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	69.173.144.138 69.173.144.138	26667 (RUBICONPR...) (RUBICONPROJECT)
1	8.43.72.98 8.43.72.98	26667 (RUBICONPR...) (RUBICONPROJECT)
1	2620:116:800d... 2620:116:800d:21:5a23:9c4e:e774:96c1	16509 (AMAZON-02) (AMAZON-02)
2 4	2606:4700::68... 2606:4700::6812:c05	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 1	85.114.159.118 85.114.159.118	24961 (MYLOC-AS ...) (MYLOC-AS IP Backbone of myLoc managed IT AG)
1 1	35.190.0.66 35.190.0.66	15169 (GOOGLE) (GOOGLE)
1 1	2600:9000:223... 2600:9000:223f:be00:1b:5138:8a40:93a1	16509 (AMAZON-02) (AMAZON-02)
1 2	2001:678:cb4:... 2001:678:cb4:bbbb::11	56396 (AMOBEE) (AMOBEE)
3 3	35.211.178.172 35.211.178.172	15169 (GOOGLE) (GOOGLE)
2 2	35.211.141.197 35.211.141.197	15169 (GOOGLE) (GOOGLE)
2 2	198.47.127.19 198.47.127.19	3257 (GTT-BACKB...) (GTT-BACKBONE GTT)
2	2606:4700:20:... 2606:4700:20::ac43:444e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	52.119.184.70 52.119.184.70	16509 (AMAZON-02) (AMAZON-02)
4	2606:4700:20:... 2606:4700:20::681a:ad1	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 1	35.156.156.223 35.156.156.223	16509 (AMAZON-02) (AMAZON-02)
1	3.122.65.14 3.122.65.14	16509 (AMAZON-02) (AMAZON-02)
2 2	145.239.193.130 145.239.193.130	16276 (OVH) (OVH)
2	88.198.250.30 88.198.250.30	24940 (HETZNER-AS) (HETZNER-AS)
2	104.111.239.217 104.111.239.217	16625 (AKAMAI-AS) (AKAMAI-AS)
4	46.236.13.147 46.236.13.147	12703 (PULSANT-AS) (PULSANT-AS)
1	52.76.199.242 52.76.199.242	16509 (AMAZON-02) (AMAZON-02)
2	18.66.97.9 18.66.97.9	16509 (AMAZON-02) (AMAZON-02)
4	54.72.0.164 54.72.0.164	16509 (AMAZON-02) (AMAZON-02)
5	2a00:1450:400... 2a00:1450:4001:82b::2001	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:827::2001	15169 (GOOGLE) (GOOGLE)
360	75

42 192.124.249.65 (Menifee, United States) 1 redirects

ASN30148 (SUCURI-SEC, US)
PTR: cloudproxy10065.sucuri.net

www.upmedia.mg	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 69.16.175.10 (United States)

ASN20446 (HIGHWINDS3, US)
PTR: tlb.hwcdn.net

rtbcdn.andbeyond.media	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:812::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 2a00:1450:4001:801::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

35 142.250.186.34 (United States) 5 redirects

ASN15169 (GOOGLE, US)
PTR: fra24s04-in-f2.1e100.net

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:808::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.66.97.14 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-97-14.fra56.r.cloudfront.net

certify-js.alexametrics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 108.157.4.80 (United States) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: server-108-157-4-80.dus51.r.cloudfront.net

sb.scorecardresearch.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:831::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2606:4700:10::6816:4a44 (United States)

ASN13335 (CLOUDFLARENET, US)

api.pvmax.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 2a03:2880:f01c:8012:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
static.xx.fbcdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:223f:400:3:7e1c:5b40:93a1 (United States)

ASN16509 (AMAZON-02, US)

go.trvdp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6810:135e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:2800:234:59:254c:406:2366:268c (United States)

ASN15133 (EDGECAST, US)

platform.twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4de0:ac18::1:a:2a (Netherlands)

ASN20446 (HIGHWINDS3, US)

code.jquery.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 69.16.175.42 (United States)

ASN20446 (HIGHWINDS3, US)
PTR: tlb.hwcdn.net

rtbpass-us.andbeyond.media	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a00:1450:4001:827::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.32.99.94 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-99-94.fra60.r.cloudfront.net

certify.alexametrics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.213.59.33 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-213-59-33.us-west-2.compute.amazonaws.com

redirect.prod.experiment.routing.cloudfront.aws.a2z.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.186.245.165 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 165.245.186.35.bc.googleusercontent.com

pvmax.tenmax.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.96.95.4 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 4.95.96.34.bc.googleusercontent.com

auto-load-balancer.likr.com.tw	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.107.213.174 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 174.213.107.34.bc.googleusercontent.com

elephant.likr.com.tw	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.190.46.27 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 27.46.190.35.bc.googleusercontent.com

load-balancer.likr.com.tw	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2606:4700:10::6816:3bf9 (United States)

ASN13335 (CLOUDFLARENET, US)

rhea-cache.advividnetwork.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
sun.advividnetwork.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2606:4700:10::6816:2a5e (United States)

ASN13335 (CLOUDFLARENET, US)

avivid.likr.tw	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
avividone.likr.tw	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

39 2a00:1450:4001:810::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:811::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.youtube.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c03::9d (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:809::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:82b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:808::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

889d10e83f292ac4ee6083347361810f.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3034::ac43:baa1 (United States)

ASN13335 (CLOUDFLARENET, US)

code.jguery.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.222.214.49 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-222-214-49.fra56.r.cloudfront.net

stg.truvidplayer.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a03:2880:f11c:8183:face:b00c:0:25de (Frankfurt am Main, Germany) 3 redirects

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 108.128.127.158 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-108-128-127-158.eu-west-1.compute.amazonaws.com

global.cloud.netacuity.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.244.42.136 (United States)

ASN13414 (TWITTER, US)

syndication.twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2251:1c00:d:3c0f:bcc0:93a1 (United States)

ASN16509 (AMAZON-02, US)

s.trvdp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.107.231.31 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 31.231.107.34.bc.googleusercontent.com

p.adlooxtracking.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 130.211.115.4 (Council Bluffs, United States)

ASN15169 (GOOGLE, US)
PTR: 4.115.211.130.bc.googleusercontent.com

data.ad-score.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 37.157.4.39 (Denmark)

ASN198622 (ADFORM, DK)

track.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

20 2a00:1450:4001:812::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a00:1450:4001:82b::2004 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 37.157.5.72 (Denmark)

ASN198622 (ADFORM, DK)

s1.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 54.76.155.32 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-76-155-32.eu-west-1.compute.amazonaws.com

beacon.krxd.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.98.64.218 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 218.64.98.34.bc.googleusercontent.com

jp-u.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:10::6816:8ee (United States)

ASN13335 (CLOUDFLARENET, US)

tenmax-static.cacafly.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:809::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

imasdk.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 54.174.237.181 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-174-237-181.compute-1.amazonaws.com

p.trvdp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2251:6600:c:41fa:6240:93a1 (United States)

ASN16509 (AMAZON-02, US)

vid597.trvdp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 13.76.34.51 (Singapore, Singapore) 2 redirects

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

dmp.tenmax.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 211.21.190.218 (Hsinchu, Taiwan)

ASN3462 (HINET Data Communication Business Group, TW)
PTR: 211-21-190-218.hinet-ip.hinet.net

ssp.tenmax.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2.19.35.65 (Frankfurt am Main, Germany) 1 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a2-19-35-65.deploy.static.akamaitechnologies.com

secure-assets.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.117.200.100 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-117-200-100.deploy.static.akamaitechnologies.com

eus.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 3.66.195.154 (Frankfurt am Main, Germany) 3 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-3-66-195-154.eu-central-1.compute.amazonaws.com

pixel.advertising.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 3.126.56.137 (Frankfurt am Main, Germany) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-3-126-56-137.eu-central-1.compute.amazonaws.com

ups.analytics.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:828::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

s0.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:827::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:1901:0:76b9:: (Kansas City, United States)

ASN15169 (GOOGLE, US)

prod-rtb.ad4mat.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

24 2606:4700:20::ac43:4a81 (United States)

ASN13335 (CLOUDFLARENET, US)

as.ad4m.at	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ad4m.at	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
assets.ad4m.at	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 69.173.144.138 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)

token.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 8.43.72.98 (United States)

ASN26667 (RUBICONPROJECT, US)

pixel-us-east.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:116:800d:21:5a23:9c4e:e774:96c1 (United States)

ASN16509 (AMAZON-02, US)

cms.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2606:4700::6812:c05 (United States) 2 redirects

ASN13335 (CLOUDFLARENET, US)

a.tribalfusion.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
s.tribalfusion.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 85.114.159.118 (Germany) 1 redirects

ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE)
PTR: dsp.adfarm1.adition.com

dsp.adfarm1.adition.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.190.0.66 (Kansas City, United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: 66.0.190.35.bc.googleusercontent.com

ads.travelaudience.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:223f:be00:1b:5138:8a40:93a1 (United States) 1 redirects

ASN16509 (AMAZON-02, US)

s.ad.smaato.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2001:678:cb4:bbbb::11 (United Kingdom) 1 redirects

ASN56396 (AMOBEE, GB)

ad.turn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
r.turn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 35.211.178.172 (North Charleston, United States) 3 redirects

ASN15169 (GOOGLE, US)
PTR: 172.178.211.35.bc.googleusercontent.com

x.bidswitch.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.211.141.197 (North Charleston, United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: 197.141.211.35.bc.googleusercontent.com

m.fg8dgt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 198.47.127.19 (United States) 2 redirects

ASN3257 (GTT-BACKBONE GTT, US)

image6.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:20::ac43:444e (United States)

ASN13335 (CLOUDFLARENET, US)

static-de.ad4mat.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.119.184.70 (Singapore, Singapore)

ASN16509 (AMAZON-02, US)

firehose.ap-southeast-1.amazonaws.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2606:4700:20::681a:ad1 (United States)

ASN13335 (CLOUDFLARENET, US)

ad4m.at	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.156.156.223 (Frankfurt am Main, Germany) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-35-156-156-223.eu-central-1.compute.amazonaws.com

ads.adaptv.advertising.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.122.65.14 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-122-65-14.eu-central-1.compute.amazonaws.com

ads-eu.v.ssp.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 145.239.193.130 (France) 2 redirects

ASN16276 (OVH, FR)

pv.medialead.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 88.198.250.30 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.88-198-250-30.clients.your-server.de

pb.media01.eu	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.111.239.217 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-111-239-217.deploy.static.akamaitechnologies.com

www.awin1.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 46.236.13.147 (United Kingdom)

ASN12703 (PULSANT-AS, GB)
PTR: 46-236-13-147.servers.dedipower.net

track.webgains.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.76.199.242 (Singapore, Singapore)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-76-199-242.ap-southeast-1.compute.amazonaws.com

prebid.andbeyond.media	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.66.97.9 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-97-9.fra56.r.cloudfront.net

analytics.webgains.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 54.72.0.164 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-72-0-164.eu-west-1.compute.amazonaws.com

api.webgains.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:82b::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

cdn.ampproject.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:827::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

lh3.googleusercontent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
42	upmedia.mg 1 redirects www.upmedia.mg — Cisco Umbrella Rank: 226925	3 MB
40	gstatic.com fonts.gstatic.com www.gstatic.com	2 MB
39	doubleclick.net 5 redirects securepubads.g.doubleclick.net — Cisco Umbrella Rank: 184 googleads.g.doubleclick.net — Cisco Umbrella Rank: 46 stats.g.doubleclick.net — Cisco Umbrella Rank: 96 cm.g.doubleclick.net — Cisco Umbrella Rank: 197 pubads.g.doubleclick.net — Cisco Umbrella Rank: 462	283 KB
37	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 100 889d10e83f292ac4ee6083347361810f.safeframe.googlesyndication.com tpc.googlesyndication.com — Cisco Umbrella Rank: 124	299 KB
28	ad4m.at as.ad4m.at — Cisco Umbrella Rank: 2190 ad4m.at — Cisco Umbrella Rank: 1809 assets.ad4m.at — Cisco Umbrella Rank: 34120	1 MB
21	adform.net track.adform.net — Cisco Umbrella Rank: 3933 s1.adform.net — Cisco Umbrella Rank: 7975	361 KB
13	google.com 1 redirects adservice.google.com — Cisco Umbrella Rank: 80 www.google.com — Cisco Umbrella Rank: 13	2 KB
11	fbcdn.net static.xx.fbcdn.net — Cisco Umbrella Rank: 639	900 KB
11	trvdp.com go.trvdp.com — Cisco Umbrella Rank: 55314 s.trvdp.com — Cisco Umbrella Rank: 55604 p.trvdp.com — Cisco Umbrella Rank: 48944 vid597.trvdp.com — Cisco Umbrella Rank: 349739	215 KB
10	tenmax.io 2 redirects pvmax.tenmax.io — Cisco Umbrella Rank: 278342 dmp.tenmax.io — Cisco Umbrella Rank: 105921 ssp.tenmax.io — Cisco Umbrella Rank: 114593	13 KB
8	facebook.com 3 redirects www.facebook.com — Cisco Umbrella Rank: 98	44 KB
7	likr.tw avivid.likr.tw — Cisco Umbrella Rank: 55207 avividone.likr.tw — Cisco Umbrella Rank: 77874	103 KB
6	webgains.io analytics.webgains.io — Cisco Umbrella Rank: 19799 api.webgains.io — Cisco Umbrella Rank: 60455	102 KB
6	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 165	214 KB
5	ampproject.org cdn.ampproject.org — Cisco Umbrella Rank: 324	111 KB
5	rubiconproject.com 1 redirects secure-assets.rubiconproject.com — Cisco Umbrella Rank: 1095 eus.rubiconproject.com — Cisco Umbrella Rank: 541 token.rubiconproject.com — Cisco Umbrella Rank: 689 pixel-us-east.rubiconproject.com — Cisco Umbrella Rank: 1135	11 KB
5	google.de adservice.google.de — Cisco Umbrella Rank: 8028	1 KB
4	webgains.com track.webgains.com — Cisco Umbrella Rank: 44883	175 KB
4	tribalfusion.com 2 redirects a.tribalfusion.com — Cisco Umbrella Rank: 808 s.tribalfusion.com — Cisco Umbrella Rank: 2305	2 KB
4	ad4mat.net prod-rtb.ad4mat.net — Cisco Umbrella Rank: 113556 static-de.ad4mat.net — Cisco Umbrella Rank: 151438	8 KB
4	yahoo.com 2 redirects ups.analytics.yahoo.com — Cisco Umbrella Rank: 283 ads-eu.v.ssp.yahoo.com — Cisco Umbrella Rank: 39102	1 KB
4	advertising.com 4 redirects pixel.advertising.com — Cisco Umbrella Rank: 327 ads.adaptv.advertising.com — Cisco Umbrella Rank: 1127	2 KB
4	advividnetwork.com rhea-cache.advividnetwork.com — Cisco Umbrella Rank: 75267 sun.advividnetwork.com — Cisco Umbrella Rank: 67245	10 KB
4	likr.com.tw auto-load-balancer.likr.com.tw — Cisco Umbrella Rank: 115382 elephant.likr.com.tw — Cisco Umbrella Rank: 56716 load-balancer.likr.com.tw — Cisco Umbrella Rank: 38329	3 KB
4	pvmax.net api.pvmax.net — Cisco Umbrella Rank: 261986	29 KB
3	bidswitch.net 3 redirects x.bidswitch.net — Cisco Umbrella Rank: 287	2 KB
3	2mdn.net s0.2mdn.net — Cisco Umbrella Rank: 255	17 KB
3	twitter.com platform.twitter.com — Cisco Umbrella Rank: 592 syndication.twitter.com — Cisco Umbrella Rank: 844	133 KB
3	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 78	133 KB
3	scorecardresearch.com 1 redirects sb.scorecardresearch.com — Cisco Umbrella Rank: 138	2 KB
3	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 42	20 KB
3	andbeyond.media rtbcdn.andbeyond.media — Cisco Umbrella Rank: 29376 rtbpass-us.andbeyond.media — Cisco Umbrella Rank: 26573 prebid.andbeyond.media — Cisco Umbrella Rank: 30416	139 KB
2	awin1.com www.awin1.com — Cisco Umbrella Rank: 14385	1 KB
2	media01.eu pb.media01.eu — Cisco Umbrella Rank: 46801	827 B
2	medialead.de 2 redirects pv.medialead.de — Cisco Umbrella Rank: 48812	1 KB
2	amazonaws.com firehose.ap-southeast-1.amazonaws.com — Cisco Umbrella Rank: 43840	752 B
2	pubmatic.com 2 redirects image6.pubmatic.com — Cisco Umbrella Rank: 595	1 KB
2	fg8dgt.com 2 redirects m.fg8dgt.com — Cisco Umbrella Rank: 5275	769 B
2	turn.com 1 redirects ad.turn.com — Cisco Umbrella Rank: 770 r.turn.com — Cisco Umbrella Rank: 3243	869 B
2	googleapis.com imasdk.googleapis.com — Cisco Umbrella Rank: 418	320 KB
2	cacafly.net tenmax-static.cacafly.net — Cisco Umbrella Rank: 103681	74 KB
2	krxd.net beacon.krxd.net — Cisco Umbrella Rank: 408	675 B
2	truvidplayer.com stg.truvidplayer.com — Cisco Umbrella Rank: 47368	9 KB
2	youtube.com www.youtube.com — Cisco Umbrella Rank: 92	49 KB
2	cloudflare.com cdnjs.cloudflare.com — Cisco Umbrella Rank: 227	82 KB
2	facebook.net connect.facebook.net — Cisco Umbrella Rank: 146	83 KB
2	alexametrics.com certify-js.alexametrics.com — Cisco Umbrella Rank: 6427 certify.alexametrics.com — Cisco Umbrella Rank: 3682	3 KB
1	googleusercontent.com lh3.googleusercontent.com — Cisco Umbrella Rank: 71	297 KB
1	smaato.net 1 redirects s.ad.smaato.net — Cisco Umbrella Rank: 707	442 B
1	travelaudience.com 1 redirects ads.travelaudience.com — Cisco Umbrella Rank: 19998	522 B
1	adition.com 1 redirects dsp.adfarm1.adition.com — Cisco Umbrella Rank: 1751	584 B
1	quantserve.com cms.quantserve.com — Cisco Umbrella Rank: 1255	464 B
1	openx.net jp-u.openx.net — Cisco Umbrella Rank: 9444	177 B
1	ad-score.com data.ad-score.com — Cisco Umbrella Rank: 6597	719 B
1	adlooxtracking.com p.adlooxtracking.com — Cisco Umbrella Rank: 17343	4 KB
1	netacuity.com global.cloud.netacuity.com — Cisco Umbrella Rank: 18991	717 B
1	jguery.com code.jguery.com — Cisco Umbrella Rank: 40009	34 KB
1	googleadservices.com partner.googleadservices.com — Cisco Umbrella Rank: 777	415 B
1	a2z.com redirect.prod.experiment.routing.cloudfront.aws.a2z.com	48 B
1	jquery.com code.jquery.com — Cisco Umbrella Rank: 584	30 KB
0	netmng.com Failed google2waycm.netmng.com Failed
360	61

	Domain	Requested by
42	www.upmedia.mg	1 redirects www.upmedia.mg
39	fonts.gstatic.com	www.upmedia.mg
21	securepubads.g.doubleclick.net	2 redirects www.upmedia.mg www.googletagservices.com securepubads.g.doubleclick.net
20	tpc.googlesyndication.com	889d10e83f292ac4ee6083347361810f.safeframe.googlesyndication.com www.upmedia.mg securepubads.g.doubleclick.net tpc.googlesyndication.com
12	assets.ad4m.at	as.ad4m.at
12	track.adform.net	889d10e83f292ac4ee6083347361810f.safeframe.googlesyndication.com s1.adform.net www.upmedia.mg
11	static.xx.fbcdn.net	www.facebook.com static.xx.fbcdn.net
11	cm.g.doubleclick.net	3 redirects 889d10e83f292ac4ee6083347361810f.safeframe.googlesyndication.com www.upmedia.mg
11	pagead2.googlesyndication.com	www.upmedia.mg pagead2.googlesyndication.com srcdoc 889d10e83f292ac4ee6083347361810f.safeframe.googlesyndication.com www.googletagservices.com securepubads.g.doubleclick.net tpc.googlesyndication.com
9	s1.adform.net	track.adform.net s1.adform.net 889d10e83f292ac4ee6083347361810f.safeframe.googlesyndication.com www.upmedia.mg
8	ad4m.at	as.ad4m.at ad4m.at
8	as.ad4m.at	889d10e83f292ac4ee6083347361810f.safeframe.googlesyndication.com www.upmedia.mg as.ad4m.at ad4m.at
8	p.trvdp.com	www.upmedia.mg
8	www.google.com	1 redirects 889d10e83f292ac4ee6083347361810f.safeframe.googlesyndication.com www.upmedia.mg tpc.googlesyndication.com
8	www.facebook.com	3 redirects www.upmedia.mg connect.facebook.net
6	ssp.tenmax.io	tenmax-static.cacafly.net
6	889d10e83f292ac4ee6083347361810f.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
6	avivid.likr.tw	www.upmedia.mg code.jquery.com
6	www.googletagservices.com	www.upmedia.mg 889d10e83f292ac4ee6083347361810f.safeframe.googlesyndication.com
5	cdn.ampproject.org	securepubads.g.doubleclick.net
5	adservice.google.com	securepubads.g.doubleclick.net imasdk.googleapis.com
5	adservice.google.de	securepubads.g.doubleclick.net imasdk.googleapis.com
4	api.webgains.io	analytics.webgains.io
4	track.webgains.com	as.ad4m.at
4	googleads.g.doubleclick.net	pagead2.googlesyndication.com www.upmedia.mg
4	api.pvmax.net	www.upmedia.mg api.pvmax.net
3	x.bidswitch.net	3 redirects
3	s0.2mdn.net	imasdk.googleapis.com 889d10e83f292ac4ee6083347361810f.safeframe.googlesyndication.com
3	ups.analytics.yahoo.com	2 redirects www.upmedia.mg
3	pixel.advertising.com	3 redirects
3	dmp.tenmax.io	2 redirects www.upmedia.mg
3	www.googletagmanager.com	www.upmedia.mg
3	sb.scorecardresearch.com	1 redirects www.upmedia.mg
3	www.google-analytics.com	www.upmedia.mg www.google-analytics.com
2	analytics.webgains.io	track.webgains.com
2	www.awin1.com	as.ad4m.at
2	pb.media01.eu	as.ad4m.at
2	pv.medialead.de	2 redirects
2	firehose.ap-southeast-1.amazonaws.com	avivid.likr.tw
2	pubads.g.doubleclick.net	imasdk.googleapis.com
2	static-de.ad4mat.net	as.ad4m.at
2	image6.pubmatic.com	2 redirects
2	m.fg8dgt.com	2 redirects
2	s.tribalfusion.com	www.upmedia.mg
2	a.tribalfusion.com	2 redirects
2	prod-rtb.ad4mat.net	www.upmedia.mg
2	eus.rubiconproject.com	s.trvdp.com eus.rubiconproject.com
2	imasdk.googleapis.com	s.trvdp.com imasdk.googleapis.com
2	tenmax-static.cacafly.net	api.pvmax.net
2	beacon.krxd.net	889d10e83f292ac4ee6083347361810f.safeframe.googlesyndication.com
2	sun.advividnetwork.com	www.upmedia.mg
2	stg.truvidplayer.com	go.trvdp.com s.trvdp.com
2	www.youtube.com	www.upmedia.mg www.youtube.com
2	rhea-cache.advividnetwork.com	www.upmedia.mg
2	auto-load-balancer.likr.com.tw	www.upmedia.mg
2	platform.twitter.com	www.upmedia.mg platform.twitter.com
2	cdnjs.cloudflare.com	www.upmedia.mg cdnjs.cloudflare.com
2	connect.facebook.net	www.upmedia.mg connect.facebook.net
1	lh3.googleusercontent.com	www.upmedia.mg
1	prebid.andbeyond.media	rtbcdn.andbeyond.media
1	ads-eu.v.ssp.yahoo.com	www.upmedia.mg
1	ads.adaptv.advertising.com	1 redirects
1	r.turn.com	889d10e83f292ac4ee6083347361810f.safeframe.googlesyndication.com
1	ad.turn.com	1 redirects
1	s.ad.smaato.net	1 redirects
1	ads.travelaudience.com	1 redirects
1	dsp.adfarm1.adition.com	1 redirects
1	cms.quantserve.com	889d10e83f292ac4ee6083347361810f.safeframe.googlesyndication.com
1	pixel-us-east.rubiconproject.com	eus.rubiconproject.com
1	token.rubiconproject.com	eus.rubiconproject.com
1	www.gstatic.com	www.upmedia.mg
1	avividone.likr.tw	www.upmedia.mg
1	secure-assets.rubiconproject.com	1 redirects
1	vid597.trvdp.com	www.upmedia.mg
1	jp-u.openx.net	889d10e83f292ac4ee6083347361810f.safeframe.googlesyndication.com
1	data.ad-score.com	s.trvdp.com
1	p.adlooxtracking.com	rtbcdn.andbeyond.media
1	s.trvdp.com	go.trvdp.com
1	syndication.twitter.com	platform.twitter.com
1	global.cloud.netacuity.com	rtbcdn.andbeyond.media
1	code.jguery.com	www.upmedia.mg
1	partner.googleadservices.com	pagead2.googlesyndication.com
1	stats.g.doubleclick.net	www.google-analytics.com
1	load-balancer.likr.com.tw	www.upmedia.mg
1	elephant.likr.com.tw	www.upmedia.mg
1	pvmax.tenmax.io	api.pvmax.net
1	redirect.prod.experiment.routing.cloudfront.aws.a2z.com	www.upmedia.mg
1	certify.alexametrics.com	www.upmedia.mg
1	rtbpass-us.andbeyond.media	rtbcdn.andbeyond.media
1	code.jquery.com	rtbcdn.andbeyond.media
1	go.trvdp.com	www.upmedia.mg
1	certify-js.alexametrics.com	www.upmedia.mg
1	rtbcdn.andbeyond.media	www.upmedia.mg
0	google2waycm.netmng.com Failed	889d10e83f292ac4ee6083347361810f.safeframe.googlesyndication.com
360	94

This site contains links to these domains. Also see Links.

Domain
www.facebook.com
www.youtube.com
line.naver.jp
www.linkedin.com
zh.wikipedia.org
www.truvid.com
pvmax.tenmax.io
www.google.com.tw
t.me

Subject Issuer	Validity	Valid
upmedia.mg Starfield Secure Certificate Authority - G2	`2021-05-11` - `2022-05-11`	a year	crt.sh
*.andbeyond.media Starfield Secure Certificate Authority - G2	`2021-02-22` - `2022-03-26`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2022-01-10` - `2022-04-04`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2022-01-10` - `2022-04-04`	3 months	crt.sh
certify-js.alexametrics.com Amazon	`2021-06-14` - `2022-07-13`	a year	crt.sh
*.scorecardresearch.com Amazon	`2022-01-29` - `2023-02-27`	a year	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2021-07-03` - `2022-07-02`	a year	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2021-11-16` - `2022-02-14`	3 months	crt.sh
*.trvdp.com Amazon	`2021-09-24` - `2022-10-23`	a year	crt.sh
*.twimg.com DigiCert TLS RSA SHA256 2020 CA1	`2021-10-20` - `2022-10-19`	a year	crt.sh
*.jquery.com Sectigo RSA Domain Validation Secure Server CA	`2021-07-14` - `2022-08-14`	a year	crt.sh
certify.alexametrics.com Amazon	`2021-06-14` - `2022-07-13`	a year	crt.sh
*.prod.experiment.routing.cloudfront.aws.a2z.com Amazon	`2021-10-13` - `2022-11-11`	a year	crt.sh
*.tenmax.io Gandi Standard SSL CA 2	`2022-01-10` - `2023-02-10`	a year	crt.sh
*.likr.com.tw TWCA Secure SSL Certification Authority	`2021-06-07` - `2022-06-05`	a year	crt.sh
*.advividnetwork.com TWCA Secure SSL Certification Authority	`2021-05-28` - `2022-06-05`	a year	crt.sh
*.gstatic.com GTS CA 1C3	`2022-01-10` - `2022-04-04`	3 months	crt.sh
*.google.com GTS CA 1C3	`2022-01-10` - `2022-04-04`	3 months	crt.sh
*.google.de GTS CA 1C3	`2022-01-10` - `2022-04-04`	3 months	crt.sh
*.truvidplayer.com Amazon	`2022-02-07` - `2023-03-07`	a year	crt.sh
*.cloud.netacuity.com Amazon	`2021-04-11` - `2022-05-10`	a year	crt.sh
syndication.twitter.com DigiCert TLS RSA SHA256 2020 CA1	`2022-01-06` - `2023-01-05`	a year	crt.sh
p.adlooxtracking.com GTS CA 1D4	`2021-12-18` - `2022-03-18`	3 months	crt.sh
*.ad-score.com Go Daddy Secure Certificate Authority - G2	`2021-09-02` - `2022-10-04`	a year	crt.sh
track.adform.net DigiCert TLS RSA SHA256 2020 CA1	`2021-09-06` - `2022-10-07`	a year	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2022-01-10` - `2022-04-04`	3 months	crt.sh
www.google.com GTS CA 1C3	`2022-01-10` - `2022-04-04`	3 months	crt.sh
beacon.krxd.net DigiCert TLS RSA SHA256 2020 CA1	`2021-11-03` - `2022-11-02`	a year	crt.sh
*.openx.net GeoTrust RSA CA 2018	`2021-07-08` - `2022-08-08`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2022-01-10` - `2022-04-04`	3 months	crt.sh
*.rubiconproject.com DigiCert TLS RSA SHA256 2020 CA1	`2021-04-01` - `2022-04-04`	a year	crt.sh
*.doubleclick.net GTS CA 1C3	`2022-01-10` - `2022-04-04`	3 months	crt.sh
prod-rtb.ad4mat.net GTS CA 1D4	`2021-12-21` - `2022-03-21`	3 months	crt.sh
*.quantserve.com DigiCert TLS RSA SHA256 2020 CA1	`2021-09-22` - `2022-09-21`	a year	crt.sh
firehose.ap-southeast-1.amazonaws.com Amazon	`2021-08-10` - `2022-07-11`	a year	crt.sh
www.awin1.com DigiCert SHA2 Secure Server CA	`2021-06-11` - `2022-06-16`	a year	crt.sh
*.webgains.com Sectigo RSA Domain Validation Secure Server CA	`2021-05-20` - `2022-06-20`	a year	crt.sh
*.webgains.io Amazon	`2021-03-12` - `2022-04-10`	a year	crt.sh
misc-sni.google.com GTS CA 1C3	`2022-01-10` - `2022-04-04`	3 months	crt.sh
*.googleusercontent.com GTS CA 1C3	`2022-01-10` - `2022-04-04`	3 months	crt.sh

This page contains 37 frames:

Primary Page: https://www.upmedia.mg/news_info.php?SerialNo=61811&Type=12
Frame ID: A65A6E85DD3CBFD64901A790EF7EB446
Requests: 183 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20220201/r20190131/zrt_lookup.html
Frame ID: BDA183212A9E3D25CA9775F7D189A550
Requests: 1 HTTP requests in this frame

Frame: https://auto-load-balancer.likr.com.tw/pushEndPoint/uuid_gen/uuid_iframe.php
Frame ID: ADCF3178316B16585BE6CD8CEB879EEA
Requests: 1 HTTP requests in this frame

Frame: https://auto-load-balancer.likr.com.tw/pushEndPoint/uuid_gen/uuid_iframe.php
Frame ID: E85BD07F9A8F69D73F6AE89CDC03988F
Requests: 1 HTTP requests in this frame

Frame: https://889d10e83f292ac4ee6083347361810f.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: AF7FD237B07ABA36D65C71418F0965D7
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1320194567067211&output=html&adk=1812271804&adf=3025194257&lmt=1644219336&plat=3%3A32%2C4%3A32%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fwww.upmedia.mg%2Fnews_info.php%3FSerialNo%3D61811%26Type%3D12&ea=0&flash=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&dt=1644219335653&bpp=3&bdt=280&idt=330&shv=r20220201&mjsv=m202202010101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=5015580947375&frm=20&pv=2&ga_vid=501655294.1644219336&ga_sid=1644219336&ga_hid=660759529&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42531397%2C44750773%2C31063221%2C31064019%2C31062930&oid=2&pvsid=2835779083117571&pem=763&tmod=1252032085&uas=0&nvt=1&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=355
Frame ID: C504AD7BE71A13970E7BBB890E6CB804
Requests: 1 HTTP requests in this frame

Frame: https://platform.twitter.com/widgets/widget_iframe.4e067713e19d4fff483536ddc4df18b9.html?origin=https%3A%2F%2Fwww.upmedia.mg
Frame ID: 68FC21200F5356DE761CEE1CA12203E0
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1320194567067211&output=html&h=90&slotname=8672267488&adk=1876719416&adf=2610707424&pi=t.ma~as.8672267488&w=970&lmt=1644219336&rafmt=12&psa=0&format=970x90&url=https%3A%2F%2Fwww.upmedia.mg%2Fnews_info.php%3FSerialNo%3D61811%26Type%3D12&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&dt=1644219335656&bpp=1&bdt=283&idt=430&shv=r20220201&mjsv=m202202010101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=5015580947375&frm=20&pv=1&ga_vid=501655294.1644219336&ga_sid=1644219336&ga_hid=660759529&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=315&ady=212&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42531397%2C44750773%2C31063221%2C31064019%2C31062930&oid=2&pvsid=2835779083117571&pem=763&tmod=1252032085&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Co%7CeE%7C&abl=NS&pfx=0&fu=256&bc=31&ifi=2&uci=a!2&fsb=1&xpc=gA72WSKE5X&p=https%3A//www.upmedia.mg&dtd=436
Frame ID: B2BF766DE769DF70FB04395B79414144
Requests: 1 HTTP requests in this frame

Frame: https://sun.advividnetwork.com/include_code/uuid_iframe.html?uuid=f1752af4-fe76-45b4-97c6-f667e0664517
Frame ID: 0540579E1E1EE0AE39A39CC18E6A24A6
Requests: 1 HTTP requests in this frame

Frame: https://sun.advividnetwork.com/include_code/uuid_iframe.html?uuid=f1752af4-fe76-45b4-97c6-f667e0664517
Frame ID: DBEA558623E830C3E8292459DB657366
Requests: 1 HTTP requests in this frame

Frame: https://889d10e83f292ac4ee6083347361810f.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: B601D2DA8913D0E3D05B179D4343C314
Requests: 16 HTTP requests in this frame

Frame: https://889d10e83f292ac4ee6083347361810f.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 9B59DE1ED4A2E55B675D37198FB6E184
Requests: 1 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pagead/adview?ai=CdLhMyMsAYvXSG86AjuwP0eKs8ALovpiUXKCls8n9CMCNtwEQASAAYJWakoKgB4IBF2NhLXB1Yi0xMzEwODUyNjA0MzM1MjU0yAEJqQK_bdhkoqOEPuACAKgDAaoEqQJP0BaSVqvtI-cSWAAuuI2Roc6fzMVMPGy1A60MOJkqdUxbI-sCw1azacRWN5IauvPPhWlWz3J9lJ2d9cnrS5UioxXU6uRcSAAWUDYV4LbAh-rGaVYwqli-A-arjtvV5fvIVfmxjFIL5Pr15NqtAB7Ct0QED8Kdzqy78BAedM4gwQTKjzNCh03bdYyLYaNtQ6W6_y049f0ghtFV-NazBpYe-9kIqsHDeZyjPSztJ-UyHAr2y0m7TckcbPkvmOvFutWASNIpMa-LC3MVRMAVauiFWM0sN2omLEK1NB9M6JB7bgPkdQ2zDI_FlIp7-F1O2byD7c7HNbwBCIf39SEQZacehil6yDewh7H6KuPGAh6oXp-r6N_K9Ku49vN91JXVUOgAuoqibaqp5ergBAGABuejyt-_4rO_lAGgBiGoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIjhgBAQAYAKA_oLAggBgAwB0BUBgBcBshccChoSFHB1Yi0xMzEwODUyNjA0MzM1MjU0GK7fbw&sigh=PRspBD7H5tA&uach_m=[UACH]&cid=CAQSPwCNIrLMcHOJRu-DVJhYZIuRw7ySjThuqWtojHHjEIe11gKndapW89wUvJmvCNme5xL53PrbHYYOyaxB1E7xZRgB
Frame ID: 0A590151B26CBBE0434FC22248BDE8A4
Requests: 14 HTTP requests in this frame

Frame: https://jp-u.openx.net/w/1.0/pd?plm=10&ph=41369f8c-6fd8-4c86-b8bb-fad81774416e
Frame ID: DB05A195A7A96B18CA22A66BB9E1E11D
Requests: 1 HTTP requests in this frame

Frame: https://api.pvmax.net/popup/popup-en.html?cacheBuster=1644219336792
Frame ID: 07E7130C8F515DA4CC6539A2B167D942
Requests: 2 HTTP requests in this frame

Frame: https://889d10e83f292ac4ee6083347361810f.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 6085EA6BC5822186AFDD79993FE35870
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=truvid&endpoint=us-east
Frame ID: 423F800C6189C007E7972FBB652984C4
Requests: 4 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.496.0_en.html
Frame ID: 39F8050187D022DA74EA04366D8A1535
Requests: 3 HTTP requests in this frame

Frame: https://889d10e83f292ac4ee6083347361810f.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 25EF0EB2089E8112226E150D3105CCDB
Requests: 10 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pagead/adview?ai=CA_QFyMsAYpTEKLeHjuwPx4Kw0AzP2bWTXMz677m0CcCNtwEQASAAYJWakoKgB4IBF2NhLXB1Yi0xMzEwODUyNjA0MzM1MjU0yAEJqQK_bdhkoqOEPuACAKgDAaoEqAJP0BWINw9qni3xXoA6lQFXXwcrXEnYiKEeBJMg9SWJOhYSEQGXUaLxqcfXJuvmTec4NBgbQcjDZI7D8SwqWhWPGGL0VXQV_Xv0QuqD25l5GpkaGM7DJ836jpJHnhYFGG8wh79x0YCP2TB8oqRmlx0zZaw6XQfOZ_W9TIlj0zMJF9ew6-BoRFReJoqKsQrziTQgJMdj3l0-lSXU0gJ51gRVImMsDkl7E-qwQbl0EKH5ffhmAcgQJ1RX_LNgaE-gDD0cjQursxBfW3Foc9sm2BDf-8GVgvAAcnNtGC7iFsZdu0cbZIDyQ8MjcrJDNSCavyHyt5_piypgryFpHnyN6RwZaMSBAk06tthZ9G0YWH2I_1jg3q9IFXHhTY8tSZgnMm2ujne9I8OPuOAEAYAGldXKneS_l6vmAaAGIagHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIiOGAEBABgAoD-gsCCAGADAHQFQGAFwGyFxwKGhIUcHViLTEzMTA4NTI2MDQzMzUyNTQYrt9v&sigh=M_2vASgw0zM&uach_m=[UACH]&cid=CAQSPgCNIrLMe88ci-i0GZmgGWsDqdfgaI3fmb75BWJtCicrc4QWTbywiY7S1S4dBmYY4I4CmuKgo8ss4QEFHi9xGAE
Frame ID: 78305EE790CB0BB7CB5CD540693DEA8C
Requests: 15 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Frame ID: 5482B6939CD2543A77C856AE6B628A78
Requests: 1 HTTP requests in this frame

Frame: https://889d10e83f292ac4ee6083347361810f.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 123652E68741858B4834DDA96803224C
Requests: 1 HTTP requests in this frame

Frame: https://as.ad4m.at/ad/dr?ed=1jt0n16w93wybd7k2kezeeky5bzfhnxxy2mfwgk9xtg7s7gkx1k7t97shsf05fffzmtj4j70tz1vt1k3570tajdmegrcxhnck2fayrkvv3qc2py6q0tygf2eym5apt7bqgzwbfcr27qc32jxx2c2z0fy7phk8epkbk1ssbrw8m0h9pp80njn7p6j3cfj8d3as5a9pah7b062d44c3g8w8f3ja01bzea3qve5fvzcz4t8ahszh0k3ndcwehmrzcwndmjtvcy0h8zgmf0680ayjwmyp6ax1dnzeb4dbe3rhmq73awtx7k2ys9z2rqzegzyd5193gv2qqanzq96d06bz7d9578dp0pek0mmg74es2g6xdcc9r162dgrdy8erj08f8je6ebcv866q9qc7yrhtqah8yqk7chxa1q7f6epz3r85smczajw94setdq56zx0g3e0&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DClVamyMsAYq6YN6To3gOYjpjwBJDhgYRctqjCivACwI23ARABIABglZqSgqAHggEXY2EtcHViLTEzMTA4NTI2MDQzMzUyNTSgAcKu6N0DyAEJqQKF7wPBzjWzPuACAKgDAaoEpQJP0JCEpPGIJ7jB00bJrP6oSrBGAdp5WC1pQw-ci5OsDQrI2VHE9rv69KgBmqiV8XedDQH5qpMVpCGbCO9O4G1gLaUbr9z4-1mOTVO4gPh2qAdt-4ebpO8SjTsjud8845x3Ujayog7zxL05AMlnpjPkG8CFZZ9uJu7mddnqRHUMXfu0386lk8kLSVCePDG3OEb50tjSWMtnvRHiWAKsNa23AqQtNATJj0XBqoD3ra6vnEg04uIXi-G_x8Qbih1Lgb-0vRN9izVLpllW1CdHpoJ_9KPwjaOmajwJzve2MySS_8OUaNbwaXeSA1GiByoqE26gp-nRI9ZxiIaDIC408zPrODSVlrBgVxbtP5UX05xETsnURccWKWUm3QJs3iQCV3RLIOExBuAEAYAG8LGN5faIvuxvoAYhqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_0k1Lt8jKl_w6dRhR5XQDSMjPNZZA%26client%3Dca-pub-1310852604335254%26adurl%3D
Frame ID: BD9B88745924AE09264390416807C49F
Requests: 5 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 90D3E63131743B942292F5235F244109
Requests: 9 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pagead/adview?ai=CEmaQycsAYrvHBNbq3wPNrKBYkOGBhFy2qMKK8ALAjbcBEAEgAGCVmpKCoAeCARdjYS1wdWItMTMxMDg1MjYwNDMzNTI1NKABwq7o3QPIAQmpAoXvA8HONbM-4AIAqAMBqgSiAk_Qk-4K5xG8OaehGRAiv-1-TuMpvBFJvwsRKS4HJzWR27O9GFaU7Ol7N9XpFjIxDq9nIrhz2tWfok_SLmXixyyjMO_xNYd9RAm6BRjgdFjAu4dV1RKalCM2LajtUzUCQS-EHQBRLH6vfLxKSk851K6el9gHY_NLYj8iltR9odj7_P6VteGEFVvJZPvTYXTts2viKUmwoSdRPwPRX5HUplpkeuH-rblxPFwVsTo0tgtzv1FyXj7RP9EOnEBY_d04cwYR8IRG7AkVEX8qfusSiRpmL_aKor3xB3xVozOFQvcMsK5tebrBvpMF_j3R_qRfh8sE13puPFF3p4Nc1FBLolran_iwyvy16M7tLaVBYEsxH22qm2F-Z4OziJQ_nV7jzBli4AQBgAb-tNCS3Jaevb0BoAYhqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAGACgP6CwIIAYAMAdAVAYAXAbIXHAoaEhRwdWItMTMxMDg1MjYwNDMzNTI1NBiu328&sigh=Q2w510gEh10&uach_m=[UACH]&cid=CAQSPACNIrLMUSBOxjnEA2NONzS4C_auuWhvTKYmC6bWMgs8qdEMdgWmihR0VO2Qp1bKlkIul-yPM7YcnL9JYBgB
Frame ID: A87217AA49D1272AAC56EDA5A0EF2667
Requests: 9 HTTP requests in this frame

Frame: https://as.ad4m.at/ad/dr?ed=1jtv2ys8vmn3hkhm55348wddq7769pzhqxxcaea0vdpzjdcdsptm9ef73e9r5vvzw68rjhp592n44e56fepkmwwvkp5a2yrdvfhew9z3cbdj50w7zk8sqhgtbp4pawkjhfh2sxt0nh91f71v12esetvjcgvvnv09wrxpjq13b7ad2nz7yvqtc0ch8480t285wh58xpvfyqy8v2fnss2hcjc5ds7t6fz3dxeqh7etzwy1zawwdb5yv5xhyxt126x4rw41270pavtqy4t8es9jajjwb7shty4xqymjys9m4c3tz9nz5mzmsrgdk7zz3y3p0s14ktjqsrdz3f49yxperkd94a9ktf05s3eahy4vqtpka4ncqm8mgmevst763zj2xmkgd8af5mbq061j09bptc5wtmq4zpq834as32vwj7mg4x8dee6r5p0tr57z9pkdj040&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC0IZ2ycsAYrvHBNbq3wPNrKBYkOGBhFy2qMKK8ALAjbcBEAEgAGCVmpKCoAeCARdjYS1wdWItMTMxMDg1MjYwNDMzNTI1NKABwq7o3QPIAQmpAoXvA8HONbM-4AIAqAMBqgSlAk_Qk-4K5xG8OaehGRAiv-1-TuMpvBFJvwsRKS4HJzWR27O9GFaU7Ol7N9XpFjIxDq9nIrhz2tWfok_SLmXixyyjMO_xNYd9RAm6BRjgdFjAu4dV1RKalCM2LajtUzUCQS-EHQBRLH6vfLxKSk851K6el9gHY_NLYj8iltR9odj7_P6VteGEFVvJZPvTYXTts2viKUmwoSdRPwPRX5HUplpkeuH-rblxPFwVsTo0tgtzv1FyXj7RP9EOnEBY_d04cwYR8IRG7AkVEX8qfusSiRpmL_aKor3xB3xVozOFQvcMsK5tebrBvpMF_j3R_qRfh8sE13puPFF3p4Nc1BJJg8gNZn_wAnv9fhSkv1d4dEGcFUOyRuG8LhFLHIoThYs_U1mq2DVs4AQBgAb-tNCS3Jaevb0BoAYhqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_0abY8oaaCAEsGi3oTn1r3DrRSs8Q%26client%3Dca-pub-1310852604335254%26adurl%3D
Frame ID: 9BC970F5A546DF2CF7BB340F2CA865DD
Requests: 5 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 834DCC98A15F7808875A09521BFC4889
Requests: 9 HTTP requests in this frame

Frame: https://ad4m.at/frame.html
Frame ID: 8AD18E337E5FEF4D6A0F2B73FF20F133
Requests: 1 HTTP requests in this frame

Frame: https://ad4m.at/frame.html
Frame ID: 5C36A2CAA34AA4B19EBBAA52262D348D
Requests: 1 HTTP requests in this frame

Frame: https://as.ad4m.at/ad/rar?a=15579%2C14044%2C24673&b=RA2hgfQfD4pTkHwH3tQtJgDS9SzTqxTG9x%2CeYET3fVfxBVcjHZHet1teW3swSQT81s7Ew%2CrW4FQf9fd3jTAH7HjtqtBwxuYS8TxmhX4R&f=QM4U4fjf4gRHxH5HYt9CXkWc6S4TqjTj9Y%2CDXEH3fwfbqPS3HmH9twCwAmFxSmT8jsRQE%2CP6rTBfbfRbzh9HjHbtgCPzEHJS9TMYH73A&c=300&d=250&e=EqHinm5zKdG3ma7A1yVwsHQZe4d2jbmo&g=f1ceafe73b833a7269e711ebe4e3737d%2F2800782983793426027&i=26474%2C25007%2C20430&j=41%2C16%2C21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach09_PRIVATKREDIT&r=1644219338070&h=%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1k34srhn3mbd731mtcd1q1f5bdpj1zqes35zbj1h9n7krq8gnphymfr8gw4brvt497epyc58ht7c74bebrp38dqvjqahrwxhg3zvna8en30gp98f0cxc85fvaqyk1saa2p50em8wy88td5sjnzj9fg4khj0adc4zw26da7vzetg4615wb0gx1kccyzcj89d48jccpbmfz3jwcp3vmv9f52z94zefjq8pgvs052mhj6q5bv0dvvp02wd14ag96018vdvgwex4bm164s4pqs6egt6n%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DClVamyMsAYq6YN6To3gOYjpjwBJDhgYRctqjCivACwI23ARABIABglZqSgqAHggEXY2EtcHViLTEzMTA4NTI2MDQzMzUyNTSgAcKu6N0DyAEJqQKF7wPBzjWzPuACAKgDAaoEpQJP0JCEpPGIJ7jB00bJrP6oSrBGAdp5WC1pQw-ci5OsDQrI2VHE9rv69KgBmqiV8XedDQH5qpMVpCGbCO9O4G1gLaUbr9z4-1mOTVO4gPh2qAdt-4ebpO8SjTsjud8845x3Ujayog7zxL05AMlnpjPkG8CFZZ9uJu7mddnqRHUMXfu0386lk8kLSVCePDG3OEb50tjSWMtnvRHiWAKsNa23AqQtNATJj0XBqoD3ra6vnEg04uIXi-G_x8Qbih1Lgb-0vRN9izVLpllW1CdHpoJ_9KPwjaOmajwJzve2MySS_8OUaNbwaXeSA1GiByoqE26gp-nRI9ZxiIaDIC408zPrODSVlrBgVxbtP5UX05xETsnURccWKWUm3QJs3iQCV3RLIOExBuAEAYAG8LGN5faIvuxvoAYhqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%252526num%25253D1%252526sig%25253DAOD64_0k1Lt8jKl_w6dRhR5XQDSMjPNZZA%252526client%25253Dca-pub-1310852604335254%252526adurl%25253D&y=1&z=0
Frame ID: 6D067425AF29E9DF3C64985C16D77778
Requests: 14 HTTP requests in this frame

Frame: https://as.ad4m.at/ad/rar?a=15579%2C14044%2C24673&b=RA2hgfQfD4pTkHwH3tQtJgDS9SzTqxTG9x%2CeYET3fVfxBVcjHZHet1teW3swSQT81s7Ew%2CrW4FQf9fd3jTAH7HjtqtBwxuYS8TxmhX4R&f=QM4U4fjf4gRHxH5HYt9CXkWc6S4TqjTj9Y%2CDXEH3fwfbqPS3HmH9twCwAmFxSmT8jsRQE%2CP6rTBfbfRbzh9HjHbtgCPzEHJS9TMYH73A&c=120&d=600&e=F9SIIBsUtV1cES_dGQedjRwL_dWotX5h&g=6e7ba19df44172886016f50f592e1c41%2F10111569030503391235&i=26474%2C25007%2C20430&j=41%2C16%2C21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach09_PRIVATKREDIT&r=1644219338070&h=%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1j3vtzmssdbcrnga9td2ek7nnthf24mqx57p010ftag2st1ea8gn4xeggzg33qqwqtyae0gcg3rk57qg4awgjsfnqb3fq0syc44b8d4h110fwd0dccbzrqwn0w5m9ge04k95z4vd3w3m5mn1x3zzy8sn670nnt3kk337nbvt0c9jhah5z03cwpg47z3dae64mztw4t9g6ctjhtyx25ggcgn6a8p6n6y933evypsj34x0sz6ewxs7248t2dvqb42h47nv4hek7msht3vpx2rv3jmk%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DC0IZ2ycsAYrvHBNbq3wPNrKBYkOGBhFy2qMKK8ALAjbcBEAEgAGCVmpKCoAeCARdjYS1wdWItMTMxMDg1MjYwNDMzNTI1NKABwq7o3QPIAQmpAoXvA8HONbM-4AIAqAMBqgSlAk_Qk-4K5xG8OaehGRAiv-1-TuMpvBFJvwsRKS4HJzWR27O9GFaU7Ol7N9XpFjIxDq9nIrhz2tWfok_SLmXixyyjMO_xNYd9RAm6BRjgdFjAu4dV1RKalCM2LajtUzUCQS-EHQBRLH6vfLxKSk851K6el9gHY_NLYj8iltR9odj7_P6VteGEFVvJZPvTYXTts2viKUmwoSdRPwPRX5HUplpkeuH-rblxPFwVsTo0tgtzv1FyXj7RP9EOnEBY_d04cwYR8IRG7AkVEX8qfusSiRpmL_aKor3xB3xVozOFQvcMsK5tebrBvpMF_j3R_qRfh8sE13puPFF3p4Nc1BJJg8gNZn_wAnv9fhSkv1d4dEGcFUOyRuG8LhFLHIoThYs_U1mq2DVs4AQBgAb-tNCS3Jaevb0BoAYhqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%252526num%25253D1%252526sig%25253DAOD64_0abY8oaaCAEsGi3oTn1r3DrRSs8Q%252526client%25253Dca-pub-1310852604335254%252526adurl%25253D&y=1&z=0
Frame ID: 97A1CC5E921AC57D05EC8F8C19DC250C
Requests: 14 HTTP requests in this frame

Frame: https://www.facebook.com/v2.12/plugins/like.php?action=like&app_id=125239581431127&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df36c5401acc27e%26domain%3Dwww.upmedia.mg%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fwww.upmedia.mg%252Ff7ad06fe50cb34%26relation%3Dparent.parent&container_width=70&href=https%3A%2F%2Fwww.facebook.com%2FUPMEDIA.MG%2F%3Ffref%3Dts&layout=button&locale=zh_TW&sdk=joey&share=false&show_faces=true&size=small
Frame ID: 019F342A5317EF0C8E71DE44A8FDEFF2
Requests: 4 HTTP requests in this frame

Frame: https://www.facebook.com/plugins/feedback.php?app_id=125239581431127&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df2afc708ae4750c%26domain%3Dwww.upmedia.mg%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fwww.upmedia.mg%252Ff7ad06fe50cb34%26relation%3Dparent.parent&container_width=978&height=100&href=https%3A%2F%2Fwww.upmedia.mg%2Fnews_info.php%3FSerialNo%3D61811%26Type%3D12&locale=zh_TW&numposts=5&sdk=joey&version=v2.12&width
Frame ID: CA4EACAD60877BCCD5D243AD0E0E6E18
Requests: 10 HTTP requests in this frame

Frame: https://www.facebook.com/login/?next=https%3A%2F%2Fwww.facebook.com%2Fplugins%2Fpage.php%3Fadapt_container_width%3Dtrue%26app_id%3D125239581431127%26channel%3Dhttps%253A%252F%252Fstaticxx.facebook.com%252Fx%252Fconnect%252Fxd_arbiter%252F%253Fversion%253D46%2523cb%253Df149a435beeab44%2526domain%253Dwww.upmedia.mg%2526is_canvas%253Dfalse%2526origin%253Dhttps%25253A%25252F%25252Fwww.upmedia.mg%25252Ff7ad06fe50cb34%2526relation%253Dparent.parent%26container_width%3D300%26height%3D715%26hide_cover%3Dfalse%26href%3Dhttps%253A%252F%252Fwww.facebook.com%252FUPMEDIA.MG%252F%253Ffref%253Dts%26locale%3Dzh_TW%26sdk%3Djoey%26show_facepile%3Dtrue%26small_header%3Dfalse%26tabs%3Dtimeline
Frame ID: 00F78E151A3CAF73DFAD741441E401A7
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: D2401C11649BA5D424C0F5227B73C9CE
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 22B63DF22A9F271FDFBAA2E1D56B0A15
Requests: 2 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/012201141909000/amp4ads-v0.mjs
Frame ID: E666718303A0B70BF8789C14D546EFD9
Requests: 12 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

「B站」全站原始碼洩漏　包子帝禁用詞、黑心抽獎內幕全曝光 -- 上報 / 遊戲

Page URL History Show full URLs

https://www.upmedia.mg/news_info.php?SerialNo=61811 HTTP 301
https://www.upmedia.mg/news_info.php?SerialNo=61811&Type=12 Page URL

Detected technologies

Firebase (Databases) Expand

Overall confidence: 100%
Detected patterns

/firebasejs/([\d.]+)/firebase

PHP (Programming Languages) Expand

Overall confidence: 100%
Detected patterns

\.php(?:$|\?)

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

DoubleClick Ad Exchange (AdX) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

tpc\.googlesyndication\.com/safeframe

DoubleClick Campaign Manager (DCM) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

2mdn\.net

DoubleClick for Publishers (DFP) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googletagservices\.com/tag/js/gpt(?:_mobile)?\.js

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/
2mdn\.net

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js

OWL Carousel (Widgets) Expand

Overall confidence: 100%
Detected patterns

<link [^>]*href="[^"]+owl\.carousel(?:\.min)?\.css
owl\.carousel.*\.js

OpenX (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.openx\.net

Rubicon Project (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.rubiconproject\.com

TrackJs (Analytics) Expand

Overall confidence: 100%
Detected patterns

tracker\.js

Twitter (Widgets) Expand

Overall confidence: 100%
Detected patterns

//platform\.twitter\.com/widgets\.js

Webgains (Affiliate programs) Expand

Overall confidence: 100%
Detected patterns

analytics\.webgains\.io

comScore (Analytics) Expand

Overall confidence: 100%
Detected patterns

<iframe[^>]* (?:id="comscore"|scr=[^>]+comscore)|\.scorecardresearch\.com/beacon\.js|COMSCORE\.beacon
\.scorecardresearch\.com/beacon\.js|COMSCORE\.beacon

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

360
Requests

94 %
HTTPS

46 %
IPv6

61
Domains

94
Subdomains

75
IPs

10
Countries

11530 kB
Transfer

19542 kB
Size

62
Cookies

24 Outgoing links

These are links going to different origins than the main page.

URL: https://www.facebook.com/UPMEDIA.MG/
Title: facebook

Search URL Search Domain Scan URL

URL: https://www.youtube.com/channel/UCcO7MzLG-NNa3ndE_zklLdg
Title: youtube

Search URL Search Domain Scan URL

URL: https://www.facebook.com/sharer/sharer.php?u=http://www.upmedia.mg/news_info.php?SerialNo=61811&Type=12&src=sdkpreparse
Title: 分享

Search URL Search Domain Scan URL

URL: https://line.naver.jp/R/msg/text/?%E3%80%8CB%E7%AB%99%E3%80%8D%E5%85%A8%E7%AB%99%E5%8E%9F%E5%A7%8B%E7%A2%BC%E6%B4%A9%E6%BC%8F%E3%80%80%E5%8C%85%E5%AD%90%E5%B8%9D%E7%A6%81%E7%94%A8%E8%A9%9E%E3%80%81%E9%BB%91%E5%BF%83%E6%8A%BD%E7%8D%8E%E5%85%A7%E5%B9%95%E5%85%A8%E6%9B%9D%E5%85%89%20%20https://www.upmedia.mg/news_info.php?SerialNo=61811&Type=12

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/shareArticle?mini=true&url=www.upmedia.mg/news_info.php?SerialNo=61811&Type=12&title=&source=%27https://www.upmedia.mg%27
Title: linkedin

Search URL Search Domain Scan URL

URL: https://zh.wikipedia.org/wiki/GitHub
Title: GitHub

Search URL Search Domain Scan URL

URL: https://www.truvid.com/
Title: About

Search URL Search Domain Scan URL

URL: https://www.truvid.com/terms/
Title: T&C

Search URL Search Domain Scan URL

URL: https://www.truvid.com/terms/privacy_policy
Title: Privacy Policy

Search URL Search Domain Scan URL

URL: https://www.truvid.com/terms/cookie_policy
Title: Cookie Policy

Search URL Search Domain Scan URL

URL: https://pvmax.tenmax.io/kiangi/rc?originalWidgetId=8eb438d4-b9e7-4757-87ec-d3d7912acd82&dsType=hot&rid=f2c397449be686d335b9ffc21bae4d43&categories=%5B%22IAB10%22%5D&mobileTag=sandwich&desktopTag=grid-3&tid=c59027d4105422f68b8a8247d6dbb72b&ref=https%3A%2F%2Fwww.upmedia.mg%2Fnews_info.php%3FSerialNo%3D136906%26Type%3D2&pvsid=89e966e0-87e8-11ec-ab38-53bc1bde498e&experimentId=dee10a7b-22d5-4f8a-9fcf-7ba6a5c297f8&experimentType=AUTO&experimentWidgetId=905658d3-9d15-4f36-948a-db9ce46cf546&experimentWidgetType=AUTO_BASE&experimentChangelogId=81bada1a-b407-4efd-b7f5-a92fad9efab4

Search URL Search Domain Scan URL

URL: https://pvmax.tenmax.io/kiangi/rc?originalWidgetId=8eb438d4-b9e7-4757-87ec-d3d7912acd82&dsType=content&rid=f2c397449be686d335b9ffc21bae4d43&categories=%5B%22IAB3%22%5D&mobileTag=sandwich&desktopTag=grid-3&tid=3aec017414080880a4cfeca0eeef7d02&ref=https%3A%2F%2Fwww.upmedia.mg%2Fnews_info.php%3FSerialNo%3D136759&pvsid=89e966e0-87e8-11ec-ab38-53bc1bde498e&experimentId=dee10a7b-22d5-4f8a-9fcf-7ba6a5c297f8&experimentType=AUTO&experimentWidgetId=905658d3-9d15-4f36-948a-db9ce46cf546&experimentWidgetType=AUTO_BASE&experimentChangelogId=81bada1a-b407-4efd-b7f5-a92fad9efab4

Search URL Search Domain Scan URL

URL: https://pvmax.tenmax.io/kiangi/rc?originalWidgetId=8eb438d4-b9e7-4757-87ec-d3d7912acd82&dsType=content&rid=f2c397449be686d335b9ffc21bae4d43&categories=%5B%22IAB19%22%5D&mobileTag=sandwich&desktopTag=grid-3&tid=344e2286f90c3f4930cad2350945bc19&ref=https%3A%2F%2Fwww.upmedia.mg%2Fnews_info.php%3FSerialNo%3D135729&pvsid=89e966e0-87e8-11ec-ab38-53bc1bde498e&experimentId=dee10a7b-22d5-4f8a-9fcf-7ba6a5c297f8&experimentType=AUTO&experimentWidgetId=905658d3-9d15-4f36-948a-db9ce46cf546&experimentWidgetType=AUTO_BASE&experimentChangelogId=81bada1a-b407-4efd-b7f5-a92fad9efab4

Search URL Search Domain Scan URL

URL: https://pvmax.tenmax.io/kiangi/rc?originalWidgetId=8eb438d4-b9e7-4757-87ec-d3d7912acd82&dsType=hot&rid=f2c397449be686d335b9ffc21bae4d43&categories=%5B%22IAB19%22%5D&mobileTag=sandwich&desktopTag=grid-3&tid=ecbf1b57f511715b24b82d608090b775&ref=https%3A%2F%2Fwww.upmedia.mg%2Fnews_info.php%3FSerialNo%3D136936%26Type%3D24&pvsid=89e966e0-87e8-11ec-ab38-53bc1bde498e&experimentId=dee10a7b-22d5-4f8a-9fcf-7ba6a5c297f8&experimentType=AUTO&experimentWidgetId=905658d3-9d15-4f36-948a-db9ce46cf546&experimentWidgetType=AUTO_BASE&experimentChangelogId=81bada1a-b407-4efd-b7f5-a92fad9efab4

Search URL Search Domain Scan URL

URL: https://pvmax.tenmax.io/kiangi/rc?originalWidgetId=8eb438d4-b9e7-4757-87ec-d3d7912acd82&dsType=content&rid=f2c397449be686d335b9ffc21bae4d43&categories=%5B%22IAB9-30%22%5D&mobileTag=sandwich&desktopTag=grid-3&tid=8fb5ae26b696cdc5c669e74070d9bb2c&ref=https%3A%2F%2Fwww.upmedia.mg%2Fnews_info.php%3FSerialNo%3D135173&pvsid=89e966e0-87e8-11ec-ab38-53bc1bde498e&experimentId=dee10a7b-22d5-4f8a-9fcf-7ba6a5c297f8&experimentType=AUTO&experimentWidgetId=905658d3-9d15-4f36-948a-db9ce46cf546&experimentWidgetType=AUTO_BASE&experimentChangelogId=81bada1a-b407-4efd-b7f5-a92fad9efab4

Search URL Search Domain Scan URL

URL: https://pvmax.tenmax.io/kiangi/rc?originalWidgetId=8eb438d4-b9e7-4757-87ec-d3d7912acd82&dsType=behavior&rid=f2c397449be686d335b9ffc21bae4d43&categories=%5B%22IAB19%22%5D&mobileTag=sandwich&desktopTag=grid-3&tid=98eeca14e9f3fcb91d80d74f79d0d5cb&ref=https%3A%2F%2Fwww.upmedia.mg%2Fnews_info.php%3FSerialNo%3D136301%26Type%3D3&pvsid=89e966e0-87e8-11ec-ab38-53bc1bde498e&experimentId=dee10a7b-22d5-4f8a-9fcf-7ba6a5c297f8&experimentType=AUTO&experimentWidgetId=905658d3-9d15-4f36-948a-db9ce46cf546&experimentWidgetType=AUTO_BASE&experimentChangelogId=81bada1a-b407-4efd-b7f5-a92fad9efab4

Search URL Search Domain Scan URL

URL: https://pvmax.tenmax.io/kiangi/rc?originalWidgetId=8eb438d4-b9e7-4757-87ec-d3d7912acd82&dsType=content&rid=f2c397449be686d335b9ffc21bae4d43&categories=%5B%22IAB9-30%22%5D&mobileTag=sandwich&desktopTag=grid-3&tid=890c853e4caf13f430b743d3eb6e0fab&ref=https%3A%2F%2Fwww.upmedia.mg%2Fnews_info.php%3FSerialNo%3D135254%26Type%3D12&pvsid=89e966e0-87e8-11ec-ab38-53bc1bde498e&experimentId=dee10a7b-22d5-4f8a-9fcf-7ba6a5c297f8&experimentType=AUTO&experimentWidgetId=905658d3-9d15-4f36-948a-db9ce46cf546&experimentWidgetType=AUTO_BASE&experimentChangelogId=81bada1a-b407-4efd-b7f5-a92fad9efab4

Search URL Search Domain Scan URL

URL: https://pvmax.tenmax.io/kiangi/rc?originalWidgetId=8eb438d4-b9e7-4757-87ec-d3d7912acd82&dsType=behavior&rid=f2c397449be686d335b9ffc21bae4d43&categories=%5B%22IAB9-30%22%5D&mobileTag=sandwich&desktopTag=grid-3&tid=3eba3d16d70b739860a326c336fc85a8&ref=https%3A%2F%2Fwww.upmedia.mg%2Fnews_info.php%3FSerialNo%3D135884&pvsid=89e966e0-87e8-11ec-ab38-53bc1bde498e&experimentId=dee10a7b-22d5-4f8a-9fcf-7ba6a5c297f8&experimentType=AUTO&experimentWidgetId=905658d3-9d15-4f36-948a-db9ce46cf546&experimentWidgetType=AUTO_BASE&experimentChangelogId=81bada1a-b407-4efd-b7f5-a92fad9efab4

Search URL Search Domain Scan URL

URL: https://pvmax.tenmax.io/kiangi/rc?originalWidgetId=8eb438d4-b9e7-4757-87ec-d3d7912acd82&dsType=behavior&rid=f2c397449be686d335b9ffc21bae4d43&categories=%5B%22IAB9-30%22%5D&mobileTag=sandwich&desktopTag=grid-3&tid=3a754e47b4c94216aa218259a25a16c9&ref=https%3A%2F%2Fwww.upmedia.mg%2Fnews_info.php%3FSerialNo%3D136975%26Type%3D12&pvsid=89e966e0-87e8-11ec-ab38-53bc1bde498e&experimentId=dee10a7b-22d5-4f8a-9fcf-7ba6a5c297f8&experimentType=AUTO&experimentWidgetId=905658d3-9d15-4f36-948a-db9ce46cf546&experimentWidgetType=AUTO_BASE&experimentChangelogId=81bada1a-b407-4efd-b7f5-a92fad9efab4

Search URL Search Domain Scan URL

URL: https://pvmax.tenmax.io/kiangi/rc?originalWidgetId=8eb438d4-b9e7-4757-87ec-d3d7912acd82&dsType=hot&rid=f2c397449be686d335b9ffc21bae4d43&categories=%5B%22IAB7%22%5D&mobileTag=sandwich&desktopTag=grid-3&tid=d11185098629348783be7fc9ea861613&ref=https%3A%2F%2Fwww.upmedia.mg%2Fnews_info.php%3FSerialNo%3D136946%26Type%3D24&pvsid=89e966e0-87e8-11ec-ab38-53bc1bde498e&experimentId=dee10a7b-22d5-4f8a-9fcf-7ba6a5c297f8&experimentType=AUTO&experimentWidgetId=905658d3-9d15-4f36-948a-db9ce46cf546&experimentWidgetType=AUTO_BASE&experimentChangelogId=81bada1a-b407-4efd-b7f5-a92fad9efab4

Search URL Search Domain Scan URL

URL: https://pvmax.tenmax.io/kiangi/rc?originalWidgetId=8eb438d4-b9e7-4757-87ec-d3d7912acd82&dsType=content&rid=f2c397449be686d335b9ffc21bae4d43&categories=%5B%22IAB3%22%5D&mobileTag=sandwich&desktopTag=grid-3&tid=3ed2e20de116af490294e28bb6567c0f&ref=https%3A%2F%2Fwww.upmedia.mg%2Fnews_info.php%3FSerialNo%3D134862&pvsid=89e966e0-87e8-11ec-ab38-53bc1bde498e&experimentId=dee10a7b-22d5-4f8a-9fcf-7ba6a5c297f8&experimentType=AUTO&experimentWidgetId=905658d3-9d15-4f36-948a-db9ce46cf546&experimentWidgetType=AUTO_BASE&experimentChangelogId=81bada1a-b407-4efd-b7f5-a92fad9efab4

Search URL Search Domain Scan URL

URL: https://www.google.com.tw/maps/place/104%E5%8F%B0%E5%8C%97%E5%B8%82%E4%B8%AD%E5%B1%B1%E5%8D%80%E9%95%B7%E5%AE%89%E6%9D%B1%E8%B7%AF%E4%B8%80%E6%AE%B563-1%E8%99%9F/@25.0486676,121.5251428,17z/data=!3m1!4b1!4m5!3m4!1s0x3442a965a15047bb:0x6c364fbaced487d7!8m2!3d25.0486676!4d121.5273315
Title: 地址：台北市中山區長安東路一段63之1號5樓

Search URL Search Domain Scan URL

URL: https://www.youtube.com/channel/UC0V7h0p6PZb-Rl9krLZWQqw
Title: youtube

Search URL Search Domain Scan URL

URL: https://t.me/upmedia_news
Title: telegram

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://www.upmedia.mg/news_info.php?SerialNo=61811 HTTP 301
https://www.upmedia.mg/news_info.php?SerialNo=61811&Type=12 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 56

https://sb.scorecardresearch.com/b?c1=2&c2=24610009&ns__t=1644219335670&ns_c=UTF-8&cv=3.5&c8=%E3%80%8CB%E7%AB%99%E3%80%8D%E5%85%A8%E7%AB%99%E5%8E%9F%E5%A7%8B%E7%A2%BC%E6%B4%A9%E6%BC%8F%E3%80%80%E5%8C%85%E5%AD%90%E5%B8%9D%E7%A6%81%E7%94%A8%E8%A9%9E%E3%80%81%E9%BB%91%E5%BF%83%E6%8A%BD%E7%8D%8E%E5%85%A7%E5%B9%95%E5%85%A8%E6%9B%9D%E5%85%89%20--%20%E4%B8%8A%E5%A0%B1%20%2F%20%E9%81%8A%E6%88%B2&c7=https%3A%2F%2Fwww.upmedia.mg%2Fnews_info.php%3FSerialNo%3D61811%26Type%3D12&c9= HTTP 302
https://sb.scorecardresearch.com/b2?c1=2&c2=24610009&ns__t=1644219335670&ns_c=UTF-8&cv=3.5&c8=%E3%80%8CB%E7%AB%99%E3%80%8D%E5%85%A8%E7%AB%99%E5%8E%9F%E5%A7%8B%E7%A2%BC%E6%B4%A9%E6%BC%8F%E3%80%80%E5%8C%85%E5%AD%90%E5%B8%9D%E7%A6%81%E7%94%A8%E8%A9%9E%E3%80%81%E9%BB%91%E5%BF%83%E6%8A%BD%E7%8D%8E%E5%85%A7%E5%B9%95%E5%85%A8%E6%9B%9D%E5%85%89%20--%20%E4%B8%8A%E5%A0%B1%20%2F%20%E9%81%8A%E6%88%B2&c7=https%3A%2F%2Fwww.upmedia.mg%2Fnews_info.php%3FSerialNo%3D61811%26Type%3D12&c9=

Request Chain 122

https://securepubads.g.doubleclick.net/tag/js/gpt.js?_=1644219335853 HTTP 301
https://securepubads.g.doubleclick.net/tag/js/gpt.js

Request Chain 123

https://securepubads.g.doubleclick.net/tag/js/gpt.js?_=1644219335854 HTTP 301
https://securepubads.g.doubleclick.net/tag/js/gpt.js

Request Chain 186

https://dmp.tenmax.io/p/b734323b-0532-40a6-8d4e-782e1c96bd3a?random=776964120 HTTP 302
https://dmp.tenmax.io/cmp HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=cacafly&google_ula=514624859,1644219338&google_hm=aW1jaVlJZm9FZXlGMHpNQ2U3ak1GUT09&google_cm HTTP 302
https://dmp.tenmax.io/cm?adx=doubleclick&google_gid=CAESELahnQdkeYHH1Bw0bNRazik&google_cver=1&google_ula=514624859,0

Request Chain 188

https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=truvid&endpoint=us-east HTTP 301
https://eus.rubiconproject.com/usync.html?p=truvid&endpoint=us-east

Request Chain 189

https://cm.g.doubleclick.net/pixel?google_nid=adaptv_dbm&google_cm&google_sc&_origin=0&gdpr=0&gdpr_consent=&nsync=1 HTTP 302
https://pixel.advertising.com/ups/57304/sync?uid=CAESEIwFr6hDVrF-WchmyEOCVag&_origin=0&gdpr=0&gdpr_consent=&nsync=1&google_cver=1 HTTP 302
https://pixel.advertising.com/ups/57304/sync?uid=CAESEIwFr6hDVrF-WchmyEOCVag&_origin=0&gdpr=0&gdpr_consent=&nsync=1&google_cver=1&verify=true HTTP 302
https://ups.analytics.yahoo.com/ups/57304/sync?uid=CAESEIwFr6hDVrF-WchmyEOCVag&_origin=0&gdpr=0&gdpr_consent=&nsync=1&google_cver=1&apid=UP8ad61196-87e8-11ec-b702-02a0f9231304 HTTP 302
https://ups.analytics.yahoo.com/ups/57304/sync?uid=CAESEIwFr6hDVrF-WchmyEOCVag&_origin=0&gdpr=0&gdpr_consent=&nsync=1&google_cver=1&apid=UP8ad61196-87e8-11ec-b702-02a0f9231304&verify=true

Request Chain 248

https://a.tribalfusion.com/i.match?p=b6&u=CAESEOdJZGAVDYXWkHl6XbU4k8U&google_cver=1&google_push=AYg5qPItVsbMfyW5kHeF8l-TDiBihPErp3yeqbb-ctjrfXQ9BqI7tMBEiL-zUQHmXomBr7YFCiNq6ixXQEspc9qBram2oq3vbl4C&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAYg5qPItVsbMfyW5kHeF8l-TDiBihPErp3yeqbb-ctjrfXQ9BqI7tMBEiL-zUQHmXomBr7YFCiNq6ixXQEspc9qBram2oq3vbl4C%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24 HTTP 302
https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEOdJZGAVDYXWkHl6XbU4k8U&google_cver=1&google_push=AYg5qPItVsbMfyW5kHeF8l-TDiBihPErp3yeqbb-ctjrfXQ9BqI7tMBEiL-zUQHmXomBr7YFCiNq6ixXQEspc9qBram2oq3vbl4C&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAYg5qPItVsbMfyW5kHeF8l-TDiBihPErp3yeqbb-ctjrfXQ9BqI7tMBEiL-zUQHmXomBr7YFCiNq6ixXQEspc9qBram2oq3vbl4C%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24

Request Chain 249

https://dsp.adfarm1.adition.com/cookie/?ssp=2&google_gid=CAESEHGiT7TFJ4SHOCfRU2BOXrg&google_cver=1&google_push=AYg5qPLQNrtcJt0Ec9XYkEwgD2aRyYd9sXkLO_KZvH2qdHdp9vfQiqHMXN34AnbgtjLjSNqo9BgSmIm0HESqFIImEq6JZrpwhzKh HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzA2MTg2ODI3OTg3OTYyODk1NQ%3D%3D&google_push=AYg5qPLQNrtcJt0Ec9XYkEwgD2aRyYd9sXkLO_KZvH2qdHdp9vfQiqHMXN34AnbgtjLjSNqo9BgSmIm0HESqFIImEq6JZrpwhzKh

Request Chain 250

https://ads.travelaudience.com/google_pixel?google_gid=CAESELWAYslReHCkSMeZs1PWVOs&google_cver=1&google_push=AYg5qPKZq4uW1mT-wGxfaHanmSi8uJSymshaxf2p0p3gGyhgz839FIS0_4fZxB3-GwlO1m8HWw7599M6f5Rh54DSbFwS16uI6vV7 HTTP 307
https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=b8WELLKWTAu3wL76U1mLhA2&google_push=AYg5qPKZq4uW1mT-wGxfaHanmSi8uJSymshaxf2p0p3gGyhgz839FIS0_4fZxB3-GwlO1m8HWw7599M6f5Rh54DSbFwS16uI6vV7

Request Chain 251

https://s.ad.smaato.net/c/n///-?adNetInit=g&google_gid=CAESEC1qVHxms1VZVvJyvGaD9OE&google_cver=1&google_push=AYg5qPJRUaAbDiG5i2M0GOwrbzyW6I_NjI71sHzMzXZ9uJ6sk9dmJUdqDG8vcfhHgrDzKViJRt64YdKXifOJVDiK1uhkaKvMgCeF HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=smaato&google_push=AYg5qPJRUaAbDiG5i2M0GOwrbzyW6I_NjI71sHzMzXZ9uJ6sk9dmJUdqDG8vcfhHgrDzKViJRt64YdKXifOJVDiK1uhkaKvMgCeF

Request Chain 256

https://ad.turn.com/r/cs?pid=3&google_gid=CAESEISAV3gSBPodk1tuXQDc9_E&google_cver=1&google_push=AYg5qPJ3LImlwWNVzqiSoG5V5S0DqLvJkskZRmy4xTtRqC2CGxj_d26Ng-9d93kBYiJL92gz7J4fOWim0Kv4Wt8NLVM6qc-G2Dk HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=turn1&google_cm&google_sc&google_hm=Mjc0NTk1NzIzMzg3MjAwMTI0OQ==&gdpr=&gdpr_consent= HTTP 302
https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEISAV3gSBPodk1tuXQDc9_E&google_cver=1

Request Chain 257

https://a.tribalfusion.com/i.match?p=b6&u=CAESEOdJZGAVDYXWkHl6XbU4k8U&google_cver=1&google_push=AYg5qPJECS2ExkX-cwI-RgZHEtFQ_iX-35cLFmrxwVnFGlfMj0yvARxmkT68pYJlhdTR83uJ5woYkrPvz9Lcce9UHQa_TBQMpZYO&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAYg5qPJECS2ExkX-cwI-RgZHEtFQ_iX-35cLFmrxwVnFGlfMj0yvARxmkT68pYJlhdTR83uJ5woYkrPvz9Lcce9UHQa_TBQMpZYO%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24 HTTP 302
https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEOdJZGAVDYXWkHl6XbU4k8U&google_cver=1&google_push=AYg5qPJECS2ExkX-cwI-RgZHEtFQ_iX-35cLFmrxwVnFGlfMj0yvARxmkT68pYJlhdTR83uJ5woYkrPvz9Lcce9UHQa_TBQMpZYO&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAYg5qPJECS2ExkX-cwI-RgZHEtFQ_iX-35cLFmrxwVnFGlfMj0yvARxmkT68pYJlhdTR83uJ5woYkrPvz9Lcce9UHQa_TBQMpZYO%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24

Request Chain 258

https://x.bidswitch.net/sync?ssp=google&google_gid=CAESEMjoCHJ_Oif4R_4LGjKkeE8&google_cver=1&google_push=AYg5qPLjOxYIt4V8kIvdK-MJ6V51Wh2W9wvfO9qI6V7bg9XcabYsKp-556ul-axfreXOaft6R34TCcQUKFfhFBqakcWcHmUokqU HTTP 302
https://x.bidswitch.net/ul_cb/sync?ssp=google&google_gid=CAESEMjoCHJ_Oif4R_4LGjKkeE8&google_cver=1&google_push=AYg5qPLjOxYIt4V8kIvdK-MJ6V51Wh2W9wvfO9qI6V7bg9XcabYsKp-556ul-axfreXOaft6R34TCcQUKFfhFBqakcWcHmUokqU HTTP 302
https://m.fg8dgt.com/sync?ssp=bidswitch&bidswitch_ssp_id=google&ssp_uuid=ac248d67-828d-4362-86f6-21ab3db1cb9e HTTP 302
https://m.fg8dgt.com/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=google&ssp_uuid=ac248d67-828d-4362-86f6-21ab3db1cb9e HTTP 302
https://x.bidswitch.net/sync?dsp_id=108&expires=14&ssp=google&user_id=a7bd48f8-70d9-41b3-a978-44115e62ad98 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=AYg5qPLjOxYIt4V8kIvdK-MJ6V51Wh2W9wvfO9qI6V7bg9XcabYsKp-556ul-axfreXOaft6R34TCcQUKFfhFBqakcWcHmUokqU&google_hm=rCSNZ4KNQ2KG9iGrPbHLng==

Request Chain 260

https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESECIuBIEJStEabYcYVyG-ebo&google_cver=1&google_push=AYg5qPLPk-t68BTLjrLH66okK6ACmWn6aClg07XZA_9g-R2VurgNn9oG6PZzgQeUV8qL_IIVewXJOuFd5_Y-rZBTi7v9fGiy7oij HTTP 302
https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESECIuBIEJStEabYcYVyG-ebo&google_cver=1&google_push=AYg5qPLPk-t68BTLjrLH66okK6ACmWn6aClg07XZA_9g-R2VurgNn9oG6PZzgQeUV8qL_IIVewXJOuFd5_Y-rZBTi7v9fGiy7oij&rdf=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=lESsQRZUQj6SeCaezX7PZA%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AYg5qPLPk-t68BTLjrLH66okK6ACmWn6aClg07XZA_9g-R2VurgNn9oG6PZzgQeUV8qL_IIVewXJOuFd5_Y-rZBTi7v9fGiy7oij

Request Chain 261

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEMnjB0OXnFSHAmmtUZzHjNY&google_cver=1&google_push=AYg5qPJ40pw3MV1WnTW5IAA3iNBABTL2qD7ahQK5tqx7E6KzMk5rSU0_G1Yjoa2Z-a67Bh0sEqrdcYQHaOBn9NpDQz8LeqopPgc HTTP 302
https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_cver=1&google_gid=CAESEMnjB0OXnFSHAmmtUZzHjNY&google_push=AYg5qPJ40pw3MV1WnTW5IAA3iNBABTL2qD7ahQK5tqx7E6KzMk5rSU0_G1Yjoa2Z-a67Bh0sEqrdcYQHaOBn9NpDQz8LeqopPgc&s=184023&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YgDLyXMRdudMLMtvMAwOvwAABFIAAAAB&google_cver=1&google_gid=CAESEMnjB0OXnFSHAmmtUZzHjNY&google_push=AYg5qPJ40pw3MV1WnTW5IAA3iNBABTL2qD7ahQK5tqx7E6KzMk5rSU0_G1Yjoa2Z-a67Bh0sEqrdcYQHaOBn9NpDQz8LeqopPgc HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YgDLyXMRdudMLMtvMAwOvwAABFIAAAAB&google_cver=1&google_gid=CAESEMnjB0OXnFSHAmmtUZzHjNY&google_push=AYg5qPJ40pw3MV1WnTW5IAA3iNBABTL2qD7ahQK5tqx7E6KzMk5rSU0_G1Yjoa2Z-a67Bh0sEqrdcYQHaOBn9NpDQz8LeqopPgc HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YgDLyXMRdudMLMtvMAwOvwAABFIAAAAB&google_cver=1&google_gid=CAESEMnjB0OXnFSHAmmtUZzHjNY&google_push=AYg5qPJ40pw3MV1WnTW5IAA3iNBABTL2qD7ahQK5tqx7E6KzMk5rSU0_G1Yjoa2Z-a67Bh0sEqrdcYQHaOBn9NpDQz8LeqopPgc HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YgDLyXMRdudMLMtvMAwOvwAABFIAAAAB&google_cver=1&google_gid=CAESEMnjB0OXnFSHAmmtUZzHjNY&google_push=AYg5qPJ40pw3MV1WnTW5IAA3iNBABTL2qD7ahQK5tqx7E6KzMk5rSU0_G1Yjoa2Z-a67Bh0sEqrdcYQHaOBn9NpDQz8LeqopPgc HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YgDLyXMRdudMLMtvMAwOvwAABFIAAAAB&google_cver=1&google_gid=CAESEMnjB0OXnFSHAmmtUZzHjNY&google_push=AYg5qPJ40pw3MV1WnTW5IAA3iNBABTL2qD7ahQK5tqx7E6KzMk5rSU0_G1Yjoa2Z-a67Bh0sEqrdcYQHaOBn9NpDQz8LeqopPgc HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YgDLyXMRdudMLMtvMAwOvwAABFIAAAAB&google_cver=1&google_gid=CAESEMnjB0OXnFSHAmmtUZzHjNY&google_push=AYg5qPJ40pw3MV1WnTW5IAA3iNBABTL2qD7ahQK5tqx7E6KzMk5rSU0_G1Yjoa2Z-a67Bh0sEqrdcYQHaOBn9NpDQz8LeqopPgc HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YgDLyXMRdudMLMtvMAwOvwAABFIAAAAB&google_cver=1&google_gid=CAESEMnjB0OXnFSHAmmtUZzHjNY&google_push=AYg5qPJ40pw3MV1WnTW5IAA3iNBABTL2qD7ahQK5tqx7E6KzMk5rSU0_G1Yjoa2Z-a67Bh0sEqrdcYQHaOBn9NpDQz8LeqopPgc HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YgDLyXMRdudMLMtvMAwOvwAABFIAAAAB&google_cver=1&google_gid=CAESEMnjB0OXnFSHAmmtUZzHjNY&google_push=AYg5qPJ40pw3MV1WnTW5IAA3iNBABTL2qD7ahQK5tqx7E6KzMk5rSU0_G1Yjoa2Z-a67Bh0sEqrdcYQHaOBn9NpDQz8LeqopPgc HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YgDLyXMRdudMLMtvMAwOvwAABFIAAAAB&google_cver=1&google_gid=CAESEMnjB0OXnFSHAmmtUZzHjNY&google_push=AYg5qPJ40pw3MV1WnTW5IAA3iNBABTL2qD7ahQK5tqx7E6KzMk5rSU0_G1Yjoa2Z-a67Bh0sEqrdcYQHaOBn9NpDQz8LeqopPgc HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YgDLyXMRdudMLMtvMAwOvwAABFIAAAAB&google_cver=1&google_gid=CAESEMnjB0OXnFSHAmmtUZzHjNY&google_push=AYg5qPJ40pw3MV1WnTW5IAA3iNBABTL2qD7ahQK5tqx7E6KzMk5rSU0_G1Yjoa2Z-a67Bh0sEqrdcYQHaOBn9NpDQz8LeqopPgc HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YgDLyXMRdudMLMtvMAwOvwAABFIAAAAB&google_cver=1&google_gid=CAESEMnjB0OXnFSHAmmtUZzHjNY&google_push=AYg5qPJ40pw3MV1WnTW5IAA3iNBABTL2qD7ahQK5tqx7E6KzMk5rSU0_G1Yjoa2Z-a67Bh0sEqrdcYQHaOBn9NpDQz8LeqopPgc HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YgDLyXMRdudMLMtvMAwOvwAABFIAAAAB&google_cver=1&google_gid=CAESEMnjB0OXnFSHAmmtUZzHjNY&google_push=AYg5qPJ40pw3MV1WnTW5IAA3iNBABTL2qD7ahQK5tqx7E6KzMk5rSU0_G1Yjoa2Z-a67Bh0sEqrdcYQHaOBn9NpDQz8LeqopPgc HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YgDLyXMRdudMLMtvMAwOvwAABFIAAAAB&google_cver=1&google_gid=CAESEMnjB0OXnFSHAmmtUZzHjNY&google_push=AYg5qPJ40pw3MV1WnTW5IAA3iNBABTL2qD7ahQK5tqx7E6KzMk5rSU0_G1Yjoa2Z-a67Bh0sEqrdcYQHaOBn9NpDQz8LeqopPgc HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YgDLyXMRdudMLMtvMAwOvwAABFIAAAAB&google_cver=1&google_gid=CAESEMnjB0OXnFSHAmmtUZzHjNY&google_push=AYg5qPJ40pw3MV1WnTW5IAA3iNBABTL2qD7ahQK5tqx7E6KzMk5rSU0_G1Yjoa2Z-a67Bh0sEqrdcYQHaOBn9NpDQz8LeqopPgc HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YgDLyXMRdudMLMtvMAwOvwAABFIAAAAB&google_cver=1&google_gid=CAESEMnjB0OXnFSHAmmtUZzHjNY&google_push=AYg5qPJ40pw3MV1WnTW5IAA3iNBABTL2qD7ahQK5tqx7E6KzMk5rSU0_G1Yjoa2Z-a67Bh0sEqrdcYQHaOBn9NpDQz8LeqopPgc HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YgDLyXMRdudMLMtvMAwOvwAABFIAAAAB&google_cver=1&google_gid=CAESEMnjB0OXnFSHAmmtUZzHjNY&google_push=AYg5qPJ40pw3MV1WnTW5IAA3iNBABTL2qD7ahQK5tqx7E6KzMk5rSU0_G1Yjoa2Z-a67Bh0sEqrdcYQHaOBn9NpDQz8LeqopPgc HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YgDLyXMRdudMLMtvMAwOvwAABFIAAAAB&google_cver=1&google_gid=CAESEMnjB0OXnFSHAmmtUZzHjNY&google_push=AYg5qPJ40pw3MV1WnTW5IAA3iNBABTL2qD7ahQK5tqx7E6KzMk5rSU0_G1Yjoa2Z-a67Bh0sEqrdcYQHaOBn9NpDQz8LeqopPgc HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YgDLyXMRdudMLMtvMAwOvwAABFIAAAAB&google_cver=1&google_gid=CAESEMnjB0OXnFSHAmmtUZzHjNY&google_push=AYg5qPJ40pw3MV1WnTW5IAA3iNBABTL2qD7ahQK5tqx7E6KzMk5rSU0_G1Yjoa2Z-a67Bh0sEqrdcYQHaOBn9NpDQz8LeqopPgc HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YgDLyXMRdudMLMtvMAwOvwAABFIAAAAB&google_cver=1&google_gid=CAESEMnjB0OXnFSHAmmtUZzHjNY&google_push=AYg5qPJ40pw3MV1WnTW5IAA3iNBABTL2qD7ahQK5tqx7E6KzMk5rSU0_G1Yjoa2Z-a67Bh0sEqrdcYQHaOBn9NpDQz8LeqopPgc

Request Chain 262

https://pixel.advertising.com/ups/58202/sync?gdpr=&gdpr_consent=&redir=true&google_gid=CAESELW90BXebXMJbs5-YwGIOps&google_cver=1&google_push=AYg5qPLAgnh5ZcIPcuHmSJg_ziPvX2fLai2x9u0zkBf7f6M70R7rOLyYeOJOO1YrC1UTwnHCOqbCEWxw8c_9h_zkLl31BdxTcFIRLA HTTP 302
https://ups.analytics.yahoo.com/ups/58202/sync?gdpr=&gdpr_consent=&redir=true&google_gid=CAESELW90BXebXMJbs5-YwGIOps&google_cver=1&google_push=AYg5qPLAgnh5ZcIPcuHmSJg_ziPvX2fLai2x9u0zkBf7f6M70R7rOLyYeOJOO1YrC1UTwnHCOqbCEWxw8c_9h_zkLl31BdxTcFIRLA&apid=UP8ad61196-87e8-11ec-b702-02a0f9231304 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=oath_eb&google_hm=VVA4YWQ2MTE5Ni04N2U4LTExZWMtYjcwMi0wMmEwZjkyMzEzMDQ%3D&google_push=AYg5qPLAgnh5ZcIPcuHmSJg_ziPvX2fLai2x9u0zkBf7f6M70R7rOLyYeOJOO1YrC1UTwnHCOqbCEWxw8c_9h_zkLl31BdxTcFIRLA

Request Chain 277

https://ads.adaptv.advertising.com/a/h/Vr89rLrLhjCAXTy+eBmRt7SSQFggRbNjn0BVyyIABwoBi3ceXl4eXA==?cb=62597628&gdpr=1&gdpr_consent=&us_privacy=1---&pageUrl=https%3A%2F%2Fupmedia.mg&a.ip=217.64.151.7&a.ua=Mozilla/5.0%20(Windows%20NT%2010.0;%20Win64;%20x64)%20AppleWebKit/537.36%20(KHTML,%20like%20Gecko)%20Chrome/97.0.4692.71%20Safari/537.36&lat=59.3247&lon=18.056&scpid=597&hp=1&eov=eov&pi.width=978&pi.height=550&pi.viewable=0 HTTP 302
https://ads-eu.v.ssp.yahoo.com/a/h/Vr89rLrLhjCAXTy+eBmRt7SSQFggRbNjn0BVyyIABwoBi3ceXl4eXA==?cb=62597628&gdpr=1&gdpr_consent=&us_privacy=1---&pageUrl=https%3A%2F%2Fupmedia.mg&a.ip=217.64.151.7&a.ua=Mozilla/5.0%20(Windows%20NT%2010.0;%20Win64;%20x64)%20AppleWebKit/537.36%20(KHTML,%20like%20Gecko)%20Chrome/97.0.4692.71%20Safari/537.36&lat=59.3247&lon=18.056&scpid=597&hp=1&eov=eov&pi.width=978&pi.height=550&pi.viewable=0&a.y_rid=9402c027-d541-43d3-929c-b9458feab65a&a.is_yahoo=3&redirect_y=dHM9MTY0NDIxOTMzODAzNS4yNzU4Nzk6YXBpZD1VUDhhZDYxMTk2LTg3ZTgtMTFlYy1iNzAyLTAyYTBmOTIzMTMwNDpyZXF1ZXN0X2lkPTk0MDJjMDI3LWQ1NDEtNDNkMy05MjljLWI5NDU4ZmVhYjY1YQ==

Request Chain 285

https://pv.medialead.de/trck/epv/2aed39855b5f46b7d90f959867be60f8?t=htlp&subid=oneidRA2hgfQfD4pTkHwH3tQtJgDS9SzTqxTG9xoneid__asuidF9SIIBsUtV1cES_dGQedjRwL_dWotX5hasuid__suite_Netmix_Reach09_PRIVATKREDIT&gdpr_consent=&gdpr=0&gdpr_pd=0 HTTP 302
https://pb.media01.eu/view.aspx?trackid=529D4F146E3238B0FD87AE72E1190AD4&dt_subid1=57372&dt_subid2=oneidRA2hgfQfD4pTkHwH3tQtJgDS9SzTqxTG9xoneid__asuidF9SIIBsUtV1cES_dGQedjRwL_dWotX5hasuid__suite_Netmix_Reach09_PRIVATKREDIT&actionid=981741&produktid=&dt_url=

Request Chain 294

https://pv.medialead.de/trck/epv/2aed39855b5f46b7d90f959867be60f8?t=htlp&subid=oneidRA2hgfQfD4pTkHwH3tQtJgDS9SzTqxTG9xoneid__asuidEqHinm5zKdG3ma7A1yVwsHQZe4d2jbmoasuid__suite_Netmix_Reach09_PRIVATKREDIT&gdpr_consent=&gdpr=0&gdpr_pd=0 HTTP 302
https://pb.media01.eu/view.aspx?trackid=529D4F146E3238B0FD87AE72E1190AD4&dt_subid1=57372&dt_subid2=oneidRA2hgfQfD4pTkHwH3tQtJgDS9SzTqxTG9xoneid__asuidEqHinm5zKdG3ma7A1yVwsHQZe4d2jbmoasuid__suite_Netmix_Reach09_PRIVATKREDIT&actionid=981741&produktid=&dt_url=

Request Chain 317

https://www.facebook.com/v2.12/plugins/comments.php?app_id=125239581431127&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df2afc708ae4750c%26domain%3Dwww.upmedia.mg%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fwww.upmedia.mg%252Ff7ad06fe50cb34%26relation%3Dparent.parent&container_width=978&height=100&href=https%3A%2F%2Fwww.upmedia.mg%2Fnews_info.php%3FSerialNo%3D61811%26Type%3D12&locale=zh_TW&numposts=5&sdk=joey&version=v2.12&width= HTTP 302
https://www.facebook.com/plugins/comments.php?app_id=125239581431127&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df2afc708ae4750c%26domain%3Dwww.upmedia.mg%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fwww.upmedia.mg%252Ff7ad06fe50cb34%26relation%3Dparent.parent&container_width=978&height=100&href=https%3A%2F%2Fwww.upmedia.mg%2Fnews_info.php%3FSerialNo%3D61811%26Type%3D12&locale=zh_TW&numposts=5&sdk=joey&version=v2.12&width HTTP 302
https://www.facebook.com/plugins/feedback.php?app_id=125239581431127&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df2afc708ae4750c%26domain%3Dwww.upmedia.mg%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fwww.upmedia.mg%252Ff7ad06fe50cb34%26relation%3Dparent.parent&container_width=978&height=100&href=https%3A%2F%2Fwww.upmedia.mg%2Fnews_info.php%3FSerialNo%3D61811%26Type%3D12&locale=zh_TW&numposts=5&sdk=joey&version=v2.12&width

Request Chain 318

https://www.facebook.com/v2.12/plugins/page.php?adapt_container_width=true&app_id=125239581431127&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df149a435beeab44%26domain%3Dwww.upmedia.mg%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fwww.upmedia.mg%252Ff7ad06fe50cb34%26relation%3Dparent.parent&container_width=300&height=715&hide_cover=false&href=https%3A%2F%2Fwww.facebook.com%2FUPMEDIA.MG%2F%3Ffref%3Dts&locale=zh_TW&sdk=joey&show_facepile=true&small_header=false&tabs=timeline HTTP 302
https://www.facebook.com/login/?next=https%3A%2F%2Fwww.facebook.com%2Fplugins%2Fpage.php%3Fadapt_container_width%3Dtrue%26app_id%3D125239581431127%26channel%3Dhttps%253A%252F%252Fstaticxx.facebook.com%252Fx%252Fconnect%252Fxd_arbiter%252F%253Fversion%253D46%2523cb%253Df149a435beeab44%2526domain%253Dwww.upmedia.mg%2526is_canvas%253Dfalse%2526origin%253Dhttps%25253A%25252F%25252Fwww.upmedia.mg%25252Ff7ad06fe50cb34%2526relation%253Dparent.parent%26container_width%3D300%26height%3D715%26hide_cover%3Dfalse%26href%3Dhttps%253A%252F%252Fwww.facebook.com%252FUPMEDIA.MG%252F%253Ffref%253Dts%26locale%3Dzh_TW%26sdk%3Djoey%26show_facepile%3Dtrue%26small_header%3Dfalse%26tabs%3Dtimeline

Request Chain 352

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

360 HTTP transactions
6 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request news_info.php Show response
www.upmedia.mg/
Redirect Chain

https://www.upmedia.mg/news_info.php?SerialNo=61811
https://www.upmedia.mg/news_info.php?SerialNo=61811&Type=12

75 KB
29 KB

1387ms
1386ms

Document
text/html

192.124.249.65
SUCURI-SEC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.upmedia.mg/news_info.php?SerialNo=61811&Type=12

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.65 Menifee, United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10065.sucuri.net

Software

nginx /

Resource Hash

3a981a7288749d6367a3c453280a7d1243529579a45366d25afbfe3375edb91a

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: de-DE,de;q=0.9

Response headers

server: nginx
date: Mon, 07 Feb 2022 07:35:34 GMT
content-type: text/html; charset=UTF-8
x-sucuri-id: 15015
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
content-security-policy: upgrade-insecure-requests;
cache-control: no-store, no-cache, must-revalidate
content-encoding: gzip
expires: Thu, 19 Nov 1981 08:52:00 GMT
pragma: no-cache
vary: Accept-Encoding
x-sucuri-cache: MISS

Redirect headers

server: nginx
date: Mon, 07 Feb 2022 07:35:33 GMT
content-type: text/html; charset=UTF-8
content-length: 86
location: https://www.upmedia.mg/news_info.php?SerialNo=61811&Type=12
x-sucuri-id: 15015
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
content-security-policy: upgrade-insecure-requests;
content-encoding: gzip
vary: Accept-Encoding
x-sucuri-cache: MISS

GET
H2 200 style-new-v4.min.css
www.upmedia.mg/css/ 78 KB
20 KB 9ms
9ms Stylesheet
text/css 192.124.249.65
SUCURI-SEC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.upmedia.mg/css/style-new-v4.min.css

Requested by

Host: www.upmedia.mg
URL: https://www.upmedia.mg/news_info.php?SerialNo=61811&Type=12

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.65 Menifee, United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10065.sucuri.net

Software

nginx /

Resource Hash

7da7718bf81eaad9e51fa1ed9cdd920bbd001a672891e4632861d33cee253776

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.upmedia.mg/news_info.php?SerialNo=61811&Type=12
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 07 Feb 2022 07:35:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 30 Dec 2021 14:38:04 GMT
server: nginx
etag: "1398b-5d45e008926e0-gzip"
x-frame-options: SAMEORIGIN
content-type: text/css
x-sucuri-cache: HIT
cache-control: max-age=315360000
x-sucuri-id: 15015
content-security-policy: upgrade-insecure-requests;
vary: Accept-Encoding
x-xss-protection: 1; mode=block
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 style_202102_topad.css
www.upmedia.mg/css/ 857 B
785 B 11ms
10ms Stylesheet
text/css 192.124.249.65
SUCURI-SEC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.upmedia.mg/css/style_202102_topad.css

Requested by

Host: www.upmedia.mg
URL: https://www.upmedia.mg/news_info.php?SerialNo=61811&Type=12

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.65 Menifee, United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10065.sucuri.net

Software

nginx /

Resource Hash

ed5e0b23e098a4b9bee661a904db54dd8bcdbfce9438db83298465431b14a9ab

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.upmedia.mg/news_info.php?SerialNo=61811&Type=12
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 07 Feb 2022 07:35:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-sucuri-cache: HIT
content-length: 417
x-xss-protection: 1; mode=block
last-modified: Thu, 25 Mar 2021 04:56:26 GMT
server: nginx
x-frame-options: SAMEORIGIN
etag: "359-5be553cda7280-gzip"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=315360000
x-sucuri-id: 15015
content-security-policy: upgrade-insecure-requests;
accept-ranges: bytes
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 fonts.css
www.upmedia.mg/css/ 217 KB
97 KB 14ms
14ms Stylesheet
text/css 192.124.249.65
SUCURI-SEC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.upmedia.mg/css/fonts.css

Requested by

Host: www.upmedia.mg
URL: https://www.upmedia.mg/news_info.php?SerialNo=61811&Type=12

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.65 Menifee, United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10065.sucuri.net

Software

nginx /

Resource Hash

ea9a7cc743f85d8125ace5b7f7dac003957cde3ee374e88d560acbab98317885

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.upmedia.mg/news_info.php?SerialNo=61811&Type=12
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 07 Feb 2022 07:35:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 16 Jan 2020 07:50:48 GMT
server: nginx
etag: "363b0-59c3d1550c410-gzip"
x-frame-options: SAMEORIGIN
content-type: text/css
x-sucuri-cache: HIT
cache-control: max-age=315360000
x-sucuri-id: 15015
content-security-policy: upgrade-insecure-requests;
vary: Accept-Encoding
x-xss-protection: 1; mode=block
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 owl.carousel.min.css
www.upmedia.mg/css/ 1 KB
794 B 18ms
18ms Stylesheet
text/css 192.124.249.65
SUCURI-SEC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.upmedia.mg/css/owl.carousel.min.css

Requested by

Host: www.upmedia.mg
URL: https://www.upmedia.mg/news_info.php?SerialNo=61811&Type=12

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.65 Menifee, United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10065.sucuri.net

Software

nginx /

Resource Hash

5ba1cc8ace5bd2f8b0b185898e42649829fd86f1c1f270d3596f3d41ae4c34f5

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.upmedia.mg/news_info.php?SerialNo=61811&Type=12
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 07 Feb 2022 07:35:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-sucuri-cache: HIT
content-length: 426
x-xss-protection: 1; mode=block
last-modified: Fri, 17 Jan 2020 07:18:09 GMT
server: nginx
x-frame-options: SAMEORIGIN
etag: "49b-59c50be65ab20-gzip"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=315360000
x-sucuri-id: 15015
content-security-policy: upgrade-insecure-requests;
accept-ranges: bytes
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK prod-global-551817.js Show response
rtbcdn.andbeyond.media/ 116 KB
12 KB 54ms
9ms Script
text/javascript 69.16.175.10
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL: https://rtbcdn.andbeyond.media/prod-global-551817.js
Requested by: Host: www.upmedia.mg
URL: https://www.upmedia.mg/news_info.php?SerialNo=61811&Type=12
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 69.16.175.10 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS: tlb.hwcdn.net
Software: /
Resource Hash: 8f07ec3f0f12595bc6d0feb1efeb25ab8ffd8171f44c90245abbe9aaaf898f14

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.upmedia.mg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Mon, 07 Feb 2022 07:35:35 GMT
Content-Encoding: gzip
Last-Modified: Mon, 04 Oct 2021 10:21:48 GMT
ETag: "1633342908"
X-HW: 1644219335.dop108.fr8.t,1644219335.cds243.fr8.shn,1644219335.dop108.fr8.t,1644219335.cds216.fr8.c
Content-Type: text/javascript
Access-Control-Allow-Origin: *
Cache-Control: max-age=1725
Connection: Keep-Alive
Accept-Ranges: bytes
Content-Length: 12143

GET
H2 200 gpt.js Show response
www.googletagservices.com/tag/js/ 80 KB
27 KB 43ms
16ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/tag/js/gpt.js

Requested by

Host: www.upmedia.mg
URL: https://www.upmedia.mg/news_info.php?SerialNo=61811&Type=12

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

10a7e524db359a94a66ea75b97e81a52932f0e10a04deabb49fb73ec5d038946

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.upmedia.mg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 07 Feb 2022 07:35:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 27225
x-xss-protection: 0
server: sffe
etag: "1124 / 54 of 1000 / last-modified: 1644015869"
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Mon, 07 Feb 2022 07:35:35 GMT

GET
H2 200 jquery.modal.css
www.upmedia.mg/jquery-modal/ 4 KB
2 KB 18ms
18ms Stylesheet
text/css 192.124.249.65
SUCURI-SEC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.upmedia.mg/jquery-modal/jquery.modal.css

Requested by

Host: www.upmedia.mg
URL: https://www.upmedia.mg/news_info.php?SerialNo=61811&Type=12

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.65 Menifee, United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10065.sucuri.net

Software

nginx /

Resource Hash

70270e26cdc41ff47602e2bcdc1f24d740da3330e6466cd472c24b6821e93885

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.upmedia.mg/news_info.php?SerialNo=61811&Type=12
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 07 Feb 2022 07:35:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-sucuri-cache: HIT
content-length: 1920
x-xss-protection: 1; mode=block
last-modified: Wed, 04 Dec 2019 02:56:12 GMT
server: nginx
x-frame-options: SAMEORIGIN
etag: "e05-598d7f48fd210-gzip"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=315360000
x-sucuri-id: 15015
content-security-policy: upgrade-insecure-requests;
accept-ranges: bytes
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 151 KB
53 KB 51ms
27ms Script
text/javascript 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-1320194567067211

Requested by

Host: www.upmedia.mg
URL: https://www.upmedia.mg/news_info.php?SerialNo=61811&Type=12

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ca53103d383d18a92eb0f454ad90c2ef7edca35ac8c017cd700a3ac7ca2b3dd3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.upmedia.mg/
Origin: https://www.upmedia.mg
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 07 Feb 2022 07:35:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 53505
x-xss-protection: 0
server: cafe
etag: 14699866563855160999
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Mon, 07 Feb 2022 07:35:35 GMT

GET
H2 200 linebutton_84x20_zh-hant.png
www.upmedia.mg/images/line/ 3 KB
4 KB 11ms
8ms Image
image/png 192.124.249.65
SUCURI-SEC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.upmedia.mg/images/line/linebutton_84x20_zh-hant.png

Requested by

Host: www.upmedia.mg
URL: https://www.upmedia.mg/news_info.php?SerialNo=61811&Type=12

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.65 Menifee, United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10065.sucuri.net

Software

nginx /

Resource Hash

e9c2ea51112f76d8a1d637d680db5d0d0f662744e0a28dd950fe262fc3b08e91

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.upmedia.mg/news_info.php?SerialNo=61811&Type=12
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 07 Feb 2022 07:35:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-sucuri-cache: HIT
content-length: 3244
x-xss-protection: 1; mode=block
last-modified: Mon, 22 May 2017 06:44:36 GMT
server: nginx
x-frame-options: SAMEORIGIN
etag: "c71-550173454dd00-gzip"
vary: Accept-Encoding
content-type: image/png
cache-control: max-age=315360000
x-sucuri-id: 15015
content-security-policy: upgrade-insecure-requests;
accept-ranges: bytes
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 20190423001611817326.png
www.upmedia.mg/upload/article/ 460 KB
451 KB 664ms
661ms Image
image/png 192.124.249.65
SUCURI-SEC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.upmedia.mg/upload/article/20190423001611817326.png

Requested by

Host: www.upmedia.mg
URL: https://www.upmedia.mg/news_info.php?SerialNo=61811&Type=12

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.65 Menifee, United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10065.sucuri.net

Software

nginx /

Resource Hash

55430db3ae14cc7856891c023050bb1f60e0152cafb69adfadaa8a3e3ea3a258

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.upmedia.mg/news_info.php?SerialNo=61811&Type=12
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 07 Feb 2022 07:35:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 22 Apr 2019 16:16:12 GMT
server: nginx
etag: "72ebf-58720c9767868-gzip"
x-frame-options: SAMEORIGIN
content-type: image/png
x-sucuri-cache: MISS
cache-control: max-age=315360000
x-sucuri-id: 15015
content-security-policy: upgrade-insecure-requests;
vary: Accept-Encoding
x-xss-protection: 1; mode=block
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 80 KB
27 KB 51ms
21ms Script
text/javascript 142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: www.upmedia.mg
URL: https://www.upmedia.mg/news_info.php?SerialNo=61811&Type=12

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

sffe /

Resource Hash

2677a9e641a6705292e1c0cfc94317ab2ad70a607ff8fd52ed5dd99721acc6ac

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.upmedia.mg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 07 Feb 2022 07:35:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 27233
x-xss-protection: 0
server: sffe
etag: "1124 / 726 of 1000 / last-modified: 1644015917"
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Mon, 07 Feb 2022 07:35:35 GMT

GET
H2 200 BV190422234529978112.jpg
www.upmedia.mg/upload/content/20190422/ 206 KB
198 KB 391ms
388ms Image
image/jpeg 192.124.249.65
SUCURI-SEC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.upmedia.mg/upload/content/20190422/BV190422234529978112.jpg

Requested by

Host: www.upmedia.mg
URL: https://www.upmedia.mg/news_info.php?SerialNo=61811&Type=12

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.65 Menifee, United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10065.sucuri.net

Software

nginx /

Resource Hash

0c0084cfd1cebbbd3de8d057d0c43f0afe6851d69e0d69ee5bcfcab513c89d39

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.upmedia.mg/news_info.php?SerialNo=61811&Type=12
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 07 Feb 2022 07:35:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 22 Apr 2019 15:45:30 GMT
server: nginx
etag: "33665-587205ba86c88-gzip"
x-frame-options: SAMEORIGIN
content-type: image/jpeg
x-sucuri-cache: MISS
cache-control: max-age=315360000
x-sucuri-id: 15015
content-security-policy: upgrade-insecure-requests;
vary: Accept-Encoding
x-xss-protection: 1; mode=block
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 print.css
www.upmedia.mg/css/ 615 B
732 B 16ms
15ms Stylesheet
text/css 192.124.249.65
SUCURI-SEC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.upmedia.mg/css/print.css

Requested by

Host: www.upmedia.mg
URL: https://www.upmedia.mg/news_info.php?SerialNo=61811&Type=12

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.65 Menifee, United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10065.sucuri.net

Software

nginx /

Resource Hash

fe20a993ae539a56ec5c5f6e9991a77eb9874de4aefb05e91addf16e10142a8b

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.upmedia.mg/news_info.php?SerialNo=61811&Type=12
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 07 Feb 2022 07:35:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-sucuri-cache: HIT
content-length: 365
x-xss-protection: 1; mode=block
last-modified: Wed, 22 Mar 2017 07:23:07 GMT
server: nginx
x-frame-options: SAMEORIGIN
etag: "267-54b4ca1c20cc0-gzip"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=315360000
x-sucuri-id: 15015
content-security-policy: upgrade-insecure-requests;
accept-ranges: bytes
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 32ms
7ms Script
text/javascript 2a00:1450:4001:808::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.upmedia.mg
URL: https://www.upmedia.mg/news_info.php?SerialNo=61811&Type=12

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.upmedia.mg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 02 Nov 2021 17:39:06 GMT
server: Golfe2
age: 5443
date: Mon, 07 Feb 2022 06:04:52 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20006
expires: Mon, 07 Feb 2022 08:04:52 GMT

GET
H/1.1 200
OK atrk.js Show response
certify-js.alexametrics.com/ 4 KB
2 KB 27ms
6ms Script
application/javascript 18.66.97.14
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://certify-js.alexametrics.com/atrk.js
Requested by: Host: www.upmedia.mg
URL: https://www.upmedia.mg/news_info.php?SerialNo=61811&Type=12
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.97.14 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-97-14.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 5e84ce936bc3e3844a5d9efb3ac7d28107fa17234fa2a6c2bf3491fc284f0d4f

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.upmedia.mg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Tue, 27 Apr 2021 18:07:27 GMT
Content-Encoding: gzip
Connection: keep-alive
Last-Modified: Tue, 27 Apr 2021 18:03:54 GMT
Server: AmazonS3
Age: 24672489
ETag: W/"d89453438fbf10dcf4c13265c40d5160"
Vary: Accept-Encoding
X-Cache: Hit from cloudfront
Content-Type: application/javascript
Via: 1.1 83f1b8f73f37458f38e2ee1fc0b9e68c.cloudfront.net (CloudFront)
Cache-Control: max-age=26920000
Transfer-Encoding: chunked
X-Amz-Cf-Pop: FRA56-P2
X-Amz-Cf-Id: Kx4cNsBNgpOG7cq9b-u1EDHY7mTLX4X0amcebEQlLfyqVOtcmSdnBQ==

GET
H2 200 beacon.js Show response
sb.scorecardresearch.com/ 1 KB
1 KB 41ms
12ms Script
application/javascript 108.157.4.80
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://sb.scorecardresearch.com/beacon.js
Requested by: Host: www.upmedia.mg
URL: https://www.upmedia.mg/news_info.php?SerialNo=61811&Type=12
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.157.4.80 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-157-4-80.dus51.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: a256529bd5b1b8846f8d2536ce7581fb6cea4479992f222d01535903dff48d79

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.upmedia.mg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 07 Feb 2022 04:14:45 GMT
content-encoding: gzip
etag: W/"1827f116c73f319409b97f10b8a58ade"
last-modified: Fri, 26 Feb 2021 14:35:05 GMT
server: AmazonS3
age: 12052
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 ba922c695b86542cbfc03c782d8776d4.cloudfront.net (CloudFront)
x-amz-cf-pop: DUS51-P2
x-amz-cf-id: lcfqoz6THLar1BvVfjjw79ntMXC_YcCqrxbQ-pEwhTnlDDRch5geWw==

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 240 KB
64 KB 46ms
15ms Script
application/javascript 2a00:1450:4001:831::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-W9F4QDN&timestamp=1644219335431

Requested by

Host: www.upmedia.mg
URL: https://www.upmedia.mg/news_info.php?SerialNo=61811&Type=12

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

f1c2df328b04c0db753d3f12631a5f032c7475f69daafe966392c70ee078e39d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.upmedia.mg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 07 Feb 2022 07:35:35 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 64863
x-xss-protection: 0
last-modified: Mon, 07 Feb 2022 06:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Mon, 07 Feb 2022 07:35:35 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 111 KB
40 KB 48ms
18ms Script
application/javascript 2a00:1450:4001:831::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-MKB8VFG&timestamp=1644219335431

Requested by

Host: www.upmedia.mg
URL: https://www.upmedia.mg/news_info.php?SerialNo=61811&Type=12

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

1d21c2081bffbbc75c4bbd7a0dfadd849be0b37ab0069baae002446d04d16edf

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.upmedia.mg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 07 Feb 2022 07:35:35 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 40859
x-xss-protection: 0
last-modified: Mon, 07 Feb 2022 06:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Mon, 07 Feb 2022 07:35:35 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 73 KB
29 KB 65ms
34ms Script
application/javascript 2a00:1450:4001:831::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-WKTGTGG

Requested by

Host: www.upmedia.mg
URL: https://www.upmedia.mg/news_info.php?SerialNo=61811&Type=12

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

9f5ddf54b7227d86964934f2780bfd89f8ad61b282d9807d96d54617383be52d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.upmedia.mg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 07 Feb 2022 07:35:35 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 29613
x-xss-protection: 0
last-modified: Mon, 07 Feb 2022 06:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Mon, 07 Feb 2022 07:35:35 GMT

GET
H2 200 pvmax.js Show response
api.pvmax.net/v1.0/ 77 KB
25 KB 86ms
28ms Script
application/javascript 2606:4700:10::6816:4a44
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://api.pvmax.net/v1.0/pvmax.js
Requested by: Host: www.upmedia.mg
URL: https://www.upmedia.mg/news_info.php?SerialNo=61811&Type=12
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:4a44 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: fa70ba5d38e5e05f0befc6a7e1b3e6c790d5c402cfe43677547c712a092bf864

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.upmedia.mg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 07 Feb 2022 07:35:35 GMT
content-encoding: gzip
cf-cache-status: HIT
x-goog-meta-goog-reserved-file-mtime: 1608105949
age: 779
cf-polished: origSize=79048
x-guploader-uploadid: ABg5-UzViWRI3QoZZ5sVXuHD3dUasgoFpAGgdoSf2RCcUXk1D_sxM5kv2dRsoPrvAuN-vGKL4uFqloWUXXK-CsiRTw
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
content-type: application/javascript
expires: Mon, 07 Feb 2022 07:49:47 GMT
last-modified: Wed, 16 Dec 2020 08:05:56 GMT
server: cloudflare
etag: W/"b9b7aef9f8d3775ac5c77a0700706f3e"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-goog-hash: crc32c=D+80vg==, md5=ubeu+fjTd1rFx3oHAHBvPg==
x-goog-generation: 1608105956342227
access-control-allow-origin: *
access-control-expose-headers: Content-Type
cache-control: public, max-age=3600
x-goog-stored-content-length: 79048
cf-ray: 6d9af13f08ce3752-MXP
cf-bgj: minify

GET
H2 200 sdk.js Show response
connect.facebook.net/zh_TW/ 3 KB
2 KB 32ms
11ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/zh_TW/sdk.js

Requested by

Host: www.upmedia.mg
URL: https://www.upmedia.mg/news_info.php?SerialNo=61811&Type=12

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

ce7e5db9f00c0c970069c4d160e5527174f843f9eec79676c505953e5b4718bf

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.upmedia.mg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
content-md5: tsIwUTNGR0ocEOGS6PIhAg==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
expires: Mon, 07 Feb 2022 07:53:12 GMT
alt-svc: h3=":443"; ma=3600,h3-29=":443"; ma=3600
content-length: 1686
x-fb-rlafr: 0
x-fb-debug: 3FD01KyHUFdPtp2A9qHcLjpsLH0KYJd3CEhmiRJWixoxdpmSJU8IcXadUNC0hY26yX5MTL8m2I4kvRdwYix2EA==
x-fb-trip-id: 686109401
x-fb-content-md5: 1b6376b598a7f034ba28864bd64bc5ee
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
date: Mon, 07 Feb 2022 07:35:35 GMT
x-frame-options: DENY
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public,max-age=1200,stale-while-revalidate=3600
etag: "c776dc953afc8b6f081632713f548c7b"
timing-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5

GET
H2 404 bg_dragonboat_pc.jpg
www.upmedia.mg/css/images/ 196 B
196 B 478ms
477ms Image
text/html 192.124.249.65
SUCURI-SEC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.upmedia.mg/css/images/bg_dragonboat_pc.jpg

Requested by

Host: www.upmedia.mg
URL: https://www.upmedia.mg/css/style-new-v4.min.css

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.65 Menifee, United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10065.sucuri.net

Software

nginx /

Resource Hash

80c3fe2ae1062abf56456f52518bd670f9ec3917b7f85e152b347ac6b6faf880

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.upmedia.mg/css/style-new-v4.min.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 07 Feb 2022 07:35:35 GMT
x-content-type-options: nosniff
server: nginx
x-frame-options: SAMEORIGIN
content-type: text/html; charset=iso-8859-1
x-sucuri-cache: EXPIRED
x-sucuri-id: 15015
content-security-policy: upgrade-insecure-requests;
content-length: 196
x-xss-protection: 1; mode=block

GET
H2 200 mail.png
www.upmedia.mg/images/ 3 KB
3 KB 17ms
15ms Image
image/png 192.124.249.65
SUCURI-SEC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.upmedia.mg/images/mail.png

Requested by

Host: www.upmedia.mg
URL: https://www.upmedia.mg/css/style-new-v4.min.css

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.65 Menifee, United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10065.sucuri.net

Software

nginx /

Resource Hash

7f523921b7e888f3e482e56d75c93f14b76dd9a20decf4b8f37d2a9542abb5cb

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.upmedia.mg/css/style-new-v4.min.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 07 Feb 2022 07:35:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-sucuri-cache: HIT
content-length: 3172
x-xss-protection: 1; mode=block
last-modified: Mon, 22 May 2017 06:44:36 GMT
server: nginx
x-frame-options: SAMEORIGIN
etag: "c36-550173454dd00-gzip"
vary: Accept-Encoding
content-type: image/png
cache-control: max-age=315360000
x-sucuri-id: 15015
content-security-policy: upgrade-insecure-requests;
accept-ranges: bytes
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 social2.png
www.upmedia.mg/images/ 4 KB
4 KB 20ms
17ms Image
image/png 192.124.249.65
SUCURI-SEC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.upmedia.mg/images/social2.png

Requested by

Host: www.upmedia.mg
URL: https://www.upmedia.mg/css/style-new-v4.min.css

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.65 Menifee, United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10065.sucuri.net

Software

nginx /

Resource Hash

3c0f5260093d770d9f37b112bc019f2f9e71984903ab4b11ba27890e9019e2b3

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.upmedia.mg/css/style-new-v4.min.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 07 Feb 2022 07:35:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-sucuri-cache: HIT
content-length: 4024
x-xss-protection: 1; mode=block
last-modified: Tue, 25 Sep 2018 03:13:31 GMT
server: nginx
x-frame-options: SAMEORIGIN
etag: "f94-576a97d856cc0-gzip"
vary: Accept-Encoding
content-type: image/png
cache-control: max-age=315360000
x-sucuri-id: 15015
content-security-policy: upgrade-insecure-requests;
accept-ranges: bytes
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 logonew.png
www.upmedia.mg/images/ 22 KB
8 KB 22ms
20ms Image
image/png 192.124.249.65
SUCURI-SEC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.upmedia.mg/images/logonew.png

Requested by

Host: www.upmedia.mg
URL: https://www.upmedia.mg/news_info.php?SerialNo=61811&Type=12

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.65 Menifee, United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10065.sucuri.net

Software

nginx /

Resource Hash

523a5fb369d89cf63830b479941136c43333a1b5de77501e936efe6a7b4761ef

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.upmedia.mg/news_info.php?SerialNo=61811&Type=12
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 07 Feb 2022 07:35:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-sucuri-cache: HIT
content-length: 8249
x-xss-protection: 1; mode=block
last-modified: Tue, 20 Aug 2019 03:19:51 GMT
server: nginx
x-frame-options: SAMEORIGIN
etag: "5698-59083edf623c0-gzip"
vary: Accept-Encoding
content-type: image/png
cache-control: max-age=315360000
x-sucuri-id: 15015
content-security-policy: upgrade-insecure-requests;
accept-ranges: bytes
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 search.png
www.upmedia.mg/images/ 3 KB
4 KB 23ms
22ms Image
image/png 192.124.249.65
SUCURI-SEC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.upmedia.mg/images/search.png

Requested by

Host: www.upmedia.mg
URL: https://www.upmedia.mg/css/style-new-v4.min.css

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.65 Menifee, United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10065.sucuri.net

Software

nginx /

Resource Hash

192742672a5a9bb357b5b6d1d8a850e838634ac7ce9f5647472a74cc9ac0b759

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.upmedia.mg/css/style-new-v4.min.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 07 Feb 2022 07:35:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-sucuri-cache: HIT
content-length: 3231
x-xss-protection: 1; mode=block
last-modified: Mon, 22 May 2017 06:44:36 GMT
server: nginx
x-frame-options: SAMEORIGIN
etag: "c73-550173454dd00-gzip"
vary: Accept-Encoding
content-type: image/png
cache-control: max-age=315360000
x-sucuri-id: 15015
content-security-policy: upgrade-insecure-requests;
accept-ranges: bytes
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 gh190422235036433342.png
www.upmedia.mg/upload/content/20190422/ 260 KB
250 KB 521ms
517ms Image
image/png 192.124.249.65
SUCURI-SEC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.upmedia.mg/upload/content/20190422/gh190422235036433342.png

Requested by

Host: www.upmedia.mg
URL: https://www.upmedia.mg/news_info.php?SerialNo=61811&Type=12

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.65 Menifee, United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10065.sucuri.net

Software

nginx /

Resource Hash

284420fd70bbf14ac974f7500fc85d2f82bd1bba50f9d122a910261fda74d0bb

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.upmedia.mg/news_info.php?SerialNo=61811&Type=12
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 07 Feb 2022 07:35:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 22 Apr 2019 15:50:36 GMT
server: nginx
etag: "40fed-587206dec9630-gzip"
x-frame-options: SAMEORIGIN
content-type: image/png
x-sucuri-cache: MISS
cache-control: max-age=315360000
x-sucuri-id: 15015
content-security-policy: upgrade-insecure-requests;
vary: Accept-Encoding
x-xss-protection: 1; mode=block
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 fA190422235048778588.png
www.upmedia.mg/upload/content/20190422/ 77 KB
74 KB 511ms
506ms Image
image/png 192.124.249.65
SUCURI-SEC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.upmedia.mg/upload/content/20190422/fA190422235048778588.png

Requested by

Host: www.upmedia.mg
URL: https://www.upmedia.mg/news_info.php?SerialNo=61811&Type=12

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.65 Menifee, United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10065.sucuri.net

Software

nginx /

Resource Hash

afb98097980721208768ce622a4e9cafbce2e73547eec2b42c5308b1f3d5f884

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.upmedia.mg/news_info.php?SerialNo=61811&Type=12
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 07 Feb 2022 07:35:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 22 Apr 2019 15:50:48 GMT
server: nginx
etag: "135db-587206ea8e538-gzip"
x-frame-options: SAMEORIGIN
content-type: image/png
x-sucuri-cache: MISS
cache-control: max-age=315360000
x-sucuri-id: 15015
content-security-policy: upgrade-insecure-requests;
vary: Accept-Encoding
x-xss-protection: 1; mode=block
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 hj190422235813493468.jpg
www.upmedia.mg/upload/content/20190422/ 111 KB
103 KB 502ms
498ms Image
image/jpeg 192.124.249.65
SUCURI-SEC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.upmedia.mg/upload/content/20190422/hj190422235813493468.jpg

Requested by

Host: www.upmedia.mg
URL: https://www.upmedia.mg/news_info.php?SerialNo=61811&Type=12

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.65 Menifee, United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10065.sucuri.net

Software

nginx /

Resource Hash

65afaea4082ad768c0ed8556a78d1a2e3f9d555b7f599ff9680da3fc2dd2e11d

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.upmedia.mg/news_info.php?SerialNo=61811&Type=12
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 07 Feb 2022 07:35:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 22 Apr 2019 15:58:13 GMT
server: nginx
etag: "1bde7-58720892b8050-gzip"
x-frame-options: SAMEORIGIN
content-type: image/jpeg
x-sucuri-cache: MISS
cache-control: max-age=315360000
x-sucuri-id: 15015
content-security-policy: upgrade-insecure-requests;
vary: Accept-Encoding
x-xss-protection: 1; mode=block
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 bb190422235559578719.png
www.upmedia.mg/upload/content/20190422/ 18 KB
18 KB 496ms
493ms Image
image/png 192.124.249.65
SUCURI-SEC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.upmedia.mg/upload/content/20190422/bb190422235559578719.png

Requested by

Host: www.upmedia.mg
URL: https://www.upmedia.mg/news_info.php?SerialNo=61811&Type=12

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.65 Menifee, United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10065.sucuri.net

Software

nginx /

Resource Hash

56194001dac6cb197d9bb1f8583c2959743d39e6b3aa12c7fbef3d7227912f8e

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.upmedia.mg/news_info.php?SerialNo=61811&Type=12
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 07 Feb 2022 07:35:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 22 Apr 2019 15:55:59 GMT
server: nginx
etag: "47b9-58720812f20f0-gzip"
x-frame-options: SAMEORIGIN
content-type: image/png
x-sucuri-cache: MISS
cache-control: max-age=315360000
x-sucuri-id: 15015
content-security-policy: upgrade-insecure-requests;
vary: Accept-Encoding
x-xss-protection: 1; mode=block
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 PO190422235617099473.png
www.upmedia.mg/upload/content/20190422/ 36 KB
35 KB 664ms
661ms Image
image/png 192.124.249.65
SUCURI-SEC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.upmedia.mg/upload/content/20190422/PO190422235617099473.png

Requested by

Host: www.upmedia.mg
URL: https://www.upmedia.mg/news_info.php?SerialNo=61811&Type=12

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.65 Menifee, United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10065.sucuri.net

Software

nginx /

Resource Hash

82a463a0caf7fe5469197d58dc03113d5bebaecbaf858c0355958ae47f71bd26

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.upmedia.mg/news_info.php?SerialNo=61811&Type=12
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 07 Feb 2022 07:35:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 22 Apr 2019 15:56:17 GMT
server: nginx
etag: "8efe-58720823a95b0-gzip"
x-frame-options: SAMEORIGIN
content-type: image/png
x-sucuri-cache: MISS
cache-control: max-age=315360000
x-sucuri-id: 15015
content-security-policy: upgrade-insecure-requests;
vary: Accept-Encoding
x-xss-protection: 1; mode=block
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 5099.js Show response
go.trvdp.com/init/ 23 KB
23 KB 67ms
15ms Script
binary/octet-stream 2600:9000:223f:400:3:7e1c:5b40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://go.trvdp.com/init/5099.js?pid=2250
Requested by: Host: www.upmedia.mg
URL: https://www.upmedia.mg/news_info.php?SerialNo=61811&Type=12
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223f:400:3:7e1c:5b40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 0a4f6bbc3f8a2317741fac36da2b33069fd36fc14574f1badad32fb276f442c4

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.upmedia.mg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 30 Dec 2021 09:57:33 GMT
via: 1.1 604f8ac78ed3ba5235c1a14794f2ac64.cloudfront.net (CloudFront)
last-modified: Tue, 19 Jan 2021 13:40:20 GMT
server: AmazonS3
age: 3361083
etag: "4d0e7fd42182c4b0ee6c8ef1c665c1f9"
x-cache: Hit from cloudfront
content-type: binary/octet-stream
x-amz-cf-pop: FRA56-P5
accept-ranges: bytes
content-length: 23347
x-amz-cf-id: z5lmDE3x7yFtD2DlycAqp8EDLso9_XNqlLWSbepskJmfRn3rYe7GXQ==

GET
H2 200 20190423025438538734.jpg
www.upmedia.mg/upload/article/ 287 KB
288 KB 495ms
492ms Image
image/jpeg 192.124.249.65
SUCURI-SEC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.upmedia.mg/upload/article/20190423025438538734.jpg

Requested by

Host: www.upmedia.mg
URL: https://www.upmedia.mg/news_info.php?SerialNo=61811&Type=12

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.65 Menifee, United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10065.sucuri.net

Software

nginx /

Resource Hash

dcd89d1c043925d2a95d045bbe68dccdfbbe4c1507f4d16b8ec798c13ade4862

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.upmedia.mg/news_info.php?SerialNo=61811&Type=12
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 07 Feb 2022 07:35:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 22 Apr 2019 18:54:38 GMT
server: nginx
etag: "47b0c-587230017a908-gzip"
x-frame-options: SAMEORIGIN
content-type: image/jpeg
x-sucuri-cache: MISS
cache-control: max-age=315360000
x-sucuri-id: 15015
content-security-policy: upgrade-insecure-requests;
vary: Accept-Encoding
x-xss-protection: 1; mode=block
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 20190423031232126026.jpg
www.upmedia.mg/upload/article/ 252 KB
251 KB 770ms
767ms Image
image/jpeg 192.124.249.65
SUCURI-SEC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.upmedia.mg/upload/article/20190423031232126026.jpg

Requested by

Host: www.upmedia.mg
URL: https://www.upmedia.mg/news_info.php?SerialNo=61811&Type=12

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.65 Menifee, United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10065.sucuri.net

Software

nginx /

Resource Hash

98611fb5fb431ae9e99a4a7874cb10a31a77e7203d94fa89322dab12b2d97c66

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.upmedia.mg/news_info.php?SerialNo=61811&Type=12
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 07 Feb 2022 07:35:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 22 Apr 2019 19:12:32 GMT
server: nginx
etag: "3f00e-587234014f650-gzip"
x-frame-options: SAMEORIGIN
content-type: image/jpeg
x-sucuri-cache: MISS
cache-control: max-age=315360000
x-sucuri-id: 15015
content-security-policy: upgrade-insecure-requests;
vary: Accept-Encoding
x-xss-protection: 1; mode=block
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 20220207153047263680.jpg
www.upmedia.mg/upload/article/ 275 KB
266 KB 494ms
491ms Image
image/jpeg 192.124.249.65
SUCURI-SEC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.upmedia.mg/upload/article/20220207153047263680.jpg

Requested by

Host: www.upmedia.mg
URL: https://www.upmedia.mg/news_info.php?SerialNo=61811&Type=12

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.65 Menifee, United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10065.sucuri.net

Software

nginx /

Resource Hash

7ea8a16a61f5625dd76ee52847e1510a60a5b2ca99bcc3083503e298f1614bac

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.upmedia.mg/news_info.php?SerialNo=61811&Type=12
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 07 Feb 2022 07:35:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-sucuri-cache: MISS
x-xss-protection: 1; mode=block
last-modified: Mon, 07 Feb 2022 07:30:47 GMT
server: nginx
x-frame-options: SAMEORIGIN
etag: "44cb5-5d768944060f8-gzip"
vary: Accept-Encoding
content-type: image/jpeg
cache-control: max-age=315360000
x-sucuri-id: 15015
content-security-policy: upgrade-insecure-requests;
accept-ranges: bytes
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 20220115144048330565.jpg
www.upmedia.mg/upload/article/ 250 KB
241 KB 26ms
24ms Image
image/jpeg 192.124.249.65
SUCURI-SEC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.upmedia.mg/upload/article/20220115144048330565.jpg

Requested by

Host: www.upmedia.mg
URL: https://www.upmedia.mg/news_info.php?SerialNo=61811&Type=12

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.65 Menifee, United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10065.sucuri.net

Software

nginx /

Resource Hash

c67f5533a52e08a12f9d0bcd325818bc0edc0646afdc68ee1b655375432ab6b1

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.upmedia.mg/news_info.php?SerialNo=61811&Type=12
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 07 Feb 2022 07:35:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Sat, 15 Jan 2022 06:40:48 GMT
server: nginx
etag: "3e9ca-5d59933262a08-gzip"
x-frame-options: SAMEORIGIN
content-type: image/jpeg
x-sucuri-cache: HIT
cache-control: max-age=315360000
x-sucuri-id: 15015
content-security-policy: upgrade-insecure-requests;
vary: Accept-Encoding
x-xss-protection: 1; mode=block
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 20220207153520677331.jpg
www.upmedia.mg/upload/article/ 326 KB
316 KB 507ms
505ms Image
image/jpeg 192.124.249.65
SUCURI-SEC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.upmedia.mg/upload/article/20220207153520677331.jpg

Requested by

Host: www.upmedia.mg
URL: https://www.upmedia.mg/news_info.php?SerialNo=61811&Type=12

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.65 Menifee, United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10065.sucuri.net

Software

nginx /

Resource Hash

c76cec18a32b6e1b3beb109e20039399f107af3caa981e4cdc2b6d6ac2cf7d6c

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.upmedia.mg/news_info.php?SerialNo=61811&Type=12
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 07 Feb 2022 07:35:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-sucuri-cache: MISS
x-xss-protection: 1; mode=block
last-modified: Mon, 07 Feb 2022 07:35:20 GMT
server: nginx
x-frame-options: SAMEORIGIN
etag: "51940-5d768a48c5868-gzip"
vary: Accept-Encoding
content-type: image/jpeg
cache-control: max-age=315360000
x-sucuri-id: 15015
content-security-policy: upgrade-insecure-requests;
accept-ranges: bytes
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 20220207100325848268.jpg
www.upmedia.mg/upload/article/ 292 KB
281 KB 43ms
41ms Image
image/jpeg 192.124.249.65
SUCURI-SEC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.upmedia.mg/upload/article/20220207100325848268.jpg

Requested by

Host: www.upmedia.mg
URL: https://www.upmedia.mg/news_info.php?SerialNo=61811&Type=12

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.65 Menifee, United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10065.sucuri.net

Software

nginx /

Resource Hash

fe3b65a64c2e2749b48987bc14fe3c15a89a9fa5dc98cf1b2ca63e245e631178

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.upmedia.mg/news_info.php?SerialNo=61811&Type=12
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 07 Feb 2022 07:35:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 07 Feb 2022 02:03:25 GMT
server: nginx
etag: "4914d-5d7640187be40-gzip"
x-frame-options: SAMEORIGIN
content-type: image/jpeg
x-sucuri-cache: HIT
cache-control: max-age=315360000
x-sucuri-id: 15015
content-security-policy: upgrade-insecure-requests;
vary: Accept-Encoding
x-xss-protection: 1; mode=block
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 20220123152253889289.jpg
www.upmedia.mg/upload/article/ 263 KB
255 KB 44ms
42ms Image
image/jpeg 192.124.249.65
SUCURI-SEC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.upmedia.mg/upload/article/20220123152253889289.jpg

Requested by

Host: www.upmedia.mg
URL: https://www.upmedia.mg/news_info.php?SerialNo=61811&Type=12

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.65 Menifee, United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10065.sucuri.net

Software

nginx /

Resource Hash

e98570a175218d747c7a1bb83fb065c6bd93ab57ae63cb08bd445501a82e4d10

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.upmedia.mg/news_info.php?SerialNo=61811&Type=12
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 07 Feb 2022 07:35:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Sun, 23 Jan 2022 07:22:54 GMT
server: nginx
etag: "41d2c-5d63ab86aea18-gzip"
x-frame-options: SAMEORIGIN
content-type: image/jpeg
x-sucuri-cache: HIT
cache-control: max-age=315360000
x-sucuri-id: 15015
content-security-policy: upgrade-insecure-requests;
vary: Accept-Encoding
x-xss-protection: 1; mode=block
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 20220205112720028330.jpg
www.upmedia.mg/upload/article/ 205 KB
196 KB 44ms
42ms Image
image/jpeg 192.124.249.65
SUCURI-SEC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.upmedia.mg/upload/article/20220205112720028330.jpg

Requested by

Host: www.upmedia.mg
URL: https://www.upmedia.mg/news_info.php?SerialNo=61811&Type=12

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.65 Menifee, United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10065.sucuri.net

Software

nginx /

Resource Hash

cec6b6ad4d53f4c3390739f35ce07346303e7113b724fc8a3cae4a7efe3a1e67

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.upmedia.mg/news_info.php?SerialNo=61811&Type=12
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 07 Feb 2022 07:35:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Sat, 05 Feb 2022 03:27:20 GMT
server: nginx
etag: "3346c-5d73cf1e8c618-gzip"
x-frame-options: SAMEORIGIN
content-type: image/jpeg
x-sucuri-cache: HIT
cache-control: max-age=315360000
x-sucuri-id: 15015
content-security-policy: upgrade-insecure-requests;
vary: Accept-Encoding
x-xss-protection: 1; mode=block
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 jquery.min.js Show response
www.upmedia.mg/js/ 90 KB
40 KB 44ms
42ms Script
application/javascript 192.124.249.65
SUCURI-SEC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.upmedia.mg/js/jquery.min.js

Requested by

Host: www.upmedia.mg
URL: https://www.upmedia.mg/news_info.php?SerialNo=61811&Type=12

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.65 Menifee, United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10065.sucuri.net

Software

nginx /

Resource Hash

c12f6098e641aaca96c60215800f18f5671039aecf812217fab3c0d152f6adb4

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.upmedia.mg/news_info.php?SerialNo=61811&Type=12
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 07 Feb 2022 07:35:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Sat, 27 Jul 2019 10:35:52 GMT
server: nginx
etag: "169d5-58ea739165200-gzip"
x-frame-options: SAMEORIGIN
content-type: application/javascript
x-sucuri-cache: HIT
cache-control: max-age=315360000
x-sucuri-id: 15015
content-security-policy: upgrade-insecure-requests;
vary: Accept-Encoding
x-xss-protection: 1; mode=block
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 owl.carousel.min.js Show response
www.upmedia.mg/js/ 22 KB
8 KB 44ms
42ms Script
application/javascript 192.124.249.65
SUCURI-SEC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.upmedia.mg/js/owl.carousel.min.js

Requested by

Host: www.upmedia.mg
URL: https://www.upmedia.mg/news_info.php?SerialNo=61811&Type=12

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.65 Menifee, United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10065.sucuri.net

Software

nginx /

Resource Hash

970039be8affcc2a4784a06e910565bd7511b6743376371298fd01b91e417223

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.upmedia.mg/news_info.php?SerialNo=61811&Type=12
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 07 Feb 2022 07:35:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-sucuri-cache: HIT
content-length: 7980
x-xss-protection: 1; mode=block
last-modified: Fri, 17 Jan 2020 07:38:50 GMT
server: nginx
x-frame-options: SAMEORIGIN
etag: "5984-59c510864fb68-gzip"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=315360000
x-sucuri-id: 15015
content-security-policy: upgrade-insecure-requests;
accept-ranges: bytes
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 jquery.modal.js Show response
www.upmedia.mg/jquery-modal/ 8 KB
3 KB 44ms
42ms Script
application/javascript 192.124.249.65
SUCURI-SEC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.upmedia.mg/jquery-modal/jquery.modal.js

Requested by

Host: www.upmedia.mg
URL: https://www.upmedia.mg/news_info.php?SerialNo=61811&Type=12

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.65 Menifee, United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10065.sucuri.net

Software

nginx /

Resource Hash

5e7df6c60a179d2271ef21754dcd1616423c59bba9164972968ac72c17aed020

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.upmedia.mg/news_info.php?SerialNo=61811&Type=12
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 07 Feb 2022 07:35:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-sucuri-cache: HIT
content-length: 2739
x-xss-protection: 1; mode=block
last-modified: Wed, 04 Dec 2019 02:36:26 GMT
server: nginx
x-frame-options: SAMEORIGIN
etag: "1ef9-598d7ade03198-gzip"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=315360000
x-sucuri-id: 15015
content-security-policy: upgrade-insecure-requests;
accept-ranges: bytes
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 font-awesome.min.css
cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/ 30 KB
6 KB 79ms
32ms Stylesheet
text/css 2606:4700::6810:135e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/font-awesome.min.css

Requested by

Host: www.upmedia.mg
URL: https://www.upmedia.mg/news_info.php?SerialNo=61811&Type=12

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:135e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.upmedia.mg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 07 Feb 2022 07:35:35 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 303092
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 5631
timing-allow-origin: *
last-modified: Mon, 04 May 2020 16:10:07 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03e5f-7918"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TnmYx4%2FYub6XsSZnBQ5ZWaRFi%2F%2FZHG2seNfKaeN97BToUZB4JMGk52GbQ%2FKA6ybe6JCikf1fFG%2FvVzrIUfgVVJ9fhwFyWavT2q5kGPnJUKJ%2FJxgFFCZ1auL9RYpp5rqyaHg%2BUOwpYbYArmJmDYyOp3Dk"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 6d9af13f78035a19-MXP
expires: Sat, 28 Jan 2023 07:35:35 GMT

GET
H2 200 script.js Show response
www.upmedia.mg/js/ 3 KB
2 KB 44ms
43ms Script
application/javascript 192.124.249.65
SUCURI-SEC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.upmedia.mg/js/script.js

Requested by

Host: www.upmedia.mg
URL: https://www.upmedia.mg/news_info.php?SerialNo=61811&Type=12

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.65 Menifee, United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10065.sucuri.net

Software

nginx /

Resource Hash

dfd68e03d7b553507febb49143ed808b0cb300d962a6203781b4735a678dcef2

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.upmedia.mg/news_info.php?SerialNo=61811&Type=12
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 07 Feb 2022 07:35:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-sucuri-cache: HIT
content-length: 1180
x-xss-protection: 1; mode=block
last-modified: Sat, 27 Jul 2019 13:50:56 GMT
server: nginx
x-frame-options: SAMEORIGIN
etag: "c75-58ea9f2b33000-gzip"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=315360000
x-sucuri-id: 15015
content-security-policy: upgrade-insecure-requests;
accept-ranges: bytes
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK widgets.js Show response
platform.twitter.com/ 96 KB
29 KB 188ms
47ms Script
application/javascript 2606:2800:234:59:254c:406:2366:268c
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/widgets.js
Requested by: Host: www.upmedia.mg
URL: https://www.upmedia.mg/news_info.php?SerialNo=61811&Type=12
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (mil/6CE4) /
Resource Hash: 1f5a3cbf19a41df9f5e59f05ac4c668b3caa896cb3c2e5c96f7addf4f6a96479

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.upmedia.mg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Mon, 07 Feb 2022 07:35:35 GMT
Content-Encoding: gzip
Age: 1061
X-Cache: HIT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server-Timing: "x-cache;desc= HIT,x-tw-cdn;desc=",edge;dur=1
Content-Length: 29179
x-tw-cdn: VZ
Last-Modified: Tue, 01 Feb 2022 20:03:56 GMT
Server: ECS (mil/6CE4)
Etag: "94840c3a0697481258cd2b28513e7509+gzip"
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET
Content-Type: application/javascript; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=1800

GET
H2 200 ic_um_like.png
www.upmedia.mg/images/ 222 B
561 B 42ms
42ms Image
image/png 192.124.249.65
SUCURI-SEC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.upmedia.mg/images/ic_um_like.png

Requested by

Host: www.upmedia.mg
URL: https://www.upmedia.mg/css/style-new-v4.min.css

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.65 Menifee, United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10065.sucuri.net

Software

nginx /

Resource Hash

4c66cf58bddf9101dd5e3d83235728a64c8e7ef7032c4bcbbcc91b8aa7dcac18

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.upmedia.mg/css/style-new-v4.min.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 07 Feb 2022 07:35:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-sucuri-cache: HIT
content-length: 193
x-xss-protection: 1; mode=block
last-modified: Thu, 26 Apr 2018 09:13:13 GMT
server: nginx
x-frame-options: SAMEORIGIN
etag: "de-56abccc079c40-gzip"
vary: Accept-Encoding
content-type: image/png
cache-control: max-age=315360000
x-sucuri-id: 15015
content-security-policy: upgrade-insecure-requests;
accept-ranges: bytes
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 social.png
www.upmedia.mg/images/ 5 KB
5 KB 42ms
42ms Image
image/png 192.124.249.65
SUCURI-SEC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.upmedia.mg/images/social.png

Requested by

Host: www.upmedia.mg
URL: https://www.upmedia.mg/css/style-new-v4.min.css

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.65 Menifee, United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10065.sucuri.net

Software

nginx /

Resource Hash

a30b2e4dc3ebbd7beac019d3b53cc44239304f0c1b1a1f501298385ad340cc0c

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.upmedia.mg/css/style-new-v4.min.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 07 Feb 2022 07:35:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-sucuri-cache: HIT
content-length: 5233
x-xss-protection: 1; mode=block
last-modified: Mon, 22 May 2017 06:44:36 GMT
server: nginx
x-frame-options: SAMEORIGIN
etag: "146a-550173454dd00-gzip"
vary: Accept-Encoding
content-type: image/png
cache-control: max-age=315360000
x-sucuri-id: 15015
content-security-policy: upgrade-insecure-requests;
accept-ranges: bytes
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 pubads_impl_2022020101.js Show response
securepubads.g.doubleclick.net/gpt/ 351 KB
119 KB 14ms
12ms Script
text/javascript 142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022020101.js

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

sffe /

Resource Hash

b1ad18d59a923a30397279d4545c15ae7088bb6e70f37b6468b890fc4cfee8ba

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.upmedia.mg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 07 Feb 2022 04:18:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 11827
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 121756
x-xss-protection: 0
last-modified: Tue, 01 Feb 2022 09:38:49 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Tue, 07 Feb 2023 04:18:28 GMT

GET
H3 200 ppub_config Show response
securepubads.g.doubleclick.net/pagead/ 323 B
184 B 50ms
25ms XHR
application/json 142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=www.upmedia.mg

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

cafe /

Resource Hash

35f4192951a6c9536f165e7e3572304b0fda4d2e7cf33bb5001ac096896c36d6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.upmedia.mg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 07 Feb 2022 07:35:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 159
x-xss-protection: 0
expires: Mon, 07 Feb 2022 07:35:35 GMT

GET
H2 200 jquery-3.2.1.min.js Show response
code.jquery.com/ 85 KB
30 KB 65ms
18ms Script
application/javascript 2001:4de0:ac18::1:a:2a
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL: https://code.jquery.com/jquery-3.2.1.min.js
Requested by: Host: rtbcdn.andbeyond.media
URL: https://rtbcdn.andbeyond.media/prod-global-551817.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4de0:ac18::1:a:2a , Netherlands, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software: nginx /
Resource Hash: 87083882cc6015984eb0411a99d3981817f5dc5c90ba24f0940420c5548d82de

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.upmedia.mg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 07 Feb 2022 07:35:35 GMT
content-encoding: gzip
last-modified: Fri, 20 Aug 2021 17:47:53 GMT
server: nginx
etag: W/"611feac9-15283"
vary: Accept-Encoding
x-hw: 1644219335.dop212.ml1.t,1644219335.cds212.ml1.hn,1644219335.cds202.ml1.c
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=315360000, public
accept-ranges: bytes
content-length: 30125

GET
H/1.1 200
OK passback-without-url-jan.js Show response
rtbpass-us.andbeyond.media/ 398 KB
126 KB 78ms
8ms Script
application/javascript 69.16.175.42
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL: https://rtbpass-us.andbeyond.media/passback-without-url-jan.js
Requested by: Host: rtbcdn.andbeyond.media
URL: https://rtbcdn.andbeyond.media/prod-global-551817.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 69.16.175.42 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS: tlb.hwcdn.net
Software: AmazonS3 /
Resource Hash: 45161f4b388b7f8047e0fb82dd210e670b93161a18b07b61ed3604de212d9063

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.upmedia.mg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Mon, 07 Feb 2022 07:35:35 GMT
Content-Encoding: gzip
Last-Modified: Fri, 17 Sep 2021 17:31:00 GMT
Server: AmazonS3
x-amz-request-id: Q0X2KFJFHWPZQXEK
ETag: "2c4e5b969f8407ca3b285b70b8a88e27"
X-HW: 1644219335.dop131.fr8.t,1644219335.cds002.fr8.shn,1644219335.cds002.fr8.c
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Cache-Control: max-age=19216579
Connection: Keep-Alive
Accept-Ranges: bytes
Content-Length: 128489
x-amz-id-2: EbQ1n7hNaTmLqE/9EBAa8gpmJ71e36bHG/h1TVpxNfHf/cr7Z/XdbXT18ocT49j9dH+bYTO4WAw=

GET
H3 200 show_ads_impl_with_ama_fy2019.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202202010101/ 286 KB
103 KB 54ms
33ms Script
text/javascript 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202202010101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-1320194567067211&plah=www.upmedia.mg

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-1320194567067211

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

936a96afcde77875ce1b932be875ad57396d7b54dafdc05a190c994d14112630

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.upmedia.mg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 07 Feb 2022 07:35:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 105569
x-xss-protection: 0
server: cafe
etag: 737233414951617841
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Mon, 07 Feb 2022 07:35:35 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20220201/r20190131/ Frame BDA1 10 KB
5 KB 34ms
7ms Document
text/html 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20220201/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-1320194567067211

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a575e2f63d79cdaf5a92b4453bfcaadb462119aa1216b4f28920e37e2d9b8e7b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.upmedia.mg/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 4612
x-xss-protection: 0
date: Sun, 06 Feb 2022 16:33:14 GMT
expires: Sun, 20 Feb 2022 16:33:14 GMT
cache-control: public, max-age=1209600
age: 54141
etag: 18247940800414524076
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H/1.1 200
OK atrk.gif
certify.alexametrics.com/ 43 B
552 B 27ms
6ms Image
image/gif 13.32.99.94
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://certify.alexametrics.com/atrk.gif?frame_height=1200&frame_width=1600&iframe=0&title=%E3%80%8CB%E7%AB%99%E3%80%8D%E5%85%A8%E7%AB%99%E5%8E%9F%E5%A7%8B%E7%A2%BC%E6%B4%A9%E6%BC%8F%E3%80%80%E5%8C%85%E5%AD%90%E5%B8%9D%E7%A6%81%E7%94%A8%E8%A9%9E%E3%80%81%E9%BB%91%E5%BF%83%E6%8A%BD%E7%8D%8E%E5%85%A7%E5%B9%95%E5%85%A8%E6%9B%9D%E5%85%89%20--%20%E4%B8%8A%E5%A0%B1%20%2F%20%E9%81%8A%E6%88%B2&time=1644219335667&time_zone_offset=0&screen_params=1600x1200x24&java_enabled=0&cookie_enabled=1&ref_url=&host_url=https%3A%2F%2Fwww.upmedia.mg%2Fnews_info.php%3FSerialNo%3D61811%26Type%3D12&random_number=16038492271&sess_cookie=1e713ca317ed31c03f3a9d5e1c6&sess_cookie_flag=1&user_cookie=1e713ca317ed31c03f3a9d5e1c6&user_cookie_flag=1&dynamic=true&domain=upmedia.mg&account=JI/1p1IWx810WR&jsv=20130128&user_lang=en-US
Requested by: Host: www.upmedia.mg
URL: https://www.upmedia.mg/news_info.php?SerialNo=61811&Type=12
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.99.94 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-99-94.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.upmedia.mg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Mon, 07 Feb 2022 04:13:31 GMT
Via: 1.1 8b889e35789d2b97f2ba8771acc9a008.cloudfront.net (CloudFront)
Last-Modified: Mon, 17 Jan 2011 20:41:40 GMT
Server: AmazonS3
Age: 12124
ETag: "221d8352905f2c38b3cb2bd191d630b0"
X-Cache: Hit from cloudfront
Content-Type: image/gif
Connection: keep-alive
Accept-Ranges: bytes
X-Amz-Cf-Pop: FRA60-P3
x-amz-meta-alexa-last-modified: 20110117123941
Content-Length: 43
X-Amz-Cf-Id: 8BdKBBd7V1AKR03-Cl2JLrx55tBgBwoC8y4y2z71i2Vs-3ni9iOa2A==

GET
H2 204 x.png
redirect.prod.experiment.routing.cloudfront.aws.a2z.com/ 0
48 B 477ms
159ms Image
text/plain 54.213.59.33
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://redirect.prod.experiment.routing.cloudfront.aws.a2z.com/x.png
Requested by: Host: www.upmedia.mg
URL: https://www.upmedia.mg/news_info.php?SerialNo=61811&Type=12
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.213.59.33 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-213-59-33.us-west-2.compute.amazonaws.com
Software: Server /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.upmedia.mg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 07 Feb 2022 07:35:36 GMT
server: Server

GET
H2

204

b2
sb.scorecardresearch.com/
Redirect Chain

https://sb.scorecardresearch.com/b?c1=2&c2=24610009&ns__t=1644219335670&ns_c=UTF-8&cv=3.5&c8=%E3%80%8CB%E7%AB%99%E3%80%8D%E5%85%A8%E7%AB%99%E5%8E%9F%E5%A7%8B%E7%A2%BC%E6%B4%A9%E6%BC%8F%E3%80%80%E5%...
https://sb.scorecardresearch.com/b2?c1=2&c2=24610009&ns__t=1644219335670&ns_c=UTF-8&cv=3.5&c8=%E3%80%8CB%E7%AB%99%E3%80%8D%E5%85%A8%E7%AB%99%E5%8E%9F%E5%A7%8B%E7%A2%BC%E6%B4%A9%E6%BC%8F%E3%80%80%E5...

0
224 B

14ms
14ms

Image
text/plain

108.157.4.80
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sb.scorecardresearch.com/b2?c1=2&c2=24610009&ns__t=1644219335670&ns_c=UTF-8&cv=3.5&c8=%E3%80%8CB%E7%AB%99%E3%80%8D%E5%85%A8%E7%AB%99%E5%8E%9F%E5%A7%8B%E7%A2%BC%E6%B4%A9%E6%BC%8F%E3%80%80%E5%8C%85%E5%AD%90%E5%B8%9D%E7%A6%81%E7%94%A8%E8%A9%9E%E3%80%81%E9%BB%91%E5%BF%83%E6%8A%BD%E7%8D%8E%E5%85%A7%E5%B9%95%E5%85%A8%E6%9B%9D%E5%85%89%20--%20%E4%B8%8A%E5%A0%B1%20%2F%20%E9%81%8A%E6%88%B2&c7=https%3A%2F%2Fwww.upmedia.mg%2Fnews_info.php%3FSerialNo%3D61811%26Type%3D12&c9=
Requested by: Host: www.upmedia.mg
URL: https://www.upmedia.mg/news_info.php?SerialNo=61811&Type=12
Protocol: H2
Server: 108.157.4.80 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-157-4-80.dus51.r.cloudfront.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.upmedia.mg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 07 Feb 2022 07:35:35 GMT
via: 1.1 ba922c695b86542cbfc03c782d8776d4.cloudfront.net (CloudFront)
x-amz-cf-pop: DUS51-P2
etag: W/"0-2jmj7l5rSw0yVb/vlWAYkK/YBwk"
x-amz-cf-id: pYT7o8wlUbT3aqkP145oxS6MBdSVRRkV1_fBTukp5zg1P4QCQHif8g==
x-cache: Miss from cloudfront

Redirect headers

date: Mon, 07 Feb 2022 07:35:35 GMT
via: 1.1 ba922c695b86542cbfc03c782d8776d4.cloudfront.net (CloudFront)
x-amz-cf-pop: DUS51-P2
vary: Accept
x-cache: Miss from cloudfront
content-type: text/plain; charset=utf-8
location: https://sb.scorecardresearch.com/b2?c1=2&c2=24610009&ns__t=1644219335670&ns_c=UTF-8&cv=3.5&c8=%E3%80%8CB%E7%AB%99%E3%80%8D%E5%85%A8%E7%AB%99%E5%8E%9F%E5%A7%8B%E7%A2%BC%E6%B4%A9%E6%BC%8F%E3%80%80%E5%8C%85%E5%AD%90%E5%B8%9D%E7%A6%81%E7%94%A8%E8%A9%9E%E3%80%81%E9%BB%91%E5%BF%83%E6%8A%BD%E7%8D%8E%E5%85%A7%E5%B9%95%E5%85%A8%E6%9B%9D%E5%85%89%20--%20%E4%B8%8A%E5%A0%B1%20%2F%20%E9%81%8A%E6%88%B2&c7=https%3A%2F%2Fwww.upmedia.mg%2Fnews_info.php%3FSerialNo%3D61811%26Type%3D12&c9=
content-length: 496
x-amz-cf-id: ypVHVIpKz2HaslQzgJYmYGXMwqtO-VbwaAvwB00ZvBCZd4yDd9ameA==

POST
H3 200 collect Show response
www.google-analytics.com/j/ 4 B
24 B 32ms
15ms XHR
text/plain 2a00:1450:4001:808::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j96&a=660759529&t=pageview&_s=1&dl=https%3A%2F%2Fwww.upmedia.mg%2Fnews_info.php%3FSerialNo%3D61811%26Type%3D12&ul=en-us&de=UTF-8&dt=%E3%80%8CB%E7%AB%99%E3%80%8D%E5%85%A8%E7%AB%99%E5%8E%9F%E5%A7%8B%E7%A2%BC%E6%B4%A9%E6%BC%8F%E3%80%80%E5%8C%85%E5%AD%90%E5%B8%9D%E7%A6%81%E7%94%A8%E8%A9%9E%E3%80%81%E9%BB%91%E5%BF%83%E6%8A%BD%E7%8D%8E%E5%85%A7%E5%B9%95%E5%85%A8%E6%9B%9D%E5%85%89%20--%20%E4%B8%8A%E5%A0%B1%20%2F%20%E9%81%8A%E6%88%B2&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAEABAAAAAC~&jid=752629360&gjid=195507200&cid=501655294.1644219336&tid=UA-80236651-1&_gid=1040507976.1644219336&_r=1&_slc=1&z=919253772

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.upmedia.mg/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 07 Feb 2022 07:35:35 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.upmedia.mg
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 200 collect Show response
www.google-analytics.com/j/ 2 B
22 B 28ms
15ms XHR
text/plain 2a00:1450:4001:808::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j96&a=660759529&t=pageview&_s=1&dl=https%3A%2F%2Fwww.upmedia.mg%2Fnews_info.php%3FSerialNo%3D61811%26Type%3D12&ul=en-us&de=UTF-8&dt=%E3%80%8CB%E7%AB%99%E3%80%8D%E5%85%A8%E7%AB%99%E5%8E%9F%E5%A7%8B%E7%A2%BC%E6%B4%A9%E6%BC%8F%E3%80%80%E5%8C%85%E5%AD%90%E5%B8%9D%E7%A6%81%E7%94%A8%E8%A9%9E%E3%80%81%E9%BB%91%E5%BF%83%E6%8A%BD%E7%8D%8E%E5%85%A7%E5%B9%95%E5%85%A8%E6%9B%9D%E5%85%89%20--%20%E4%B8%8A%E5%A0%B1%20%2F%20%E9%81%8A%E6%88%B2&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEDAAEABAAAAAC~&jid=798640389&gjid=1446017799&cid=501655294.1644219336&tid=UA-80236651-3&_gid=1040507976.1644219336&_r=1&_slc=1&z=2040913720

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a048e640908046be06e00eab37742b5d5ff80964af58cfd22f7cb2de4dfe375f

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.upmedia.mg/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 07 Feb 2022 07:35:35 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.upmedia.mg
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 sdk.js Show response
connect.facebook.net/zh_TW/ 285 KB
80 KB 17ms
7ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/zh_TW/sdk.js?hash=b6fad95bc4b7236770f9050b97a62cd8

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/zh_TW/sdk.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

05e7681f1d0e7dc45e751a6506773483c3c401ddb0dc9e9bbe39af7c7d57d4f2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://www.upmedia.mg/
Origin: https://www.upmedia.mg
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
content-md5: 8UBPnfdLpwjVyNEkYu24Gw==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
expires: Tue, 07 Feb 2023 07:26:05 GMT
alt-svc: h3=":443"; ma=3600,h3-29=":443"; ma=3600
content-length: 82145
x-fb-rlafr: 0
x-fb-debug: GcNbZRMpvtgR0lV7WVGHeW+tyXjUaUIbhblsM5rt+Ey7bakajpjqzlx/IqwBS7MwvlX+7t1PO/SufQ3cHoNpgg==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
x-fb-content-md5: e915acbd0f2bbaaf6509a51da0fbd50f
cross-origin-opener-policy: same-origin-allow-popups
date: Mon, 07 Feb 2022 07:35:35 GMT
x-frame-options: DENY
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public,max-age=31536000,stale-while-revalidate=3600,immutable
etag: "ca98144a057bd98b064772baaa24700f"
timing-allow-origin: *
priority: u=3,i
access-control-expose-headers: X-FB-Content-MD5

GET
H2 200 recmd Show response
pvmax.tenmax.io/kiangi/ 32 KB
8 KB 1022ms
334ms Script
application/javascript 35.186.245.165
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://pvmax.tenmax.io/kiangi/recmd?widgetId=8eb438d4-b9e7-4757-87ec-d3d7912acd82&ref=https%3A%2F%2Fwww.upmedia.mg%2Fnews_info.php%3FSerialNo%3D61811%26Type%3D12&canonical=https%3A%2F%2Fwww.upmedia.mg%2Fnews_info.php%3FSerialNo%3D61811%26Type%3D12&ogurl=https%3A%2F%2Fwww.upmedia.mg%2Fnews_info.php%3FSerialNo%3D61811%26Type%3D12&pvsid=89e966e0-87e8-11ec-ab38-53bc1bde498e&cacheBuster=1644219335758&callback=jsonp_callback_1644219335756
Requested by: Host: api.pvmax.net
URL: https://api.pvmax.net/v1.0/pvmax.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.186.245.165 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 165.245.186.35.bc.googleusercontent.com
Software: /
Resource Hash: 254cdbcb4f52ac1abdd3921b472cc8f90b0a5bf6bcd6db02e255fd409e6d4c12

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.upmedia.mg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 07 Feb 2022 07:35:36 GMT
content-encoding: gzip
pvmax_experiment_changelogid: 81bada1a-b407-4efd-b7f5-a92fad9efab4
pvmax_time: 1644219336
pvmax_experiment_widgetid: 905658d3-9d15-4f36-948a-db9ce46cf546
pvmax_categories: ["IAB19"]
pvmax_impid: [{"rid":"890c853e4caf13f430b743d3eb6e0fab","dsType":"content","pinnedPosition":null},{"rid":"344e2286f90c3f4930cad2350945bc19","dsType":"content","pinnedPosition":null},{"rid":"3aec017414080880a4cfeca0eeef7d02","dsType":"content","pinnedPosition":null},{"rid":"8fb5ae26b696cdc5c669e74070d9bb2c","dsType":"content","pinnedPosition":null},{"rid":"bddbe5d2606e83f31616c1fecddc02ee","dsType":"content","pinnedPosition":null},{"rid":"3ed2e20de116af490294e28bb6567c0f","dsType":"content","pinnedPosition":null},{"rid":"3eba3d16d70b739860a326c336fc85a8","dsType":"behavior","pinnedPosition":null},{"rid":"98eeca14e9f3fcb91d80d74f79d0d5cb","dsType":"behavior","pinnedPosition":null},{"rid":"3a754e47b4c94216aa218259a25a16c9","dsType":"behavior","pinnedPosition":null},{"rid":"c59027d4105422f68b8a8247d6dbb72b","dsType":"hot","pinnedPosition":null},{"rid":"ecbf1b57f511715b24b82d608090b775","dsType":"hot","pinnedPosition":null},{"rid":"d11185098629348783be7fc9ea861613","dsType":"hot","pinnedPosition":null}]
pvmax_experimentid: dee10a7b-22d5-4f8a-9fcf-7ba6a5c297f8
pvmax_experimenttype: AUTO
pvmax_sessionid: 89e966e0-87e8-11ec-ab38-53bc1bde498e
pvmax_ref: https://www.upmedia.mg/news_info.php?SerialNo=61811&Type=12
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
access-control-allow-origin: *
pvmax_experiment_widgettype: AUTO_BASE
pvmax_rid: f2c397449be686d335b9ffc21bae4d43
pvmax_desktoptag: grid-3
access-control-max-age: 1728000
access-control-allow-methods: GET, POST, OPTIONS
pvmax_widgetid: 8eb438d4-b9e7-4757-87ec-d3d7912acd82
via: 1.1 google
pvmax_impcount: 12
pvmax_siteid: 6e38eb73-9747-4973-a041-1e42effc8860
pvmax_mobiletag: sandwich
content-type: application/javascript;charset=UTF-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
pvmax_region: tw
pvmax_tplid: 317

GET
H2 200 uuid_iframe.php Show response
auto-load-balancer.likr.com.tw/pushEndPoint/uuid_gen/ Frame ADCF 2 KB
1 KB 306ms
264ms Document
text/html 34.96.95.4
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://auto-load-balancer.likr.com.tw/pushEndPoint/uuid_gen/uuid_iframe.php
Requested by: Host: www.upmedia.mg
URL: https://www.upmedia.mg/news_info.php?SerialNo=61811&Type=12
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.96.95.4 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 4.95.96.34.bc.googleusercontent.com
Software: Apache/2.4.41 (Ubuntu) /
Resource Hash: 294b0c2e3ec3edc89ec51dcef5ef2e099b3111a0634b2e7121cd249744d39b3a

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.upmedia.mg/

Response headers

date: Mon, 07 Feb 2022 07:35:35 GMT
server: Apache/2.4.41 (Ubuntu)
vary: Accept-Encoding
content-encoding: gzip
access-control-allow-origin: *
access-control-allow-headers: origin, x-requested-with, content-type, X-CSRF-Token
access-control-allow-methods: PUT, GET, POST, DELETE, OPTIONS
content-length: 917
content-type: text/html; charset=UTF-8
via: 1.1 google
alt-svc: clear

POST
H2 200 php_redis.php Show response
elephant.likr.com.tw/elephant_api/ 32 B
328 B 310ms
271ms XHR
text/html 34.107.213.174
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://elephant.likr.com.tw/elephant_api/php_redis.php
Requested by: Host: www.upmedia.mg
URL: https://www.upmedia.mg/js/jquery.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.107.213.174 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 174.213.107.34.bc.googleusercontent.com
Software: nginx/1.12.2 / PHP/5.4.16
Resource Hash: 0a3d695e561ce2372a5a2a0a99c94b073691a630025ff56728e27701bb148c32

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://www.upmedia.mg/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

date: Mon, 07 Feb 2022 07:35:35 GMT
via: 1.1 google
server: nginx/1.12.2
access-control-allow-headers: Origin, Content-Type, X-Auth-Token, X-CSRF-TOKEN
x-powered-by: PHP/5.4.16
access-control-allow-methods: POST, GET, OPTIONS
content-type: text/html
access-control-allow-origin: https://www.upmedia.mg
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

POST
H2 200 get_client_ip_for_ring.php Show response
load-balancer.likr.com.tw/pushServer/ 14 B
222 B 314ms
265ms XHR
text/html 35.190.46.27
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://load-balancer.likr.com.tw/pushServer/get_client_ip_for_ring.php
Requested by: Host: www.upmedia.mg
URL: https://www.upmedia.mg/js/jquery.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.190.46.27 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 27.46.190.35.bc.googleusercontent.com
Software: nginx/1.16.0 / PHP/5.6.40
Resource Hash: 9a14fb9bd4e426e21de3096c2c248cc3be38d0eb46ff3cd62b8e8ae54ed4501a

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://www.upmedia.mg/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 07 Feb 2022 07:35:35 GMT
via: 1.1 google
server: nginx/1.16.0
access-control-allow-headers: X-CSRF-Token
x-powered-by: PHP/5.6.40
content-type: text/html; charset=UTF-8
access-control-allow-origin: https://www.upmedia.mg
access-control-allow-credentials: true
alt-svc: clear

GET
H2 200 event_tracker_gtm.js Show response
rhea-cache.advividnetwork.com/tracker/ 42 KB
8 KB 75ms
24ms Script
application/javascript 2606:4700:10::6816:3bf9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://rhea-cache.advividnetwork.com/tracker/event_tracker_gtm.js
Requested by: Host: www.upmedia.mg
URL: https://www.upmedia.mg/news_info.php?SerialNo=61811&Type=12
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:3bf9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ea3bc8af6678d38415f2da755b0062dfe5595482c18040c1b2b411667946eba9

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.upmedia.mg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 07 Feb 2022 07:35:35 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Mon, 07 Feb 2022 07:08:52 GMT
server: cloudflare
age: 1523
etag: "a801-5d76845e6d8f8-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 6d9af14128e53754-MXP
content-length: 7438

GET
H2 200 avivid_pseudo_native_subscribe.css
avivid.likr.tw/avivid_css/avivid_pseudo_native_subscribe/ 444 B
362 B 85ms
29ms Stylesheet
text/css 2606:4700:10::6816:2a5e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://avivid.likr.tw/avivid_css/avivid_pseudo_native_subscribe/avivid_pseudo_native_subscribe.css
Requested by: Host: www.upmedia.mg
URL: https://www.upmedia.mg/news_info.php?SerialNo=61811&Type=12
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:2a5e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5fdffe46c571b0b392a68f61772f38210b2172738fc1dac3be70794daefebf6b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.upmedia.mg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 07 Feb 2022 07:35:35 GMT
content-encoding: gzip
cf-cache-status: HIT
age: 1380
last-modified: Fri, 03 Nov 2017 02:54:19 GMT
server: cloudflare
etag: W/"1e0019-1bc-55d0b38977fa5"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
access-control-allow-methods: POST
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=10800
access-control-allow-credentials: true
cf-ray: 6d9af1413cbb59e3-MXP
access-control-allow-headers: origin, x-requested-with, content-type, X-CSRF-Token, origin, x-requested-with, content-type, X-CSRF-Token

GET
H2 200 uuid_iframe.php Show response
auto-load-balancer.likr.com.tw/pushEndPoint/uuid_gen/ Frame E85B 2 KB
980 B 285ms
265ms Document
text/html 34.96.95.4
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://auto-load-balancer.likr.com.tw/pushEndPoint/uuid_gen/uuid_iframe.php
Requested by: Host: www.upmedia.mg
URL: https://www.upmedia.mg/news_info.php?SerialNo=61811&Type=12
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.96.95.4 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 4.95.96.34.bc.googleusercontent.com
Software: Apache/2.4.41 (Ubuntu) /
Resource Hash: 294b0c2e3ec3edc89ec51dcef5ef2e099b3111a0634b2e7121cd249744d39b3a

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.upmedia.mg/

Response headers

date: Mon, 07 Feb 2022 07:35:35 GMT
server: Apache/2.4.41 (Ubuntu)
vary: Accept-Encoding
content-encoding: gzip
access-control-allow-origin: *
access-control-allow-headers: origin, x-requested-with, content-type, X-CSRF-Token
access-control-allow-methods: PUT, GET, POST, DELETE, OPTIONS
content-length: 917
content-type: text/html; charset=UTF-8
via: 1.1 google
alt-svc: clear

GET
H2 200 ios_water_webpush_v21.js Show response
avivid.likr.tw/api/ 51 KB
10 KB 78ms
27ms Script
text/javascript 2606:4700:10::6816:2a5e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://avivid.likr.tw/api/ios_water_webpush_v21.js
Requested by: Host: www.upmedia.mg
URL: https://www.upmedia.mg/news_info.php?SerialNo=61811&Type=12
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:2a5e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: fb908a6b893a5ad58cab0a290445411258f8dfe5433928b5d676cf031bda8d83

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.upmedia.mg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 07 Feb 2022 07:35:35 GMT
content-encoding: gzip
cf-cache-status: HIT
age: 4187
last-modified: Wed, 26 Jan 2022 10:38:45 GMT
server: cloudflare
etag: W/"23a04-ca1e-5d679ce605e80"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
access-control-allow-methods: POST
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=10800
access-control-allow-credentials: true
cf-ray: 6d9af1413cbd59e3-MXP
access-control-allow-headers: origin, x-requested-with, content-type, X-CSRF-Token, origin, x-requested-with, content-type, X-CSRF-Token

GET
H2 200 footer_social.jpg
www.upmedia.mg/images/ 35 KB
28 KB 10ms
10ms Image
image/jpeg 192.124.249.65
SUCURI-SEC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.upmedia.mg/images/footer_social.jpg

Requested by

Host: www.upmedia.mg
URL: https://www.upmedia.mg/css/style-new-v4.min.css

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.65 Menifee, United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10065.sucuri.net

Software

nginx /

Resource Hash

6992d83fcac1c28fa9b9c3ec90974607559550e5f92eb6074452936f0e2686d3

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.upmedia.mg/css/style-new-v4.min.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 07 Feb 2022 07:35:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 22 May 2017 06:44:36 GMT
server: nginx
etag: "8b2a-550173454dd00-gzip"
x-frame-options: SAMEORIGIN
content-type: image/jpeg
x-sucuri-cache: HIT
cache-control: max-age=315360000
x-sucuri-id: 15015
content-security-policy: upgrade-insecure-requests;
vary: Accept-Encoding
x-xss-protection: 1; mode=block
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 telegramicon.png
www.upmedia.mg/images/ 1 KB
2 KB 15ms
15ms Image
image/png 192.124.249.65
SUCURI-SEC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.upmedia.mg/images/telegramicon.png

Requested by

Host: www.upmedia.mg
URL: https://www.upmedia.mg/css/style-new-v4.min.css

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.65 Menifee, United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10065.sucuri.net

Software

nginx /

Resource Hash

7a5f188495a436ba18ae9de859cb124d7de92ad63eb176884f3a1edd040e0a34

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.upmedia.mg/css/style-new-v4.min.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 07 Feb 2022 07:35:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-sucuri-cache: HIT
content-length: 1309
x-xss-protection: 1; mode=block
last-modified: Mon, 02 Mar 2020 08:08:38 GMT
server: nginx
x-frame-options: SAMEORIGIN
etag: "506-59fdab1d1c578-gzip"
vary: Accept-Encoding
content-type: image/png
cache-control: max-age=315360000
x-sucuri-id: 15015
content-security-policy: upgrade-insecure-requests;
accept-ranges: bytes
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 gotop.png
www.upmedia.mg/images/ 3 KB
3 KB 16ms
15ms Image
image/png 192.124.249.65
SUCURI-SEC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.upmedia.mg/images/gotop.png

Requested by

Host: www.upmedia.mg
URL: https://www.upmedia.mg/css/style-new-v4.min.css

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.65 Menifee, United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10065.sucuri.net

Software

nginx /

Resource Hash

71c96af12567c3c09cbe6d4b1172b5e11ffe3c2d7a7a37aeb70ef790a66dd6db

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.upmedia.mg/css/style-new-v4.min.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 07 Feb 2022 07:35:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-sucuri-cache: HIT
content-length: 3140
x-xss-protection: 1; mode=block
last-modified: Sun, 28 Jul 2019 04:37:38 GMT
server: nginx
x-frame-options: SAMEORIGIN
etag: "c15-58eb655c94880-gzip"
vary: Accept-Encoding
content-type: image/png
cache-control: max-age=315360000
x-sucuri-id: 15015
content-security-policy: upgrade-insecure-requests;
accept-ranges: bytes
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 XLYgIZb5bJNDGYxLBibeHZ0BhnJsUnN3PrBufRbmGqUtcg4pzRPk5AEpzv6YzI9aTbOhf6M.119.woff2
fonts.gstatic.com/s/notoseriftc/v6/ 33 KB
34 KB 31ms
7ms Font
font/woff2 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/notoseriftc/v6/XLYgIZb5bJNDGYxLBibeHZ0BhnJsUnN3PrBufRbmGqUtcg4pzRPk5AEpzv6YzI9aTbOhf6M.119.woff2

Requested by

Host: www.upmedia.mg
URL: https://www.upmedia.mg/css/fonts.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d5b585fa33bbf00e29420d3306dd6aa96e58a91060b9854980f9e057dbae16a7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.upmedia.mg/
Origin: https://www.upmedia.mg
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Fri, 04 Feb 2022 12:15:22 GMT
x-content-type-options: nosniff
age: 242413
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 34128
x-xss-protection: 0
last-modified: Tue, 16 Jul 2019 03:21:53 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Sat, 04 Feb 2023 12:15:22 GMT

GET
H2 200 iframe_api Show response
www.youtube.com/ 980 B
2 KB 49ms
27ms Script
text/javascript 2a00:1450:4001:811::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/iframe_api

Requested by

Host: www.upmedia.mg
URL: https://www.upmedia.mg/news_info.php?SerialNo=61811&Type=12

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

8467a8357349298073591bd163beabc28e27331b03e6dc9bf7f9d2a66757bf7a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.upmedia.mg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 07 Feb 2022 07:35:35 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=de for more info."
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
server: ESF
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000
report-to: {"group":"ATmXEA_XZXH6CdbrmjUzyTbVgxu22C8KYH7NsxKbRt94","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/encsid_ATmXEA_XZXH6CdbrmjUzyTbVgxu22C8KYH7NsxKbRt94"}]}
content-type: text/javascript; charset=utf-8
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cache-control: private, max-age=0
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-platform=*, ch-ua-platform-version=*
cross-origin-opener-policy-report-only: same-origin; report-to="ATmXEA_XZXH6CdbrmjUzyTbVgxu22C8KYH7NsxKbRt94"
expires: Mon, 07 Feb 2022 07:35:35 GMT

GET
H3 200 fontawesome-webfont.woff2
cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/fonts/ 75 KB
76 KB 48ms
28ms Font
application/octet-stream 2606:4700::6810:135e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/fonts/fontawesome-webfont.woff2?v=4.7.0

Requested by

Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/font-awesome.min.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6810:135e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d792afdac7f7ae5de7c6964950c6c61dc6e3f3813180a59e141c7cb4ac4364dc

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Referer: https://cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/font-awesome.min.css
Origin: https://www.upmedia.mg
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 07 Feb 2022 07:35:35 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 5740661
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 77160
timing-allow-origin: *
last-modified: Mon, 04 May 2020 16:10:07 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03e5f-12d68"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GiNym6N%2BOCbeEE8FmhtCuViSbEYJ2MUF977%2Buo5vfYAssAyLBLPmIRW6zIZWJ7tFrCrlEvqsJZqv2BqAU4EF9v8gRusn0%2B4lFa8qQJ3e7Fasi1lYs%2BRMQ12YtBRXGp2DspOEyyRK2TGFunXBI5dHPplR"}],"group":"cf-nel","max_age":604800}
content-type: application/octet-stream; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 6d9af141493c0f52-MXP
expires: Sat, 28 Jan 2023 07:35:35 GMT

POST
H2 200 bottom_ad.php Show response
www.upmedia.mg/ 382 B
376 B 514ms
514ms XHR
text/html 192.124.249.65
SUCURI-SEC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.upmedia.mg/bottom_ad.php

Requested by

Host: www.upmedia.mg
URL: https://www.upmedia.mg/js/jquery.min.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.65 Menifee, United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10065.sucuri.net

Software

nginx /

Resource Hash

c0c71676fd900840c2698979462826c6b244e220f06bd8a1622cd1d23986ce3c

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept: text/html, */*; q=0.01
Referer: https://www.upmedia.mg/news_info.php?SerialNo=61811&Type=12
X-Requested-With: XMLHttpRequest
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

date: Mon, 07 Feb 2022 07:35:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: nginx
x-frame-options: SAMEORIGIN
content-type: text/html; charset=UTF-8
x-sucuri-id: 15015
content-security-policy: upgrade-insecure-requests;
vary: Accept-Encoding
content-length: 142
x-xss-protection: 1; mode=block

POST
H2 200 right_ad.php Show response
www.upmedia.mg/ 2 KB
934 B 829ms
829ms XHR
text/html 192.124.249.65
SUCURI-SEC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.upmedia.mg/right_ad.php

Requested by

Host: www.upmedia.mg
URL: https://www.upmedia.mg/js/jquery.min.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.65 Menifee, United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10065.sucuri.net

Software

nginx /

Resource Hash

a999f1fec5154e3a48310ffb125352a4a0d9d42567b071568f26ff139de5ed89

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept: text/html, */*; q=0.01
Referer: https://www.upmedia.mg/news_info.php?SerialNo=61811&Type=12
X-Requested-With: XMLHttpRequest
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

date: Mon, 07 Feb 2022 07:35:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: nginx
x-frame-options: SAMEORIGIN
content-type: text/html; charset=UTF-8
x-sucuri-id: 15015
content-security-policy: upgrade-insecure-requests;
vary: Accept-Encoding
content-length: 700
x-xss-protection: 1; mode=block

POST
H2 200 right_ad_4.php Show response
www.upmedia.mg/ 14 B
267 B 495ms
495ms XHR
text/html 192.124.249.65
SUCURI-SEC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.upmedia.mg/right_ad_4.php

Requested by

Host: www.upmedia.mg
URL: https://www.upmedia.mg/js/jquery.min.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.65 Menifee, United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10065.sucuri.net

Software

nginx /

Resource Hash

4ef78091d8ec82bc91f8d492162c93bf5e4f10918aec5a02f91d6bb510e0c875

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept: text/html, */*; q=0.01
Referer: https://www.upmedia.mg/news_info.php?SerialNo=61811&Type=12
X-Requested-With: XMLHttpRequest
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

date: Mon, 07 Feb 2022 07:35:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: nginx
x-frame-options: SAMEORIGIN
content-type: text/html; charset=UTF-8
x-sucuri-id: 15015
content-security-policy: upgrade-insecure-requests;
vary: Accept-Encoding
content-length: 34
x-xss-protection: 1; mode=block

POST
H2 200 JQ.Articlecnt.php Show response
www.upmedia.mg/jquery/ 0
206 B 550ms
550ms XHR
text/html 192.124.249.65
SUCURI-SEC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.upmedia.mg/jquery/JQ.Articlecnt.php

Requested by

Host: www.upmedia.mg
URL: https://www.upmedia.mg/js/jquery.min.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.65 Menifee, United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10065.sucuri.net

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://www.upmedia.mg/news_info.php?SerialNo=61811&Type=12
X-Requested-With: XMLHttpRequest
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

date: Mon, 07 Feb 2022 07:35:36 GMT
x-content-type-options: nosniff
server: nginx
x-frame-options: SAMEORIGIN
content-type: text/html; charset=UTF-8
x-sucuri-id: 15015
content-security-policy: upgrade-insecure-requests;
vary: Accept-Encoding
content-length: 0
x-xss-protection: 1; mode=block

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 1 B
439 B 63ms
20ms XHR
text/plain 2a00:1450:400c:c03::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-80236651-1&cid=501655294.1644219336&jid=752629360&gjid=195507200&_gid=1040507976.1644219336&_u=IEBAAEAAAAAAAC~&z=1467451103

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c03::9d Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.upmedia.mg/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Mon, 07 Feb 2022 07:35:35 GMT
content-type: text/plain
access-control-allow-origin: https://www.upmedia.mg
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
792 B 49ms
20ms Script
application/javascript 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=www.upmedia.mg

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022020101.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.upmedia.mg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 07 Feb 2022 07:35:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
549 B 45ms
18ms Script
application/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.upmedia.mg

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022020101.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.upmedia.mg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 07 Feb 2022 07:35:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 57 KB
11 KB 230ms
229ms XHR
text/plain 142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=2835779083117571&correlator=3610366848041844&output=ldjh&impl=fifs&eid=31061814%2C31064671%2C31064019%2C31062930&vrg=2022020101&ptt=17&sc=1&sfv=1-0-38&ecs=20220207&iu_parts=303462569%2Cupmedia_content_336280_1%2Cupmedia_content_336280_2%2Cupmedia_content_336280_3%2Cupmedia_content_160600_1&enc_prev_ius=%2F0%2F1%2C%2F0%2F2%2C%2F0%2F3%2C%2F0%2F4&prev_iu_szs=300x250%2C336x280%7C300x250%2C336x280%7C300x250%2C160x600&cookie_enabled=1&bc=31&abxe=1&dt=1644219335952&lmt=1644219335&dlt=1644219335373&idt=543&frm=20&biw=1600&bih=1200&oid=2&adxs=-9%2C-9%2C-9%2C-9&adys=-9%2C-9%2C-9%2C-9&adks=2258178487%2C1311054807%2C442682614%2C2586341790&ucis=1%7C2%7C3%7C4&ifi=3&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&dmc=8&url=https%3A%2F%2Fwww.upmedia.mg%2Fnews_info.php%3FSerialNo%3D61811%26Type%3D12&vis=1&scr_x=0&scr_y=0&psz=0x-1%7C0x-1%7C0x-1%7C0x-1&msz=0x-1%7C0x-1%7C0x-1%7C0x-1&ga_vid=501655294.1644219336&ga_sid=1644219336&ga_hid=660759529&ga_fc=true&fws=2%2C2%2C2%2C2&ohw=0%2C0%2C0%2C0&btvi=-1%7C-1%7C-1%7C-1&nvt=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022020101.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

cafe /

Resource Hash

a750ce5d847c5f88dd3c2f5484fa9bfb61c350786f1f9e38474ff0dcc77710c9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.upmedia.mg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 07 Feb 2022 07:35:36 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2,-2,-2,-2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10969
x-xss-protection: 0
google-lineitem-id: 4520563658,4520006797,4525795801,-2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138238108926,138220092568,138220667982,-2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.upmedia.mg
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 438 B
264 B 279ms
278ms XHR
text/plain 142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=2835779083117571&correlator=3610366848041844&output=ldjh&impl=fifs&eid=31061814%2C31064671%2C31064019%2C31062930&vrg=2022020101&ptt=17&sc=1&sfv=1-0-38&ecs=20220207&iu_parts=21787810958%3A303462569%2Cupmedia.mg_article_inread&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x250&cookie_enabled=1&bc=31&abxe=1&dt=1644219335956&lmt=1644219335&dlt=1644219335373&idt=543&frm=20&biw=1600&bih=1200&oid=2&adxs=276&adys=718&adks=1980786368&ucis=5&ifi=7&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&dmc=8&url=https%3A%2F%2Fwww.upmedia.mg%2Fnews_info.php%3FSerialNo%3D61811%26Type%3D12&vis=1&scr_x=0&scr_y=0&psz=300x-1&msz=300x-1&ga_vid=501655294.1644219336&ga_sid=1644219336&ga_hid=660759529&ga_fc=true&fws=0&ohw=0&btvi=0&nvt=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022020101.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

cafe /

Resource Hash

9989098fc1c049b13c07bad2cec13bbcd51a6b330a20aad93b21d99220366a60

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.upmedia.mg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 07 Feb 2022 07:35:36 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 234
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.upmedia.mg
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 29 KB
10 KB 953ms
952ms XHR
text/plain 142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=2835779083117571&correlator=3610366848041844&output=ldjh&impl=fifs&eid=31061814%2C31064671%2C31064019%2C31062930&vrg=2022020101&ptt=17&sc=1&sfv=1-0-38&ecs=20220207&iu_parts=21787810958%3A303462569%2Cupmedia.mg_article_bottom_left&enc_prev_ius=%2F0%2F1&prev_iu_szs=336x280&cookie_enabled=1&bc=31&abxe=1&dt=1644219335958&lmt=1644219335&dlt=1644219335373&idt=543&frm=20&biw=1600&bih=1200&oid=2&adxs=176&adys=2958&adks=2428744011&ucis=6&ifi=8&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&dmc=8&url=https%3A%2F%2Fwww.upmedia.mg%2Fnews_info.php%3FSerialNo%3D61811%26Type%3D12&vis=1&scr_x=0&scr_y=0&psz=336x-1&msz=336x-1&ga_vid=501655294.1644219336&ga_sid=1644219336&ga_hid=660759529&ga_fc=true&fws=0&ohw=0&btvi=1&nvt=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022020101.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

cafe /

Resource Hash

008209f62c2753c17627159e7b23947a4dc6254162b9f1165443bb62e2de1e2e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.upmedia.mg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 07 Feb 2022 07:35:36 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10215
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.upmedia.mg
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 29 KB
10 KB 712ms
711ms XHR
text/plain 142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=2835779083117571&correlator=3610366848041844&output=ldjh&impl=fifs&eid=31061814%2C31064671%2C31064019%2C31062930&vrg=2022020101&ptt=17&sc=1&sfv=1-0-38&ecs=20220207&iu_parts=21787810958%3A303462569%2Cupmedia.mg_article_bottom_right&enc_prev_ius=%2F0%2F1&prev_iu_szs=336x280&cookie_enabled=1&bc=31&abxe=1&dt=1644219335959&lmt=1644219335&dlt=1644219335373&idt=543&frm=20&biw=1600&bih=1200&oid=2&adxs=758&adys=2958&adks=3267731517&ucis=7&ifi=9&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&dmc=8&url=https%3A%2F%2Fwww.upmedia.mg%2Fnews_info.php%3FSerialNo%3D61811%26Type%3D12&vis=1&scr_x=0&scr_y=0&psz=336x-1&msz=336x-1&ga_vid=501655294.1644219336&ga_sid=1644219336&ga_hid=660759529&ga_fc=true&fws=0&ohw=0&btvi=2&nvt=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022020101.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

cafe /

Resource Hash

746b935a49e1d40e7ff29603f1c73404976236e3fffd86300333ad294f3206f1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.upmedia.mg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 07 Feb 2022 07:35:36 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10170
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.upmedia.mg
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 23 KB
10 KB 499ms
499ms XHR
text/plain 142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=2835779083117571&correlator=3610366848041844&output=ldjh&impl=fifs&eid=31061814%2C31064671%2C31064019%2C31062930&vrg=2022020101&ptt=17&sc=1&sfv=1-0-38&ecs=20220207&iu_parts=21787810958%3A303462569%2Cupmedia.mg_article_sidebar_bottom&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x250&cookie_enabled=1&bc=31&abxe=1&dt=1644219335961&lmt=1644219335&dlt=1644219335373&idt=543&frm=20&biw=1600&bih=1200&oid=2&adxs=1185&adys=2465&adks=1431530962&ucis=8&ifi=10&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&dmc=8&url=https%3A%2F%2Fwww.upmedia.mg%2Fnews_info.php%3FSerialNo%3D61811%26Type%3D12&vis=1&scr_x=0&scr_y=0&psz=300x250&msz=300x250&ga_vid=501655294.1644219336&ga_sid=1644219336&ga_hid=660759529&ga_fc=true&fws=512&ohw=0&btvi=3&nvt=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022020101.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

cafe /

Resource Hash

8541db75495eae1c9fe4b084f2f561a2576779940cc4afef906cafa6e5997321

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.upmedia.mg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 07 Feb 2022 07:35:36 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: 292268
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10222
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-mediationtag-id: 443284
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.upmedia.mg
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html Show response
889d10e83f292ac4ee6083347361810f.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame AF7F 6 KB
4 KB 96ms
41ms Document
text/html 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://889d10e83f292ac4ee6083347361810f.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022020101.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.upmedia.mg/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin: *
content-length: 3108
date: Mon, 07 Feb 2022 07:35:36 GMT
expires: Tue, 07 Feb 2023 07:35:36 GMT
cache-control: public, immutable, max-age=31536000
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 214 B
415 B 15ms
14ms Script
text/javascript 142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=www.upmedia.mg&callback=_gfp_s_&client=ca-pub-1320194567067211

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202202010101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-1320194567067211&plah=www.upmedia.mg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

cafe /

Resource Hash

2db7835e3d3277f3ff45747ab2aad2a143266c5e1ae81b5338784915c57facbc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.upmedia.mg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 07 Feb 2022 07:35:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 200
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame C504 0
19 B 84ms
70ms Document
text/html 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1320194567067211&output=html&adk=1812271804&adf=3025194257&lmt=1644219336&plat=3%3A32%2C4%3A32%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fwww.upmedia.mg%2Fnews_info.php%3FSerialNo%3D61811%26Type%3D12&ea=0&flash=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&dt=1644219335653&bpp=3&bdt=280&idt=330&shv=r20220201&mjsv=m202202010101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=5015580947375&frm=20&pv=2&ga_vid=501655294.1644219336&ga_sid=1644219336&ga_hid=660759529&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42531397%2C44750773%2C31063221%2C31064019%2C31062930&oid=2&pvsid=2835779083117571&pem=763&tmod=1252032085&uas=0&nvt=1&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=355

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.upmedia.mg/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Mon, 07 Feb 2022 07:35:36 GMT
server: cafe
content-length: 0
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Mon, 07 Feb 2022 07:35:36 GMT
cache-control: private

GET
H2 200 jquery-1.11.1.min.js Show response
code.jguery.com/ 94 KB
34 KB 121ms
72ms Script
application/javascript 2606:4700:3034::ac43:baa1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://code.jguery.com/jquery-1.11.1.min.js
Requested by: Host: www.upmedia.mg
URL: https://www.upmedia.mg/news_info.php?SerialNo=61811&Type=12
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3034::ac43:baa1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3307c83dc14067def96427d5947df8a6a9f4231904925c9152cf04312a1df38d

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.upmedia.mg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 07 Feb 2022 07:35:36 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=amJmechcmJhyvR5VHyyc65HTI5vec6ibu2b1RIKpcHP2Wud7zexhzE91%2FrlfjV7DmJVohZI4U2KIo7gb3D0oxZ1fkMq1slPlqrwfIByJcO%2Bo%2BzYFbaLQNeZGJvg8hw2gAuaFKXh0goei%2BFUHtWM%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cf-ray: 6d9af1429dfe83ac-MXP
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H/1.1 200
OK widget_iframe.4e067713e19d4fff483536ddc4df18b9.html Show response
platform.twitter.com/widgets/ Frame 68FC 319 KB
104 KB 42ms
41ms Document
text/html 2606:2800:234:59:254c:406:2366:268c
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/widgets/widget_iframe.4e067713e19d4fff483536ddc4df18b9.html?origin=https%3A%2F%2Fwww.upmedia.mg
Requested by: Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (mil/6CF0) /
Resource Hash: c6d03b7a5561687268e57b13d9d4a6a4c71ee570ea74718040ce9227676e3e5e

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.upmedia.mg/

Response headers

Content-Encoding: gzip
Access-Control-Allow-Methods: GET
Access-Control-Allow-Origin: *
Age: 206651
Cache-Control: public, max-age=315360000
Content-Type: text/html; charset=utf-8
Date: Mon, 07 Feb 2022 07:35:36 GMT
Etag: "8321d7cf58d70200c1423dfa0bca40f6+gzip"
Last-Modified: Tue, 01 Feb 2022 20:00:09 GMT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server: ECS (mil/6CF0)
Server-Timing: "x-cache;desc= HIT,x-tw-cdn;desc=",edge;dur=1
Vary: Accept-Encoding
X-Cache: HIT
x-tw-cdn: VZ
Content-Length: 105433

GET
H2 200 p.php Show response
stg.truvidplayer.com/ 7 KB
4 KB 144ms
114ms XHR
application/json 52.222.214.49
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://stg.truvidplayer.com/p.php?sid=597&wid=5099&cb=8569.488846257256&pid=2250&url=https%3A%2F%2Fwww.upmedia.mg%2Fnews_info.php%3FSerialNo%3D61811%26Type%3D12&isab=0
Requested by: Host: go.trvdp.com
URL: https://go.trvdp.com/init/5099.js?pid=2250
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.214.49 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-214-49.fra56.r.cloudfront.net
Software: nginx /
Resource Hash: 65bcfc9ceb55065bb35662773a522fb15fc9653423574d23dfe68ea983e20b7d

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.upmedia.mg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 07 Feb 2022 07:35:36 GMT
content-encoding: gzip
server: nginx
x-amz-cf-pop: FRA56-P3
x-cache: Miss from cloudfront
content-type: application/json
access-control-allow-origin: https://www.upmedia.mg
access-control-allow-credentials: true
x-amz-cf-id: 3R4jStCbTRfvG9ip8AO135FX4WxFbdcp-aiL6Fy-ly7vmj0slhVD6g==
via: 1.1 e41703af87be84ac95b3cadf9d8dd470.cloudfront.net (CloudFront)

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame B2BF 430 B
229 B 175ms
174ms Document
text/html 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1320194567067211&output=html&h=90&slotname=8672267488&adk=1876719416&adf=2610707424&pi=t.ma~as.8672267488&w=970&lmt=1644219336&rafmt=12&psa=0&format=970x90&url=https%3A%2F%2Fwww.upmedia.mg%2Fnews_info.php%3FSerialNo%3D61811%26Type%3D12&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&dt=1644219335656&bpp=1&bdt=283&idt=430&shv=r20220201&mjsv=m202202010101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=5015580947375&frm=20&pv=1&ga_vid=501655294.1644219336&ga_sid=1644219336&ga_hid=660759529&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=315&ady=212&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42531397%2C44750773%2C31063221%2C31064019%2C31062930&oid=2&pvsid=2835779083117571&pem=763&tmod=1252032085&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Co%7CeE%7C&abl=NS&pfx=0&fu=256&bc=31&ifi=2&uci=a!2&fsb=1&xpc=gA72WSKE5X&p=https%3A//www.upmedia.mg&dtd=436

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c7defa0223f732449276a5e5dc9b8928f053c24c9edede57b6134560207ebb85

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.upmedia.mg/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Mon, 07 Feb 2022 07:35:36 GMT
server: cafe
content-length: 206
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Mon, 07 Feb 2022 07:35:36 GMT
cache-control: private

GET
H2 200 /
www.facebook.com/tr/ 44 B
407 B 30ms
11ms Image
image/gif 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=125239581431127&ev=fb_page_view&dl=https%3A%2F%2Fwww.upmedia.mg%2Fnews_info.php%3FSerialNo%3D61811%26Type%3D12&rl=&if=false&ts=1644219336098&sw=1600&sh=1200&at=

Requested by

Host: www.upmedia.mg
URL: https://www.upmedia.mg/news_info.php?SerialNo=61811&Type=12

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.upmedia.mg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 07 Feb 2022 07:35:36 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=3600, h3-29=":443"; ma=3600
content-length: 44
expires: Mon, 07 Feb 2022 07:35:36 GMT

GET
H3 200 www-widgetapi.js Show response
www.youtube.com/s/player/0cd11746/www-widgetapi.vflset/ 146 KB
47 KB 27ms
9ms Script
text/javascript 2a00:1450:4001:811::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/0cd11746/www-widgetapi.vflset/www-widgetapi.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/iframe_api

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

101df151aa008e88d6f4e497cc3558f63d2524f788e46e3e3a109a4620aff141

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.upmedia.mg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 07 Feb 2022 01:19:06 GMT
content-encoding: br
x-content-type-options: nosniff
age: 22590
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 48379
x-xss-protection: 0
last-modified: Thu, 03 Feb 2022 01:18:07 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Tue, 07 Feb 2023 01:19:06 GMT

GET
H2 200 query Show response
global.cloud.netacuity.com/webservice/ 576 B
717 B 177ms
40ms XHR
application/json 108.128.127.158
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://global.cloud.netacuity.com/webservice/query?u=04842bc1-ecc8-4db1-aeec-6a7708559ff2&json=true
Requested by: Host: rtbcdn.andbeyond.media
URL: https://rtbcdn.andbeyond.media/prod-global-551817.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 108.128.127.158 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-108-128-127-158.eu-west-1.compute.amazonaws.com
Software: Apache/2.4.51 () OpenSSL/1.0.2k-fips /
Resource Hash: 36cef33509352a3270cd0b60a57473f4599faa2361e5390210a4cf9e2554f271

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.upmedia.mg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

access-control-allow-origin: *
date: Mon, 07 Feb 2022 07:35:36 GMT
server: Apache/2.4.51 () OpenSSL/1.0.2k-fips
content-length: 576
content-type: application/json;charset=UTF-8

GET
H2 200 uuid_iframe.html Show response
sun.advividnetwork.com/include_code/ Frame 0540 3 KB
1 KB 1116ms
1101ms Document
text/html 2606:4700:10::6816:3bf9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://sun.advividnetwork.com/include_code/uuid_iframe.html?uuid=f1752af4-fe76-45b4-97c6-f667e0664517
Requested by: Host: www.upmedia.mg
URL: https://www.upmedia.mg/news_info.php?SerialNo=61811&Type=12
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:3bf9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2725d337e8ed14d10b23407140abf3881d22818a639df5401386c70d4a055757

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.upmedia.mg/

Response headers

date: Mon, 07 Feb 2022 07:35:37 GMT
content-type: text/html; charset=UTF-8
last-modified: Mon, 30 Mar 2020 04:27:06 GMT
access-control-allow-origin: *
access-control-allow-headers: origin, x-requested-with, content-type
access-control-allow-methods: PUT, GET, POST, DELETE, OPTIONS
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 6d9af1432cc43754-MXP
content-encoding: gzip

GET
H2 200 uuid_iframe.html Show response
sun.advividnetwork.com/include_code/ Frame DBEA 3 KB
1 KB 1114ms
1101ms Document
text/html 2606:4700:10::6816:3bf9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://sun.advividnetwork.com/include_code/uuid_iframe.html?uuid=f1752af4-fe76-45b4-97c6-f667e0664517
Requested by: Host: www.upmedia.mg
URL: https://www.upmedia.mg/news_info.php?SerialNo=61811&Type=12
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:3bf9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2725d337e8ed14d10b23407140abf3881d22818a639df5401386c70d4a055757

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.upmedia.mg/

Response headers

date: Mon, 07 Feb 2022 07:35:37 GMT
content-type: text/html; charset=UTF-8
last-modified: Mon, 30 Mar 2020 04:27:06 GMT
access-control-allow-origin: *
access-control-allow-headers: origin, x-requested-with, content-type
access-control-allow-methods: PUT, GET, POST, DELETE, OPTIONS
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 6d9af1432cc03754-MXP
content-encoding: gzip

GET
H2 200 settings Show response
syndication.twitter.com/ Frame 68FC 232 B
448 B 143ms
124ms Fetch
application/json 104.244.42.136
TWITTER

General

Check archive.org

Show headers Download Go to

Full URL

https://syndication.twitter.com/settings?session_id=3ec2106c98534a303638642178b57b9e5d312789

Requested by

Host: platform.twitter.com
URL: https://platform.twitter.com/widgets/widget_iframe.4e067713e19d4fff483536ddc4df18b9.html?origin=https%3A%2F%2Fwww.upmedia.mg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.244.42.136 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_o /

Resource Hash

726906ee6ce6dfe1b6e35ddad151196c50277e31520de30e916e9cd9affc0ef3

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://platform.twitter.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-response-time: 107
date: Mon, 07 Feb 2022 07:35:35 GMT
content-encoding: gzip
last-modified: Mon, 07 Feb 2022 07:35:36 GMT
server: tsa_o
vary: Origin
strict-transport-security: max-age=631138519
content-type: application/json; charset=utf-8
access-control-allow-origin: https://platform.twitter.com
cache-control: must-revalidate, max-age=600
access-control-allow-credentials: true
x-connection-hash: 5732e9884bc597823812d49ab2b36ef873920e746be8c75fd315e4afb5ab7b68
content-length: 166

GET
H2 200 20180920000003.json Show response
avivid.likr.tw/settings_file_json/ 5 KB
2 KB 1133ms
1088ms XHR
application/json 2606:4700:10::6816:2a5e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://avivid.likr.tw/settings_file_json/20180920000003.json
Requested by: Host: code.jquery.com
URL: https://code.jquery.com/jquery-3.2.1.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:2a5e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0fbc3565f7e014078a89d17b85e8e0aea97fe35dfae6b92984265195fa86d092

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://www.upmedia.mg/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 07 Feb 2022 07:35:37 GMT
content-encoding: gzip
cf-cache-status: EXPIRED
last-modified: Mon, 07 Feb 2022 07:10:02 GMT
server: cloudflare
etag: W/"1c4b72-1569-5d7684a0eba72"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
access-control-allow-methods: POST
content-type: application/json
access-control-allow-origin: *
cache-control: max-age=10800
access-control-allow-credentials: true
cf-ray: 6d9af1438ba959d1-MXP
access-control-allow-headers: origin, x-requested-with, content-type, X-CSRF-Token, origin, x-requested-with, content-type, X-CSRF-Token

GET
H2 200 event_tracker.js Show response
rhea-cache.advividnetwork.com/tracker/ 10 B
135 B 36ms
36ms Script
application/javascript 2606:4700:10::6816:3bf9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://rhea-cache.advividnetwork.com/tracker/event_tracker.js
Requested by: Host: www.upmedia.mg
URL: https://www.upmedia.mg/news_info.php?SerialNo=61811&Type=12
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:3bf9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1d19f579a751135f28b74fd10b3e65d547a221d2fe7546be246d99125aea7c04

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.upmedia.mg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 07 Feb 2022 07:35:36 GMT
cf-cache-status: HIT
last-modified: Wed, 05 Jan 2022 05:04:57 GMT
server: cloudflare
age: 2412
etag: "a-5d4ceb1efab96"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 6d9af1434cfc3754-MXP
content-length: 10

GET
H2 200 ins.js Show response
s.trvdp.com/scripts/v5.724/ 474 KB
129 KB 90ms
17ms Script
application/javascript 2600:9000:2251:1c00:d:3c0f:bcc0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s.trvdp.com/scripts/v5.724/ins.js
Requested by: Host: go.trvdp.com
URL: https://go.trvdp.com/init/5099.js?pid=2250
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2251:1c00:d:3c0f:bcc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 5ec06962acf846468c67189c9b5cc911c6071a2a9f8f366fc2db941a65f485fa

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.upmedia.mg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 24 Jan 2022 10:28:34 GMT
content-encoding: br
last-modified: Mon, 24 Jan 2022 09:47:25 GMT
server: AmazonS3
age: 1199223
etag: W/"5d5da97d1008e2726db90de4209b609e"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 3296b04068551f925d5fafd1b785ff30.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P3
x-amz-cf-id: fXGmtcfbSdZ1MIDtiekovCr9wGVitR9K4SsKgOR-VZhB2vkLnEEF4Q==

GET
H2 200 a.js Show response
p.adlooxtracking.com/gpt/ 8 KB
4 KB 52ms
6ms Script
application/javascript 34.107.231.31
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://p.adlooxtracking.com/gpt/a.js

Requested by

Host: rtbcdn.andbeyond.media
URL: https://rtbcdn.andbeyond.media/prod-global-551817.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.107.231.31 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

31.231.107.34.bc.googleusercontent.com

Software

nginx /

Resource Hash

9a59c5e5bf506c979d9baf8521375edc46c510007ea428f877717bdf90a81528

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.upmedia.mg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 07 Feb 2022 06:39:22 GMT
via: 1.1 google
x-content-type-options: nosniff
last-modified: Sun, 11 Jul 2021 15:29:14 GMT
server: nginx
age: 3374
etag: W/"91f36cb612bb5287d05f3c7044927cbe"
vary: Accept-Encoding
content-type: application/javascript
content-encoding: gzip
cache-control: public, max-age=3600
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3532

GET
H/1.1 200
OK cors Show response
data.ad-score.com/score/ 48 B
719 B 460ms
116ms XHR
text/plain 130.211.115.4
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://data.ad-score.com/score/cors?s=1&pid=1000032&tid=truvidTraffic&pub_domain=www.upmedia.mg&l1=5099&l2=upmedia.mg&l3=SE&l4=desktop&l5=5.724&cb=0.2762058862540697
Requested by: Host: s.trvdp.com
URL: https://s.trvdp.com/scripts/v5.724/ins.js
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_GCM
Server: 130.211.115.4 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 4.115.211.130.bc.googleusercontent.com
Software: /
Resource Hash: 6edd68731e514566c05a3e9332505817102a8b5db834a80176856647b4162ad9

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.upmedia.mg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 07 Feb 2022 07:35:36 GMT
Age: 0
Access-Control-Allow-Methods: GET,POST
P3p: CP="CURa ADMa DEVa TAIi PSAi PSDi IVAi IVDi CONi HISa TELi OUR IND DSP CAO COR"
Access-Control-Allow-Origin: https://www.upmedia.mg
Cache-Control: post-check=0, pre-check=0, false, proxy-revalidate, no-cache, no-cache=Set-Cookie, no-store, must-revalidate, max-age=0, s-maxage=0
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/plain; charset=utf-8
Content-Length: 48

GET
H3 200 container.html Show response
889d10e83f292ac4ee6083347361810f.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame B601 6 KB
3 KB 26ms
11ms Document
text/html 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://889d10e83f292ac4ee6083347361810f.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022020101.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.upmedia.mg/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin: *
content-length: 3108
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 07 Feb 2022 07:35:36 GMT
expires: Tue, 07 Feb 2023 07:35:36 GMT
cache-control: public, immutable, max-age=31536000
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
content-type: text/html
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 adview
securepubads.g.doubleclick.net/pagead/ Frame B601 0
0 46ms
46ms Fetch
text/html 142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=Ca1_XyMsAYrClDoTz3wP0qobAA4bK5Z5chIHg9s4CwI23ARABIABglZqSgqAHggEXY2EtcHViLTEzMTA4NTI2MDQzMzUyNTTIAQngAgCoAwGqBKoCT9Af8pBr2jgAhUdM_M84OAmO61MO4d5TbMCJg6NL2HtfWlFBSQImitdnbBeymaNfRwgLGAQeLvdtemvgpY1J9bhWnDQIdMpaCNqNjabsNFFdl6y7d0cgtd19F3o6xq9HxVfnMJp5odvAbJ9yp4WLlA9sHRXnFmn3uIWHDhso7XopbhX-db7XnA0G4HtFIgJY7pUzFmFkq21af4yakeLJiobKCTMcf_dxQSc4_CQKgdIvOoZJL_T5OouHqg2AB422DhD6LPBdx0GEgE0AzAAWv6MCRG7eFxTAvF4etu3tYI2soxPNwLiChgKZrU2vvP__KJuFKcEbDejOihTnkPU43zqwPj-1cqzEm3oxFU8af4ysxTzLHrgzWHBswOgUAP0XBO4owBSgqLcKOuAEAYAG0e7Eru7TjranAaAGIagHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIiOGAEBABgAoD-gsCCAGADAHQFQGAFwGyFxwKGhIUcHViLTEzMTA4NTI2MDQzMzUyNTQYrt9v&sigh=CUiAdcMTuKY&uach_m=[UACH]&cid=CAQSPwCNIrLMkL_jnvtyYYTIkB7RG8_FFIbMOcTPiBDkcLI15psz59EYcP5JLJpG0f_tR7X4_ou_Fb8pbNWoyDFY7RgB&tpd=AGWhJms3G_W14_Ujmv5SrPcemA98qiyuEMRR2W_j4CUN-vdgkLdcDEcZS6X6dQDLv6o1mNso0SVya6sCXzqG-L9GFwoYIrwY6rW8yDKhunqT7hntNgg_VfX2FruSoHnssbNkRI5QUg5ZZNklHrdC9UKzWqkeMg56_lFX97ohScWGC4XMEAwwWjK51gIdzSCyFh8JoheBSPr4eEw9kIBK3t6ruvImXDbs_xw-AnuzeKZ0eHu8lmdf3WK4FmOZkM_h59hGUZyb31kcDtG96vShiEPZZGMXdHkibNOXAiWRlOrMHgcpTZVZDE5ca2PmBbM3NVEau7-Bw9rJZaxeKFyafGvavBjn_QcaZGNvLWGLqmQ6Ro5QeV3nj6Y-OxPxo_K5Q7_pF9zIrgVdKCTH31ufNX7TtbRTa9GCaVSm1LGrh70lSnw4D8qxteZaafFUCgFm3EElVAuD-mJOt_4fXrslCSIOJQ2pVudDiZIB8q5ZcH9jicnLDPB0-TI47eW73fRopdHuqM6U_v4ouQi9qdsTRLZbhhDP_f2Q6BWeR98HVku7BvnTekiDUB444rXABgDPubzL3Q6qBVt9lbWi7WMT0Oy2lFTA85BrKyjy5XEZHlzdNzn9QDXNeAoZJKOCXK5hbpoYfOGTyzVEd9qy2dccHJDARnm-SIfmMyllPecoNRAD8uGac6vnO_HHAwCr2dIaEWrqLjbJiO_iSedd0-_mP-W3svCBjgfjIcJZOLlmnJ3C9Ifw0qrWq__jyIiECJgEKTjakNclZvgmPV0bVZ-pW74NhtLD71jf-XwJ38VZaNzmONcVt_RZLub_5gVoVU8sl_5X7_8bX3Yt3y0rTrVGTb5JRAIBDkvONnTbsN_EjKqpOiyIUyIeHmMH4SMNfmk_RUjdi-K_1UXn0i2GiRxi2bL8i6F-JVF4qXLVSVQIioT1xsrEJlG5wCbPBSbm109mOSE
Requested by: Host: www.upmedia.mg
URL: https://www.upmedia.mg/news_info.php?SerialNo=61811&Type=12
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 142.250.186.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra24s04-in-f2.1e100.net
Software: /
Resource Hash

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://889d10e83f292ac4ee6083347361810f.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

GET
H2 200 / Show response
track.adform.net/adfscript/ Frame B601 1 KB
1 KB 88ms
21ms Script
text/javascript 37.157.4.39
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://track.adform.net/adfscript/?bn=52254091;rtbwp=AAABftMcBuy1CrYUFLyi422dJIJT3JT1frhfog-vkzWENrH-CAQMwIDm64eoc9SnGalcrds0;rtbdata=rTOGj-Sh38K4vJPBn8E97ggkJTVBkPn82s37raAuLXZkb6Qchpu5XOdp0AloQ1cG5Q9x3KzSb3kemCGAYcN9FFxm3ZjA15VsMloOVToxm7FKguYO_tkIIZS0YyxaBZnEEypz21tp92kd-ig1KzcWoKQl7E6M3pVpJCEyIdcloX3P6klsS0APHcz56DHmTgimcij_2-5rh0OkEy2jn9vt1rBZD1ENeNK-nSdOj7kbAn6DYIc1xClCoh3-j1nvxTixlkI4H-PZoWLc0vPV_xpL5NW5XaQrErdWZPSVCRcBPzE1

Requested by

Host: 889d10e83f292ac4ee6083347361810f.safeframe.googlesyndication.com
URL: https://889d10e83f292ac4ee6083347361810f.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.4.39 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

f1bfa171ebc2afeb7dfdc3740255f624e6ec93b59abef341d8bd531799672f41

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://889d10e83f292ac4ee6083347361810f.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 07 Feb 2022 07:35:36 GMT
content-encoding: gzip
server: nginx
vary: Accept-Encoding
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
strict-transport-security: max-age=31536000; includeSubDomains
content-type: text/javascript; charset=utf-8
content-length: 944
expires: -1

GET
H2 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220201/r20110914/client/ Frame B601 2 KB
1 KB 37ms
10ms Script
text/javascript 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220201/r20110914/client/window_focus_fy2019.js

Requested by

Host: 889d10e83f292ac4ee6083347361810f.safeframe.googlesyndication.com
URL: https://889d10e83f292ac4ee6083347361810f.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

144822a1b5316a4e9a06ffbf5802b8c1cbbc0a3f230d81b98f362f7fe4c128c8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://889d10e83f292ac4ee6083347361810f.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 07 Feb 2022 07:29:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 396
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1205
x-xss-protection: 0
server: cafe
etag: 18074202747124231361
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 21 Feb 2022 07:29:00 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame B601 123 KB
37 KB 75ms
53ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: 889d10e83f292ac4ee6083347361810f.safeframe.googlesyndication.com
URL: https://889d10e83f292ac4ee6083347361810f.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d3a6fb9e39c82eed501889521b19cc4fc13d1104f83128928775b520c86f8abc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://889d10e83f292ac4ee6083347361810f.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 07 Feb 2022 07:35:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 38146
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1643806174374025"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Mon, 07 Feb 2022 07:35:36 GMT

GET
H2 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220201/r20110914/client/ Frame B601 14 KB
7 KB 34ms
7ms Script
text/javascript 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220201/r20110914/client/qs_click_protection_fy2019.js

Requested by

Host: 889d10e83f292ac4ee6083347361810f.safeframe.googlesyndication.com
URL: https://889d10e83f292ac4ee6083347361810f.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

80182a21e69d7232583dcf7b19a5cfb9a597e7adbcc22f1a14e4096d8602612d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://889d10e83f292ac4ee6083347361810f.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 07 Feb 2022 07:34:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 38
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6204
x-xss-protection: 0
server: cafe
etag: 12229469669374805284
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 21 Feb 2022 07:34:58 GMT

GET
H2 204 l
www.google.com/ads/measurement/ Frame B601 0
0 42ms
15ms Image
text/html 2a00:1450:4001:82b::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaSDiN8HWWVrRgcXpRjZIcqdlp_fSqB89t8vryHQ7JNtJKqdV45OKRfntsr7KcxxT4sApURoXRRQ9PWYkFPS0bhzcRRdxQ
Requested by: Host: 889d10e83f292ac4ee6083347361810f.safeframe.googlesyndication.com
URL: https://889d10e83f292ac4ee6083347361810f.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:82b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://889d10e83f292ac4ee6083347361810f.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

GET
H2 200 ext.js Show response
tpc.googlesyndication.com/safeframe/1-0-38/js/ Frame B601 22 KB
7 KB 36ms
9ms Script
text/javascript 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/safeframe/1-0-38/js/ext.js

Requested by

Host: 889d10e83f292ac4ee6083347361810f.safeframe.googlesyndication.com
URL: https://889d10e83f292ac4ee6083347361810f.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0bcac89d72d5f0b2bef20f815406384ff05489e4294acee57409060c2eccffc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://889d10e83f292ac4ee6083347361810f.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Fri, 04 Feb 2022 06:44:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 262286
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7022
x-xss-protection: 0
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Sat, 04 Feb 2023 06:44:10 GMT

GET
H2 200 bootstrap.js Show response
s1.adform.net/stoat/626/s1.adform.net/ Frame B601 33 KB
16 KB 76ms
19ms Script
text/javascript 37.157.5.72
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js
Requested by: Host: track.adform.net
URL: https://track.adform.net/adfscript/?bn=52254091;rtbwp=AAABftMcBuy1CrYUFLyi422dJIJT3JT1frhfog-vkzWENrH-CAQMwIDm64eoc9SnGalcrds0;rtbdata=rTOGj-Sh38K4vJPBn8E97ggkJTVBkPn82s37raAuLXZkb6Qchpu5XOdp0AloQ1cG5Q9x3KzSb3kemCGAYcN9FFxm3ZjA15VsMloOVToxm7FKguYO_tkIIZS0YyxaBZnEEypz21tp92kd-ig1KzcWoKQl7E6M3pVpJCEyIdcloX3P6klsS0APHcz56DHmTgimcij_2-5rh0OkEy2jn9vt1rBZD1ENeNK-nSdOj7kbAn6DYIc1xClCoh3-j1nvxTixlkI4H-PZoWLc0vPV_xpL5NW5XaQrErdWZPSVCRcBPzE1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.157.5.72 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software: nginx /
Resource Hash: 3155cd449a2085846e620747cc4f30dbf639cfcf5f4211e1c7224043e8806d45

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://889d10e83f292ac4ee6083347361810f.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 07 Feb 2022 07:35:36 GMT
content-encoding: gzip
last-modified: Wed, 26 Jan 2022 13:59:05 GMT
server: nginx
x-cache-status: HIT
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=100000
expires: Tue, 08 Feb 2022 11:12:37 GMT

GET
H3 200 container.html Show response
889d10e83f292ac4ee6083347361810f.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 9B59 6 KB
3 KB 6ms
6ms Document
text/html 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://889d10e83f292ac4ee6083347361810f.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022020101.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.upmedia.mg/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin: *
content-length: 3108
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 07 Feb 2022 07:35:36 GMT
expires: Tue, 07 Feb 2023 07:35:36 GMT
cache-control: public, immutable, max-age=31536000
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
content-type: text/html
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 / Show response
track.adform.net/adfserve/ Frame B601 5 KB
3 KB 23ms
23ms Script
text/javascript 37.157.4.39
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://track.adform.net/adfserve/?bn=52254091;rtbwp=AAABftMcBuy1CrYUFLyi422dJIJT3JT1frhfog-vkzWENrH-CAQMwIDm64eoc9SnGalcrds0;rtbdata=rTOGj-Sh38K4vJPBn8E97ggkJTVBkPn82s37raAuLXZkb6Qchpu5XOdp0AloQ1cG5Q9x3KzSb3kemCGAYcN9FFxm3ZjA15VsMloOVToxm7FKguYO_tkIIZS0YyxaBZnEEypz21tp92kd-ig1KzcWoKQl7E6M3pVpJCEyIdcloX3P6klsS0APHcz56DHmTgimcij_2-5rh0OkEy2jn9vt1rBZD1ENeNK-nSdOj7kbAn6DYIc1xClCoh3-j1nvxTixlkI4H-PZoWLc0vPV_xpL5NW5XaQrErdWZPSVCRcBPzE1;js=1;adfxid=1x;8238;set=en-US|en-US|1600X1200|0|300|250|24|8|3|7|1|;fd=0|0&CREFURL=https%3A%2F%2Fwww.upmedia.mg

Requested by

Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.4.39 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

a87fb04a70fe7364bfc54b0da0da83529966d989451e5a1f4e1d97473c0a0ee3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://889d10e83f292ac4ee6083347361810f.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 07 Feb 2022 07:35:36 GMT
content-encoding: gzip
server: nginx
vary: Accept-Encoding
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
strict-transport-security: max-age=31536000; includeSubDomains
content-type: text/javascript; charset=utf-8
content-length: 2358
expires: -1

GET
H3 200 adview
securepubads.g.doubleclick.net/pagead/ Frame 0A59 0
0 53ms
50ms Fetch
text/html 142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=CdLhMyMsAYvXSG86AjuwP0eKs8ALovpiUXKCls8n9CMCNtwEQASAAYJWakoKgB4IBF2NhLXB1Yi0xMzEwODUyNjA0MzM1MjU0yAEJqQK_bdhkoqOEPuACAKgDAaoEqQJP0BaSVqvtI-cSWAAuuI2Roc6fzMVMPGy1A60MOJkqdUxbI-sCw1azacRWN5IauvPPhWlWz3J9lJ2d9cnrS5UioxXU6uRcSAAWUDYV4LbAh-rGaVYwqli-A-arjtvV5fvIVfmxjFIL5Pr15NqtAB7Ct0QED8Kdzqy78BAedM4gwQTKjzNCh03bdYyLYaNtQ6W6_y049f0ghtFV-NazBpYe-9kIqsHDeZyjPSztJ-UyHAr2y0m7TckcbPkvmOvFutWASNIpMa-LC3MVRMAVauiFWM0sN2omLEK1NB9M6JB7bgPkdQ2zDI_FlIp7-F1O2byD7c7HNbwBCIf39SEQZacehil6yDewh7H6KuPGAh6oXp-r6N_K9Ku49vN91JXVUOgAuoqibaqp5ergBAGABuejyt-_4rO_lAGgBiGoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIjhgBAQAYAKA_oLAggBgAwB0BUBgBcBshccChoSFHB1Yi0xMzEwODUyNjA0MzM1MjU0GK7fbw&sigh=PRspBD7H5tA&uach_m=[UACH]&cid=CAQSPwCNIrLMcHOJRu-DVJhYZIuRw7ySjThuqWtojHHjEIe11gKndapW89wUvJmvCNme5xL53PrbHYYOyaxB1E7xZRgB
Requested by: Host: www.upmedia.mg
URL: https://www.upmedia.mg/news_info.php?SerialNo=61811&Type=12
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 142.250.186.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra24s04-in-f2.1e100.net
Software: /
Resource Hash

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://889d10e83f292ac4ee6083347361810f.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

GET
H2 200 / Show response
track.adform.net/adfscript/ Frame 0A59 2 KB
2 KB 28ms
23ms Script
text/javascript 37.157.4.39
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://track.adform.net/adfscript/?bn=50164610;rtbwp=YgDLyAAG6XUHg4BOAAsxURmnvrPLXr5VMfDFOA;rtbdata=jMNqeDmYZHibDnIgzt4-fgCR8_ehjEJCDzOkY1ojpmsJnpYh3G6SfQL3A9aIACnCB0Zv1VhWI64Fyzx9l78Py7_zeeSRM0Eyr5r79CfzW0h9LKiWo1PPofBj2NyBKc80QIbiHWa2Uia4ppZNcYceNlmQZ58i267krTJOVeTfSXTMhGbCB9SBDN34PbV52RPmlPnW41ZLZGHS37P1byhjWViI8lT_lFPNZJCAXRTAtge63d_lBavBR8xPOC-5skXJrqF6uSNkXwFZlbtHJmC0BQ3IekhF8Wc4KDyUr2xntfzhQW6FXjSrzw2;nofp=1;click=https://adclick.g.doubleclick.net/aclk?sa=L&ai=CIQnmyMsAYvXSG86AjuwP0eKs8ALovpiUXKCls8n9CMCNtwEQASAAYJWakoKgB4IBF2NhLXB1Yi0xMzEwODUyNjA0MzM1MjU0yAEJqQK_bdhkoqOEPuACAKgDAaoErAJP0BaSVqvtI-cSWAAuuI2Roc6fzMVMPGy1A60MOJkqdUxbI-sCw1azacRWN5IauvPPhWlWz3J9lJ2d9cnrS5UioxXU6uRcSAAWUDYV4LbAh-rGaVYwqli-A-arjtvV5fvIVfmxjFIL5Pr15NqtAB7Ct0QED8Kdzqy78BAedM4gwQTKjzNCh03bdYyLYaNtQ6W6_y049f0ghtFV-NazBpYe-9kIqsHDeZyjPSztJ-UyHAr2y0m7TckcbPkvmOvFutWASNIpMa-LC3MVRMAVauiFWM0sN2omLEK1NB9M6JB7bgPkdQ2zDI_FlIp7-F1O2byD7c7HNbwBCIf39SEQZacehil6ijWRFS1ii49sozputuRqKLve_mKy2OurB2WukSKtpKa68xcQiUAdZBHgBAGABuejyt-_4rO_lAGgBiGoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIjhgBAQAfoLAggBgAwB0BUBgBcB&num=1&sig=AOD64_3qvd1sVXB5a13SWqoZueAF8Ah4pQ&client=ca-pub-1310852604335254&adurl=

Requested by

Host: www.upmedia.mg
URL: https://www.upmedia.mg/news_info.php?SerialNo=61811&Type=12

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.4.39 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

ee1229a3684a04d2778613d1e3e827d6ccc9b332b2359a9b5e2372381435071d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://889d10e83f292ac4ee6083347361810f.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 07 Feb 2022 07:35:36 GMT
content-encoding: gzip
server: nginx
vary: Accept-Encoding
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
strict-transport-security: max-age=31536000; includeSubDomains
content-type: text/javascript; charset=utf-8
content-length: 1736
expires: -1

GET
H3 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220201/r20110914/client/ Frame 0A59 2 KB
1 KB 31ms
6ms Script
text/javascript 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220201/r20110914/client/window_focus_fy2019.js

Requested by

Host: www.upmedia.mg
URL: https://www.upmedia.mg/news_info.php?SerialNo=61811&Type=12

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

144822a1b5316a4e9a06ffbf5802b8c1cbbc0a3f230d81b98f362f7fe4c128c8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://889d10e83f292ac4ee6083347361810f.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 07 Feb 2022 07:29:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 396
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1205
x-xss-protection: 0
server: cafe
etag: 18074202747124231361
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 21 Feb 2022 07:29:00 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 0A59 123 KB
37 KB 63ms
59ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: www.upmedia.mg
URL: https://www.upmedia.mg/news_info.php?SerialNo=61811&Type=12

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d3a6fb9e39c82eed501889521b19cc4fc13d1104f83128928775b520c86f8abc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://889d10e83f292ac4ee6083347361810f.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 07 Feb 2022 07:35:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 38146
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1643806174374025"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Mon, 07 Feb 2022 07:35:36 GMT

GET
H3 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220201/r20110914/client/ Frame 0A59 14 KB
6 KB 31ms
6ms Script
text/javascript 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220201/r20110914/client/qs_click_protection_fy2019.js

Requested by

Host: www.upmedia.mg
URL: https://www.upmedia.mg/news_info.php?SerialNo=61811&Type=12

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

80182a21e69d7232583dcf7b19a5cfb9a597e7adbcc22f1a14e4096d8602612d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://889d10e83f292ac4ee6083347361810f.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 07 Feb 2022 07:34:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 38
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6204
x-xss-protection: 0
server: cafe
etag: 12229469669374805284
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 21 Feb 2022 07:34:58 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame 0A59 0
0 39ms
14ms Image
text/html 2a00:1450:4001:82b::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaTuFPpAQrYUQ_FprZo_wvuzxaPRvHaDADwDWwugoZIxVWNLiiaweFN5Hmvws_ILCcBBtl_cT8txH0NJ9m-BEzYpbzNjNw
Requested by: Host: www.upmedia.mg
URL: https://www.upmedia.mg/news_info.php?SerialNo=61811&Type=12
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://889d10e83f292ac4ee6083347361810f.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

GET
H3 200 ext.js Show response
tpc.googlesyndication.com/safeframe/1-0-38/js/ Frame 0A59 22 KB
7 KB 32ms
7ms Script
text/javascript 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/safeframe/1-0-38/js/ext.js

Requested by

Host: www.upmedia.mg
URL: https://www.upmedia.mg/news_info.php?SerialNo=61811&Type=12

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0bcac89d72d5f0b2bef20f815406384ff05489e4294acee57409060c2eccffc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://889d10e83f292ac4ee6083347361810f.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Fri, 04 Feb 2022 06:44:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 262286
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7022
x-xss-protection: 0
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Sat, 04 Feb 2023 06:44:10 GMT

GET
H3

200

gpt.js Show response
securepubads.g.doubleclick.net/tag/js/
Redirect Chain

https://securepubads.g.doubleclick.net/tag/js/gpt.js?_=1644219335853
https://securepubads.g.doubleclick.net/tag/js/gpt.js

80 KB
27 KB

68ms
67ms

Script
text/javascript

142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: www.upmedia.mg
URL: https://www.upmedia.mg/news_info.php?SerialNo=61811&Type=12

Protocol

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

sffe /

Resource Hash

371ad158bdcebe56a0a9aabba13412221715717eb6fb26a13e16026e2844aaa8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.upmedia.mg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 07 Feb 2022 07:35:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 27226
x-xss-protection: 0
server: sffe
etag: "1124 / 536 of 1000 / last-modified: 1644015917"
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Mon, 07 Feb 2022 07:35:36 GMT

Redirect headers

date: Mon, 07 Feb 2022 07:35:36 GMT
x-content-type-options: nosniff
server: sffe
content-type: text/html; charset=UTF-8
location: https://securepubads.g.doubleclick.net/tag/js/gpt.js
cache-control: public, max-age=1800
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 249
x-xss-protection: 0
expires: Mon, 07 Feb 2022 08:05:36 GMT

GET
H3

200

gpt.js Show response
securepubads.g.doubleclick.net/tag/js/
Redirect Chain

https://securepubads.g.doubleclick.net/tag/js/gpt.js?_=1644219335854
https://securepubads.g.doubleclick.net/tag/js/gpt.js

80 KB
27 KB

36ms
35ms

Script
text/javascript

142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: www.upmedia.mg
URL: https://www.upmedia.mg/news_info.php?SerialNo=61811&Type=12

Protocol

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

sffe /

Resource Hash

a003c063a2d3c1526d14237e09e79a2b13e01d2a10d57b236a9a3f6b8d37d4f8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.upmedia.mg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 07 Feb 2022 07:35:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 27221
x-xss-protection: 0
server: sffe
etag: "1124 / 30 of 1000 / last-modified: 1644015869"
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Mon, 07 Feb 2022 07:35:36 GMT

Redirect headers

date: Mon, 07 Feb 2022 07:35:36 GMT
x-content-type-options: nosniff
server: sffe
content-type: text/html; charset=UTF-8
location: https://securepubads.g.doubleclick.net/tag/js/gpt.js
cache-control: public, max-age=1800
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 249
x-xss-protection: 0
expires: Mon, 07 Feb 2022 08:05:36 GMT

GET
H3 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
122 B 31ms
15ms Script
application/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=www.upmedia.mg

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022020101.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.upmedia.mg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 07 Feb 2022 07:35:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
122 B 30ms
14ms Script
application/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.upmedia.mg

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022020101.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.upmedia.mg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 07 Feb 2022 07:35:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 26 KB
11 KB 363ms
363ms XHR
text/plain 142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=2835779083117571&correlator=3610366848041844&output=ldjh&impl=fifs&eid=31061814%2C31064671%2C31064019%2C31062930&vrg=2022020101&ptt=17&sc=1&sfv=1-0-38&ecs=20220207&iu_parts=21787810958%3A303462569%2Cupmedia.mg_article_sidebar_top&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x250&cookie=ID%3Df4b1e5fd6938a7f7-22c5b60637cd0040%3AT%3D1644219335%3AS%3DALNI_MZg8kxV7K253lj_zG9ndWJZNx50DA&bc=31&abxe=1&dt=1644219336724&lmt=1644219336&dlt=1644219335373&idt=543&frm=20&biw=1600&bih=1200&oid=2&adxs=1185&adys=322&adks=647807112&ucis=9&ifi=11&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&dmc=8&url=https%3A%2F%2Fwww.upmedia.mg%2Fnews_info.php%3FSerialNo%3D61811%26Type%3D12&vis=1&scr_x=0&scr_y=0&psz=300x886&msz=300x250&psts=AGkb-H9awlplzm3R5rYar7qljqzk&ga_vid=501655294.1644219336&ga_sid=1644219336&ga_hid=660759529&ga_fc=true&fws=0&ohw=0&btvi=0&nvt=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022020101.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

cafe /

Resource Hash

90ec3ba9d138d52be29a3693995d6e2aca5e0a85d5e8fd4a46e58b62d44f3b37

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.upmedia.mg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 07 Feb 2022 07:35:37 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11601
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.upmedia.mg
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 33 KB
12 KB 605ms
604ms XHR
text/plain 142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=2835779083117571&correlator=3610366848041844&output=ldjh&impl=fifs&eid=31061814%2C31064671%2C31064019%2C31062930&vrg=2022020101&ptt=17&sc=1&sfv=1-0-38&ecs=20220207&iu_parts=21787810958%3A303462569%2Cupmedia.mg_article_sidebar_middle&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x600&cookie=ID%3Df4b1e5fd6938a7f7-22c5b60637cd0040%3AT%3D1644219335%3AS%3DALNI_MZg8kxV7K253lj_zG9ndWJZNx50DA&bc=31&abxe=1&dt=1644219336726&lmt=1644219336&dlt=1644219335373&idt=543&frm=20&biw=1600&bih=1200&oid=2&adxs=1185&adys=590&adks=3997564383&ucis=a&ifi=12&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&dmc=8&url=https%3A%2F%2Fwww.upmedia.mg%2Fnews_info.php%3FSerialNo%3D61811%26Type%3D12&vis=1&scr_x=0&scr_y=0&psz=300x886&msz=300x600&psts=AGkb-H9awlplzm3R5rYar7qljqzk&ga_vid=501655294.1644219336&ga_sid=1644219336&ga_hid=660759529&ga_fc=true&fws=0&ohw=0&btvi=0&nvt=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022020101.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

cafe /

Resource Hash

217e572ee9167a742ad31a9438ae0435df4b330767ab52553314e1b6a546d3d4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.upmedia.mg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 07 Feb 2022 07:35:37 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12539
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.upmedia.mg
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 ad_impression.gif
beacon.krxd.net/ Frame B601 0
338 B 101ms
29ms Image
text/plain 54.76.155.32
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://beacon.krxd.net/ad_impression.gif?confid=waehuk1t0&campaignid=2520049&advertiserid=DE_NIVEA_Adform_Carat&placementid=8494836&adid=50643176&creativeid=50643176&siteid=www.upmedia.mg&rnd=15349
Requested by: Host: 889d10e83f292ac4ee6083347361810f.safeframe.googlesyndication.com
URL: https://889d10e83f292ac4ee6083347361810f.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.76.155.32 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-76-155-32.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://889d10e83f292ac4ee6083347361810f.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 07 Feb 2022 07:35:36 GMT
cache-control: private, no-cache, no-store
x-request-time: D=36 t=1644219336
x-served-by: beacon-n021-dub-prod.krxd.net
p3p: policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

GET
H2 200 pd Show response
jp-u.openx.net/w/1.0/ Frame DB05 0
177 B 32ms
16ms Document
text/html 34.98.64.218
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://jp-u.openx.net/w/1.0/pd?plm=10&ph=41369f8c-6fd8-4c86-b8bb-fad81774416e
Requested by: Host: 889d10e83f292ac4ee6083347361810f.safeframe.googlesyndication.com
URL: https://889d10e83f292ac4ee6083347361810f.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/17.1.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://889d10e83f292ac4ee6083347361810f.safeframe.googlesyndication.com/

Response headers

vary: Accept, Accept-Encoding
server: OXGW/17.1.0
date: Mon, 07 Feb 2022 07:35:36 GMT
content-type: text/html
content-length: 20
content-encoding: gzip
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

GET
DATA 200
OK truncated
/ Frame B601 208 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 01a7819541d3a41501fbdd0897420e84dbead38cb1e0f84b459414cddd97f9a2

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 bootstrap.js Show response
s1.adform.net/stoat/626/s1.adform.net/ Frame 0A59 33 KB
16 KB 29ms
29ms Script
text/javascript 37.157.5.72
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js
Requested by: Host: track.adform.net
URL: https://track.adform.net/adfscript/?bn=50164610;rtbwp=YgDLyAAG6XUHg4BOAAsxURmnvrPLXr5VMfDFOA;rtbdata=jMNqeDmYZHibDnIgzt4-fgCR8_ehjEJCDzOkY1ojpmsJnpYh3G6SfQL3A9aIACnCB0Zv1VhWI64Fyzx9l78Py7_zeeSRM0Eyr5r79CfzW0h9LKiWo1PPofBj2NyBKc80QIbiHWa2Uia4ppZNcYceNlmQZ58i267krTJOVeTfSXTMhGbCB9SBDN34PbV52RPmlPnW41ZLZGHS37P1byhjWViI8lT_lFPNZJCAXRTAtge63d_lBavBR8xPOC-5skXJrqF6uSNkXwFZlbtHJmC0BQ3IekhF8Wc4KDyUr2xntfzhQW6FXjSrzw2;nofp=1;click=https://adclick.g.doubleclick.net/aclk?sa=L&ai=CIQnmyMsAYvXSG86AjuwP0eKs8ALovpiUXKCls8n9CMCNtwEQASAAYJWakoKgB4IBF2NhLXB1Yi0xMzEwODUyNjA0MzM1MjU0yAEJqQK_bdhkoqOEPuACAKgDAaoErAJP0BaSVqvtI-cSWAAuuI2Roc6fzMVMPGy1A60MOJkqdUxbI-sCw1azacRWN5IauvPPhWlWz3J9lJ2d9cnrS5UioxXU6uRcSAAWUDYV4LbAh-rGaVYwqli-A-arjtvV5fvIVfmxjFIL5Pr15NqtAB7Ct0QED8Kdzqy78BAedM4gwQTKjzNCh03bdYyLYaNtQ6W6_y049f0ghtFV-NazBpYe-9kIqsHDeZyjPSztJ-UyHAr2y0m7TckcbPkvmOvFutWASNIpMa-LC3MVRMAVauiFWM0sN2omLEK1NB9M6JB7bgPkdQ2zDI_FlIp7-F1O2byD7c7HNbwBCIf39SEQZacehil6ijWRFS1ii49sozputuRqKLve_mKy2OurB2WukSKtpKa68xcQiUAdZBHgBAGABuejyt-_4rO_lAGgBiGoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIjhgBAQAfoLAggBgAwB0BUBgBcB&num=1&sig=AOD64_3qvd1sVXB5a13SWqoZueAF8Ah4pQ&client=ca-pub-1310852604335254&adurl=
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.157.5.72 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software: nginx /
Resource Hash: 3155cd449a2085846e620747cc4f30dbf639cfcf5f4211e1c7224043e8806d45

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://889d10e83f292ac4ee6083347361810f.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 07 Feb 2022 07:35:36 GMT
content-encoding: gzip
last-modified: Wed, 26 Jan 2022 13:59:05 GMT
server: nginx
x-cache-status: HIT
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=100000
expires: Tue, 08 Feb 2022 11:12:37 GMT

GET
H2 200 adsbytenmax.js Show response
tenmax-static.cacafly.net/ssp/ 124 KB
37 KB 92ms
34ms Script
application/javascript 2606:4700:10::6816:8ee
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://tenmax-static.cacafly.net/ssp/adsbytenmax.js
Requested by: Host: api.pvmax.net
URL: https://api.pvmax.net/v1.0/pvmax.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:8ee , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cc05e9f04683682906d0ad443881bd19fce83e240bbaeeb6ec814ce757204ee4

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.upmedia.mg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Mon, 07 Feb 2022 07:35:36 GMT
content-encoding: gzip
cf-cache-status: HIT
content-md5: U63yZkrSK7TVVVQvpY1AAQ==
age: 5800
x-ms-lease-status: unlocked
last-modified: Thu, 18 Nov 2021 05:59:49 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
x-ms-request-id: aa19dd91-401e-0069-22eb-e7bd5b000000
access-control-expose-headers: x-ms-request-id,x-ms-version,x-ms-lease-status,x-ms-blob-type
cache-control: max-age=1800
x-ms-version: 2009-09-19
cf-ray: 6d9af1475e3059dd-MXP

GET
H2 200 universal.js Show response
tenmax-static.cacafly.net/ssp/ 124 KB
37 KB 87ms
30ms Script
application/javascript 2606:4700:10::6816:8ee
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://tenmax-static.cacafly.net/ssp/universal.js
Requested by: Host: api.pvmax.net
URL: https://api.pvmax.net/v1.0/pvmax.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:8ee , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e14a47af6697d522e9da6e3a944ae8503d38e81abdaf2c0e245aa4f54934aaaf

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.upmedia.mg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Mon, 07 Feb 2022 07:35:36 GMT
content-encoding: gzip
cf-cache-status: HIT
content-md5: LnF7Tq18cPiljgzcn1Jiiw==
age: 867
x-ms-lease-status: unlocked
last-modified: Thu, 18 Nov 2021 05:59:41 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
x-ms-request-id: fbd86398-701e-0061-7544-dca628000000
access-control-expose-headers: x-ms-request-id,x-ms-version,x-ms-lease-status,x-ms-blob-type
cache-control: max-age=1800
x-ms-version: 2009-09-19
cf-ray: 6d9af1475e3359dd-MXP

GET
H2 200 popup-en.html Show response
api.pvmax.net/popup/ Frame 07E7 3 KB
1 KB 327ms
327ms Document
text/html 2606:4700:10::6816:4a44
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://api.pvmax.net/popup/popup-en.html?cacheBuster=1644219336792
Requested by: Host: api.pvmax.net
URL: https://api.pvmax.net/v1.0/pvmax.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:4a44 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0125bea16a83a08016d5d52d6d30a8ba9f334d507f4977b36c981ece39e53d0f

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.upmedia.mg/

Response headers

date: Mon, 07 Feb 2022 07:35:37 GMT
content-type: text/html
x-guploader-uploadid: ADPycduUnt1fxgYtaAEn5am7-vTtNgXr3BXnud7PYnuJs59UNOdZjxsYZOQn1Y6YNn72LQ3nLjxyKu4crxQ27P8CUKU
expires: Mon, 07 Feb 2022 08:35:36 GMT
cache-control: public, max-age=3600
last-modified: Wed, 02 Dec 2020 06:36:33 GMT
x-goog-generation: 1606890993083577
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 2653
x-goog-meta-goog-reserved-file-mtime: 1606890975
x-goog-hash: crc32c=sNaNFQ== md5=cipCXCw1QZQbfiZX3AAlqw==
x-goog-storage-class: MULTI_REGIONAL
access-control-allow-origin: *
access-control-expose-headers: Content-Type
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 6d9af1470ec43752-MXP
content-encoding: gzip

GET
H2 200 logo-mini.png
api.pvmax.net/logo/ 483 B
816 B 23ms
23ms Image
image/png 2606:4700:10::6816:4a44
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://api.pvmax.net/logo/logo-mini.png
Requested by: Host: www.upmedia.mg
URL: https://www.upmedia.mg/news_info.php?SerialNo=61811&Type=12
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:4a44 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 519eb98dcb4e16d19e91185a49cffd292b3cb5506cdbff0448583ba639b836a0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.upmedia.mg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 07 Feb 2022 07:35:36 GMT
cf-cache-status: HIT
x-goog-meta-goog-reserved-file-mtime: 1606890975
age: 777
x-guploader-uploadid: ADPycduaX61HR6uXxfPoaqavCALJjFR8L5opu7Y75Z4_z_JRGMUmPigNUbm7oSE9k7fB5R_xWFsv7rf-2LgyyaCRRqY
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
content-type: image/png
content-length: 483
last-modified: Wed, 02 Dec 2020 06:36:32 GMT
server: cloudflare
etag: "aa295a2ab3fb2de7725df4c6f7553147"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-goog-hash: crc32c=FHDE/Q==, md5=qilaKrP7LedyXfTG91UxRw==
x-goog-generation: 1606890992646570
access-control-allow-origin: *
access-control-expose-headers: Content-Type
cache-control: public, max-age=3600
x-goog-stored-content-length: 483
accept-ranges: bytes
cf-ray: 6d9af1471eee3752-MXP
expires: Mon, 07 Feb 2022 08:22:38 GMT

GET
DATA 200
OK truncated
/ 42 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Content-Type: image/gif

GET
H2 200 Standard Show response
s1.adform.net/stoat/626/s1.adform.net/load/v/0.0.217/e/igSBggDQ/i/vCAv.IAAAAAoAA/r:AdConstructor:contents/ImageTag:types/ Frame B601 85 KB
37 KB 32ms
31ms Script
text/javascript 37.157.5.72
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL: https://s1.adform.net/stoat/626/s1.adform.net/load/v/0.0.217/e/igSBggDQ/i/vCAv.IAAAAAoAA/r:AdConstructor:contents/ImageTag:types/Standard
Requested by: Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.157.5.72 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software: nginx /
Resource Hash: 0808dc2d2a687e420d40b158c5f88ff5241c36d014c36ee586744cfb9c5ed47e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://889d10e83f292ac4ee6083347361810f.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 07 Feb 2022 07:35:36 GMT
content-encoding: gzip
last-modified: Wed, 26 Jan 2022 13:59:05 GMT
server: nginx
x-cache-status: HIT
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=100000
expires: Tue, 08 Feb 2022 11:13:00 GMT

GET
H2 200 / Show response
track.adform.net/adfserve/ Frame 0A59 7 KB
4 KB 23ms
23ms Script
text/javascript 37.157.4.39
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://track.adform.net/adfserve/?CC=1&bn=50164610;rtbwp=YgDLyAAG6XUHg4BOAAsxURmnvrPLXr5VMfDFOA;rtbdata=jMNqeDmYZHibDnIgzt4-fgCR8_ehjEJCDzOkY1ojpmsJnpYh3G6SfQL3A9aIACnCB0Zv1VhWI64Fyzx9l78Py7_zeeSRM0Eyr5r79CfzW0h9LKiWo1PPofBj2NyBKc80QIbiHWa2Uia4ppZNcYceNlmQZ58i267krTJOVeTfSXTMhGbCB9SBDN34PbV52RPmlPnW41ZLZGHS37P1byhjWViI8lT_lFPNZJCAXRTAtge63d_lBavBR8xPOC-5skXJrqF6uSNkXwFZlbtHJmC0BQ3IekhF8Wc4KDyUr2xntfzhQW6FXjSrzw2;nofp=1;click=https://adclick.g.doubleclick.net/aclk?sa=L&ai=CIQnmyMsAYvXSG86AjuwP0eKs8ALovpiUXKCls8n9CMCNtwEQASAAYJWakoKgB4IBF2NhLXB1Yi0xMzEwODUyNjA0MzM1MjU0yAEJqQK_bdhkoqOEPuACAKgDAaoErAJP0BaSVqvtI-cSWAAuuI2Roc6fzMVMPGy1A60MOJkqdUxbI-sCw1azacRWN5IauvPPhWlWz3J9lJ2d9cnrS5UioxXU6uRcSAAWUDYV4LbAh-rGaVYwqli-A-arjtvV5fvIVfmxjFIL5Pr15NqtAB7Ct0QED8Kdzqy78BAedM4gwQTKjzNCh03bdYyLYaNtQ6W6_y049f0ghtFV-NazBpYe-9kIqsHDeZyjPSztJ-UyHAr2y0m7TckcbPkvmOvFutWASNIpMa-LC3MVRMAVauiFWM0sN2omLEK1NB9M6JB7bgPkdQ2zDI_FlIp7-F1O2byD7c7HNbwBCIf39SEQZacehil6ijWRFS1ii49sozputuRqKLve_mKy2OurB2WukSKtpKa68xcQiUAdZBHgBAGABuejyt-_4rO_lAGgBiGoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIjhgBAQAfoLAggBgAwB0BUBgBcB&num=1&sig=AOD64_3qvd1sVXB5a13SWqoZueAF8Ah4pQ&client=ca-pub-1310852604335254&adurl=;js=1;adfxid=2x;2108;set=en-US|en-US|1600X1200|0|300|250|24|8|3|7|1|;fd=0|0&CREFURL=https%3A%2F%2Fwww.upmedia.mg

Requested by

Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.4.39 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

bf16629dd98e4bb51ebb72d91e9c3acfa8265ade602eabee8282e8f38accc02c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://889d10e83f292ac4ee6083347361810f.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 07 Feb 2022 07:35:36 GMT
content-encoding: gzip
server: nginx
vary: Accept-Encoding
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
strict-transport-security: max-age=31536000; includeSubDomains
content-type: text/javascript; charset=utf-8
content-length: 3239
expires: -1

GET
DATA 200
OK truncated
/ 368 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 43b8924e1838709ed3c11df6d5de135cf72acbc72d0628f5299964dd3ba24aab

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 ima3.js Show response
imasdk.googleapis.com/js/sdkloader/ 376 KB
125 KB 91ms
66ms Script
text/javascript 2a00:1450:4001:809::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/sdkloader/ima3.js

Requested by

Host: s.trvdp.com
URL: https://s.trvdp.com/scripts/v5.724/ins.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b4a576181de48e65c16476d10dcb5de9730675835d885ae49ae1ae3a67ae950b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.upmedia.mg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 07 Feb 2022 07:35:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 127061
x-xss-protection: 0
expires: Mon, 07 Feb 2022 07:35:36 GMT

GET
H2 204 pixel.gif
p.trvdp.com/ 0
51 B 352ms
114ms Image
text/plain 54.174.237.181
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://p.trvdp.com/pixel.gif?e=3WvWP13MTT4YDKLlGFOevsgCc6vABAY1gey/bmACg/mp0XeKwRA+eHSGBrM3J5HNylHtcEtYvRrU9qed2m42JKqtgdEpu8Z+LMazVp/5fBffUMJsq7DoDj3fBnbxUVi8ltPF1A7sl7ohH8aQfpIXNYxJa7RrFF+VdgO6opnXapVUUXttYkie9gs0vaxy2uG3iwYJH2bbnT8jKJ9hPOe8MWmwZnyrhzKDoH+nJKzbygeIyQIM1SC59rZ+6LbkVt9+
Requested by: Host: www.upmedia.mg
URL: https://www.upmedia.mg/news_info.php?SerialNo=61811&Type=12
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.174.237.181 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-174-237-181.compute-1.amazonaws.com
Software: nginx/1.6.2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.upmedia.mg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 07 Feb 2022 07:35:37 GMT
server: nginx/1.6.2

GET
H2 200 7d58df7b3176237d00370d6ace839164e243aece_2.jpg
vid597.trvdp.com/images/ 62 KB
62 KB 63ms
12ms Image
image/jpeg 2600:9000:2251:6600:c:41fa:6240:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://vid597.trvdp.com/images/7d58df7b3176237d00370d6ace839164e243aece_2.jpg?Expires=1644304852&Signature=OdrTiqgFScxtN1-zFKzuk7f92hDSw-Ui8VeO7Pokfa-UMQIds~PylU2fENVK2uniA7kSdGAcCLiztV~Qsi~QcwfGQfZRu0PZQyta9~nuZE1-TCZh~1avM~LU-jzJlOOvlq9K3mfE8noH9Gkv3z3U-5qLwGjJYfcoQtHkiPjiJkynwsMavxBJNkjr4lHKqCVN5i4Z8gMowBHomSsuoyN9mK4JkPAnqDhfv-yJlYcyHCysltwsCTINeET2x6Bu~VuGuI~~212hjmxhSFaLzc6MAuhEBDZmofbYJOZo4~HlrEcf3c0vLT4El8U8n2qozKcc4vD3n1ZZE-0FlA6BDGSbPA__&Key-Pair-Id=APKAJQPXW35KA6HJKSMQ
Requested by: Host: www.upmedia.mg
URL: https://www.upmedia.mg/news_info.php?SerialNo=61811&Type=12
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2251:6600:c:41fa:6240:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: d318018d6f6a7de9cc5e37af102ca016cc1ef619c093d3447f6735e674caba35

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.upmedia.mg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 07 Feb 2022 02:17:19 GMT
via: 1.1 4612dc3b414cf2057f542e94733d59bc.cloudfront.net (CloudFront)
last-modified: Mon, 07 Feb 2022 02:02:54 GMT
server: AmazonS3
age: 19098
etag: "44380c2a6f1f858178bfc5ac032476af"
x-cache: Hit from cloudfront
content-type: image/jpeg
cache-control: public, max-age=31536000
x-amz-cf-pop: FRA60-P3
accept-ranges: bytes
content-length: 63105
x-amz-cf-id: Kux-daWniZnW-HoUi8WGi9asrYJd_VgsfwTJUrdh6Y0erxT7pg5lrQ==

GET
H3 200 XLY9IZb5bJNDGYxLBibeHZ0BvssrbXwuVcgUbQ3zF6M3eg1qzxeg6QwzxcSPzLZfXbm0Gs_7uos.118.woff2
fonts.gstatic.com/s/notoseriftc/v6/ 62 KB
62 KB 27ms
12ms Font
font/woff2 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/notoseriftc/v6/XLY9IZb5bJNDGYxLBibeHZ0BvssrbXwuVcgUbQ3zF6M3eg1qzxeg6QwzxcSPzLZfXbm0Gs_7uos.118.woff2

Requested by

Host: www.upmedia.mg
URL: https://www.upmedia.mg/css/fonts.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c10d2ca03db89e32aea5a917dd71ae0b1e5acfddccf80494a33df642e954d458

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.upmedia.mg/
Origin: https://www.upmedia.mg
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Wed, 02 Feb 2022 07:47:35 GMT
x-content-type-options: nosniff
age: 431281
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 63496
x-xss-protection: 0
last-modified: Tue, 16 Jul 2019 03:24:25 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Thu, 02 Feb 2023 07:47:35 GMT

GET
H3 200 XLY9IZb5bJNDGYxLBibeHZ0BvssrbXwuVcgUbQ3zF6M3eg1qzxeg6QwzxcSPzLZfXbm0Gs_7uos.119.woff2
fonts.gstatic.com/s/notoseriftc/v6/ 34 KB
34 KB 22ms
8ms Font
font/woff2 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/notoseriftc/v6/XLY9IZb5bJNDGYxLBibeHZ0BvssrbXwuVcgUbQ3zF6M3eg1qzxeg6QwzxcSPzLZfXbm0Gs_7uos.119.woff2

Requested by

Host: www.upmedia.mg
URL: https://www.upmedia.mg/css/fonts.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6785473e049e821b09e334869ce33fab0034b510485238f097fcdbe66acef187

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.upmedia.mg/
Origin: https://www.upmedia.mg
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Wed, 02 Feb 2022 09:42:08 GMT
x-content-type-options: nosniff
age: 424408
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 34776
x-xss-protection: 0
last-modified: Tue, 16 Jul 2019 03:24:30 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Thu, 02 Feb 2023 09:42:08 GMT

GET
DATA 200
OK truncated
/ Frame 0A59 217 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 16eeb4e3f9643a223810ecc0a37e99dce1b1d47f54274aa9c04a2e55f167c0c8

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 XLYgIZb5bJNDGYxLBibeHZ0BhnJsUnN3PrBufRbmGqUtcg4pzRPk5AEpzv6YzI9aTbOhf6M.118.woff2
fonts.gstatic.com/s/notoseriftc/v6/ 61 KB
61 KB 40ms
31ms Font
font/woff2 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/notoseriftc/v6/XLYgIZb5bJNDGYxLBibeHZ0BhnJsUnN3PrBufRbmGqUtcg4pzRPk5AEpzv6YzI9aTbOhf6M.118.woff2

Requested by

Host: www.upmedia.mg
URL: https://www.upmedia.mg/css/fonts.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e1ed332112466dd48d0ce36435c780728b5a2663ec3a27203b410b9c1b4e820a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.upmedia.mg/
Origin: https://www.upmedia.mg
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 01 Feb 2022 19:31:28 GMT
x-content-type-options: nosniff
age: 475448
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 62148
x-xss-protection: 0
last-modified: Tue, 16 Jul 2019 03:21:52 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Wed, 01 Feb 2023 19:31:28 GMT

GET
H3 200 XLYgIZb5bJNDGYxLBibeHZ0BhnJsUnN3PrBufRbmGqUtcg4pzRPk5AEpzv6YzI9aTbOhf6M.117.woff2
fonts.gstatic.com/s/notoseriftc/v6/ 66 KB
66 KB 23ms
15ms Font
font/woff2 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/notoseriftc/v6/XLYgIZb5bJNDGYxLBibeHZ0BhnJsUnN3PrBufRbmGqUtcg4pzRPk5AEpzv6YzI9aTbOhf6M.117.woff2

Requested by

Host: www.upmedia.mg
URL: https://www.upmedia.mg/css/fonts.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c6c2b7bab05f229d52688154dfee125ec9dbb30500c940e028eea8796d4d0124

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.upmedia.mg/
Origin: https://www.upmedia.mg
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Wed, 02 Feb 2022 07:47:35 GMT
x-content-type-options: nosniff
age: 431281
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 67360
x-xss-protection: 0
last-modified: Tue, 16 Jul 2019 03:21:53 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Thu, 02 Feb 2023 07:47:35 GMT

GET
H3 200 XLYgIZb5bJNDGYxLBibeHZ0BhnJsUnN3PrBufRbmGqUtcg4pzRPk5AEpzv6YzI9aTbOhf6M.116.woff2
fonts.gstatic.com/s/notoseriftc/v6/ 71 KB
71 KB 26ms
19ms Font
font/woff2 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/notoseriftc/v6/XLYgIZb5bJNDGYxLBibeHZ0BhnJsUnN3PrBufRbmGqUtcg4pzRPk5AEpzv6YzI9aTbOhf6M.116.woff2

Requested by

Host: www.upmedia.mg
URL: https://www.upmedia.mg/css/fonts.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f7f0ab9cd528d7c7472d26a2f9f73cbe20cea0a5a9b8ad30b38a3bc878ea43e3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.upmedia.mg/
Origin: https://www.upmedia.mg
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 01 Feb 2022 23:47:07 GMT
x-content-type-options: nosniff
age: 460109
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 72632
x-xss-protection: 0
last-modified: Tue, 16 Jul 2019 03:21:39 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Wed, 01 Feb 2023 23:47:07 GMT

GET
H3 200 XLY9IZb5bJNDGYxLBibeHZ0BvssrbXwuVcgUbQ3zF6M3eg1qzxeg6QwzxcSPzLZfXbm0Gs_7uos.117.woff2
fonts.gstatic.com/s/notoseriftc/v6/ 67 KB
68 KB 33ms
29ms Font
font/woff2 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/notoseriftc/v6/XLY9IZb5bJNDGYxLBibeHZ0BvssrbXwuVcgUbQ3zF6M3eg1qzxeg6QwzxcSPzLZfXbm0Gs_7uos.117.woff2

Requested by

Host: www.upmedia.mg
URL: https://www.upmedia.mg/css/fonts.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c3e0fc205ad46e9fa2364a2b71a69279d819abe128a489987e3aeb458612e441

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.upmedia.mg/
Origin: https://www.upmedia.mg
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Fri, 04 Feb 2022 11:00:38 GMT
x-content-type-options: nosniff
age: 246898
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 69092
x-xss-protection: 0
last-modified: Tue, 16 Jul 2019 03:24:29 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Sat, 04 Feb 2023 11:00:38 GMT

GET
H3 200 XLY9IZb5bJNDGYxLBibeHZ0BvssrbXwuVcgUbQ3zF6M3eg1qzxeg6QwzxcSPzLZfXbm0Gs_7uos.116.woff2
fonts.gstatic.com/s/notoseriftc/v6/ 74 KB
74 KB 21ms
20ms Font
font/woff2 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/notoseriftc/v6/XLY9IZb5bJNDGYxLBibeHZ0BvssrbXwuVcgUbQ3zF6M3eg1qzxeg6QwzxcSPzLZfXbm0Gs_7uos.116.woff2

Requested by

Host: www.upmedia.mg
URL: https://www.upmedia.mg/css/fonts.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b653f2d721b7be044661fd5a3bd2e3bbe9b82498dba0ad46ecadc25c31601e3b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.upmedia.mg/
Origin: https://www.upmedia.mg
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Wed, 02 Feb 2022 23:02:20 GMT
x-content-type-options: nosniff
age: 376396
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 75384
x-xss-protection: 0
last-modified: Tue, 16 Jul 2019 03:24:33 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Thu, 02 Feb 2023 23:02:20 GMT

GET
H3 200 XLY9IZb5bJNDGYxLBibeHZ0BvssrbXwuVcgUbQ3zF6M3eg1qzxeg6QwzxcSPzLZfXbm0Gs_7uos.115.woff2
fonts.gstatic.com/s/notoseriftc/v6/ 75 KB
75 KB 23ms
23ms Font
font/woff2 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/notoseriftc/v6/XLY9IZb5bJNDGYxLBibeHZ0BvssrbXwuVcgUbQ3zF6M3eg1qzxeg6QwzxcSPzLZfXbm0Gs_7uos.115.woff2

Requested by

Host: www.upmedia.mg
URL: https://www.upmedia.mg/css/fonts.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

abfca4e99921285b4c8f134ad1796acc42945a3c71fa1adc8467c0aed83dfe46

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.upmedia.mg/
Origin: https://www.upmedia.mg
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Wed, 02 Feb 2022 04:01:11 GMT
x-content-type-options: nosniff
age: 444865
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 76908
x-xss-protection: 0
last-modified: Tue, 16 Jul 2019 03:24:26 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Thu, 02 Feb 2023 04:01:11 GMT

GET
H3 200 XLY9IZb5bJNDGYxLBibeHZ0BvssrbXwuVcgUbQ3zF6M3eg1qzxeg6QwzxcSPzLZfXbm0Gs_7uos.114.woff2
fonts.gstatic.com/s/notoseriftc/v6/ 74 KB
74 KB 31ms
31ms Font
font/woff2 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/notoseriftc/v6/XLY9IZb5bJNDGYxLBibeHZ0BvssrbXwuVcgUbQ3zF6M3eg1qzxeg6QwzxcSPzLZfXbm0Gs_7uos.114.woff2

Requested by

Host: www.upmedia.mg
URL: https://www.upmedia.mg/css/fonts.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f092d56d7cf0d6afcd9e76c8538638f13ca61e1a96508f279abceded94d84246

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.upmedia.mg/
Origin: https://www.upmedia.mg
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Wed, 02 Feb 2022 07:47:35 GMT
x-content-type-options: nosniff
age: 431281
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 75716
x-xss-protection: 0
last-modified: Tue, 16 Jul 2019 03:26:25 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Thu, 02 Feb 2023 07:47:35 GMT

GET
H3 200 XLY9IZb5bJNDGYxLBibeHZ0BvssrbXwuVcgUbQ3zF6M3eg1qzxeg6QwzxcSPzLZfXbm0Gs_7uos.112.woff2
fonts.gstatic.com/s/notoseriftc/v6/ 77 KB
78 KB 36ms
35ms Font
font/woff2 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/notoseriftc/v6/XLY9IZb5bJNDGYxLBibeHZ0BvssrbXwuVcgUbQ3zF6M3eg1qzxeg6QwzxcSPzLZfXbm0Gs_7uos.112.woff2

Requested by

Host: www.upmedia.mg
URL: https://www.upmedia.mg/css/fonts.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

93afb81d346b0114e1ea6edf6e4c9789481cea971f9b3a06cf7b7eb488ba05e1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.upmedia.mg/
Origin: https://www.upmedia.mg
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sun, 06 Feb 2022 08:42:19 GMT
x-content-type-options: nosniff
age: 82397
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 79352
x-xss-protection: 0
last-modified: Tue, 16 Jul 2019 03:26:16 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Mon, 06 Feb 2023 08:42:19 GMT

GET
H3 200 XLY9IZb5bJNDGYxLBibeHZ0BvssrbXwuVcgUbQ3zF6M3eg1qzxeg6QwzxcSPzLZfXbm0Gs_7uos.110.woff2
fonts.gstatic.com/s/notoseriftc/v6/ 79 KB
79 KB 51ms
50ms Font
font/woff2 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/notoseriftc/v6/XLY9IZb5bJNDGYxLBibeHZ0BvssrbXwuVcgUbQ3zF6M3eg1qzxeg6QwzxcSPzLZfXbm0Gs_7uos.110.woff2

Requested by

Host: www.upmedia.mg
URL: https://www.upmedia.mg/css/fonts.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6b02fa45218625795d89950fd645838c8c4d7f6cb7f893fef9a8e191bfb204af

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.upmedia.mg/
Origin: https://www.upmedia.mg
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 01 Feb 2022 23:47:07 GMT
x-content-type-options: nosniff
age: 460109
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 81028
x-xss-protection: 0
last-modified: Tue, 16 Jul 2019 03:26:28 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Wed, 01 Feb 2023 23:47:07 GMT

GET
H3 200 XLY9IZb5bJNDGYxLBibeHZ0BvssrbXwuVcgUbQ3zF6M3eg1qzxeg6QwzxcSPzLZfXbm0Gs_7uos.108.woff2
fonts.gstatic.com/s/notoseriftc/v6/ 71 KB
71 KB 52ms
52ms Font
font/woff2 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/notoseriftc/v6/XLY9IZb5bJNDGYxLBibeHZ0BvssrbXwuVcgUbQ3zF6M3eg1qzxeg6QwzxcSPzLZfXbm0Gs_7uos.108.woff2

Requested by

Host: www.upmedia.mg
URL: https://www.upmedia.mg/css/fonts.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

311cf3a7782168ebcc0f85de83dc1474072fba0e835e3a5a565c5061c4d7a4a8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.upmedia.mg/
Origin: https://www.upmedia.mg
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Fri, 04 Feb 2022 11:10:48 GMT
x-content-type-options: nosniff
age: 246288
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 73168
x-xss-protection: 0
last-modified: Tue, 16 Jul 2019 03:26:19 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Sat, 04 Feb 2023 11:10:48 GMT

GET
H3 200 XLY9IZb5bJNDGYxLBibeHZ0BvssrbXwuVcgUbQ3zF6M3eg1qzxeg6QwzxcSPzLZfXbm0Gs_7uos.104.woff2
fonts.gstatic.com/s/notoseriftc/v6/ 66 KB
66 KB 54ms
54ms Font
font/woff2 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/notoseriftc/v6/XLY9IZb5bJNDGYxLBibeHZ0BvssrbXwuVcgUbQ3zF6M3eg1qzxeg6QwzxcSPzLZfXbm0Gs_7uos.104.woff2

Requested by

Host: www.upmedia.mg
URL: https://www.upmedia.mg/css/fonts.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

dc0d73c41dbec615509751bcd61f60533890e105f419fc50e1143f9395ae5227

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.upmedia.mg/
Origin: https://www.upmedia.mg
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Fri, 04 Feb 2022 13:17:33 GMT
x-content-type-options: nosniff
age: 238683
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 67988
x-xss-protection: 0
last-modified: Tue, 16 Jul 2019 03:22:38 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Sat, 04 Feb 2023 13:17:33 GMT

GET
H3 200 XLYgIZb5bJNDGYxLBibeHZ0BhnJsUnN3PrBufRbmGqUtcg4pzRPk5AEpzv6YzI9aTbOhf6M.115.woff2
fonts.gstatic.com/s/notoseriftc/v6/ 73 KB
73 KB 54ms
54ms Font
font/woff2 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/notoseriftc/v6/XLYgIZb5bJNDGYxLBibeHZ0BhnJsUnN3PrBufRbmGqUtcg4pzRPk5AEpzv6YzI9aTbOhf6M.115.woff2

Requested by

Host: www.upmedia.mg
URL: https://www.upmedia.mg/css/fonts.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

20d1b3e68226539ee1befa4e362c8be95c062686cc9556d422135c9df7cabcb9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.upmedia.mg/
Origin: https://www.upmedia.mg
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 01 Feb 2022 23:47:07 GMT
x-content-type-options: nosniff
age: 460109
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 75140
x-xss-protection: 0
last-modified: Tue, 16 Jul 2019 03:21:44 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Wed, 01 Feb 2023 23:47:07 GMT

GET
H3 200 XLYgIZb5bJNDGYxLBibeHZ0BhnJsUnN3PrBufRbmGqUtcg4pzRPk5AEpzv6YzI9aTbOhf6M.114.woff2
fonts.gstatic.com/s/notoseriftc/v6/ 72 KB
72 KB 59ms
58ms Font
font/woff2 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/notoseriftc/v6/XLYgIZb5bJNDGYxLBibeHZ0BhnJsUnN3PrBufRbmGqUtcg4pzRPk5AEpzv6YzI9aTbOhf6M.114.woff2

Requested by

Host: www.upmedia.mg
URL: https://www.upmedia.mg/css/fonts.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2a6c2ee6907e4997f221a2a46bf8faee0eacec736d54a6973a311876db5f3aff

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.upmedia.mg/
Origin: https://www.upmedia.mg
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Wed, 02 Feb 2022 07:47:36 GMT
x-content-type-options: nosniff
age: 431280
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 73916
x-xss-protection: 0
last-modified: Tue, 16 Jul 2019 03:21:46 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Thu, 02 Feb 2023 07:47:36 GMT

GET
H3 200 XLYgIZb5bJNDGYxLBibeHZ0BhnJsUnN3PrBufRbmGqUtcg4pzRPk5AEpzv6YzI9aTbOhf6M.113.woff2
fonts.gstatic.com/s/notoseriftc/v6/ 75 KB
75 KB 60ms
59ms Font
font/woff2 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/notoseriftc/v6/XLYgIZb5bJNDGYxLBibeHZ0BhnJsUnN3PrBufRbmGqUtcg4pzRPk5AEpzv6YzI9aTbOhf6M.113.woff2

Requested by

Host: www.upmedia.mg
URL: https://www.upmedia.mg/css/fonts.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

39785e11f5691152f2df6618fd7ec32f634ae712fd72cbdd9e5e5e951b45c5d4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.upmedia.mg/
Origin: https://www.upmedia.mg
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Wed, 02 Feb 2022 07:47:36 GMT
x-content-type-options: nosniff
age: 431280
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 76348
x-xss-protection: 0
last-modified: Tue, 16 Jul 2019 03:21:50 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Thu, 02 Feb 2023 07:47:36 GMT

GET
H3 200 XLYgIZb5bJNDGYxLBibeHZ0BhnJsUnN3PrBufRbmGqUtcg4pzRPk5AEpzv6YzI9aTbOhf6M.112.woff2
fonts.gstatic.com/s/notoseriftc/v6/ 75 KB
75 KB 80ms
77ms Font
font/woff2 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/notoseriftc/v6/XLYgIZb5bJNDGYxLBibeHZ0BhnJsUnN3PrBufRbmGqUtcg4pzRPk5AEpzv6YzI9aTbOhf6M.112.woff2

Requested by

Host: www.upmedia.mg
URL: https://www.upmedia.mg/css/fonts.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f391358d52bc90c43a751754cd67a3ef99319b67a9bc4153c248df8830f5e466

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.upmedia.mg/
Origin: https://www.upmedia.mg
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Wed, 02 Feb 2022 13:55:33 GMT
x-content-type-options: nosniff
age: 409203
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 76732
x-xss-protection: 0
last-modified: Tue, 16 Jul 2019 03:21:45 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Thu, 02 Feb 2023 13:55:33 GMT

GET
H3 200 XLYgIZb5bJNDGYxLBibeHZ0BhnJsUnN3PrBufRbmGqUtcg4pzRPk5AEpzv6YzI9aTbOhf6M.110.woff2
fonts.gstatic.com/s/notoseriftc/v6/ 76 KB
76 KB 87ms
84ms Font
font/woff2 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/notoseriftc/v6/XLYgIZb5bJNDGYxLBibeHZ0BhnJsUnN3PrBufRbmGqUtcg4pzRPk5AEpzv6YzI9aTbOhf6M.110.woff2

Requested by

Host: www.upmedia.mg
URL: https://www.upmedia.mg/css/fonts.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

fbb5a700094409ba321ed63b2d293f1acb6934c15c4999fe206ba553a1ceda12

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.upmedia.mg/
Origin: https://www.upmedia.mg
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 01 Feb 2022 19:31:28 GMT
x-content-type-options: nosniff
age: 475448
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 78280
x-xss-protection: 0
last-modified: Tue, 16 Jul 2019 03:21:56 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Wed, 01 Feb 2023 19:31:28 GMT

GET
H3 200 XLYgIZb5bJNDGYxLBibeHZ0BhnJsUnN3PrBufRbmGqUtcg4pzRPk5AEpzv6YzI9aTbOhf6M.109.woff2
fonts.gstatic.com/s/notoseriftc/v6/ 74 KB
74 KB 82ms
79ms Font
font/woff2 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/notoseriftc/v6/XLYgIZb5bJNDGYxLBibeHZ0BhnJsUnN3PrBufRbmGqUtcg4pzRPk5AEpzv6YzI9aTbOhf6M.109.woff2

Requested by

Host: www.upmedia.mg
URL: https://www.upmedia.mg/css/fonts.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3a59fc0dd7badbd25ef4d8d9d8ddc9c91e456c9cd5863ff30fdade102b62f869

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.upmedia.mg/
Origin: https://www.upmedia.mg
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 01 Feb 2022 13:41:00 GMT
x-content-type-options: nosniff
age: 496476
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 75404
x-xss-protection: 0
last-modified: Tue, 16 Jul 2019 03:21:39 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Wed, 01 Feb 2023 13:41:00 GMT

GET
H3 200 XLYgIZb5bJNDGYxLBibeHZ0BhnJsUnN3PrBufRbmGqUtcg4pzRPk5AEpzv6YzI9aTbOhf6M.108.woff2
fonts.gstatic.com/s/notoseriftc/v6/ 70 KB
70 KB 91ms
90ms Font
font/woff2 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/notoseriftc/v6/XLYgIZb5bJNDGYxLBibeHZ0BhnJsUnN3PrBufRbmGqUtcg4pzRPk5AEpzv6YzI9aTbOhf6M.108.woff2

Requested by

Host: www.upmedia.mg
URL: https://www.upmedia.mg/css/fonts.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

aefc8e50742cf3f1a28c9eef6522e3d3b1e573af55a387b23015ed965df8d948

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.upmedia.mg/
Origin: https://www.upmedia.mg
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 01 Feb 2022 23:47:07 GMT
x-content-type-options: nosniff
age: 460109
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 71220
x-xss-protection: 0
last-modified: Tue, 16 Jul 2019 03:21:40 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Wed, 01 Feb 2023 23:47:07 GMT

GET
H3 200 XLYgIZb5bJNDGYxLBibeHZ0BhnJsUnN3PrBufRbmGqUtcg4pzRPk5AEpzv6YzI9aTbOhf6M.105.woff2
fonts.gstatic.com/s/notoseriftc/v6/ 65 KB
65 KB 105ms
105ms Font
font/woff2 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/notoseriftc/v6/XLYgIZb5bJNDGYxLBibeHZ0BhnJsUnN3PrBufRbmGqUtcg4pzRPk5AEpzv6YzI9aTbOhf6M.105.woff2

Requested by

Host: www.upmedia.mg
URL: https://www.upmedia.mg/css/fonts.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0a1be9981c0d8e130ef5bc7fecac75fb26a7428b9e91a8faedda343db76f2a6a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.upmedia.mg/
Origin: https://www.upmedia.mg
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 01 Feb 2022 19:31:29 GMT
x-content-type-options: nosniff
age: 475447
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 66364
x-xss-protection: 0
last-modified: Tue, 16 Jul 2019 03:21:33 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Wed, 01 Feb 2023 19:31:29 GMT

GET
H3 200 XLYgIZb5bJNDGYxLBibeHZ0BhnJsUnN3PrBufRbmGqUtcg4pzRPk5AEpzv6YzI9aTbOhf6M.104.woff2
fonts.gstatic.com/s/notoseriftc/v6/ 65 KB
65 KB 111ms
111ms Font
font/woff2 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/notoseriftc/v6/XLYgIZb5bJNDGYxLBibeHZ0BhnJsUnN3PrBufRbmGqUtcg4pzRPk5AEpzv6YzI9aTbOhf6M.104.woff2

Requested by

Host: www.upmedia.mg
URL: https://www.upmedia.mg/css/fonts.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9628a65b1c9f6d580d18b1025e5224cfe10f21c66b73ca8763ba674ab7be814c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.upmedia.mg/
Origin: https://www.upmedia.mg
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Wed, 02 Feb 2022 23:09:48 GMT
x-content-type-options: nosniff
age: 375948
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 66240
x-xss-protection: 0
last-modified: Tue, 16 Jul 2019 03:22:08 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Thu, 02 Feb 2023 23:09:48 GMT

GET
H3 200 XLY9IZb5bJNDGYxLBibeHZ0BvssrbXwuVcgUbQ3zF6M3eg1qzxeg6QwzxcSPzLZfXbm0Gs_7uos.113.woff2
fonts.gstatic.com/s/notoseriftc/v6/ 76 KB
76 KB 114ms
113ms Font
font/woff2 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/notoseriftc/v6/XLY9IZb5bJNDGYxLBibeHZ0BvssrbXwuVcgUbQ3zF6M3eg1qzxeg6QwzxcSPzLZfXbm0Gs_7uos.113.woff2

Requested by

Host: www.upmedia.mg
URL: https://www.upmedia.mg/css/fonts.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

70ba07fd6d1fc71cc98aae93fa37effb594720b42297251546fa2e99c6be1b1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.upmedia.mg/
Origin: https://www.upmedia.mg
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Wed, 02 Feb 2022 04:21:13 GMT
x-content-type-options: nosniff
age: 443663
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 77692
x-xss-protection: 0
last-modified: Tue, 16 Jul 2019 03:26:21 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Thu, 02 Feb 2023 04:21:13 GMT

GET
H3 200 XLY9IZb5bJNDGYxLBibeHZ0BvssrbXwuVcgUbQ3zF6M3eg1qzxeg6QwzxcSPzLZfXbm0Gs_7uos.109.woff2
fonts.gstatic.com/s/notoseriftc/v6/ 75 KB
75 KB 121ms
120ms Font
font/woff2 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/notoseriftc/v6/XLY9IZb5bJNDGYxLBibeHZ0BvssrbXwuVcgUbQ3zF6M3eg1qzxeg6QwzxcSPzLZfXbm0Gs_7uos.109.woff2

Requested by

Host: www.upmedia.mg
URL: https://www.upmedia.mg/css/fonts.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f6b32f5820acbfadd372e59d7a06cd93b7d2f080aa6008d1430fe51bb6203d48

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.upmedia.mg/
Origin: https://www.upmedia.mg
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Fri, 04 Feb 2022 11:00:39 GMT
x-content-type-options: nosniff
age: 246897
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 77144
x-xss-protection: 0
last-modified: Tue, 16 Jul 2019 03:26:22 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Sat, 04 Feb 2023 11:00:39 GMT

GET
H3 200 XLY9IZb5bJNDGYxLBibeHZ0BvssrbXwuVcgUbQ3zF6M3eg1qzxeg6QwzxcSPzLZfXbm0Gs_7uos.107.woff2
fonts.gstatic.com/s/notoseriftc/v6/ 74 KB
74 KB 126ms
125ms Font
font/woff2 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/notoseriftc/v6/XLY9IZb5bJNDGYxLBibeHZ0BvssrbXwuVcgUbQ3zF6M3eg1qzxeg6QwzxcSPzLZfXbm0Gs_7uos.107.woff2

Requested by

Host: www.upmedia.mg
URL: https://www.upmedia.mg/css/fonts.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

46b398a342a9e3ecad72ae77c744cf397f67614ca4a6f5339fea677c3243df02

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.upmedia.mg/
Origin: https://www.upmedia.mg
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Fri, 04 Feb 2022 11:17:08 GMT
x-content-type-options: nosniff
age: 245908
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 75712
x-xss-protection: 0
last-modified: Tue, 16 Jul 2019 03:26:16 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Sat, 04 Feb 2023 11:17:08 GMT

GET
H3 200 XLY9IZb5bJNDGYxLBibeHZ0BvssrbXwuVcgUbQ3zF6M3eg1qzxeg6QwzxcSPzLZfXbm0Gs_7uos.102.woff2
fonts.gstatic.com/s/notoseriftc/v6/ 65 KB
65 KB 122ms
121ms Font
font/woff2 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/notoseriftc/v6/XLY9IZb5bJNDGYxLBibeHZ0BvssrbXwuVcgUbQ3zF6M3eg1qzxeg6QwzxcSPzLZfXbm0Gs_7uos.102.woff2

Requested by

Host: www.upmedia.mg
URL: https://www.upmedia.mg/css/fonts.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

587d78ee993140dcfa279510b69b9c1a840e43d0da96f51fbbd32ae711cad262

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.upmedia.mg/
Origin: https://www.upmedia.mg
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sun, 06 Feb 2022 08:42:19 GMT
x-content-type-options: nosniff
age: 82397
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 66248
x-xss-protection: 0
last-modified: Tue, 16 Jul 2019 03:22:30 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Mon, 06 Feb 2023 08:42:19 GMT

GET
H3 200 XLY9IZb5bJNDGYxLBibeHZ0BvssrbXwuVcgUbQ3zF6M3eg1qzxeg6QwzxcSPzLZfXbm0Gs_7uos.100.woff2
fonts.gstatic.com/s/notoseriftc/v6/ 64 KB
64 KB 129ms
128ms Font
font/woff2 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/notoseriftc/v6/XLY9IZb5bJNDGYxLBibeHZ0BvssrbXwuVcgUbQ3zF6M3eg1qzxeg6QwzxcSPzLZfXbm0Gs_7uos.100.woff2

Requested by

Host: www.upmedia.mg
URL: https://www.upmedia.mg/css/fonts.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c54e111bed9a6b263d07353f9ebf6a36df763e9d450fed644e185a52d15e6664

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.upmedia.mg/
Origin: https://www.upmedia.mg
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Fri, 04 Feb 2022 14:16:22 GMT
x-content-type-options: nosniff
age: 235154
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 65384
x-xss-protection: 0
last-modified: Tue, 16 Jul 2019 03:22:40 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Sat, 04 Feb 2023 14:16:22 GMT

GET
H3 200 XLYgIZb5bJNDGYxLBibeHZ0BhnJsUnN3PrBufRbmGqUtcg4pzRPk5AEpzv6YzI9aTbOhf6M.107.woff2
fonts.gstatic.com/s/notoseriftc/v6/ 72 KB
72 KB 137ms
136ms Font
font/woff2 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/notoseriftc/v6/XLYgIZb5bJNDGYxLBibeHZ0BhnJsUnN3PrBufRbmGqUtcg4pzRPk5AEpzv6YzI9aTbOhf6M.107.woff2

Requested by

Host: www.upmedia.mg
URL: https://www.upmedia.mg/css/fonts.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

42a7a8707a6917c666777176ba2c4a9ca6d88ff10e9cf6ddf4932ff05261f067

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.upmedia.mg/
Origin: https://www.upmedia.mg
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Wed, 02 Feb 2022 23:02:20 GMT
x-content-type-options: nosniff
age: 376396
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 73448
x-xss-protection: 0
last-modified: Tue, 16 Jul 2019 03:21:47 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Thu, 02 Feb 2023 23:02:20 GMT

GET
H3 200 XLYgIZb5bJNDGYxLBibeHZ0BhnJsUnN3PrBufRbmGqUtcg4pzRPk5AEpzv6YzI9aTbOhf6M.89.woff2
fonts.gstatic.com/s/notoseriftc/v6/ 10 KB
10 KB 143ms
142ms Font
font/woff2 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/notoseriftc/v6/XLYgIZb5bJNDGYxLBibeHZ0BhnJsUnN3PrBufRbmGqUtcg4pzRPk5AEpzv6YzI9aTbOhf6M.89.woff2

Requested by

Host: www.upmedia.mg
URL: https://www.upmedia.mg/css/fonts.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

22e641c19e2deab3ff8d58f8c7830b38c22278aef37fdf0cd44006789be1818c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.upmedia.mg/
Origin: https://www.upmedia.mg
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Wed, 02 Feb 2022 23:02:20 GMT
x-content-type-options: nosniff
age: 376396
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10700
x-xss-protection: 0
last-modified: Tue, 16 Jul 2019 03:21:45 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Thu, 02 Feb 2023 23:02:20 GMT

GET
H3 200 XLYgIZb5bJNDGYxLBibeHZ0BhnJsUnN3PrBufRbmGqUtcg4pzRPk5AEpzv6YzI9aTbOhf6M.101.woff2
fonts.gstatic.com/s/notoseriftc/v6/ 60 KB
60 KB 146ms
146ms Font
font/woff2 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/notoseriftc/v6/XLYgIZb5bJNDGYxLBibeHZ0BhnJsUnN3PrBufRbmGqUtcg4pzRPk5AEpzv6YzI9aTbOhf6M.101.woff2

Requested by

Host: www.upmedia.mg
URL: https://www.upmedia.mg/css/fonts.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

83f7ae3b6cc221f09245207c1a643d267580bf13331fd9f8173539ece95522e8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.upmedia.mg/
Origin: https://www.upmedia.mg
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 03 Feb 2022 00:40:16 GMT
x-content-type-options: nosniff
age: 370520
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 61128
x-xss-protection: 0
last-modified: Tue, 16 Jul 2019 03:22:03 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Fri, 03 Feb 2023 00:40:16 GMT

GET
H3 200 XLYgIZb5bJNDGYxLBibeHZ0BhnJsUnN3PrBufRbmGqUtcg4pzRPk5AEpzv6YzI9aTbOhf6M.100.woff2
fonts.gstatic.com/s/notoseriftc/v6/ 63 KB
63 KB 148ms
148ms Font
font/woff2 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/notoseriftc/v6/XLYgIZb5bJNDGYxLBibeHZ0BhnJsUnN3PrBufRbmGqUtcg4pzRPk5AEpzv6YzI9aTbOhf6M.100.woff2

Requested by

Host: www.upmedia.mg
URL: https://www.upmedia.mg/css/fonts.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e36c717f592ad349b99b164864ebc584f11f5a6f760c19b88184c34cdee12dde

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.upmedia.mg/
Origin: https://www.upmedia.mg
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Wed, 02 Feb 2022 13:55:46 GMT
x-content-type-options: nosniff
age: 409190
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 64180
x-xss-protection: 0
last-modified: Tue, 16 Jul 2019 03:21:59 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Thu, 02 Feb 2023 13:55:46 GMT

GET
H3 200 XLYgIZb5bJNDGYxLBibeHZ0BhnJsUnN3PrBufRbmGqUtcg4pzRPk5AEpzv6YzI9aTbOhf6M.111.woff2
fonts.gstatic.com/s/notoseriftc/v6/ 73 KB
73 KB 151ms
151ms Font
font/woff2 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/notoseriftc/v6/XLYgIZb5bJNDGYxLBibeHZ0BhnJsUnN3PrBufRbmGqUtcg4pzRPk5AEpzv6YzI9aTbOhf6M.111.woff2

Requested by

Host: www.upmedia.mg
URL: https://www.upmedia.mg/css/fonts.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ab40bc14232d4b94dc250241de7f3df1e175cd9fbf76d43b75f08fbe158bf83c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.upmedia.mg/
Origin: https://www.upmedia.mg
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Wed, 02 Feb 2022 13:55:33 GMT
x-content-type-options: nosniff
age: 409203
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 74980
x-xss-protection: 0
last-modified: Tue, 16 Jul 2019 03:21:40 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Thu, 02 Feb 2023 13:55:33 GMT

GET
H3 200 XLYgIZb5bJNDGYxLBibeHZ0BhnJsUnN3PrBufRbmGqUtcg4pzRPk5AEpzv6YzI9aTbOhf6M.57.woff2
fonts.gstatic.com/s/notoseriftc/v6/ 47 KB
47 KB 154ms
153ms Font
font/woff2 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/notoseriftc/v6/XLYgIZb5bJNDGYxLBibeHZ0BhnJsUnN3PrBufRbmGqUtcg4pzRPk5AEpzv6YzI9aTbOhf6M.57.woff2

Requested by

Host: www.upmedia.mg
URL: https://www.upmedia.mg/css/fonts.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

41c5eea1f77978efdb0084dfb91c4ace1bc8fc67a5ffaafb99a77fadca7d84ea

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.upmedia.mg/
Origin: https://www.upmedia.mg
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 03 Feb 2022 07:46:11 GMT
x-content-type-options: nosniff
age: 344965
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 47788
x-xss-protection: 0
last-modified: Tue, 16 Jul 2019 03:20:48 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Fri, 03 Feb 2023 07:46:11 GMT

GET
H3 200 XLYgIZb5bJNDGYxLBibeHZ0BhnJsUnN3PrBufRbmGqUtcg4pzRPk5AEpzv6YzI9aTbOhf6M.102.woff2
fonts.gstatic.com/s/notoseriftc/v6/ 63 KB
63 KB 155ms
154ms Font
font/woff2 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/notoseriftc/v6/XLYgIZb5bJNDGYxLBibeHZ0BhnJsUnN3PrBufRbmGqUtcg4pzRPk5AEpzv6YzI9aTbOhf6M.102.woff2

Requested by

Host: www.upmedia.mg
URL: https://www.upmedia.mg/css/fonts.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2fdaec32d631dd64fcaf6da94fa565b49ca2861dfa33280045d9ed3547bc336b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.upmedia.mg/
Origin: https://www.upmedia.mg
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Wed, 02 Feb 2022 04:21:27 GMT
x-content-type-options: nosniff
age: 443649
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 64644
x-xss-protection: 0
last-modified: Tue, 16 Jul 2019 03:21:57 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Thu, 02 Feb 2023 04:21:27 GMT

GET
H3 200 XLYgIZb5bJNDGYxLBibeHZ0BhnJsUnN3PrBufRbmGqUtcg4pzRPk5AEpzv6YzI9aTbOhf6M.103.woff2
fonts.gstatic.com/s/notoseriftc/v6/ 68 KB
68 KB 156ms
155ms Font
font/woff2 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/notoseriftc/v6/XLYgIZb5bJNDGYxLBibeHZ0BhnJsUnN3PrBufRbmGqUtcg4pzRPk5AEpzv6YzI9aTbOhf6M.103.woff2

Requested by

Host: www.upmedia.mg
URL: https://www.upmedia.mg/css/fonts.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2ea2cef2fd04e1bbc69ebc2dd378d00da564ae8517a7c14869cc7abd534c5714

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.upmedia.mg/
Origin: https://www.upmedia.mg
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Wed, 02 Feb 2022 07:47:36 GMT
x-content-type-options: nosniff
age: 431280
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 70004
x-xss-protection: 0
last-modified: Tue, 16 Jul 2019 03:22:08 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Thu, 02 Feb 2023 07:47:36 GMT

GET
H3 200 XLYgIZb5bJNDGYxLBibeHZ0BhnJsUnN3PrBufRbmGqUtcg4pzRPk5AEpzv6YzI9aTbOhf6M.36.woff2
fonts.gstatic.com/s/notoseriftc/v6/ 42 KB
42 KB 154ms
154ms Font
font/woff2 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/notoseriftc/v6/XLYgIZb5bJNDGYxLBibeHZ0BhnJsUnN3PrBufRbmGqUtcg4pzRPk5AEpzv6YzI9aTbOhf6M.36.woff2

Requested by

Host: www.upmedia.mg
URL: https://www.upmedia.mg/css/fonts.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c287fda21fe692127e9bcbf16dd92dd62edcbe10a0e2b52957a258ddabcc37d8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.upmedia.mg/
Origin: https://www.upmedia.mg
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 03 Feb 2022 21:23:23 GMT
x-content-type-options: nosniff
age: 295933
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42792
x-xss-protection: 0
last-modified: Tue, 16 Jul 2019 03:24:47 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Fri, 03 Feb 2023 21:23:23 GMT

GET
H3 200 XLYgIZb5bJNDGYxLBibeHZ0BhnJsUnN3PrBufRbmGqUtcg4pzRPk5AEpzv6YzI9aTbOhf6M.106.woff2
fonts.gstatic.com/s/notoseriftc/v6/ 72 KB
72 KB 155ms
155ms Font
font/woff2 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/notoseriftc/v6/XLYgIZb5bJNDGYxLBibeHZ0BhnJsUnN3PrBufRbmGqUtcg4pzRPk5AEpzv6YzI9aTbOhf6M.106.woff2

Requested by

Host: www.upmedia.mg
URL: https://www.upmedia.mg/css/fonts.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4002c8bd93674c5c6880070a5b8a6f6a2bcc21b2101ccee15ebb972b572ea6e2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.upmedia.mg/
Origin: https://www.upmedia.mg
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 01 Feb 2022 23:47:07 GMT
x-content-type-options: nosniff
age: 460109
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 73276
x-xss-protection: 0
last-modified: Tue, 16 Jul 2019 03:21:35 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Wed, 01 Feb 2023 23:47:07 GMT

GET
H3 200 XLYgIZb5bJNDGYxLBibeHZ0BhnJsUnN3PrBufRbmGqUtcg4pzRPk5AEpzv6YzI9aTbOhf6M.32.woff2
fonts.gstatic.com/s/notoseriftc/v6/ 51 KB
51 KB 157ms
156ms Font
font/woff2 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/notoseriftc/v6/XLYgIZb5bJNDGYxLBibeHZ0BhnJsUnN3PrBufRbmGqUtcg4pzRPk5AEpzv6YzI9aTbOhf6M.32.woff2

Requested by

Host: www.upmedia.mg
URL: https://www.upmedia.mg/css/fonts.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

88ad7b3ce8deb6a240b1fb08e6d495bed0c6211a84ccb396fb9918bf2a791d7d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.upmedia.mg/
Origin: https://www.upmedia.mg
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 01 Feb 2022 23:23:44 GMT
x-content-type-options: nosniff
age: 461512
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 51884
x-xss-protection: 0
last-modified: Tue, 16 Jul 2019 03:24:40 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Wed, 01 Feb 2023 23:23:44 GMT

POST
H2 200 /
track.adform.net/csimpr/ Frame B601 35 B
494 B 31ms
30ms Ping
image/gif 37.157.4.39
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://track.adform.net/csimpr/?bn=52254091&csi=OyisNYuCmh5dI6eS8-IJH0CSDa-Ryt1N5wgtAA58yd3ZKGWOLEEutt6vWmW1dlSa0

Requested by

Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.4.39 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://889d10e83f292ac4ee6083347361810f.safeframe.googlesyndication.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Mon, 07 Feb 2022 07:35:36 GMT
server: nginx
access-control-max-age: 86400
access-control-allow-methods: GET, POST
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: https://889d10e83f292ac4ee6083347361810f.safeframe.googlesyndication.com
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
access-control-allow-headers: Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
expires: -1

GET
H2 200 50643176.gif
s1.adform.net/Banners/50643176/ Frame B601 87 KB
87 KB 34ms
34ms Image
image/gif 37.157.5.72
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s1.adform.net/Banners/50643176/50643176.gif?bv=2

Requested by

Host: 889d10e83f292ac4ee6083347361810f.safeframe.googlesyndication.com
URL: https://889d10e83f292ac4ee6083347361810f.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.5.72 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

a1e0b560582212b6d76aea660a09ce3bf9782df4d62a265d73e87cf1075d4d96

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://889d10e83f292ac4ee6083347361810f.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 07 Feb 2022 07:35:36 GMT
last-modified: Wed, 29 Dec 2021 09:26:58 GMT
server: nginx
etag: "61cc29e2-15bef"
x-cache-status: HIT
strict-transport-security: max-age=0
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: *
cache-control: public, max-age=604800
accept-ranges: bytes
content-type: image/gif
content-length: 89071

GET
H3 200 container.html Show response
889d10e83f292ac4ee6083347361810f.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 6085 6 KB
3 KB 17ms
16ms Document
text/html 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://889d10e83f292ac4ee6083347361810f.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022020101.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.upmedia.mg/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin: *
content-length: 3108
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 07 Feb 2022 07:35:36 GMT
expires: Tue, 07 Feb 2023 07:35:36 GMT
cache-control: public, immutable, max-age=31536000
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
content-type: text/html
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 Standard Show response
s1.adform.net/stoat/626/s1.adform.net/load/v/0.0.217/e/2gSBggDQ/i/vCAv.IAAAAAoAA/r:AdConstructor:contents/ImageTag:types/ Frame 0A59 85 KB
37 KB 47ms
46ms Script
text/javascript 37.157.5.72
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL: https://s1.adform.net/stoat/626/s1.adform.net/load/v/0.0.217/e/2gSBggDQ/i/vCAv.IAAAAAoAA/r:AdConstructor:contents/ImageTag:types/Standard
Requested by: Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.157.5.72 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software: nginx /
Resource Hash: e7aca552b0dfb702f610cfeb2c59025a6d1baa886dc228721a102808ddb54e5e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://889d10e83f292ac4ee6083347361810f.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 07 Feb 2022 07:35:36 GMT
content-encoding: gzip
last-modified: Wed, 26 Jan 2022 13:59:05 GMT
server: nginx
x-cache-status: HIT
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=100000
expires: Tue, 08 Feb 2022 11:14:10 GMT

GET
H/1.1

204

cm
dmp.tenmax.io/
Redirect Chain

https://dmp.tenmax.io/p/b734323b-0532-40a6-8d4e-782e1c96bd3a?random=776964120
https://dmp.tenmax.io/cmp
https://cm.g.doubleclick.net/pixel?google_nid=cacafly&google_ula=514624859,1644219338&google_hm=aW1jaVlJZm9FZXlGMHpNQ2U3ak1GUT09&google_cm
https://dmp.tenmax.io/cm?adx=doubleclick&google_gid=CAESELahnQdkeYHH1Bw0bNRazik&google_cver=1&google_ula=514624859,0

0
421 B

163ms
163ms

Image
text/plain

13.76.34.51
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dmp.tenmax.io/cm?adx=doubleclick&google_gid=CAESELahnQdkeYHH1Bw0bNRazik&google_cver=1&google_ula=514624859,0

Requested by

Host: www.upmedia.mg
URL: https://www.upmedia.mg/news_info.php?SerialNo=61811&Type=12

Protocol

HTTP/1.1

Server

13.76.34.51 Singapore, Singapore, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.upmedia.mg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Mon, 07 Feb 2022 07:35:38 GMT
Server: nginx
Connection: keep-alive
Strict-Transport-Security: max-age=31536000

Redirect headers

pragma: no-cache
date: Mon, 07 Feb 2022 07:35:38 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://dmp.tenmax.io/cm?adx=doubleclick&google_gid=CAESELahnQdkeYHH1Bw0bNRazik&google_cver=1&google_ula=514624859,0
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 325
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK grouped-plan Show response
ssp.tenmax.io/supply/v3/native/ 2 KB
3 KB 2142ms
327ms XHR
application/json 211.21.190.218
HINET Data Commun...

General

Check archive.org

Show headers Download Go to

Full URL: https://ssp.tenmax.io/supply/v3/native/grouped-plan?rmaxSpaceIds=a944c006368241de%2Ca944c006368241de%2Ca944c006368241de%2C5fa8b4358fde4db0&referer=https%3A%2F%2Fwww.upmedia.mg%2Fnews_info.php%3FSerialNo%3D61811%26Type%3D12&cacheBuster=77d100a5-e620-427b-b745-ffba58dd527b
Requested by: Host: tenmax-static.cacafly.net
URL: https://tenmax-static.cacafly.net/ssp/adsbytenmax.js
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_CBC
Server: 211.21.190.218 Hsinchu, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS: 211-21-190-218.hinet-ip.hinet.net
Software: nginx /
Resource Hash: cb6c780528ee77d8207d086ddfea7d4158f2e024584dd31832801328b3ae0707

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.upmedia.mg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Mon, 07 Feb 2022 07:35:39 GMT
Server: nginx
Vary: Origin
P3P: CP="CUR ADM OUR NOR STA NID"
Access-Control-Allow-Origin: https://www.upmedia.mg
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json
Content-Length: 2210
X-Application-Context: application:prod,aggregator,build-ext:58070

GET
H/1.1

200
OK

usync.html Show response
eus.rubiconproject.com/ Frame 423F
Redirect Chain

https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=truvid&endpoint=us-east
https://eus.rubiconproject.com/usync.html?p=truvid&endpoint=us-east

281 B
554 B

70ms
25ms

Document
text/html

104.117.200.100
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.html?p=truvid&endpoint=us-east
Requested by: Host: s.trvdp.com
URL: https://s.trvdp.com/scripts/v5.724/ins.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.117.200.100 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-117-200-100.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.upmedia.mg/

Response headers

Server: Apache/2.2.15 (CentOS)
Last-Modified: Tue, 14 Dec 2021 23:07:59 GMT
ETag: "40014-119-5d32342a551c0"
Accept-Ranges: bytes
Content-Encoding: gzip
Content-Length: 233
Content-Type: text/html; charset=UTF-8
Date: Mon, 07 Feb 2022 07:35:37 GMT
Connection: keep-alive
Vary: Accept-Encoding

Redirect headers

server: AkamaiGHost
content-length: 0
location: https://eus.rubiconproject.com/usync.html?p=truvid&endpoint=us-east
date: Mon, 07 Feb 2022 07:35:37 GMT
access-control-allow-credentials: true
access-control-allow-origin: *

GET
H2

200

sync
ups.analytics.yahoo.com/ups/57304/
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=adaptv_dbm&google_cm&google_sc&_origin=0&gdpr=0&gdpr_consent=&nsync=1
https://pixel.advertising.com/ups/57304/sync?uid=CAESEIwFr6hDVrF-WchmyEOCVag&_origin=0&gdpr=0&gdpr_consent=&nsync=1&google_cver=1
https://pixel.advertising.com/ups/57304/sync?uid=CAESEIwFr6hDVrF-WchmyEOCVag&_origin=0&gdpr=0&gdpr_consent=&nsync=1&google_cver=1&verify=true
https://ups.analytics.yahoo.com/ups/57304/sync?uid=CAESEIwFr6hDVrF-WchmyEOCVag&_origin=0&gdpr=0&gdpr_consent=&nsync=1&google_cver=1&apid=UP8ad61196-87e8-11ec-b702-02a0f9231304
https://ups.analytics.yahoo.com/ups/57304/sync?uid=CAESEIwFr6hDVrF-WchmyEOCVag&_origin=0&gdpr=0&gdpr_consent=&nsync=1&google_cver=1&apid=UP8ad61196-87e8-11ec-b702-02a0f9231304&verify=true

0
0

17ms
17ms

Image
text/xml

3.126.56.137
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ups.analytics.yahoo.com/ups/57304/sync?uid=CAESEIwFr6hDVrF-WchmyEOCVag&_origin=0&gdpr=0&gdpr_consent=&nsync=1&google_cver=1&apid=UP8ad61196-87e8-11ec-b702-02a0f9231304&verify=true
Requested by: Host: www.upmedia.mg
URL: https://www.upmedia.mg/news_info.php?SerialNo=61811&Type=12
Protocol: H2
Server: 3.126.56.137 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-126-56-137.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.upmedia.mg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Redirect headers

location: https://ups.analytics.yahoo.com/ups/57304/sync?uid=CAESEIwFr6hDVrF-WchmyEOCVag&_origin=0&gdpr=0&gdpr_consent=&nsync=1&google_cver=1&apid=UP8ad61196-87e8-11ec-b702-02a0f9231304&verify=true
date: Mon, 07 Feb 2022 07:35:37 GMT
server: ATS/9.1.0.33
age: 0
content-length: 0
strict-transport-security: max-age=31536000
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

GET
DATA 200
OK truncated
/ 13 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 8b8bc4010a374e304ebe69fa345ce460768712d77cbc7a3f816297a675077bd7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 bridge3.496.0_en.html Show response
imasdk.googleapis.com/js/core/ Frame 39F8 601 KB
195 KB 35ms
15ms Document
text/html 2a00:1450:4001:809::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/core/bridge3.496.0_en.html

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b67fad811e7e9b06f1bb367ae9204cbdd235b7de4d8b7131a4d4cb212ce6b298

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.upmedia.mg/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-length: 199641
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sun, 06 Feb 2022 09:23:35 GMT
expires: Mon, 06 Feb 2023 09:23:35 GMT
cache-control: public, max-age=31536000
last-modified: Fri, 28 Jan 2022 21:03:56 GMT
content-type: text/html
age: 79922
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 client.js Show response
s0.2mdn.net/instream/video/ 44 KB
17 KB 70ms
35ms Script
text/javascript 2a00:1450:4001:828::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/instream/video/client.js

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.upmedia.mg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 07 Feb 2022 07:35:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16746
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Mon, 07 Feb 2022 07:35:37 GMT

GET
H2 200 v.php Show response
stg.truvidplayer.com/v5.724/ 52 KB
5 KB 147ms
116ms XHR
text/xml 52.222.214.49
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://stg.truvidplayer.com/v5.724/v.php?st=VkjIprDmHtCsHwwVDDif1w&e=1644305736&ver=5.724&adid=42e0b&videoUrl=//vid597.trvdp.com/media/7d58df7b3176237d00370d6ace839164e243aece/hls/7d58df7b3176237d00370d6ace839164e243aece.m3u8&height=550&width=978&pageHref=https%253A%252F%252Fwww.upmedia.mg%252Fnews_info.php%253FSerialNo%253D61811%2526Type%253D12&videoId=7d58df7b3176237d00370d6ace839164e243aece&d=upmedia.mg&wid=5099&suid=597&env_browser=Chrome%2097.0.4692&imaCount=1
Requested by: Host: s.trvdp.com
URL: https://s.trvdp.com/scripts/v5.724/ins.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.214.49 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-214-49.fra56.r.cloudfront.net
Software: nginx /
Resource Hash: 40f47febdff0bfb793258ef69cb4cb5f53d9d4a3c5e3cba05fec39c413fc7ab6

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.upmedia.mg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 07 Feb 2022 07:35:37 GMT
content-encoding: gzip
server: nginx
x-amz-cf-pop: FRA56-P3
x-cache: Miss from cloudfront
content-type: text/xml;charset=UTF-8
access-control-allow-origin: https://www.upmedia.mg
access-control-allow-credentials: true
x-amz-cf-id: LrceCfl_qlLO4CYSy47tRaViA6a0a3UvwbOh554DekA9hHzA9CXc0w==
via: 1.1 910a343c3141ba3fe805e18bded62490.cloudfront.net (CloudFront)

GET
H2 204 pixel.gif
p.trvdp.com/ 0
50 B 109ms
109ms Image
text/plain 54.174.237.181
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://p.trvdp.com/pixel.gif?e=FOnXzSIhk+CyxMyZgEBVCcgCc6vABAY1gey/bmACg/mp0XeKwRA+eHSGBrM3J5HNylHtcEtYvRrU9qed2m42JKqtgdEpu8Z+LMazVp/5fBdy9dNLEaB+fI2retSWnkRCoC8jszmxVxc5IJerYFusjvKrC6eqX+aIcW/m3yqmEF6wshUgUq0F6gqMsv8HPGaH7o9G7mbmh3j8iJtpD1HmRTsOTbhAyWH+y1JNyy/vllPQZL3U6gdLSpZdwWJgTNvw&cb=33946509
Requested by: Host: www.upmedia.mg
URL: https://www.upmedia.mg/news_info.php?SerialNo=61811&Type=12
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.174.237.181 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-174-237-181.compute-1.amazonaws.com
Software: nginx/1.6.2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.upmedia.mg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 07 Feb 2022 07:35:37 GMT
server: nginx/1.6.2

GET
H3 200 container.html Show response
889d10e83f292ac4ee6083347361810f.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 25EF 6 KB
3 KB 22ms
21ms Document
text/html 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://889d10e83f292ac4ee6083347361810f.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022020101.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.upmedia.mg/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin: *
content-length: 3108
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 07 Feb 2022 07:35:36 GMT
expires: Tue, 07 Feb 2023 07:35:36 GMT
cache-control: public, immutable, max-age=31536000
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
content-type: text/html
age: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 adview
securepubads.g.doubleclick.net/pagead/ Frame 7830 0
0 53ms
53ms Fetch
text/html 142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=CA_QFyMsAYpTEKLeHjuwPx4Kw0AzP2bWTXMz677m0CcCNtwEQASAAYJWakoKgB4IBF2NhLXB1Yi0xMzEwODUyNjA0MzM1MjU0yAEJqQK_bdhkoqOEPuACAKgDAaoEqAJP0BWINw9qni3xXoA6lQFXXwcrXEnYiKEeBJMg9SWJOhYSEQGXUaLxqcfXJuvmTec4NBgbQcjDZI7D8SwqWhWPGGL0VXQV_Xv0QuqD25l5GpkaGM7DJ836jpJHnhYFGG8wh79x0YCP2TB8oqRmlx0zZaw6XQfOZ_W9TIlj0zMJF9ew6-BoRFReJoqKsQrziTQgJMdj3l0-lSXU0gJ51gRVImMsDkl7E-qwQbl0EKH5ffhmAcgQJ1RX_LNgaE-gDD0cjQursxBfW3Foc9sm2BDf-8GVgvAAcnNtGC7iFsZdu0cbZIDyQ8MjcrJDNSCavyHyt5_piypgryFpHnyN6RwZaMSBAk06tthZ9G0YWH2I_1jg3q9IFXHhTY8tSZgnMm2ujne9I8OPuOAEAYAGldXKneS_l6vmAaAGIagHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIiOGAEBABgAoD-gsCCAGADAHQFQGAFwGyFxwKGhIUcHViLTEzMTA4NTI2MDQzMzUyNTQYrt9v&sigh=M_2vASgw0zM&uach_m=[UACH]&cid=CAQSPgCNIrLMe88ci-i0GZmgGWsDqdfgaI3fmb75BWJtCicrc4QWTbywiY7S1S4dBmYY4I4CmuKgo8ss4QEFHi9xGAE
Requested by: Host: www.upmedia.mg
URL: https://www.upmedia.mg/news_info.php?SerialNo=61811&Type=12
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 142.250.186.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra24s04-in-f2.1e100.net
Software: /
Resource Hash

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://889d10e83f292ac4ee6083347361810f.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

GET
H2 200 / Show response
track.adform.net/adfscript/ Frame 7830 2 KB
2 KB 28ms
24ms Script
text/javascript 37.157.4.39
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://track.adform.net/adfscript/?bn=52254093;rtbwp=YgDLyAAKIhQHg4O3AAwBR3NFLrPcGKCKUsWjww;rtbdata=jMNqeDmYZHibDnIgzt4-fl-bd0MqYDIim-I0drwFCDuaWE0NIwVUKQL3A9aIACnCB0Zv1VhWI64Fyzx9l78Py7_zeeSRM0Eyr5r79CfzW0iag0nNn_TStEye2KeopdR4MFDp5O7uaj_yymh-VrdgmZs5XDL9fi68SYRKiXCTSZl3tbO4rkqAG4cYzl9qtvWOdgsN_AQemAdl8hdnRbMkxKVALddH3N8jgfj35guPjuorwb68EUq2Y6K_IPMYxulwaJWNQ70dz8h6IM1vhZUWdKdovcMQiYlBD_i3RU2ug_v0latrEgR-HddHufY0UWTL6X87A6d42owCFlfrQY9LtRr6e8m9Qr7QnUWk5VKigEzhQW6FXjSrzw2;nofp=1;click=https://adclick.g.doubleclick.net/aclk?sa=L&ai=CWayyyMsAYpTEKLeHjuwPx4Kw0AzP2bWTXMz677m0CcCNtwEQASAAYJWakoKgB4IBF2NhLXB1Yi0xMzEwODUyNjA0MzM1MjU0yAEJqQK_bdhkoqOEPuACAKgDAaoEqwJP0BWINw9qni3xXoA6lQFXXwcrXEnYiKEeBJMg9SWJOhYSEQGXUaLxqcfXJuvmTec4NBgbQcjDZI7D8SwqWhWPGGL0VXQV_Xv0QuqD25l5GpkaGM7DJ836jpJHnhYFGG8wh79x0YCP2TB8oqRmlx0zZaw6XQfOZ_W9TIlj0zMJF9ew6-BoRFReJoqKsQrziTQgJMdj3l0-lSXU0gJ51gRVImMsDkl7E-qwQbl0EKH5ffhmAcgQJ1RX_LNgaE-gDD0cjQursxBfW3Foc9sm2BDf-8GVgvAAcnNtGC7iFsZdu0cbZIDyQ8MjcrJDNSCavyHyt5_piypgryFpHnyN6RwZaMTDAGyoPjSSjLPTU75gq5wgurtC3HvPVXb7uczj-MCwom836hD3ZqUTCuAEAYAGldXKneS_l6vmAaAGIagHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIiOGAEBAB-gsCCAGADAHQFQGAFwE&num=1&sig=AOD64_0X_0nIMHAukiBSyV15h-hS0RjtWA&client=ca-pub-1310852604335254&adurl=

Requested by

Host: www.upmedia.mg
URL: https://www.upmedia.mg/news_info.php?SerialNo=61811&Type=12

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.4.39 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

6318550f5912b8080b39aee5a2ecb0981b2a71316e89ad74c283bf1797e7bdfd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://889d10e83f292ac4ee6083347361810f.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 07 Feb 2022 07:35:37 GMT
content-encoding: gzip
server: nginx
vary: Accept-Encoding
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
strict-transport-security: max-age=31536000; includeSubDomains
content-type: text/javascript; charset=utf-8
content-length: 1821
expires: -1

GET
H3 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220201/r20110914/client/ Frame 7830 2 KB
1 KB 21ms
19ms Script
text/javascript 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220201/r20110914/client/window_focus_fy2019.js

Requested by

Host: www.upmedia.mg
URL: https://www.upmedia.mg/news_info.php?SerialNo=61811&Type=12

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

144822a1b5316a4e9a06ffbf5802b8c1cbbc0a3f230d81b98f362f7fe4c128c8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://889d10e83f292ac4ee6083347361810f.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 07 Feb 2022 07:29:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 397
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1205
x-xss-protection: 0
server: cafe
etag: 18074202747124231361
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 21 Feb 2022 07:29:00 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 7830 123 KB
37 KB 25ms
24ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: www.upmedia.mg
URL: https://www.upmedia.mg/news_info.php?SerialNo=61811&Type=12

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d3a6fb9e39c82eed501889521b19cc4fc13d1104f83128928775b520c86f8abc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://889d10e83f292ac4ee6083347361810f.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 07 Feb 2022 07:35:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 38146
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1643806174374025"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Mon, 07 Feb 2022 07:35:37 GMT

GET
H3 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220201/r20110914/client/ Frame 7830 14 KB
6 KB 21ms
20ms Script
text/javascript 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220201/r20110914/client/qs_click_protection_fy2019.js

Requested by

Host: www.upmedia.mg
URL: https://www.upmedia.mg/news_info.php?SerialNo=61811&Type=12

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

80182a21e69d7232583dcf7b19a5cfb9a597e7adbcc22f1a14e4096d8602612d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://889d10e83f292ac4ee6083347361810f.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 07 Feb 2022 07:34:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 39
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6204
x-xss-protection: 0
server: cafe
etag: 12229469669374805284
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 21 Feb 2022 07:34:58 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame 7830 0
0 24ms
23ms Image
text/html 2a00:1450:4001:82b::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaQ5Ve6NSbcAuQclryxDBtUWLHkxl9lDPGSr02yDFgC45rd765EQ8hT_A40JJo8W9cSvreb7biTXg6cp5jgw09POH49zMA
Requested by: Host: www.upmedia.mg
URL: https://www.upmedia.mg/news_info.php?SerialNo=61811&Type=12
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://889d10e83f292ac4ee6083347361810f.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

GET
H3 200 ext.js Show response
tpc.googlesyndication.com/safeframe/1-0-38/js/ Frame 7830 22 KB
7 KB 22ms
21ms Script
text/javascript 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/safeframe/1-0-38/js/ext.js

Requested by

Host: www.upmedia.mg
URL: https://www.upmedia.mg/news_info.php?SerialNo=61811&Type=12

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0bcac89d72d5f0b2bef20f815406384ff05489e4294acee57409060c2eccffc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://889d10e83f292ac4ee6083347361810f.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Fri, 04 Feb 2022 06:44:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 262287
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7022
x-xss-protection: 0
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Sat, 04 Feb 2023 06:44:10 GMT

POST
H2 200 /
track.adform.net/csimpr/ Frame 0A59 35 B
503 B 22ms
22ms Ping
image/gif 37.157.4.39
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://track.adform.net/csimpr/?bn=50164610&csi=tRxoADIyHkzO_SA-1BsiUBjMpENcvuCNQ5ROf3GtGfzrygPkIxxfk14Fl4XExVRWHhoWzRNX-4cXmP6Qcs9OU2QBbo50IEXs0

Requested by

Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.4.39 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://889d10e83f292ac4ee6083347361810f.safeframe.googlesyndication.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Mon, 07 Feb 2022 07:35:37 GMT
server: nginx
access-control-max-age: 86400
access-control-allow-methods: GET, POST
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: https://889d10e83f292ac4ee6083347361810f.safeframe.googlesyndication.com
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
access-control-allow-headers: Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
expires: -1

GET
H2 200 48811273.png
s1.adform.net/Banners/48811273/ Frame 0A59 39 KB
39 KB 24ms
24ms Image
image/png 37.157.5.72
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s1.adform.net/Banners/48811273/48811273.png?bv=2

Requested by

Host: www.upmedia.mg
URL: https://www.upmedia.mg/news_info.php?SerialNo=61811&Type=12

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.5.72 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

70f9df229f790b8ed4fe768fb42e0c77a3e90526d8253a7ad15d977a551bce22

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://889d10e83f292ac4ee6083347361810f.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 07 Feb 2022 07:35:37 GMT
last-modified: Wed, 13 Oct 2021 08:03:59 GMT
server: nginx
etag: "616692ef-9cbb"
x-cache-status: HIT
strict-transport-security: max-age=0
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: *
cache-control: public, max-age=604800
accept-ranges: bytes
content-type: image/png
content-length: 40123

GET
H3 200 omweb-v1.js Show response
pagead2.googlesyndication.com/omsdk/releases/live/ Frame 5482 37 KB
13 KB 9ms
9ms Script
text/javascript 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js

Requested by

Host: srcdoc
URL: about:srcdoc

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e2511b147f3cf95f742758d3e2062eac98f5265a859dc07959eb8a32f0a2f528

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.upmedia.mg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 07 Feb 2022 06:41:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 3246
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/omsdk-team-release-policy
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12861
x-xss-protection: 0
last-modified: Tue, 26 Oct 2021 20:08:54 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="omsdk-team-release-policy"
vary: Accept-Encoding
report-to: {"group":"omsdk-team-release-policy","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/omsdk-team-release-policy"}]}
content-type: text/javascript
cache-control: public, max-age=3600
accept-ranges: bytes
expires: Mon, 07 Feb 2022 07:41:31 GMT

GET
H2 204 pixel.gif
p.trvdp.com/ 0
50 B 99ms
98ms Image
text/plain 54.174.237.181
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://p.trvdp.com/pixel.gif?e=otfMbHyCEyYHdI4uOWB/zxhbucxoQn6+m8LJBgAVn2a+l+sSR8X3jDfYy9IIWZuRZm6jWdwQzRwIPDrhStJtuKkr4iLXzlxVRWDDwWLuQTl816n9ADVEmiMcWGGK9p8AUJFX21W5BeW94sRqVNO764Q+0O32xHszh89jMo3nJqxQKO0UC+UgK05Iq/1QDrlZ/L+otpJQt2Fp8LQ3a7XMWCvMUShA6CycVhmJztD7It98O1X+ZrvGZdnaYXEz966799JyL8jZ5wOx9xThYq56Jhdx2TrLQ3zb9R0KM0GHl8X/Wvg+Mhx7qFNFv40SZaPtjtp0Q1/zQDl+a9hnKox+v5obJwgM6lTgkc9KD3lWenk=&cb=99292366
Requested by: Host: www.upmedia.mg
URL: https://www.upmedia.mg/news_info.php?SerialNo=61811&Type=12
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.174.237.181 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-174-237-181.compute-1.amazonaws.com
Software: nginx/1.6.2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.upmedia.mg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 07 Feb 2022 07:35:37 GMT
server: nginx/1.6.2

GET
H3 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
122 B 18ms
18ms Script
application/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=www.upmedia.mg

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.upmedia.mg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 07 Feb 2022 07:35:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
122 B 18ms
18ms Script
application/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.upmedia.mg

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.upmedia.mg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 07 Feb 2022 07:35:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 204 pixel.gif
p.trvdp.com/ 0
50 B 98ms
98ms Image
text/plain 54.174.237.181
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://p.trvdp.com/pixel.gif?e=J1l5m7P1HA0YYnjkZ+4POhhbucxoQn6+m8LJBgAVn2a+l+sSR8X3jDfYy9IIWZuRZm6jWdwQzRwIPDrhStJtuKkr4iLXzlxVRWDDwWLuQTl816n9ADVEmiMcWGGK9p8AUJFX21W5BeW94sRqVNO764Q+0O32xHszh89jMo3nJqxQKO0UC+UgK05Iq/1QDrlZ/L+otpJQt2Fp8LQ3a7XMWCvMUShA6CycVhmJztD7It98O1X+ZrvGZdnaYXEz9667v0uPNXfbX+N9CbsjJMvg89sKyxMcBAwV/1VP+m9mVD7/Wvg+Mhx7qFNFv40SZaPtjtp0Q1/zQDl+a9hnKox+v5obJwgM6lTgkc9KD3lWenk=&cb=36902206
Requested by: Host: www.upmedia.mg
URL: https://www.upmedia.mg/news_info.php?SerialNo=61811&Type=12
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.174.237.181 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-174-237-181.compute-1.amazonaws.com
Software: nginx/1.6.2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.upmedia.mg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 07 Feb 2022 07:35:37 GMT
server: nginx/1.6.2

GET
H2 200 killswitch_config.js Show response
avividone.likr.tw/killswitch/ 282 B
274 B 53ms
42ms Script
application/javascript 2606:4700:10::6816:2a5e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://avividone.likr.tw/killswitch/killswitch_config.js
Requested by: Host: www.upmedia.mg
URL: https://www.upmedia.mg/news_info.php?SerialNo=61811&Type=12
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:2a5e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 985ecf47e94361c366e2521124bf5c5ac81b8016252ef1813b8dce0e91639027

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.upmedia.mg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 07 Feb 2022 07:35:37 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Wed, 26 Jan 2022 02:09:40 GMT
server: cloudflare
age: 1150
etag: "11a-5d672b1bca815-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=10800
accept-ranges: bytes
cf-ray: 6d9af14b0a5959e3-MXP
content-length: 143

GET
H2 200 aws-sdk-AviviD-min-1.000.3.js Show response
avivid.likr.tw/sample/ 274 KB
78 KB 26ms
25ms Script
text/javascript 2606:4700:10::6816:2a5e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://avivid.likr.tw/sample/aws-sdk-AviviD-min-1.000.3.js
Requested by: Host: www.upmedia.mg
URL: https://www.upmedia.mg/news_info.php?SerialNo=61811&Type=12
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:2a5e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d80f6ec3a78924d5f5276bd680cbfb9dd37879691c648dc14755cb3d9c5bf3b3

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.upmedia.mg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 07 Feb 2022 07:35:37 GMT
content-encoding: gzip
cf-cache-status: HIT
age: 1395
last-modified: Thu, 08 Oct 2020 10:46:57 GMT
server: cloudflare
etag: W/"1328d7-44813-5b1268d1b71da"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
access-control-allow-methods: POST
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=10800
access-control-allow-credentials: true
cf-ray: 6d9af14afa2a59e3-MXP
access-control-allow-headers: origin, x-requested-with, content-type, X-CSRF-Token, origin, x-requested-with, content-type, X-CSRF-Token

GET
H3 200 container.html Show response
889d10e83f292ac4ee6083347361810f.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 1236 6 KB
3 KB 7ms
6ms Document
text/html 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://889d10e83f292ac4ee6083347361810f.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022020101.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.upmedia.mg/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin: *
content-length: 3108
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 07 Feb 2022 07:35:36 GMT
expires: Tue, 07 Feb 2023 07:35:36 GMT
cache-control: public, immutable, max-age=31536000
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
content-type: text/html
age: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 logo.png
api.pvmax.net/logo/ Frame 07E7 2 KB
2 KB 25ms
24ms Image
image/png 2606:4700:10::6816:4a44
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://api.pvmax.net/logo/logo.png
Requested by: Host: api.pvmax.net
URL: https://api.pvmax.net/popup/popup-en.html?cacheBuster=1644219336792
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:4a44 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f0339e334c077ff7d80ddbcb9b2a170b6b53928c63e4ce0c1c904f60c514c33c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://api.pvmax.net/popup/popup-en.html?cacheBuster=1644219336792
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 07 Feb 2022 07:35:37 GMT
cf-cache-status: HIT
x-goog-meta-goog-reserved-file-mtime: 1606890975
age: 777
x-guploader-uploadid: ADPycdtbcBS7TMaMmibinlSzfKSa3gAOuhgrTVi1GelpFfdh68FSrarG5v4Vxjs9KNpDvd47LBMrB4KMgU45tN_GzTn9BjLIaw
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
content-type: image/png
content-length: 1997
last-modified: Wed, 02 Dec 2020 06:36:33 GMT
server: cloudflare
etag: "3e51dc1449f6c7c2d44476ec698a101a"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-goog-hash: crc32c=BeP4RA==, md5=PlHcFEn2x8LURHbsaYoQGg==
x-goog-generation: 1606890993046577
access-control-allow-origin: *
access-control-expose-headers: Content-Type
cache-control: public, max-age=3600
x-goog-stored-content-length: 1997
accept-ranges: bytes
cf-ray: 6d9af14b2dda3752-MXP
expires: Mon, 07 Feb 2022 08:22:40 GMT

GET
H2 200 firebase-app.js Show response
www.gstatic.com/firebasejs/8.6.8/ 21 KB
7 KB 36ms
7ms Script
text/javascript 2a00:1450:4001:827::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/firebasejs/8.6.8/firebase-app.js

Requested by

Host: www.upmedia.mg
URL: https://www.upmedia.mg/news_info.php?SerialNo=61811&Type=12

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1977ae2b50845838a0f0848012e1d2bb312a7a760bc7427c601305531de0d2d4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.upmedia.mg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Fri, 04 Feb 2022 01:33:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 280923
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/firebase-js
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6966
x-xss-protection: 0
last-modified: Thu, 01 Jul 2021 23:11:47 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="firebase-js"
vary: Accept-Encoding
report-to: {"group":"firebase-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/firebase-js"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 04 Feb 2023 01:33:34 GMT

GET
H2 200 bootstrap.js Show response
s1.adform.net/stoat/626/s1.adform.net/ Frame 7830 33 KB
16 KB 25ms
24ms Script
text/javascript 37.157.5.72
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js
Requested by: Host: track.adform.net
URL: https://track.adform.net/adfscript/?bn=52254093;rtbwp=YgDLyAAKIhQHg4O3AAwBR3NFLrPcGKCKUsWjww;rtbdata=jMNqeDmYZHibDnIgzt4-fl-bd0MqYDIim-I0drwFCDuaWE0NIwVUKQL3A9aIACnCB0Zv1VhWI64Fyzx9l78Py7_zeeSRM0Eyr5r79CfzW0iag0nNn_TStEye2KeopdR4MFDp5O7uaj_yymh-VrdgmZs5XDL9fi68SYRKiXCTSZl3tbO4rkqAG4cYzl9qtvWOdgsN_AQemAdl8hdnRbMkxKVALddH3N8jgfj35guPjuorwb68EUq2Y6K_IPMYxulwaJWNQ70dz8h6IM1vhZUWdKdovcMQiYlBD_i3RU2ug_v0latrEgR-HddHufY0UWTL6X87A6d42owCFlfrQY9LtRr6e8m9Qr7QnUWk5VKigEzhQW6FXjSrzw2;nofp=1;click=https://adclick.g.doubleclick.net/aclk?sa=L&ai=CWayyyMsAYpTEKLeHjuwPx4Kw0AzP2bWTXMz677m0CcCNtwEQASAAYJWakoKgB4IBF2NhLXB1Yi0xMzEwODUyNjA0MzM1MjU0yAEJqQK_bdhkoqOEPuACAKgDAaoEqwJP0BWINw9qni3xXoA6lQFXXwcrXEnYiKEeBJMg9SWJOhYSEQGXUaLxqcfXJuvmTec4NBgbQcjDZI7D8SwqWhWPGGL0VXQV_Xv0QuqD25l5GpkaGM7DJ836jpJHnhYFGG8wh79x0YCP2TB8oqRmlx0zZaw6XQfOZ_W9TIlj0zMJF9ew6-BoRFReJoqKsQrziTQgJMdj3l0-lSXU0gJ51gRVImMsDkl7E-qwQbl0EKH5ffhmAcgQJ1RX_LNgaE-gDD0cjQursxBfW3Foc9sm2BDf-8GVgvAAcnNtGC7iFsZdu0cbZIDyQ8MjcrJDNSCavyHyt5_piypgryFpHnyN6RwZaMTDAGyoPjSSjLPTU75gq5wgurtC3HvPVXb7uczj-MCwom836hD3ZqUTCuAEAYAGldXKneS_l6vmAaAGIagHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIiOGAEBAB-gsCCAGADAHQFQGAFwE&num=1&sig=AOD64_0X_0nIMHAukiBSyV15h-hS0RjtWA&client=ca-pub-1310852604335254&adurl=
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.157.5.72 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software: nginx /
Resource Hash: 3155cd449a2085846e620747cc4f30dbf639cfcf5f4211e1c7224043e8806d45

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://889d10e83f292ac4ee6083347361810f.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 07 Feb 2022 07:35:37 GMT
content-encoding: gzip
last-modified: Wed, 26 Jan 2022 13:59:05 GMT
server: nginx
x-cache-status: HIT
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=100000
expires: Tue, 08 Feb 2022 11:12:37 GMT

GET
H/1.1 200
OK usync.js Show response
eus.rubiconproject.com/ Frame 423F 32 KB
10 KB 8ms
7ms Script
text/html 104.117.200.100
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.js
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=truvid&endpoint=us-east
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.117.200.100 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-117-200-100.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash: b161a452760e628e5d4e19573320eff7833f5da41a399d8fe332dcf191a49afa

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/usync.html?p=truvid&endpoint=us-east
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Mon, 07 Feb 2022 07:35:37 GMT
Content-Encoding: gzip
Last-Modified: Wed, 15 Dec 2021 23:04:16 GMT
Server: Apache/2.2.15 (CentOS)
X-Powered-By: PHP/5.3.3
Vary: Accept-Encoding
p3p: CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control: max-age=57696
Connection: keep-alive
Content-Type: text/html; charset=UTF-8
Content-Length: 9705
Expires: Mon, 07 Feb 2022 23:37:13 GMT

GET
H3 200 adview
securepubads.g.doubleclick.net/pagead/ Frame 25EF 0
0 47ms
46ms Fetch
text/html 142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=CYXg1yMsAYq6YN6To3gOYjpjwBJDhgYRctqjCivACwI23ARABIABglZqSgqAHggEXY2EtcHViLTEzMTA4NTI2MDQzMzUyNTSgAcKu6N0DyAEJqQKF7wPBzjWzPuACAKgDAaoEogJP0JCEpPGIJ7jB00bJrP6oSrBGAdp5WC1pQw-ci5OsDQrI2VHE9rv69KgBmqiV8XedDQH5qpMVpCGbCO9O4G1gLaUbr9z4-1mOTVO4gPh2qAdt-4ebpO8SjTsjud8845x3Ujayog7zxL05AMlnpjPkG8CFZZ9uJu7mddnqRHUMXfu0386lk8kLSVCePDG3OEb50tjSWMtnvRHiWAKsNa23AqQtNATJj0XBqoD3ra6vnEg04uIXi-G_x8Qbih1Lgb-0vRN9izVLpllW1CdHpoJ_9KPwjaOmajwJzve2MySS_8OUaNbwaXeSA1GiByoqE26gp-nRI9ZxiIaDIC528RJ5780S1njnH4A3dgfl6ohO48P6XRqW6yy0JZZy8jzXi-sL6OAEAYAG8LGN5faIvuxvoAYhqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAGACgP6CwIIAYAMAdAVAYAXAbIXHAoaEhRwdWItMTMxMDg1MjYwNDMzNTI1NBiu328&sigh=oDzb9uI7Yfs&uach_m=[UACH]&cid=CAQSPACNIrLM3y_diWcEsydDUzkqfpEBR2ZE_w8y-I4J2j5NCa6F39oAMNi6jAHQwEbgqMuGKfmBO8gi69FHXxgB
Requested by: Host: www.upmedia.mg
URL: https://www.upmedia.mg/news_info.php?SerialNo=61811&Type=12
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 142.250.186.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra24s04-in-f2.1e100.net
Software: /
Resource Hash

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://889d10e83f292ac4ee6083347361810f.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

GET
H2 204 winResponse
prod-rtb.ad4mat.net/ Frame 25EF 0
0 41ms
15ms Fetch
image/gif 2600:1901:0:76b9::
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://prod-rtb.ad4mat.net/winResponse?a=1h0vd9ajgkrb7x42ej4jdtq2zm2wtg6c72tyf6tbgtmhvqq0dmgprhwen9ty0gjh9fag1de6gzsh688nt5jq90g4rabqqr2x32d8s7zfr28mtpan0k2rd3h5jd2af101yacxgsyr4mt7yw3g7h94c7n40td1hdaxx63fst19j6yzkvetd6xqqv3h5703gy08d0k95dcwvhzwdpxnej9r8jyyzh71mz63qbgssm2zkbzvr2bj1182cd5cp1n1yj7h6zh28dccb1crngabqf1xd0zevc5k9z10a7mmsed4zkxcanagpgm27j47qrxxmxf41v046dnta2e7b7amdwd7yj1scabyav66ke1ap5qqfxcsvn6nk74ezywx9m5e7awyvd2ewc4sax2qxxcx2k8pt56wydj47p6x2w&b=YgDLyAANzC4Kd7QkAAYHGHT4hRLtBCeCmUQ_4Q
Requested by: Host: www.upmedia.mg
URL: https://www.upmedia.mg/news_info.php?SerialNo=61811&Type=12
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:1901:0:76b9:: Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://889d10e83f292ac4ee6083347361810f.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

access-control-allow-origin: *
date: Mon, 07 Feb 2022 07:35:37 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-type: image/gif

GET
H2 200 dr Show response
as.ad4m.at/ad/ Frame BD9B 2 KB
1 KB 104ms
52ms Document
text/html 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://as.ad4m.at/ad/dr?ed=1jt0n16w93wybd7k2kezeeky5bzfhnxxy2mfwgk9xtg7s7gkx1k7t97shsf05fffzmtj4j70tz1vt1k3570tajdmegrcxhnck2fayrkvv3qc2py6q0tygf2eym5apt7bqgzwbfcr27qc32jxx2c2z0fy7phk8epkbk1ssbrw8m0h9pp80njn7p6j3cfj8d3as5a9pah7b062d44c3g8w8f3ja01bzea3qve5fvzcz4t8ahszh0k3ndcwehmrzcwndmjtvcy0h8zgmf0680ayjwmyp6ax1dnzeb4dbe3rhmq73awtx7k2ys9z2rqzegzyd5193gv2qqanzq96d06bz7d9578dp0pek0mmg74es2g6xdcc9r162dgrdy8erj08f8je6ebcv866q9qc7yrhtqah8yqk7chxa1q7f6epz3r85smczajw94setdq56zx0g3e0&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DClVamyMsAYq6YN6To3gOYjpjwBJDhgYRctqjCivACwI23ARABIABglZqSgqAHggEXY2EtcHViLTEzMTA4NTI2MDQzMzUyNTSgAcKu6N0DyAEJqQKF7wPBzjWzPuACAKgDAaoEpQJP0JCEpPGIJ7jB00bJrP6oSrBGAdp5WC1pQw-ci5OsDQrI2VHE9rv69KgBmqiV8XedDQH5qpMVpCGbCO9O4G1gLaUbr9z4-1mOTVO4gPh2qAdt-4ebpO8SjTsjud8845x3Ujayog7zxL05AMlnpjPkG8CFZZ9uJu7mddnqRHUMXfu0386lk8kLSVCePDG3OEb50tjSWMtnvRHiWAKsNa23AqQtNATJj0XBqoD3ra6vnEg04uIXi-G_x8Qbih1Lgb-0vRN9izVLpllW1CdHpoJ_9KPwjaOmajwJzve2MySS_8OUaNbwaXeSA1GiByoqE26gp-nRI9ZxiIaDIC408zPrODSVlrBgVxbtP5UX05xETsnURccWKWUm3QJs3iQCV3RLIOExBuAEAYAG8LGN5faIvuxvoAYhqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_0k1Lt8jKl_w6dRhR5XQDSMjPNZZA%26client%3Dca-pub-1310852604335254%26adurl%3D

Requested by

Host: 889d10e83f292ac4ee6083347361810f.safeframe.googlesyndication.com
URL: https://889d10e83f292ac4ee6083347361810f.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5dfbe2824e8570836764f31690817eb342f6a2605e0d93e74c497d1aa8ea9249

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri ;child-src ;connect-src ;default-src 'self';font-src ;form-action 'none';frame-ancestors * data:;frame-src ;img-src data:;manifest-src 'none';media-src 'none';navigate-to ;object-src 'none';prefetch-src 'none';script-src 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
Strict-Transport-Security	max-age=86400; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://889d10e83f292ac4ee6083347361810f.safeframe.googlesyndication.com/

Response headers

date: Mon, 07 Feb 2022 07:35:37 GMT
content-type: text/html; charset=utf-8
strict-transport-security: max-age=86400; includeSubDomains; preload
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate
x-download-options: noopen
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
report-to: {"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
x-xss-protection: 1; mode=block
cross-origin-embedder-policy: unsafe-none
content-security-policy: block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri *;child-src *;connect-src *;default-src 'self';font-src *;form-action 'none';frame-ancestors * data:;frame-src *;img-src * data:;manifest-src 'none';media-src 'none';navigate-to *;object-src 'none';prefetch-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
referrer-policy: same-origin
feature-policy: geolocation 'none';midi 'none';sync-xhr 'none';microphone 'none';camera 'none';magnetometer 'none';gyroscope 'none';fullscreen 'none';payment 'none';accelerometer 'none';usb 'none';autoplay 'self'
nel: {"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
expires: 0
surrogate-control: no-store
pragma: no-cache
cross-origin-opener-policy: unsafe-none
via: 1.1 google
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 6d9af14bdbf60f86-MXP
content-encoding: br

GET
H3 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220201/r20110914/client/ Frame 25EF 2 KB
1 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220201/r20110914/client/window_focus_fy2019.js

Requested by

Host: 889d10e83f292ac4ee6083347361810f.safeframe.googlesyndication.com
URL: https://889d10e83f292ac4ee6083347361810f.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

144822a1b5316a4e9a06ffbf5802b8c1cbbc0a3f230d81b98f362f7fe4c128c8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://889d10e83f292ac4ee6083347361810f.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 07 Feb 2022 07:29:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 397
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1205
x-xss-protection: 0
server: cafe
etag: 18074202747124231361
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 21 Feb 2022 07:29:00 GMT

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 90D3 1 KB
749 B 16ms
12ms Document
text/html 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: 889d10e83f292ac4ee6083347361810f.safeframe.googlesyndication.com
URL: https://889d10e83f292ac4ee6083347361810f.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://889d10e83f292ac4ee6083347361810f.safeframe.googlesyndication.com/

Response headers

p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 724
x-xss-protection: 0
date: Mon, 07 Feb 2022 05:53:44 GMT
expires: Tue, 08 Feb 2022 05:53:44 GMT
cache-control: public, max-age=86400
age: 6113
etag: 48472445140208031
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 25EF 123 KB
37 KB 57ms
55ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: 889d10e83f292ac4ee6083347361810f.safeframe.googlesyndication.com
URL: https://889d10e83f292ac4ee6083347361810f.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d3a6fb9e39c82eed501889521b19cc4fc13d1104f83128928775b520c86f8abc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://889d10e83f292ac4ee6083347361810f.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 07 Feb 2022 07:35:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 38146
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1643806174374025"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Mon, 07 Feb 2022 07:35:37 GMT

GET
H3 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220201/r20110914/client/ Frame 25EF 14 KB
6 KB 17ms
13ms Script
text/javascript 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220201/r20110914/client/qs_click_protection_fy2019.js

Requested by

Host: 889d10e83f292ac4ee6083347361810f.safeframe.googlesyndication.com
URL: https://889d10e83f292ac4ee6083347361810f.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

80182a21e69d7232583dcf7b19a5cfb9a597e7adbcc22f1a14e4096d8602612d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://889d10e83f292ac4ee6083347361810f.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 07 Feb 2022 07:34:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 39
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6204
x-xss-protection: 0
server: cafe
etag: 12229469669374805284
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 21 Feb 2022 07:34:58 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame 25EF 0
0 18ms
15ms Image
text/html 2a00:1450:4001:82b::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaQeZtfNLlAt6dEisa4v8RART8fc-N7UlbOYwif1fDEjT_1Y2zyllw87h54HsnUFMOv5i_EvS8TttnHopham2MwM-a_a5g
Requested by: Host: 889d10e83f292ac4ee6083347361810f.safeframe.googlesyndication.com
URL: https://889d10e83f292ac4ee6083347361810f.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://889d10e83f292ac4ee6083347361810f.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

GET
H3 200 ext.js Show response
tpc.googlesyndication.com/safeframe/1-0-38/js/ Frame 25EF 22 KB
7 KB 15ms
12ms Script
text/javascript 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/safeframe/1-0-38/js/ext.js

Requested by

Host: 889d10e83f292ac4ee6083347361810f.safeframe.googlesyndication.com
URL: https://889d10e83f292ac4ee6083347361810f.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0bcac89d72d5f0b2bef20f815406384ff05489e4294acee57409060c2eccffc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://889d10e83f292ac4ee6083347361810f.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Fri, 04 Feb 2022 06:44:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 262287
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7022
x-xss-protection: 0
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Sat, 04 Feb 2023 06:44:10 GMT

GET
H/1.1 200
OK khaos.jpg
token.rubiconproject.com/ Frame 423F 284 B
536 B 41ms
7ms Image
image/jpg 69.173.144.138
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://token.rubiconproject.com/khaos.jpg?
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=truvid&endpoint=us-east
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 69.173.144.138 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: 492abbc30ace41332a8f68b7f34f56333a037aebac34e0bc9b9cedb0d1c3b032

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-length: 284
X-RPHost: 66ef90d06496cfd000aab8206f2b6221
Content-Type: image/jpg

GET
H2 200 / Show response
track.adform.net/adfserve/ Frame 7830 7 KB
4 KB 22ms
22ms Script
text/javascript 37.157.4.39
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://track.adform.net/adfserve/?bn=52254093;rtbwp=YgDLyAAKIhQHg4O3AAwBR3NFLrPcGKCKUsWjww;rtbdata=jMNqeDmYZHibDnIgzt4-fl-bd0MqYDIim-I0drwFCDuaWE0NIwVUKQL3A9aIACnCB0Zv1VhWI64Fyzx9l78Py7_zeeSRM0Eyr5r79CfzW0iag0nNn_TStEye2KeopdR4MFDp5O7uaj_yymh-VrdgmZs5XDL9fi68SYRKiXCTSZl3tbO4rkqAG4cYzl9qtvWOdgsN_AQemAdl8hdnRbMkxKVALddH3N8jgfj35guPjuorwb68EUq2Y6K_IPMYxulwaJWNQ70dz8h6IM1vhZUWdKdovcMQiYlBD_i3RU2ug_v0latrEgR-HddHufY0UWTL6X87A6d42owCFlfrQY9LtRr6e8m9Qr7QnUWk5VKigEzhQW6FXjSrzw2;nofp=1;click=https://adclick.g.doubleclick.net/aclk?sa=L&ai=CWayyyMsAYpTEKLeHjuwPx4Kw0AzP2bWTXMz677m0CcCNtwEQASAAYJWakoKgB4IBF2NhLXB1Yi0xMzEwODUyNjA0MzM1MjU0yAEJqQK_bdhkoqOEPuACAKgDAaoEqwJP0BWINw9qni3xXoA6lQFXXwcrXEnYiKEeBJMg9SWJOhYSEQGXUaLxqcfXJuvmTec4NBgbQcjDZI7D8SwqWhWPGGL0VXQV_Xv0QuqD25l5GpkaGM7DJ836jpJHnhYFGG8wh79x0YCP2TB8oqRmlx0zZaw6XQfOZ_W9TIlj0zMJF9ew6-BoRFReJoqKsQrziTQgJMdj3l0-lSXU0gJ51gRVImMsDkl7E-qwQbl0EKH5ffhmAcgQJ1RX_LNgaE-gDD0cjQursxBfW3Foc9sm2BDf-8GVgvAAcnNtGC7iFsZdu0cbZIDyQ8MjcrJDNSCavyHyt5_piypgryFpHnyN6RwZaMTDAGyoPjSSjLPTU75gq5wgurtC3HvPVXb7uczj-MCwom836hD3ZqUTCuAEAYAGldXKneS_l6vmAaAGIagHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIiOGAEBAB-gsCCAGADAHQFQGAFwE&num=1&sig=AOD64_0X_0nIMHAukiBSyV15h-hS0RjtWA&client=ca-pub-1310852604335254&adurl=;js=1;adfxid=3x;10367;set=en-US|en-US|1600X1200|0|300|250|24|8|3|7|1|;fd=0|0&CREFURL=https%3A%2F%2Fwww.upmedia.mg

Requested by

Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.4.39 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

313125653c6eeb4f0021e65e50e37c36203f0be5b9781f702a1e3a198a40c2b4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://889d10e83f292ac4ee6083347361810f.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 07 Feb 2022 07:35:37 GMT
content-encoding: gzip
server: nginx
vary: Accept-Encoding
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
strict-transport-security: max-age=31536000; includeSubDomains
content-type: text/javascript; charset=utf-8
content-length: 3462
expires: -1

GET
H3 200 adview
securepubads.g.doubleclick.net/pagead/ Frame A872 0
0 57ms
57ms Fetch
text/html 142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=CEmaQycsAYrvHBNbq3wPNrKBYkOGBhFy2qMKK8ALAjbcBEAEgAGCVmpKCoAeCARdjYS1wdWItMTMxMDg1MjYwNDMzNTI1NKABwq7o3QPIAQmpAoXvA8HONbM-4AIAqAMBqgSiAk_Qk-4K5xG8OaehGRAiv-1-TuMpvBFJvwsRKS4HJzWR27O9GFaU7Ol7N9XpFjIxDq9nIrhz2tWfok_SLmXixyyjMO_xNYd9RAm6BRjgdFjAu4dV1RKalCM2LajtUzUCQS-EHQBRLH6vfLxKSk851K6el9gHY_NLYj8iltR9odj7_P6VteGEFVvJZPvTYXTts2viKUmwoSdRPwPRX5HUplpkeuH-rblxPFwVsTo0tgtzv1FyXj7RP9EOnEBY_d04cwYR8IRG7AkVEX8qfusSiRpmL_aKor3xB3xVozOFQvcMsK5tebrBvpMF_j3R_qRfh8sE13puPFF3p4Nc1FBLolran_iwyvy16M7tLaVBYEsxH22qm2F-Z4OziJQ_nV7jzBli4AQBgAb-tNCS3Jaevb0BoAYhqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAGACgP6CwIIAYAMAdAVAYAXAbIXHAoaEhRwdWItMTMxMDg1MjYwNDMzNTI1NBiu328&sigh=Q2w510gEh10&uach_m=[UACH]&cid=CAQSPACNIrLMUSBOxjnEA2NONzS4C_auuWhvTKYmC6bWMgs8qdEMdgWmihR0VO2Qp1bKlkIul-yPM7YcnL9JYBgB
Requested by: Host: www.upmedia.mg
URL: https://www.upmedia.mg/news_info.php?SerialNo=61811&Type=12
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 142.250.186.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra24s04-in-f2.1e100.net
Software: /
Resource Hash

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://889d10e83f292ac4ee6083347361810f.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

GET
H3 204 winResponse
prod-rtb.ad4mat.net/ Frame A872 0
0 25ms
16ms Fetch
image/gif 2600:1901:0:76b9::
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://prod-rtb.ad4mat.net/winResponse?a=1gme5vz5y03efg25yqb4qr29qjcq33kfy091mepfh0xf1ttt8cmc4rj7bfrrjbz7mvqjdfa3yt4nw26rdb2k06a3caggcj16n90w345nw5z1ajv73pchjfs1kqeebaztdmpeet96n258wmwpng6n9144eqs0vtrf8kpbaz1atbteathh3cdhwn749v79kg18n8rvpmpcxdcqk273nd2g5yask9nmzm6j4vj61t4dkgdv97x000y9dnqkrfd0prnscega5c5agw6bpk3x0rz3cx2bpjdk041bx8brys2fk746spdgbamcgd3t9pwv03ep3rvqvxkrvk1hgf3sffz8jtwfen4qdcp5y00amp4g939pe0mqv2zxhmm4r3b36vjr5fpj65cwvc1zz8gg12q7gkbc27t51jtnvm&b=YgDLyQABI7sKd_VWAAgWTdUafh6BiSZo-0dyPw
Requested by: Host: www.upmedia.mg
URL: https://www.upmedia.mg/news_info.php?SerialNo=61811&Type=12
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2600:1901:0:76b9:: Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://889d10e83f292ac4ee6083347361810f.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

access-control-allow-origin: *
date: Mon, 07 Feb 2022 07:35:37 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-type: image/gif

GET
H2 200 dr Show response
as.ad4m.at/ad/ Frame 9BC9 2 KB
3 KB 53ms
46ms Document
text/html 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://as.ad4m.at/ad/dr?ed=1jtv2ys8vmn3hkhm55348wddq7769pzhqxxcaea0vdpzjdcdsptm9ef73e9r5vvzw68rjhp592n44e56fepkmwwvkp5a2yrdvfhew9z3cbdj50w7zk8sqhgtbp4pawkjhfh2sxt0nh91f71v12esetvjcgvvnv09wrxpjq13b7ad2nz7yvqtc0ch8480t285wh58xpvfyqy8v2fnss2hcjc5ds7t6fz3dxeqh7etzwy1zawwdb5yv5xhyxt126x4rw41270pavtqy4t8es9jajjwb7shty4xqymjys9m4c3tz9nz5mzmsrgdk7zz3y3p0s14ktjqsrdz3f49yxperkd94a9ktf05s3eahy4vqtpka4ncqm8mgmevst763zj2xmkgd8af5mbq061j09bptc5wtmq4zpq834as32vwj7mg4x8dee6r5p0tr57z9pkdj040&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC0IZ2ycsAYrvHBNbq3wPNrKBYkOGBhFy2qMKK8ALAjbcBEAEgAGCVmpKCoAeCARdjYS1wdWItMTMxMDg1MjYwNDMzNTI1NKABwq7o3QPIAQmpAoXvA8HONbM-4AIAqAMBqgSlAk_Qk-4K5xG8OaehGRAiv-1-TuMpvBFJvwsRKS4HJzWR27O9GFaU7Ol7N9XpFjIxDq9nIrhz2tWfok_SLmXixyyjMO_xNYd9RAm6BRjgdFjAu4dV1RKalCM2LajtUzUCQS-EHQBRLH6vfLxKSk851K6el9gHY_NLYj8iltR9odj7_P6VteGEFVvJZPvTYXTts2viKUmwoSdRPwPRX5HUplpkeuH-rblxPFwVsTo0tgtzv1FyXj7RP9EOnEBY_d04cwYR8IRG7AkVEX8qfusSiRpmL_aKor3xB3xVozOFQvcMsK5tebrBvpMF_j3R_qRfh8sE13puPFF3p4Nc1BJJg8gNZn_wAnv9fhSkv1d4dEGcFUOyRuG8LhFLHIoThYs_U1mq2DVs4AQBgAb-tNCS3Jaevb0BoAYhqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_0abY8oaaCAEsGi3oTn1r3DrRSs8Q%26client%3Dca-pub-1310852604335254%26adurl%3D

Requested by

Host: www.upmedia.mg
URL: https://www.upmedia.mg/news_info.php?SerialNo=61811&Type=12

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5b3addc547dac418834534d301220ea7110d0d0ac1afdaff4d3bb095ec96389f

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri ;child-src ;connect-src ;default-src 'self';font-src ;form-action 'none';frame-ancestors * data:;frame-src ;img-src data:;manifest-src 'none';media-src 'none';navigate-to ;object-src 'none';prefetch-src 'none';script-src 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
Strict-Transport-Security	max-age=86400; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://889d10e83f292ac4ee6083347361810f.safeframe.googlesyndication.com/

Response headers

date: Mon, 07 Feb 2022 07:35:37 GMT
content-type: text/html; charset=utf-8
strict-transport-security: max-age=86400; includeSubDomains; preload
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate
x-download-options: noopen
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
report-to: {"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
x-xss-protection: 1; mode=block
cross-origin-embedder-policy: unsafe-none
content-security-policy: block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri *;child-src *;connect-src *;default-src 'self';font-src *;form-action 'none';frame-ancestors * data:;frame-src *;img-src * data:;manifest-src 'none';media-src 'none';navigate-to *;object-src 'none';prefetch-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
referrer-policy: same-origin
feature-policy: geolocation 'none';midi 'none';sync-xhr 'none';microphone 'none';camera 'none';magnetometer 'none';gyroscope 'none';fullscreen 'none';payment 'none';accelerometer 'none';usb 'none';autoplay 'self'
nel: {"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
expires: 0
surrogate-control: no-store
pragma: no-cache
cross-origin-opener-policy: unsafe-none
via: 1.1 google
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 6d9af14bdbfd0f86-MXP
content-encoding: br

GET
H3 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220201/r20110914/client/ Frame A872 2 KB
1 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220201/r20110914/client/window_focus_fy2019.js

Requested by

Host: www.upmedia.mg
URL: https://www.upmedia.mg/news_info.php?SerialNo=61811&Type=12

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

144822a1b5316a4e9a06ffbf5802b8c1cbbc0a3f230d81b98f362f7fe4c128c8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://889d10e83f292ac4ee6083347361810f.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 07 Feb 2022 07:29:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 397
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1205
x-xss-protection: 0
server: cafe
etag: 18074202747124231361
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 21 Feb 2022 07:29:00 GMT

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 834D 1 KB
749 B 15ms
12ms Document
text/html 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: www.upmedia.mg
URL: https://www.upmedia.mg/news_info.php?SerialNo=61811&Type=12

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://889d10e83f292ac4ee6083347361810f.safeframe.googlesyndication.com/

Response headers

p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 724
x-xss-protection: 0
date: Mon, 07 Feb 2022 05:53:44 GMT
expires: Tue, 08 Feb 2022 05:53:44 GMT
cache-control: public, max-age=86400
age: 6113
etag: 48472445140208031
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame A872 123 KB
37 KB 69ms
65ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: www.upmedia.mg
URL: https://www.upmedia.mg/news_info.php?SerialNo=61811&Type=12

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d3a6fb9e39c82eed501889521b19cc4fc13d1104f83128928775b520c86f8abc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://889d10e83f292ac4ee6083347361810f.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 07 Feb 2022 07:35:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 38146
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1643806174374025"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Mon, 07 Feb 2022 07:35:37 GMT

GET
H3 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220201/r20110914/client/ Frame A872 14 KB
6 KB 11ms
6ms Script
text/javascript 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220201/r20110914/client/qs_click_protection_fy2019.js

Requested by

Host: www.upmedia.mg
URL: https://www.upmedia.mg/news_info.php?SerialNo=61811&Type=12

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

80182a21e69d7232583dcf7b19a5cfb9a597e7adbcc22f1a14e4096d8602612d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://889d10e83f292ac4ee6083347361810f.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 07 Feb 2022 07:34:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 39
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6204
x-xss-protection: 0
server: cafe
etag: 12229469669374805284
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 21 Feb 2022 07:34:58 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame A872 0
0 18ms
15ms Image
text/html 2a00:1450:4001:82b::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaSye8AsE6c3SAro_a-kCJg9kalV5FRe8u03OmtAUR-IXQFfHlbKgRMLyzbuq0LG38t4o-OYLfG6hVgitPRnsgNpfgsZBw
Requested by: Host: www.upmedia.mg
URL: https://www.upmedia.mg/news_info.php?SerialNo=61811&Type=12
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://889d10e83f292ac4ee6083347361810f.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

GET
H3 200 ext.js Show response
tpc.googlesyndication.com/safeframe/1-0-38/js/ Frame A872 22 KB
7 KB 15ms
12ms Script
text/javascript 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/safeframe/1-0-38/js/ext.js

Requested by

Host: www.upmedia.mg
URL: https://www.upmedia.mg/news_info.php?SerialNo=61811&Type=12

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0bcac89d72d5f0b2bef20f815406384ff05489e4294acee57409060c2eccffc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://889d10e83f292ac4ee6083347361810f.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Fri, 04 Feb 2022 06:44:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 262287
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7022
x-xss-protection: 0
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Sat, 04 Feb 2023 06:44:10 GMT

GET
H2 200 firebase-messaging.js Show response
avivid.likr.tw/pushEndPoint/js/firebasejs/8.6.8/ 40 KB
11 KB 38ms
32ms Script
text/javascript 2606:4700:10::6816:2a5e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://avivid.likr.tw/pushEndPoint/js/firebasejs/8.6.8/firebase-messaging.js
Requested by: Host: www.upmedia.mg
URL: https://www.upmedia.mg/news_info.php?SerialNo=61811&Type=12
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:2a5e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6d5b2484855a69e76d59cf2e5e518df99515b786e57ee5fa929b0e5cb478e57c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.upmedia.mg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 07 Feb 2022 07:35:37 GMT
content-encoding: gzip
cf-cache-status: HIT
age: 4776
last-modified: Wed, 30 Jun 2021 10:39:31 GMT
server: cloudflare
etag: W/"3e0e95-9fb7-5c5f9566df364"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
access-control-allow-methods: POST
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=10800
access-control-allow-credentials: true
cf-ray: 6d9af14becaa59e3-MXP
access-control-allow-headers: origin, x-requested-with, content-type, X-CSRF-Token, origin, x-requested-with, content-type, X-CSRF-Token

GET
H2 204 ad_impression.gif
beacon.krxd.net/ Frame 7830 0
337 B 34ms
34ms Image
text/plain 54.76.155.32
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://beacon.krxd.net/ad_impression.gif?confid=waehuk1t0&campaignid=2520049&advertiserid=DE_NIVEA_Adform_Carat&placementid=8494836&adid=50645785&creativeid=50645785&siteid=www.upmedia.mg&rnd=91401
Requested by: Host: 889d10e83f292ac4ee6083347361810f.safeframe.googlesyndication.com
URL: https://889d10e83f292ac4ee6083347361810f.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.76.155.32 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-76-155-32.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://889d10e83f292ac4ee6083347361810f.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 07 Feb 2022 07:35:37 GMT
cache-control: private, no-cache, no-store
x-request-time: D=56 t=1644219337
x-served-by: beacon-n022-dub-prod.krxd.net
p3p: policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

GET
DATA 200
OK truncated
/ Frame 7830 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 75986583bbe7f769523056315a3a9db0ed04e05520baa7ac354ba9936d0866af

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Content-Type: image/png

GET
H/1.1 204
No Content sync.php
pixel-us-east.rubiconproject.com/exchange/ Frame 423F 0
239 B 429ms
95ms Image
image/gif 8.43.72.98
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel-us-east.rubiconproject.com/exchange/sync.php?p=truvid
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=truvid&endpoint=us-east
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 8.43.72.98 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost: 9ef75ea4f1dd62e53c52f84d8070c378
Content-Type: image/gif

GET
H2 200 Standard Show response
s1.adform.net/stoat/626/s1.adform.net/load/v/0.0.217/e/2gSBggDQ/i/vCAv.IAAAAAoAA/r:AdConstructor:contents/ImageTag:types/ Frame 7830 85 KB
37 KB 24ms
24ms Script
text/javascript 37.157.5.72
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL: https://s1.adform.net/stoat/626/s1.adform.net/load/v/0.0.217/e/2gSBggDQ/i/vCAv.IAAAAAoAA/r:AdConstructor:contents/ImageTag:types/Standard
Requested by: Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.157.5.72 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software: nginx /
Resource Hash: e7aca552b0dfb702f610cfeb2c59025a6d1baa886dc228721a102808ddb54e5e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://889d10e83f292ac4ee6083347361810f.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 07 Feb 2022 07:35:37 GMT
content-encoding: gzip
last-modified: Wed, 26 Jan 2022 13:59:05 GMT
server: nginx
x-cache-status: HIT
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=100000
expires: Tue, 08 Feb 2022 11:14:10 GMT

GET
DATA 200
OK truncated
/ Frame 25EF 208 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 892965e2aafabe1b97fd6b5c84c9c3fa630b48d1ed90400cfe69bbdfaf28dc15

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame A872 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 61d12a30821faa42787b965b89f1b2a17f99ab6b8297c2ec1eb570a3471d24da

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 default.css
as.ad4m.at/ad/style/0.1.18/one-ad/ Frame 9BC9 81 KB
11 KB 49ms
31ms Stylesheet
text/css 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://as.ad4m.at/ad/style/0.1.18/one-ad/default.css

Requested by

Host: as.ad4m.at
URL: https://as.ad4m.at/ad/dr?ed=1jtv2ys8vmn3hkhm55348wddq7769pzhqxxcaea0vdpzjdcdsptm9ef73e9r5vvzw68rjhp592n44e56fepkmwwvkp5a2yrdvfhew9z3cbdj50w7zk8sqhgtbp4pawkjhfh2sxt0nh91f71v12esetvjcgvvnv09wrxpjq13b7ad2nz7yvqtc0ch8480t285wh58xpvfyqy8v2fnss2hcjc5ds7t6fz3dxeqh7etzwy1zawwdb5yv5xhyxt126x4rw41270pavtqy4t8es9jajjwb7shty4xqymjys9m4c3tz9nz5mzmsrgdk7zz3y3p0s14ktjqsrdz3f49yxperkd94a9ktf05s3eahy4vqtpka4ncqm8mgmevst763zj2xmkgd8af5mbq061j09bptc5wtmq4zpq834as32vwj7mg4x8dee6r5p0tr57z9pkdj040&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC0IZ2ycsAYrvHBNbq3wPNrKBYkOGBhFy2qMKK8ALAjbcBEAEgAGCVmpKCoAeCARdjYS1wdWItMTMxMDg1MjYwNDMzNTI1NKABwq7o3QPIAQmpAoXvA8HONbM-4AIAqAMBqgSlAk_Qk-4K5xG8OaehGRAiv-1-TuMpvBFJvwsRKS4HJzWR27O9GFaU7Ol7N9XpFjIxDq9nIrhz2tWfok_SLmXixyyjMO_xNYd9RAm6BRjgdFjAu4dV1RKalCM2LajtUzUCQS-EHQBRLH6vfLxKSk851K6el9gHY_NLYj8iltR9odj7_P6VteGEFVvJZPvTYXTts2viKUmwoSdRPwPRX5HUplpkeuH-rblxPFwVsTo0tgtzv1FyXj7RP9EOnEBY_d04cwYR8IRG7AkVEX8qfusSiRpmL_aKor3xB3xVozOFQvcMsK5tebrBvpMF_j3R_qRfh8sE13puPFF3p4Nc1BJJg8gNZn_wAnv9fhSkv1d4dEGcFUOyRuG8LhFLHIoThYs_U1mq2DVs4AQBgAb-tNCS3Jaevb0BoAYhqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_0abY8oaaCAEsGi3oTn1r3DrRSs8Q%26client%3Dca-pub-1310852604335254%26adurl%3D

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0442de55e3838ce2b8cfca9a7ad2a6bcecfd94844453c13b38d7a9f1d31944b9

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://as.ad4m.at/ad/dr?ed=1jtv2ys8vmn3hkhm55348wddq7769pzhqxxcaea0vdpzjdcdsptm9ef73e9r5vvzw68rjhp592n44e56fepkmwwvkp5a2yrdvfhew9z3cbdj50w7zk8sqhgtbp4pawkjhfh2sxt0nh91f71v12esetvjcgvvnv09wrxpjq13b7ad2nz7yvqtc0ch8480t285wh58xpvfyqy8v2fnss2hcjc5ds7t6fz3dxeqh7etzwy1zawwdb5yv5xhyxt126x4rw41270pavtqy4t8es9jajjwb7shty4xqymjys9m4c3tz9nz5mzmsrgdk7zz3y3p0s14ktjqsrdz3f49yxperkd94a9ktf05s3eahy4vqtpka4ncqm8mgmevst763zj2xmkgd8af5mbq061j09bptc5wtmq4zpq834as32vwj7mg4x8dee6r5p0tr57z9pkdj040&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC0IZ2ycsAYrvHBNbq3wPNrKBYkOGBhFy2qMKK8ALAjbcBEAEgAGCVmpKCoAeCARdjYS1wdWItMTMxMDg1MjYwNDMzNTI1NKABwq7o3QPIAQmpAoXvA8HONbM-4AIAqAMBqgSlAk_Qk-4K5xG8OaehGRAiv-1-TuMpvBFJvwsRKS4HJzWR27O9GFaU7Ol7N9XpFjIxDq9nIrhz2tWfok_SLmXixyyjMO_xNYd9RAm6BRjgdFjAu4dV1RKalCM2LajtUzUCQS-EHQBRLH6vfLxKSk851K6el9gHY_NLYj8iltR9odj7_P6VteGEFVvJZPvTYXTts2viKUmwoSdRPwPRX5HUplpkeuH-rblxPFwVsTo0tgtzv1FyXj7RP9EOnEBY_d04cwYR8IRG7AkVEX8qfusSiRpmL_aKor3xB3xVozOFQvcMsK5tebrBvpMF_j3R_qRfh8sE13puPFF3p4Nc1BJJg8gNZn_wAnv9fhSkv1d4dEGcFUOyRuG8LhFLHIoThYs_U1mq2DVs4AQBgAb-tNCS3Jaevb0BoAYhqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_0abY8oaaCAEsGi3oTn1r3DrRSs8Q%26client%3Dca-pub-1310852604335254%26adurl%3D
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 07 Feb 2022 07:35:37 GMT
via: 1.1 google
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
age: 1005031
cross-origin-embedder-policy: unsafe-none
cf-polished: origSize=83581
surrogate-control: no-store
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=86400; includeSubDomains; preload
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block
pragma: no-cache
referrer-policy: same-origin
expires: 0
last-modified: Wed, 26 Jan 2022 16:25:06 GMT
server: cloudflare
cross-origin-opener-policy: unsafe-none
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-download-options: noopen
report-to: {"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
content-type: text/css; charset=utf-8
vary: Accept-Encoding
cache-control: max-age=3600, must-revalidate, proxy-revalidate
cf-ray: 6d9af14ccd4f83b5-MXP
cf-bgj: minify

GET
H2 200 r62eglto.js Show response
ad4m.at/ Frame 9BC9 35 KB
13 KB 39ms
30ms Script
application/javascript 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/r62eglto.js
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/dr?ed=1jtv2ys8vmn3hkhm55348wddq7769pzhqxxcaea0vdpzjdcdsptm9ef73e9r5vvzw68rjhp592n44e56fepkmwwvkp5a2yrdvfhew9z3cbdj50w7zk8sqhgtbp4pawkjhfh2sxt0nh91f71v12esetvjcgvvnv09wrxpjq13b7ad2nz7yvqtc0ch8480t285wh58xpvfyqy8v2fnss2hcjc5ds7t6fz3dxeqh7etzwy1zawwdb5yv5xhyxt126x4rw41270pavtqy4t8es9jajjwb7shty4xqymjys9m4c3tz9nz5mzmsrgdk7zz3y3p0s14ktjqsrdz3f49yxperkd94a9ktf05s3eahy4vqtpka4ncqm8mgmevst763zj2xmkgd8af5mbq061j09bptc5wtmq4zpq834as32vwj7mg4x8dee6r5p0tr57z9pkdj040&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC0IZ2ycsAYrvHBNbq3wPNrKBYkOGBhFy2qMKK8ALAjbcBEAEgAGCVmpKCoAeCARdjYS1wdWItMTMxMDg1MjYwNDMzNTI1NKABwq7o3QPIAQmpAoXvA8HONbM-4AIAqAMBqgSlAk_Qk-4K5xG8OaehGRAiv-1-TuMpvBFJvwsRKS4HJzWR27O9GFaU7Ol7N9XpFjIxDq9nIrhz2tWfok_SLmXixyyjMO_xNYd9RAm6BRjgdFjAu4dV1RKalCM2LajtUzUCQS-EHQBRLH6vfLxKSk851K6el9gHY_NLYj8iltR9odj7_P6VteGEFVvJZPvTYXTts2viKUmwoSdRPwPRX5HUplpkeuH-rblxPFwVsTo0tgtzv1FyXj7RP9EOnEBY_d04cwYR8IRG7AkVEX8qfusSiRpmL_aKor3xB3xVozOFQvcMsK5tebrBvpMF_j3R_qRfh8sE13puPFF3p4Nc1BJJg8gNZn_wAnv9fhSkv1d4dEGcFUOyRuG8LhFLHIoThYs_U1mq2DVs4AQBgAb-tNCS3Jaevb0BoAYhqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_0abY8oaaCAEsGi3oTn1r3DrRSs8Q%26client%3Dca-pub-1310852604335254%26adurl%3D
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 533e8ab00e73a9a61f550b956a872f9091fe48b79b4072d87bdb07348af7f4bc

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-goog-hash: crc32c=tEZe3A==, md5=Jdq10Kok9oEWJwphx1gWLw==
date: Mon, 07 Feb 2022 07:35:37 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 74065
x-guploader-uploadid: ADPycdtTlZwSK1bMGD4JQEha8dQcwS763YR_GQXAjnXnl2RCnFCDM45gCF-BWocTru8uS1y2F-7HId-qcu1T7AovokayCZ19hA
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
cf-bgj: minify
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Wed, 26 Jan 2022 11:00:45 GMT
server: cloudflare
etag: W/"25dab5d0aa24f68116270a61c758162f"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8zpuMbGHB1coWYm%2ByTDmaY0aPz8PTgqQaLBhg3bF84PkV6uZjOF8mA9AqANJwH%2Bx29ec5PfrvYpVBzqK1EsExxe1%2BfCWN%2FMl33gK7hyBAp4jQ4PZtUgJr7n%2BaHUYbcF%2BTLABt5o%3D"}],"group":"cf-nel","max_age":604800}
x-goog-generation: 1643194845770575
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=3600, must-revalidate, stale-while-revalidate=300
x-goog-stored-content-length: 11870
cf-ray: 6d9af14cbddc0f86-MXP
expires: Sun, 06 Feb 2022 11:01:12 GMT

GET /
google2waycm.netmng.com/cm/ Frame 90D3 0
0

GET
H2 200 dpixel
cms.quantserve.com/ Frame 90D3 35 B
464 B 29ms
10ms Image
image/gif 2620:116:800d:21:5a23:9c4e:e774:96c1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESENiXaVBwLt9AILVxNrXCo2M&google_cver=1&google_push=AYg5qPLJS9Z-vmv-fodurwjkxQTIyQjIuCV7lob4JjFTYKtfzDT0OIJpiVGT4iswDMJEyu7247u9Ziq694ao_Gq-L-D_oOHlThv3

Requested by

Host: 889d10e83f292ac4ee6083347361810f.safeframe.googlesyndication.com
URL: https://889d10e83f292ac4ee6083347361810f.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2620:116:800d:21:5a23:9c4e:e774:96c1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 07 Feb 2022 07:35:37 GMT
strict-transport-security: max-age=86400
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
cache-control: private, no-cache, no-store, proxy-revalidate
content-type: image/gif
content-length: 35
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H2

200

i.match
s.tribalfusion.com/z/ Frame 90D3
Redirect Chain

https://a.tribalfusion.com/i.match?p=b6&u=CAESEOdJZGAVDYXWkHl6XbU4k8U&google_cver=1&google_push=AYg5qPItVsbMfyW5kHeF8l-TDiBihPErp3yeqbb-ctjrfXQ9BqI7tMBEiL-zUQHmXomBr7YFCiNq6ixXQEspc9qBram2oq3vbl4C&...
https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEOdJZGAVDYXWkHl6XbU4k8U&google_cver=1&google_push=AYg5qPItVsbMfyW5kHeF8l-TDiBihPErp3yeqbb-ctjrfXQ9BqI7tMBEiL-zUQHmXomBr7YFCiNq6ixXQEspc9qBram2oq3vbl4...

43 B
400 B

192ms
190ms

Image
image/gif

2606:4700::6812:c05
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEOdJZGAVDYXWkHl6XbU4k8U&google_cver=1&google_push=AYg5qPItVsbMfyW5kHeF8l-TDiBihPErp3yeqbb-ctjrfXQ9BqI7tMBEiL-zUQHmXomBr7YFCiNq6ixXQEspc9qBram2oq3vbl4C&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAYg5qPItVsbMfyW5kHeF8l-TDiBihPErp3yeqbb-ctjrfXQ9BqI7tMBEiL-zUQHmXomBr7YFCiNq6ixXQEspc9qBram2oq3vbl4C%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
Requested by: Host: www.upmedia.mg
URL: https://www.upmedia.mg/news_info.php?SerialNo=61811&Type=12
Protocol: H2
Server: 2606:4700::6812:c05 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 07 Feb 2022 07:35:38 GMT
cf-cache-status: DYNAMIC
x-function: 302
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
cf-ray: 6d9af14e3d2a59d1-MXP
p3p: CP="NOI DEVo TAIa OUR BUS"
cache-control: no-cache, private
content-type: image/gif; charset=utf-8
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 43
expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 07 Feb 2022 07:35:37 GMT
cf-cache-status: DYNAMIC
x-function: 206
server: cloudflare
x-reuse-index: 478
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
cf-ray: 6d9af14d0a5459d1-MXP
p3p: CP="NOI DEVo TAIa OUR BUS"
location: https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEOdJZGAVDYXWkHl6XbU4k8U&google_cver=1&google_push=AYg5qPItVsbMfyW5kHeF8l-TDiBihPErp3yeqbb-ctjrfXQ9BqI7tMBEiL-zUQHmXomBr7YFCiNq6ixXQEspc9qBram2oq3vbl4C&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAYg5qPItVsbMfyW5kHeF8l-TDiBihPErp3yeqbb-ctjrfXQ9BqI7tMBEiL-zUQHmXomBr7YFCiNq6ixXQEspc9qBram2oq3vbl4C%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
cache-control: no-cache, private
content-type: text/html
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 90D3
Redirect Chain

https://dsp.adfarm1.adition.com/cookie/?ssp=2&google_gid=CAESEHGiT7TFJ4SHOCfRU2BOXrg&google_cver=1&google_push=AYg5qPLQNrtcJt0Ec9XYkEwgD2aRyYd9sXkLO_KZvH2qdHdp9vfQiqHMXN34AnbgtjLjSNqo9BgSmIm0HESqFI...
https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzA2MTg2ODI3OTg3OTYyODk1NQ%3D%3D&google_push=AYg5qPLQNrtcJt0Ec9XYkEwgD2aRyYd9sXkLO_KZvH2qdHdp9vfQiqHMXN34AnbgtjLjSNqo9BgSmIm0HESqFIImEq...

170 B
188 B

18ms
18ms

Image
image/png

142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzA2MTg2ODI3OTg3OTYyODk1NQ%3D%3D&google_push=AYg5qPLQNrtcJt0Ec9XYkEwgD2aRyYd9sXkLO_KZvH2qdHdp9vfQiqHMXN34AnbgtjLjSNqo9BgSmIm0HESqFIImEq6JZrpwhzKh

Requested by

Host: 889d10e83f292ac4ee6083347361810f.safeframe.googlesyndication.com
URL: https://889d10e83f292ac4ee6083347361810f.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 07 Feb 2022 07:35:37 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzA2MTg2ODI3OTg3OTYyODk1NQ%3D%3D&google_push=AYg5qPLQNrtcJt0Ec9XYkEwgD2aRyYd9sXkLO_KZvH2qdHdp9vfQiqHMXN34AnbgtjLjSNqo9BgSmIm0HESqFIImEq6JZrpwhzKh
Date: Mon, 07 Feb 2022 07:35:37 GMT
Server: nginx
Connection: keep-alive
Transfer-Encoding: chunked
p3p: policyref="http://imagesrv.adition.com/w3c/p3p.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 90D3
Redirect Chain

https://ads.travelaudience.com/google_pixel?google_gid=CAESELWAYslReHCkSMeZs1PWVOs&google_cver=1&google_push=AYg5qPKZq4uW1mT-wGxfaHanmSi8uJSymshaxf2p0p3gGyhgz839FIS0_4fZxB3-GwlO1m8HWw7599M6f5Rh54DS...
https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=b8WELLKWTAu3wL76U1mLhA2&google_push=AYg5qPKZq4uW1mT-wGxfaHanmSi8uJSymshaxf2p0p3gGyhgz839FIS0_4fZxB3-GwlO1m8HWw7599M6f5Rh54DSbFwS16uI6vV7

170 B
188 B

19ms
19ms

Image
image/png

142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=b8WELLKWTAu3wL76U1mLhA2&google_push=AYg5qPKZq4uW1mT-wGxfaHanmSi8uJSymshaxf2p0p3gGyhgz839FIS0_4fZxB3-GwlO1m8HWw7599M6f5Rh54DSbFwS16uI6vV7

Requested by

Host: 889d10e83f292ac4ee6083347361810f.safeframe.googlesyndication.com
URL: https://889d10e83f292ac4ee6083347361810f.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 07 Feb 2022 07:35:37 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Mon, 07 Feb 2022 07:35:37 GMT
via: 1.1 google
x-engine-version: 0.0.0
server: nginx/1.15.12
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR LAW CUR DEV PSA PSD IVA OUR BUS UNI COM NAV INT CNT LOC"
location: https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=b8WELLKWTAu3wL76U1mLhA2&google_push=AYg5qPKZq4uW1mT-wGxfaHanmSi8uJSymshaxf2p0p3gGyhgz839FIS0_4fZxB3-GwlO1m8HWw7599M6f5Rh54DSbFwS16uI6vV7
x-host: tde-deliveryengine-production-655df8fcc8-kqp9c
alt-svc: clear
content-length: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 90D3
Redirect Chain

https://s.ad.smaato.net/c/n///-?adNetInit=g&google_gid=CAESEC1qVHxms1VZVvJyvGaD9OE&google_cver=1&google_push=AYg5qPJRUaAbDiG5i2M0GOwrbzyW6I_NjI71sHzMzXZ9uJ6sk9dmJUdqDG8vcfhHgrDzKViJRt64YdKXifOJVDiK...
https://cm.g.doubleclick.net/pixel?google_nid=smaato&google_push=AYg5qPJRUaAbDiG5i2M0GOwrbzyW6I_NjI71sHzMzXZ9uJ6sk9dmJUdqDG8vcfhHgrDzKViJRt64YdKXifOJVDiK1uhkaKvMgCeF

170 B
188 B

17ms
17ms

Image
image/png

142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=smaato&google_push=AYg5qPJRUaAbDiG5i2M0GOwrbzyW6I_NjI71sHzMzXZ9uJ6sk9dmJUdqDG8vcfhHgrDzKViJRt64YdKXifOJVDiK1uhkaKvMgCeF

Requested by

Host: 889d10e83f292ac4ee6083347361810f.safeframe.googlesyndication.com
URL: https://889d10e83f292ac4ee6083347361810f.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 07 Feb 2022 07:35:37 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Mon, 07 Feb 2022 07:35:37 GMT
via: 1.1 cf2071a2896a4f71dbfdbc521d554362.cloudfront.net (CloudFront)
server: CloudFront
x-amz-cf-pop: FRA56-P5
x-cache: FunctionGeneratedResponse from cloudfront
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location: https://cm.g.doubleclick.net/pixel?google_nid=smaato&google_push=AYg5qPJRUaAbDiG5i2M0GOwrbzyW6I_NjI71sHzMzXZ9uJ6sk9dmJUdqDG8vcfhHgrDzKViJRt64YdKXifOJVDiK1uhkaKvMgCeF
cache-control: no-cache, must-revalidate
content-length: 0
x-amz-cf-id: NAj7IbhQNhU3MhzCQXhKBaVSrU2i7BT4HMyTsXtTWav-YWjUCsrD8A==

GET
H3 200 dot.gif
s0.2mdn.net/ Frame 90D3 43 B
65 B 35ms
18ms Image
image/gif 2a00:1450:4001:828::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/dot.gif?google_gid=CAESELK8RIOQMGXrM3ru_gtZo8c&google_cver=1&google_push=AYg5qPKIi9_CWpICddzm5vqslSP5ik3QZDG_lQg7ArdOAV1dD6yAOmPME1LLClx1JHS3YaN-Ljem4k9D6WuxVZfYGiOcss_tUviyNQ

Requested by

Host: 889d10e83f292ac4ee6083347361810f.safeframe.googlesyndication.com
URL: https://889d10e83f292ac4ee6083347361810f.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 07 Feb 2022 07:35:37 GMT
x-content-type-options: nosniff
last-modified: Sun, 01 Feb 2009 08:00:00 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/gif
access-control-allow-origin: *
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 43
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 08 Feb 2022 07:35:37 GMT

GET
H3 204 attr
cm.g.doubleclick.net/pixel/ Frame 90D3 0
12 B 17ms
17ms Image
text/html 142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13Jsxg-vd0qgPAPO4u8PLpRwsm6G9xe-wcR4sxREkU4ubV2N-P4xcJvAM09ZVthKgo0J05H1AA

Requested by

Host: 889d10e83f292ac4ee6083347361810f.safeframe.googlesyndication.com
URL: https://889d10e83f292ac4ee6083347361810f.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 07 Feb 2022 07:35:37 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H3 200 default.css
as.ad4m.at/ad/style/0.1.18/one-ad/ Frame BD9B 81 KB
11 KB 39ms
28ms Stylesheet
text/css 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://as.ad4m.at/ad/style/0.1.18/one-ad/default.css

Requested by

Host: as.ad4m.at
URL: https://as.ad4m.at/ad/dr?ed=1jt0n16w93wybd7k2kezeeky5bzfhnxxy2mfwgk9xtg7s7gkx1k7t97shsf05fffzmtj4j70tz1vt1k3570tajdmegrcxhnck2fayrkvv3qc2py6q0tygf2eym5apt7bqgzwbfcr27qc32jxx2c2z0fy7phk8epkbk1ssbrw8m0h9pp80njn7p6j3cfj8d3as5a9pah7b062d44c3g8w8f3ja01bzea3qve5fvzcz4t8ahszh0k3ndcwehmrzcwndmjtvcy0h8zgmf0680ayjwmyp6ax1dnzeb4dbe3rhmq73awtx7k2ys9z2rqzegzyd5193gv2qqanzq96d06bz7d9578dp0pek0mmg74es2g6xdcc9r162dgrdy8erj08f8je6ebcv866q9qc7yrhtqah8yqk7chxa1q7f6epz3r85smczajw94setdq56zx0g3e0&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DClVamyMsAYq6YN6To3gOYjpjwBJDhgYRctqjCivACwI23ARABIABglZqSgqAHggEXY2EtcHViLTEzMTA4NTI2MDQzMzUyNTSgAcKu6N0DyAEJqQKF7wPBzjWzPuACAKgDAaoEpQJP0JCEpPGIJ7jB00bJrP6oSrBGAdp5WC1pQw-ci5OsDQrI2VHE9rv69KgBmqiV8XedDQH5qpMVpCGbCO9O4G1gLaUbr9z4-1mOTVO4gPh2qAdt-4ebpO8SjTsjud8845x3Ujayog7zxL05AMlnpjPkG8CFZZ9uJu7mddnqRHUMXfu0386lk8kLSVCePDG3OEb50tjSWMtnvRHiWAKsNa23AqQtNATJj0XBqoD3ra6vnEg04uIXi-G_x8Qbih1Lgb-0vRN9izVLpllW1CdHpoJ_9KPwjaOmajwJzve2MySS_8OUaNbwaXeSA1GiByoqE26gp-nRI9ZxiIaDIC408zPrODSVlrBgVxbtP5UX05xETsnURccWKWUm3QJs3iQCV3RLIOExBuAEAYAG8LGN5faIvuxvoAYhqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_0k1Lt8jKl_w6dRhR5XQDSMjPNZZA%26client%3Dca-pub-1310852604335254%26adurl%3D

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0442de55e3838ce2b8cfca9a7ad2a6bcecfd94844453c13b38d7a9f1d31944b9

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://as.ad4m.at/ad/dr?ed=1jt0n16w93wybd7k2kezeeky5bzfhnxxy2mfwgk9xtg7s7gkx1k7t97shsf05fffzmtj4j70tz1vt1k3570tajdmegrcxhnck2fayrkvv3qc2py6q0tygf2eym5apt7bqgzwbfcr27qc32jxx2c2z0fy7phk8epkbk1ssbrw8m0h9pp80njn7p6j3cfj8d3as5a9pah7b062d44c3g8w8f3ja01bzea3qve5fvzcz4t8ahszh0k3ndcwehmrzcwndmjtvcy0h8zgmf0680ayjwmyp6ax1dnzeb4dbe3rhmq73awtx7k2ys9z2rqzegzyd5193gv2qqanzq96d06bz7d9578dp0pek0mmg74es2g6xdcc9r162dgrdy8erj08f8je6ebcv866q9qc7yrhtqah8yqk7chxa1q7f6epz3r85smczajw94setdq56zx0g3e0&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DClVamyMsAYq6YN6To3gOYjpjwBJDhgYRctqjCivACwI23ARABIABglZqSgqAHggEXY2EtcHViLTEzMTA4NTI2MDQzMzUyNTSgAcKu6N0DyAEJqQKF7wPBzjWzPuACAKgDAaoEpQJP0JCEpPGIJ7jB00bJrP6oSrBGAdp5WC1pQw-ci5OsDQrI2VHE9rv69KgBmqiV8XedDQH5qpMVpCGbCO9O4G1gLaUbr9z4-1mOTVO4gPh2qAdt-4ebpO8SjTsjud8845x3Ujayog7zxL05AMlnpjPkG8CFZZ9uJu7mddnqRHUMXfu0386lk8kLSVCePDG3OEb50tjSWMtnvRHiWAKsNa23AqQtNATJj0XBqoD3ra6vnEg04uIXi-G_x8Qbih1Lgb-0vRN9izVLpllW1CdHpoJ_9KPwjaOmajwJzve2MySS_8OUaNbwaXeSA1GiByoqE26gp-nRI9ZxiIaDIC408zPrODSVlrBgVxbtP5UX05xETsnURccWKWUm3QJs3iQCV3RLIOExBuAEAYAG8LGN5faIvuxvoAYhqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_0k1Lt8jKl_w6dRhR5XQDSMjPNZZA%26client%3Dca-pub-1310852604335254%26adurl%3D
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 07 Feb 2022 07:35:37 GMT
via: 1.1 google
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
age: 1005031
cross-origin-embedder-policy: unsafe-none
cf-polished: origSize=83581
surrogate-control: no-store
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=86400; includeSubDomains; preload
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block
pragma: no-cache
referrer-policy: same-origin
expires: 0
last-modified: Wed, 26 Jan 2022 16:25:06 GMT
server: cloudflare
cross-origin-opener-policy: unsafe-none
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-download-options: noopen
report-to: {"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
content-type: text/css; charset=utf-8
vary: Accept-Encoding
cache-control: max-age=3600, must-revalidate, proxy-revalidate
cf-ray: 6d9af14ccd5383b5-MXP
cf-bgj: minify

GET
H2 200 r62eglto.js Show response
ad4m.at/ Frame BD9B 35 KB
12 KB 33ms
32ms Script
application/javascript 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/r62eglto.js
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/dr?ed=1jt0n16w93wybd7k2kezeeky5bzfhnxxy2mfwgk9xtg7s7gkx1k7t97shsf05fffzmtj4j70tz1vt1k3570tajdmegrcxhnck2fayrkvv3qc2py6q0tygf2eym5apt7bqgzwbfcr27qc32jxx2c2z0fy7phk8epkbk1ssbrw8m0h9pp80njn7p6j3cfj8d3as5a9pah7b062d44c3g8w8f3ja01bzea3qve5fvzcz4t8ahszh0k3ndcwehmrzcwndmjtvcy0h8zgmf0680ayjwmyp6ax1dnzeb4dbe3rhmq73awtx7k2ys9z2rqzegzyd5193gv2qqanzq96d06bz7d9578dp0pek0mmg74es2g6xdcc9r162dgrdy8erj08f8je6ebcv866q9qc7yrhtqah8yqk7chxa1q7f6epz3r85smczajw94setdq56zx0g3e0&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DClVamyMsAYq6YN6To3gOYjpjwBJDhgYRctqjCivACwI23ARABIABglZqSgqAHggEXY2EtcHViLTEzMTA4NTI2MDQzMzUyNTSgAcKu6N0DyAEJqQKF7wPBzjWzPuACAKgDAaoEpQJP0JCEpPGIJ7jB00bJrP6oSrBGAdp5WC1pQw-ci5OsDQrI2VHE9rv69KgBmqiV8XedDQH5qpMVpCGbCO9O4G1gLaUbr9z4-1mOTVO4gPh2qAdt-4ebpO8SjTsjud8845x3Ujayog7zxL05AMlnpjPkG8CFZZ9uJu7mddnqRHUMXfu0386lk8kLSVCePDG3OEb50tjSWMtnvRHiWAKsNa23AqQtNATJj0XBqoD3ra6vnEg04uIXi-G_x8Qbih1Lgb-0vRN9izVLpllW1CdHpoJ_9KPwjaOmajwJzve2MySS_8OUaNbwaXeSA1GiByoqE26gp-nRI9ZxiIaDIC408zPrODSVlrBgVxbtP5UX05xETsnURccWKWUm3QJs3iQCV3RLIOExBuAEAYAG8LGN5faIvuxvoAYhqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_0k1Lt8jKl_w6dRhR5XQDSMjPNZZA%26client%3Dca-pub-1310852604335254%26adurl%3D
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 533e8ab00e73a9a61f550b956a872f9091fe48b79b4072d87bdb07348af7f4bc

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-goog-hash: crc32c=tEZe3A==, md5=Jdq10Kok9oEWJwphx1gWLw==
date: Mon, 07 Feb 2022 07:35:37 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 74065
x-guploader-uploadid: ADPycdtTlZwSK1bMGD4JQEha8dQcwS763YR_GQXAjnXnl2RCnFCDM45gCF-BWocTru8uS1y2F-7HId-qcu1T7AovokayCZ19hA
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
cf-bgj: minify
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Wed, 26 Jan 2022 11:00:45 GMT
server: cloudflare
etag: W/"25dab5d0aa24f68116270a61c758162f"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hLYArwmpafhUWBXJRp6acKlVDE5xXWozEMKGLRn34ojKUovkBZX6YoO53W%2BfWedOsA6U0fg92FLvfSr2UzSQqPFSl6pf8gxRRPF%2FT81w0QrBwUExxnWFzzjlOAWNgmSp25fUGiw%3D"}],"group":"cf-nel","max_age":604800}
x-goog-generation: 1643194845770575
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=3600, must-revalidate, stale-while-revalidate=300
x-goog-stored-content-length: 11870
cf-ray: 6d9af14cbddf0f86-MXP
expires: Sun, 06 Feb 2022 11:01:12 GMT

GET
H2

200

/
r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/ Frame 834D
Redirect Chain

https://ad.turn.com/r/cs?pid=3&google_gid=CAESEISAV3gSBPodk1tuXQDc9_E&google_cver=1&google_push=AYg5qPJ3LImlwWNVzqiSoG5V5S0DqLvJkskZRmy4xTtRqC2CGxj_d26Ng-9d93kBYiJL92gz7J4fOWim0Kv4Wt8NLVM6qc-G2Dk
https://cm.g.doubleclick.net/pixel?google_nid=turn1&google_cm&google_sc&google_hm=Mjc0NTk1NzIzMzg3MjAwMTI0OQ==&gdpr=&gdpr_consent=
https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEISAV3gSBPodk1tuXQDc9_E&google_cver=1

43 B
398 B

39ms
20ms

Image
image/gif

2001:678:cb4:bbbb::11
AMOBEE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEISAV3gSBPodk1tuXQDc9_E&google_cver=1
Requested by: Host: 889d10e83f292ac4ee6083347361810f.safeframe.googlesyndication.com
URL: https://889d10e83f292ac4ee6083347361810f.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Server: 2001:678:cb4:bbbb::11 , United Kingdom, ASN56396 (AMOBEE, GB),
Reverse DNS
Software: /
Resource Hash: 48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 07 Feb 2022 07:35:37 GMT
cache-control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-type: image/gif
content-length: 43
p3p: policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"

Redirect headers

pragma: no-cache
date: Mon, 07 Feb 2022 07:35:37 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEISAV3gSBPodk1tuXQDc9_E&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 329
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

i.match
s.tribalfusion.com/z/ Frame 834D
Redirect Chain

https://a.tribalfusion.com/i.match?p=b6&u=CAESEOdJZGAVDYXWkHl6XbU4k8U&google_cver=1&google_push=AYg5qPJECS2ExkX-cwI-RgZHEtFQ_iX-35cLFmrxwVnFGlfMj0yvARxmkT68pYJlhdTR83uJ5woYkrPvz9Lcce9UHQa_TBQMpZYO&...
https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEOdJZGAVDYXWkHl6XbU4k8U&google_cver=1&google_push=AYg5qPJECS2ExkX-cwI-RgZHEtFQ_iX-35cLFmrxwVnFGlfMj0yvARxmkT68pYJlhdTR83uJ5woYkrPvz9Lcce9UHQa_TBQMpZY...

43 B
451 B

179ms
179ms

Image
image/gif

2606:4700::6812:c05
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEOdJZGAVDYXWkHl6XbU4k8U&google_cver=1&google_push=AYg5qPJECS2ExkX-cwI-RgZHEtFQ_iX-35cLFmrxwVnFGlfMj0yvARxmkT68pYJlhdTR83uJ5woYkrPvz9Lcce9UHQa_TBQMpZYO&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAYg5qPJECS2ExkX-cwI-RgZHEtFQ_iX-35cLFmrxwVnFGlfMj0yvARxmkT68pYJlhdTR83uJ5woYkrPvz9Lcce9UHQa_TBQMpZYO%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
Requested by: Host: www.upmedia.mg
URL: https://www.upmedia.mg/news_info.php?SerialNo=61811&Type=12
Protocol: H2
Server: 2606:4700::6812:c05 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 07 Feb 2022 07:35:38 GMT
cf-cache-status: DYNAMIC
x-function: 302
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
cf-ray: 6d9af14e4d2f59d1-MXP
p3p: CP="NOI DEVo TAIa OUR BUS"
cache-control: no-cache, private
content-type: image/gif; charset=utf-8
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 43
expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 07 Feb 2022 07:35:37 GMT
cf-cache-status: DYNAMIC
x-function: 206
server: cloudflare
x-reuse-index: 498
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
cf-ray: 6d9af14d1a8d59d1-MXP
p3p: CP="NOI DEVo TAIa OUR BUS"
location: https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEOdJZGAVDYXWkHl6XbU4k8U&google_cver=1&google_push=AYg5qPJECS2ExkX-cwI-RgZHEtFQ_iX-35cLFmrxwVnFGlfMj0yvARxmkT68pYJlhdTR83uJ5woYkrPvz9Lcce9UHQa_TBQMpZYO&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAYg5qPJECS2ExkX-cwI-RgZHEtFQ_iX-35cLFmrxwVnFGlfMj0yvARxmkT68pYJlhdTR83uJ5woYkrPvz9Lcce9UHQa_TBQMpZYO%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
cache-control: no-cache, private
content-type: text/html
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 834D
Redirect Chain

https://x.bidswitch.net/sync?ssp=google&google_gid=CAESEMjoCHJ_Oif4R_4LGjKkeE8&google_cver=1&google_push=AYg5qPLjOxYIt4V8kIvdK-MJ6V51Wh2W9wvfO9qI6V7bg9XcabYsKp-556ul-axfreXOaft6R34TCcQUKFfhFBqakcWc...
https://x.bidswitch.net/ul_cb/sync?ssp=google&google_gid=CAESEMjoCHJ_Oif4R_4LGjKkeE8&google_cver=1&google_push=AYg5qPLjOxYIt4V8kIvdK-MJ6V51Wh2W9wvfO9qI6V7bg9XcabYsKp-556ul-axfreXOaft6R34TCcQUKFfhFB...
https://m.fg8dgt.com/sync?ssp=bidswitch&bidswitch_ssp_id=google&ssp_uuid=ac248d67-828d-4362-86f6-21ab3db1cb9e
https://m.fg8dgt.com/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=google&ssp_uuid=ac248d67-828d-4362-86f6-21ab3db1cb9e
https://x.bidswitch.net/sync?dsp_id=108&expires=14&ssp=google&user_id=a7bd48f8-70d9-41b3-a978-44115e62ad98
https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=AYg5qPLjOxYIt4V8kIvdK-MJ6V51Wh2W9wvfO9qI6V7bg9XcabYsKp-556ul-axfreXOaft6R34TCcQUKFfhFBqakcWcHmUokqU&google_hm=rCSNZ4KNQ2KG9iGrPbHLng==

170 B
189 B

19ms
18ms

Image
image/png

142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=AYg5qPLjOxYIt4V8kIvdK-MJ6V51Wh2W9wvfO9qI6V7bg9XcabYsKp-556ul-axfreXOaft6R34TCcQUKFfhFBqakcWcHmUokqU&google_hm=rCSNZ4KNQ2KG9iGrPbHLng==

Protocol

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 07 Feb 2022 07:35:39 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: //cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=AYg5qPLjOxYIt4V8kIvdK-MJ6V51Wh2W9wvfO9qI6V7bg9XcabYsKp-556ul-axfreXOaft6R34TCcQUKFfhFBqakcWcHmUokqU&google_hm=rCSNZ4KNQ2KG9iGrPbHLng==
Date: Mon, 07 Feb 2022 07:35:39 GMT
Cache-Control: no-cache, no-store, must-revalidate
Server: nginx
Connection: keep-alive
Content-Length: 0

GET
H3 200 dot.gif
s0.2mdn.net/ Frame 834D 43 B
65 B 15ms
14ms Image
image/gif 2a00:1450:4001:828::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/dot.gif?google_gid=CAESEKFHmtoKzmNybx8mL2p6k1I&google_cver=1&google_push=AYg5qPIbI7rfB6i7MfqwNW3jkseJV4W4ZDsmo1yjwBDc4PeFXOF1wBAIwUC1SdmzkVL5dvT386UHuNcu3Sz1q1U0O-EBNJqcbuc5

Requested by

Host: 889d10e83f292ac4ee6083347361810f.safeframe.googlesyndication.com
URL: https://889d10e83f292ac4ee6083347361810f.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 07 Feb 2022 07:35:37 GMT
x-content-type-options: nosniff
last-modified: Sun, 01 Feb 2009 08:00:00 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/gif
access-control-allow-origin: *
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 43
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 08 Feb 2022 07:35:37 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 834D
Redirect Chain

https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=lESsQRZUQj6SeCaezX7PZA%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mp...

170 B
188 B

27ms
26ms

Image
image/png

142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=lESsQRZUQj6SeCaezX7PZA%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AYg5qPLPk-t68BTLjrLH66okK6ACmWn6aClg07XZA_9g-R2VurgNn9oG6PZzgQeUV8qL_IIVewXJOuFd5_Y-rZBTi7v9fGiy7oij

Requested by

Host: 889d10e83f292ac4ee6083347361810f.safeframe.googlesyndication.com
URL: https://889d10e83f292ac4ee6083347361810f.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 07 Feb 2022 07:35:37 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=lESsQRZUQj6SeCaezX7PZA%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AYg5qPLPk-t68BTLjrLH66okK6ACmWn6aClg07XZA_9g-R2VurgNn9oG6PZzgQeUV8qL_IIVewXJOuFd5_Y-rZBTi7v9fGiy7oij
date: Mon, 07 Feb 2022 07:35:36 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length: 0
content-type: text/html; charset=UTF-8

GET

pixel
cm.g.doubleclick.net/ Frame 834D
Redirect Chain

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEMnjB0OXnFSHAmmtUZzHjNY&google_cver=1&googl...
https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_cver=1&google_gid=CAESEMnjB0OXnFSHAmmtUZzHjNY&google_push=AY...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YgDLyXMRdudMLMtvMAwOvwAABFIAAAAB&google_cver=1&google_gid=CAESEMnjB0OXnFSHAmmtUZzHjNY&google_push=AYg5qPJ40pw3MV1WnTW5IAA3iNBABTL2qD7ah...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YgDLyXMRdudMLMtvMAwOvwAABFIAAAAB&google_cver=1&google_gid=CAESEMnjB0OXnFSHAmmtUZzHjNY&google_push=AYg5qPJ40pw3MV1WnTW5IAA3iNBABTL2qD7ah...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YgDLyXMRdudMLMtvMAwOvwAABFIAAAAB&google_cver=1&google_gid=CAESEMnjB0OXnFSHAmmtUZzHjNY&google_push=AYg5qPJ40pw3MV1WnTW5IAA3iNBABTL2qD7ah...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YgDLyXMRdudMLMtvMAwOvwAABFIAAAAB&google_cver=1&google_gid=CAESEMnjB0OXnFSHAmmtUZzHjNY&google_push=AYg5qPJ40pw3MV1WnTW5IAA3iNBABTL2qD7ah...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YgDLyXMRdudMLMtvMAwOvwAABFIAAAAB&google_cver=1&google_gid=CAESEMnjB0OXnFSHAmmtUZzHjNY&google_push=AYg5qPJ40pw3MV1WnTW5IAA3iNBABTL2qD7ah...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YgDLyXMRdudMLMtvMAwOvwAABFIAAAAB&google_cver=1&google_gid=CAESEMnjB0OXnFSHAmmtUZzHjNY&google_push=AYg5qPJ40pw3MV1WnTW5IAA3iNBABTL2qD7ah...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YgDLyXMRdudMLMtvMAwOvwAABFIAAAAB&google_cver=1&google_gid=CAESEMnjB0OXnFSHAmmtUZzHjNY&google_push=AYg5qPJ40pw3MV1WnTW5IAA3iNBABTL2qD7ah...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YgDLyXMRdudMLMtvMAwOvwAABFIAAAAB&google_cver=1&google_gid=CAESEMnjB0OXnFSHAmmtUZzHjNY&google_push=AYg5qPJ40pw3MV1WnTW5IAA3iNBABTL2qD7ah...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YgDLyXMRdudMLMtvMAwOvwAABFIAAAAB&google_cver=1&google_gid=CAESEMnjB0OXnFSHAmmtUZzHjNY&google_push=AYg5qPJ40pw3MV1WnTW5IAA3iNBABTL2qD7ah...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YgDLyXMRdudMLMtvMAwOvwAABFIAAAAB&google_cver=1&google_gid=CAESEMnjB0OXnFSHAmmtUZzHjNY&google_push=AYg5qPJ40pw3MV1WnTW5IAA3iNBABTL2qD7ah...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YgDLyXMRdudMLMtvMAwOvwAABFIAAAAB&google_cver=1&google_gid=CAESEMnjB0OXnFSHAmmtUZzHjNY&google_push=AYg5qPJ40pw3MV1WnTW5IAA3iNBABTL2qD7ah...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YgDLyXMRdudMLMtvMAwOvwAABFIAAAAB&google_cver=1&google_gid=CAESEMnjB0OXnFSHAmmtUZzHjNY&google_push=AYg5qPJ40pw3MV1WnTW5IAA3iNBABTL2qD7ah...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YgDLyXMRdudMLMtvMAwOvwAABFIAAAAB&google_cver=1&google_gid=CAESEMnjB0OXnFSHAmmtUZzHjNY&google_push=AYg5qPJ40pw3MV1WnTW5IAA3iNBABTL2qD7ah...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YgDLyXMRdudMLMtvMAwOvwAABFIAAAAB&google_cver=1&google_gid=CAESEMnjB0OXnFSHAmmtUZzHjNY&google_push=AYg5qPJ40pw3MV1WnTW5IAA3iNBABTL2qD7ah...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YgDLyXMRdudMLMtvMAwOvwAABFIAAAAB&google_cver=1&google_gid=CAESEMnjB0OXnFSHAmmtUZzHjNY&google_push=AYg5qPJ40pw3MV1WnTW5IAA3iNBABTL2qD7ah...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YgDLyXMRdudMLMtvMAwOvwAABFIAAAAB&google_cver=1&google_gid=CAESEMnjB0OXnFSHAmmtUZzHjNY&google_push=AYg5qPJ40pw3MV1WnTW5IAA3iNBABTL2qD7ah...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YgDLyXMRdudMLMtvMAwOvwAABFIAAAAB&google_cver=1&google_gid=CAESEMnjB0OXnFSHAmmtUZzHjNY&google_push=AYg5qPJ40pw3MV1WnTW5IAA3iNBABTL2qD7ah...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YgDLyXMRdudMLMtvMAwOvwAABFIAAAAB&google_cver=1&google_gid=CAESEMnjB0OXnFSHAmmtUZzHjNY&google_push=AYg5qPJ40pw3MV1WnTW5IAA3iNBABTL2qD7ah...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YgDLyXMRdudMLMtvMAwOvwAABFIAAAAB&google_cver=1&google_gid=CAESEMnjB0OXnFSHAmmtUZzHjNY&google_push=AYg5qPJ40pw3MV1WnTW5IAA3iNBABTL2qD7ah...

0
0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 834D
Redirect Chain

https://pixel.advertising.com/ups/58202/sync?gdpr=&gdpr_consent=&redir=true&google_gid=CAESELW90BXebXMJbs5-YwGIOps&google_cver=1&google_push=AYg5qPLAgnh5ZcIPcuHmSJg_ziPvX2fLai2x9u0zkBf7f6M70R7rOLyY...
https://ups.analytics.yahoo.com/ups/58202/sync?gdpr=&gdpr_consent=&redir=true&google_gid=CAESELW90BXebXMJbs5-YwGIOps&google_cver=1&google_push=AYg5qPLAgnh5ZcIPcuHmSJg_ziPvX2fLai2x9u0zkBf7f6M70R7rOL...
https://cm.g.doubleclick.net/pixel?google_nid=oath_eb&google_hm=VVA4YWQ2MTE5Ni04N2U4LTExZWMtYjcwMi0wMmEwZjkyMzEzMDQ%3D&google_push=AYg5qPLAgnh5ZcIPcuHmSJg_ziPvX2fLai2x9u0zkBf7f6M70R7rOLyYeOJOO1YrC1...

170 B
188 B

18ms
17ms

Image
image/png

142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=oath_eb&google_hm=VVA4YWQ2MTE5Ni04N2U4LTExZWMtYjcwMi0wMmEwZjkyMzEzMDQ%3D&google_push=AYg5qPLAgnh5ZcIPcuHmSJg_ziPvX2fLai2x9u0zkBf7f6M70R7rOLyYeOJOO1YrC1UTwnHCOqbCEWxw8c_9h_zkLl31BdxTcFIRLA

Requested by

Host: 889d10e83f292ac4ee6083347361810f.safeframe.googlesyndication.com
URL: https://889d10e83f292ac4ee6083347361810f.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 07 Feb 2022 07:35:37 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=oath_eb&google_hm=VVA4YWQ2MTE5Ni04N2U4LTExZWMtYjcwMi0wMmEwZjkyMzEzMDQ%3D&google_push=AYg5qPLAgnh5ZcIPcuHmSJg_ziPvX2fLai2x9u0zkBf7f6M70R7rOLyYeOJOO1YrC1UTwnHCOqbCEWxw8c_9h_zkLl31BdxTcFIRLA
date: Mon, 07 Feb 2022 07:35:37 GMT
server: ATS/9.1.0.33
age: 0
content-length: 0
strict-transport-security: max-age=31536000
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

GET
H3 204 attr
cm.g.doubleclick.net/pixel/ Frame 834D 0
12 B 15ms
15ms Image
text/html 142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13LW4X--X9slO2AzaUa4r6B5QgH57xNtzwo5jWd0PLwHnnF2ZxoKXKcpY6T-K4SQzbY-WXGpBw

Requested by

Host: 889d10e83f292ac4ee6083347361810f.safeframe.googlesyndication.com
URL: https://889d10e83f292ac4ee6083347361810f.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 07 Feb 2022 07:35:37 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H2 200 adchoices_default.png
static-de.ad4mat.net/ads/img/ad_markers_folder/ Frame 9BC9 3 KB
4 KB 80ms
36ms Image
image/png 2606:4700:20::ac43:444e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static-de.ad4mat.net/ads/img/ad_markers_folder/adchoices_default.png
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/style/0.1.18/one-ad/default.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:444e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2eeaed1b310e214596abec926291c1a41c6333ddaeac312886fc0b5930d71f0e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-goog-hash: crc32c=v7nNsg==, md5=eUyE0w4hPsahRNZCFfB1UQ==
date: Mon, 07 Feb 2022 07:35:37 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 5721651
x-guploader-uploadid: ADPycds9UegxUXswK4RzZzF6mXDfQy_y0GHXQmo_7EYAAHyEQ16keq-zOTSqb6YP04oikMtdLFTYNybr6iTpruHRyi30S7TEFw
x-goog-storage-class: STANDARD
x-goog-custom-time: 1970-01-01T00:00:00Z
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 3262
x-goog-meta-
last-modified: Wed, 09 Jun 2021 12:35:14 GMT
server: cloudflare
etag: "794c84d30e213ec6a144d64215f07551"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7SfgP7nMu6ZGoF7QAtxiIEhQScuhIgXcw4i4b7WlDhjELgCkq%2FItqbjckkju%2Bc3DnpApx3fIa3QsN9w%2BqjiRDq63GVDt3XYxkAMYMvkNmyUnz1K%2FsEpbIwfFJIFXfmlX7y0Djm68xp80ythcyr4E%2B3hN"}],"group":"cf-nel","max_age":604800}
x-goog-generation: 1623242114099744
content-type: image/png
cache-control: public, max-age=31536000, immutable
x-goog-stored-content-length: 3262
accept-ranges: bytes
cf-ray: 6d9af14d995459ad-MXP
expires: Sat, 03 Dec 2022 02:14:46 GMT

GET
H2 200 adchoices_default.png
static-de.ad4mat.net/ads/img/ad_markers_folder/ Frame BD9B 3 KB
3 KB 78ms
36ms Image
image/png 2606:4700:20::ac43:444e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static-de.ad4mat.net/ads/img/ad_markers_folder/adchoices_default.png
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/style/0.1.18/one-ad/default.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:444e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2eeaed1b310e214596abec926291c1a41c6333ddaeac312886fc0b5930d71f0e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-goog-hash: crc32c=v7nNsg==, md5=eUyE0w4hPsahRNZCFfB1UQ==
date: Mon, 07 Feb 2022 07:35:37 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 5721651
x-guploader-uploadid: ADPycds9UegxUXswK4RzZzF6mXDfQy_y0GHXQmo_7EYAAHyEQ16keq-zOTSqb6YP04oikMtdLFTYNybr6iTpruHRyi30S7TEFw
x-goog-storage-class: STANDARD
x-goog-custom-time: 1970-01-01T00:00:00Z
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 3262
x-goog-meta-
last-modified: Wed, 09 Jun 2021 12:35:14 GMT
server: cloudflare
etag: "794c84d30e213ec6a144d64215f07551"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=prOc9hUE0AYNOcNt0GDx1S3GWsItzJXGbfw8fBTql1AOEpbc5WC7oAJM2eULO%2B26RnnVp5mozyjnaIsRRZn4pgIdQK2O8fu9vmQ2UYbRHlHZIZteLgp%2FNcGHHgxvQzQOcgJ%2FnqFVkCTfd3chUTfTEb4Q"}],"group":"cf-nel","max_age":604800}
x-goog-generation: 1623242114099744
content-type: image/png
cache-control: public, max-age=31536000, immutable
x-goog-stored-content-length: 3262
accept-ranges: bytes
cf-ray: 6d9af14d995959ad-MXP
expires: Sat, 03 Dec 2022 02:14:46 GMT

POST
H2 200 /
track.adform.net/csimpr/ Frame 7830 35 B
503 B 24ms
23ms Ping
image/gif 37.157.4.39
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://track.adform.net/csimpr/?bn=52254093&csi=y5QMUTrePkZhM5SifFwMrZX3KmqCIw76BCnWiS5w_V8JDwKV3Zer3F4Fl4XExVRWvJnpZ3g65tbfw5pqTqeAimQBbo50IEXs0

Requested by

Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.4.39 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://889d10e83f292ac4ee6083347361810f.safeframe.googlesyndication.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Mon, 07 Feb 2022 07:35:37 GMT
server: nginx
access-control-max-age: 86400
access-control-allow-methods: GET, POST
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: https://889d10e83f292ac4ee6083347361810f.safeframe.googlesyndication.com
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
access-control-allow-headers: Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
expires: -1

GET
H2 200 50645785.gif
s1.adform.net/Banners/50645785/ Frame 7830 58 KB
59 KB 23ms
22ms Image
image/gif 37.157.5.72
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s1.adform.net/Banners/50645785/50645785.gif?bv=2

Requested by

Host: 889d10e83f292ac4ee6083347361810f.safeframe.googlesyndication.com
URL: https://889d10e83f292ac4ee6083347361810f.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.5.72 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

54bea01752aad016728dc9cf12165895352175e9a6e6f671c81c3f53f89dca58

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://889d10e83f292ac4ee6083347361810f.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 07 Feb 2022 07:35:37 GMT
last-modified: Wed, 29 Dec 2021 09:26:58 GMT
server: nginx
etag: "61cc29e2-e8f4"
x-cache-status: HIT
strict-transport-security: max-age=0
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: *
cache-control: public, max-age=604800
accept-ranges: bytes
content-type: image/gif
content-length: 59636

GET
H3 200 frame.html Show response
ad4m.at/ Frame 8AD1 2 KB
2 KB 25ms
25ms Document
text/html 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/frame.html
Requested by: Host: ad4m.at
URL: https://ad4m.at/r62eglto.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d12a71cd626ac8f0fc91e6f1b98280cfb49fd724f2dcc118d192adff9a0154b4

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: de-DE,de;q=0.9

Response headers

date: Mon, 07 Feb 2022 07:35:37 GMT
content-type: text/html; charset=utf-8
x-guploader-uploadid: ADPycdunJgVlrvJk1i4V6EeqzatPhaSnLm6oIWOTelRdPaqnkcFkkR_BCVkP3mYoCL4WPcEUy1UhJuTUv7ryZUo5tpCgVZe-wQ
expires: Mon, 07 Feb 2022 08:35:37 GMT
last-modified: Wed, 06 May 2020 15:09:30 GMT
x-goog-generation: 1588777770164783
x-goog-metageneration: 3
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 1681
x-goog-meta-
x-goog-custom-time: 1970-01-01T00:00:00Z
content-language: en
x-goog-hash: crc32c=iTDHew== md5=c2ZaqCqAXxKd4MgeeQDU8g==
x-goog-storage-class: MULTI_REGIONAL
cache-control: public, max-age=3600
age: 365350
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status: HIT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4KAkOsSazEYIA6uN3YjYjvwJ2Lr4ikb%2FmBkewjAyXDGjQs5cXMz%2FhIzY0cHobKI%2BceMH11ryeRSumMQ0766fU80oNx4Ct8Jjt8KDH1FD41OfSQ9zvtx0FgYpjVrCMYLtJm%2BHKi8%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 6d9af14d7ec083b5-MXP
content-encoding: br

GET
H3 200 frame.html Show response
ad4m.at/ Frame 5C36 2 KB
2 KB 27ms
27ms Document
text/html 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/frame.html
Requested by: Host: ad4m.at
URL: https://ad4m.at/r62eglto.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d12a71cd626ac8f0fc91e6f1b98280cfb49fd724f2dcc118d192adff9a0154b4

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: de-DE,de;q=0.9

Response headers

date: Mon, 07 Feb 2022 07:35:37 GMT
content-type: text/html; charset=utf-8
x-guploader-uploadid: ADPycdunJgVlrvJk1i4V6EeqzatPhaSnLm6oIWOTelRdPaqnkcFkkR_BCVkP3mYoCL4WPcEUy1UhJuTUv7ryZUo5tpCgVZe-wQ
expires: Mon, 07 Feb 2022 08:35:37 GMT
last-modified: Wed, 06 May 2020 15:09:30 GMT
x-goog-generation: 1588777770164783
x-goog-metageneration: 3
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 1681
x-goog-meta-
x-goog-custom-time: 1970-01-01T00:00:00Z
content-language: en
x-goog-hash: crc32c=iTDHew== md5=c2ZaqCqAXxKd4MgeeQDU8g==
x-goog-storage-class: MULTI_REGIONAL
cache-control: public, max-age=3600
age: 365350
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status: HIT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=y37Ff1ztHM14G5pjjuWkoQJwgDSkvrK1%2FtC0Lo07ZrkDYJnnX1es%2BVqMyzAL7uwquJUWpoMUtLx%2B1aRL%2BnXY%2BjjG3oWR9FvV4lkIGRYd2pACUO2QpaZiyKzj1%2BiWROrJNE9g%2B18%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 6d9af14d7eca83b5-MXP
content-encoding: br

GET
H2 200 ads Show response
pubads.g.doubleclick.net/gampad/ Frame 39F8 156 B
333 B 138ms
137ms XHR
text/xml 142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pubads.g.doubleclick.net/gampad/ads?iu=%2F22247219933%2C303462569%2Fvideo1%2Fupmedia.mg_desktop&description_url=https%3A%2F%2Fwww.upmedia.mg%2Fnews_info.php%3FSerialNo%3D61811%26Type%3D12&tfcd=0&npa=1&sz=400x300%7C640x480&gdfp_req=1&output=xml_vast4&unviewed_position_start=1&env=vp&correlator=59349068970966&vad_type=linear&pod=1&pmad=2&pmnd=0&pmxd=120000&vpos=preroll&vpa=auto&sdkv=h.3.496.0&osd=2&frm=0&vis=1&sdr=1&hl=en&afvsz=450x50%2C468x60%2C480x70%2C728x90&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&u_so=l&ctv=0&mpt=truvid&mpv=1.0.0&sdki=44d&adk=675632263&sdk_apis=2%2C7%2C8&omid_p=Google1%2Fh.3.496.0&sid=115DAB05-E74B-499A-88A6-7A3A4C9F348D&nel=0&eid=44725355%2C44756710&url=https%3A%2F%2Fwww.upmedia.mg%2Fnews_info.php%3FSerialNo%3D61811%26Type%3D12&dt=1644219337829&cookie=ID%3Df4b1e5fd6938a7f7%3AT%3D1644219335%3AS%3DALNI_MYKsCnRkBuOSFwb4msn5mnwUpqdbg&scor=1660247087606424&ged=ve4_td3_tt1_pd3_la3000_er0.0.0.0_vi0.0.1200.1600_vp0_eb16491

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.496.0_en.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

cafe /

Resource Hash

8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 07 Feb 2022 07:35:37 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 113
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/xml; charset=UTF-8
access-control-allow-origin: https://imasdk.googleapis.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H/1.1 200 / Show response
firehose.ap-southeast-1.amazonaws.com/ 257 B
752 B 174ms
173ms Fetch
application/x-amz-json-1.1 52.119.184.70
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://firehose.ap-southeast-1.amazonaws.com/
Requested by: Host: avivid.likr.tw
URL: https://avivid.likr.tw/sample/aws-sdk-AviviD-min-1.000.3.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.119.184.70 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 250994b91557fb39d6354119f4fdc7f324f7757faa7c3012a74e3689978dd167

Request headers

Accept-Language: de-DE,de;q=0.9
authorization: AWS4-HMAC-SHA256 Credential=AKIATBR2IINUW3Y6AWEJ/20220207/ap-southeast-1/firehose/aws4_request, SignedHeaders=host;x-amz-content-sha256;x-amz-date;x-amz-target;x-amz-user-agent, Signature=2ff2fdbeba14cec39cff2d055bd770d777c183a5d903adf9e645cc295dc071f8
content-type: application/x-amz-json-1.1
x-amz-content-sha256: 12c5651255f7ad8cad2e6f02ba1e3b120aa326999185d75bb2526bf4e0dc740f
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Referer: https://www.upmedia.mg/
x-amz-target: Firehose_20150804.PutRecord
x-amz-date: 20220207T073537Z
x-amz-user-agent: aws-sdk-js/2.769.0 callback

Response headers

Date: Mon, 07 Feb 2022 07:35:38 GMT
Content-Encoding: gzip
x-amzn-RequestId: f8a419b1-1c7b-9981-a2de-d7bb1133d691
Content-Type: application/x-amz-json-1.1
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: x-amzn-RequestId,x-amzn-ErrorType,x-amz-request-id,x-amz-id-2,x-amzn-ErrorMessage,Date
Connection: keep-alive
Keep-Alive: timeout=65
Content-Length: 246
x-amz-id-2: V8IteuYKai3X5a4tlYQFRFKR+txM3GRD8RpJGzLqazUumOBCvGK9rcXjVUYtdf84X0aAF8J8NjV7iIFL9uwIiBkbvgi/Se6B

OPTIONS
H/1.1 200 /
firehose.ap-southeast-1.amazonaws.com/ Frame 0
0 674ms
161ms Preflight 52.119.184.70
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://firehose.ap-southeast-1.amazonaws.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.119.184.70 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: authorization,content-type,x-amz-content-sha256,x-amz-date,x-amz-target,x-amz-user-agent
Origin: https://www.upmedia.mg
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

x-amzn-RequestId: e6e36cbb-acb9-0618-bc99-a2b1a1f14908
Access-Control-Allow-Origin: *
Content-Encoding: gzip
Access-Control-Allow-Headers: authorization,content-type,x-amz-content-sha256,x-amz-date,x-amz-target,x-amz-user-agent
Access-Control-Allow-Methods: POST
Access-Control-Expose-Headers: x-amzn-RequestId,x-amzn-ErrorType,x-amz-request-id,x-amz-id-2,x-amzn-ErrorMessage,Date
Access-Control-Max-Age: 172800
Content-Length: 20
Date: Mon, 07 Feb 2022 07:35:38 GMT
Keep-Alive: timeout=65
Connection: keep-alive

POST
H3 200 rs Show response
ad4m.at/ Frame 9BC9 2 KB
2 KB 54ms
53ms XHR
text/plain 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/rs
Requested by: Host: ad4m.at
URL: https://ad4m.at/r62eglto.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: dd5052a42ab2a20dd0fe4a4fa07d9b8a13419473e7b93fac40a915f526745f23

Request headers

Referer
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type: application/json

Response headers

cf-ray: 6d9af14ecece375f-MXP
date: Mon, 07 Feb 2022 07:35:38 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mK4T4rMzbt61v5rncG7N1y1YC9pY6l21iMlBkhAgJnAOhxQfpFmEGRG77WXt64NU3LzLqlRe1qBFvNAUh7oCNz5lUPu11KlHu3DpYkp8DSYuigsAl1tzF2zs6c5LcwesD1g%2Bzwo%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/plain
access-control-allow-origin: https://as.ad4m.at
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
access-control-allow-credentials: true
content-encoding: br
x-backend-server: aa-reachservice-group-europe-west1-2c44

POST
H3 200 rs Show response
ad4m.at/ Frame BD9B 2 KB
2 KB 52ms
51ms XHR
text/plain 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/rs
Requested by: Host: ad4m.at
URL: https://ad4m.at/r62eglto.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 422abaab4fd6f80dd4dac0dfd1900512e37bdefe560de6a6e12921248a82e8c1

Request headers

Referer
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type: application/json

Response headers

cf-ray: 6d9af14eced0375f-MXP
date: Mon, 07 Feb 2022 07:35:38 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EBqmjn19i7XS%2BkzTnT52yhIEvEu9YbO0JSXvdGrl7YbJdXddCg9NL0WgzKlwXpuahIKHXDLWeQ%2B7iL1P4yHiwSFnTCqO01MsdNWqjdG%2FAvFQhuD4rrkW2%2BbpLHz70VELZEdRuK4%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/plain
access-control-allow-origin: https://as.ad4m.at
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
access-control-allow-credentials: true
content-encoding: br
x-backend-server: aa-reachservice-group-europe-west1-2c44

OPTIONS
H3 200 rs
ad4m.at/ Frame 0
0 83ms
56ms Preflight
text/plain 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/rs
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://as.ad4m.at
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

date: Mon, 07 Feb 2022 07:35:38 GMT
content-type: text/plain
content-length: 24
access-control-allow-origin: https://as.ad4m.at
access-control-allow-credentials: true
access-control-max-age: 1800
access-control-allow-methods: GET,PATCH,POST,OPTIONS,DELETE
access-control-allow-headers: content-type
allow: HEAD,POST,GET,OPTIONS
x-backend-server: aa-reachservice-group-europe-west1-2c44
via: 1.1 google
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7kBeHNN3H%2BAJeVRf4oh8nGC%2FS6Y7aXNkr%2B%2BiD9HZRo37D3l6pz0G1XwfaA8Ui4Z93PNKuNCkQOn%2BsfhHWGpFZDZLpYbKpanzI6u4tk6ipxHojsKxRCc%2F9YGy00bSTv2fqDnesb0%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 6d9af14e7e48375f-MXP

OPTIONS
H3 200 rs
ad4m.at/ Frame 0
0 83ms
57ms Preflight
text/plain 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/rs
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://as.ad4m.at
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

date: Mon, 07 Feb 2022 07:35:38 GMT
content-type: text/plain
content-length: 24
access-control-allow-origin: https://as.ad4m.at
access-control-allow-credentials: true
access-control-max-age: 1800
access-control-allow-methods: GET,PATCH,POST,OPTIONS,DELETE
access-control-allow-headers: content-type
allow: HEAD,POST,GET,OPTIONS
x-backend-server: aa-reachservice-group-europe-west1-2c44
via: 1.1 google
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Kb%2F1otq%2Bp7q31lxhKhoAZpdGHlWn7plJiUqI2RrAqy3b8IM0wyOCy0qJxIES3WC1idsOzWgL5tWJUvEJ1G8KvUOY90rYTpsqH8NEEudYsqWzXwTkhREUL%2FckFaMiKZO8IJ8rG6k%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 6d9af14e7e4a375f-MXP

GET
H/1.1

200
OK

Vr89rLrLhjCAXTy+eBmRt7SSQFggRbNjn0BVyyIABwoBi3ceXl4eXA== Show response
ads-eu.v.ssp.yahoo.com/a/h/
Redirect Chain

https://ads.adaptv.advertising.com/a/h/Vr89rLrLhjCAXTy+eBmRt7SSQFggRbNjn0BVyyIABwoBi3ceXl4eXA==?cb=62597628&gdpr=1&gdpr_consent=&us_privacy=1---&pageUrl=https%3A%2F%2Fupmedia.mg&a.ip=217.64.151.7&a...
https://ads-eu.v.ssp.yahoo.com/a/h/Vr89rLrLhjCAXTy+eBmRt7SSQFggRbNjn0BVyyIABwoBi3ceXl4eXA==?cb=62597628&gdpr=1&gdpr_consent=&us_privacy=1---&pageUrl=https%3A%2F%2Fupmedia.mg&a.ip=217.64.151.7&a.ua=...

249 B
528 B

456ms
416ms

XHR
text/xml

3.122.65.14
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ads-eu.v.ssp.yahoo.com/a/h/Vr89rLrLhjCAXTy+eBmRt7SSQFggRbNjn0BVyyIABwoBi3ceXl4eXA==?cb=62597628&gdpr=1&gdpr_consent=&us_privacy=1---&pageUrl=https%3A%2F%2Fupmedia.mg&a.ip=217.64.151.7&a.ua=Mozilla/5.0%20(Windows%20NT%2010.0;%20Win64;%20x64)%20AppleWebKit/537.36%20(KHTML,%20like%20Gecko)%20Chrome/97.0.4692.71%20Safari/537.36&lat=59.3247&lon=18.056&scpid=597&hp=1&eov=eov&pi.width=978&pi.height=550&pi.viewable=0&a.y_rid=9402c027-d541-43d3-929c-b9458feab65a&a.is_yahoo=3&redirect_y=dHM9MTY0NDIxOTMzODAzNS4yNzU4Nzk6YXBpZD1VUDhhZDYxMTk2LTg3ZTgtMTFlYy1iNzAyLTAyYTBmOTIzMTMwNDpyZXF1ZXN0X2lkPTk0MDJjMDI3LWQ1NDEtNDNkMy05MjljLWI5NDU4ZmVhYjY1YQ==
Requested by: Host: www.upmedia.mg
URL: https://www.upmedia.mg/news_info.php?SerialNo=61811&Type=12
Protocol: HTTP/1.1
Server: 3.122.65.14 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-122-65-14.eu-central-1.compute.amazonaws.com
Software: ATS/9.1.0.33 /
Resource Hash: 6c138576e7381d3ab0aa7b511adc3a7cbb7fe3a3d33768bad05577f5dfc60cad

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.upmedia.mg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
Date: Mon, 07 Feb 2022 07:35:38 GMT
content-encoding: gzip
server: ATS/9.1.0.33
Age: 0
content-type: text/xml
access-control-allow-origin: null
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
Connection: keep-alive
Content-Length: 192
expires: 0

Redirect headers

strict-transport-security: max-age=31536000
server: adaptv/1.0
access-control-allow-origin: https://www.upmedia.mg
content-type: text/plain
location: https://ads-eu.v.ssp.yahoo.com/a/h/Vr89rLrLhjCAXTy+eBmRt7SSQFggRbNjn0BVyyIABwoBi3ceXl4eXA==?cb=62597628&gdpr=1&gdpr_consent=&us_privacy=1---&pageUrl=https%3A%2F%2Fupmedia.mg&a.ip=217.64.151.7&a.ua=Mozilla/5.0%20(Windows%20NT%2010.0;%20Win64;%20x64)%20AppleWebKit/537.36%20(KHTML,%20like%20Gecko)%20Chrome/97.0.4692.71%20Safari/537.36&lat=59.3247&lon=18.056&scpid=597&hp=1&eov=eov&pi.width=978&pi.height=550&pi.viewable=0&a.y_rid=9402c027-d541-43d3-929c-b9458feab65a&a.is_yahoo=3&redirect_y=dHM9MTY0NDIxOTMzODAzNS4yNzU4Nzk6YXBpZD1VUDhhZDYxMTk2LTg3ZTgtMTFlYy1iNzAyLTAyYTBmOTIzMTMwNDpyZXF1ZXN0X2lkPTk0MDJjMDI3LWQ1NDEtNDNkMy05MjljLWI5NDU4ZmVhYjY1YQ==
access-control-allow-credentials: true
Connection: keep-alive
Content-Length: 0

GET
H2 204 pixel.gif
p.trvdp.com/ 0
50 B 98ms
97ms Image
text/plain 54.174.237.181
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://p.trvdp.com/pixel.gif?e=otfMbHyCEyYHdI4uOWB/zxhbucxoQn6+m8LJBgAVn2a+l+sSR8X3jDfYy9IIWZuRZm6jWdwQzRwIPDrhStJtuKkr4iLXzlxVRWDDwWLuQTl816n9ADVEmiMcWGGK9p8ALviYZmOVfaJmr/iNxnVH6F9Y6e2TVgpjobRxKa2b33ZQKO0UC+UgK05Iq/1QDrlZ6u3JdowZczXPV9JUuiaEwD847CaHwVx4oewLQqBcKFKhoHlBPlcIh3i0J1A/u7C+wM2ZCua1Zl8BebX7mVYKVXw7wy3j5clj0sUVnFMJ2ul3zzD9kswaiN/XYuHU6/2y8qMY7XhqMjrtUo468PqO5PogUgDj/UfezHy8l34USDs=&cb=03132259
Requested by: Host: www.upmedia.mg
URL: https://www.upmedia.mg/news_info.php?SerialNo=61811&Type=12
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.174.237.181 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-174-237-181.compute-1.amazonaws.com
Software: nginx/1.6.2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.upmedia.mg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 07 Feb 2022 07:35:38 GMT
server: nginx/1.6.2

GET
H2 204 pixel.gif
p.trvdp.com/ 0
50 B 97ms
97ms Image
text/plain 54.174.237.181
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://p.trvdp.com/pixel.gif?e=J1l5m7P1HA0YYnjkZ+4POhhbucxoQn6+m8LJBgAVn2a+l+sSR8X3jDfYy9IIWZuRZm6jWdwQzRwIPDrhStJtuKkr4iLXzlxVRWDDwWLuQTl816n9ADVEmiMcWGGK9p8ALviYZmOVfaJmr/iNxnVH6F9Y6e2TVgpjobRxKa2b33ZQKO0UC+UgK05Iq/1QDrlZ6u3JdowZczXPV9JUuiaEwD847CaHwVx4oewLQqBcKFKhoHlBPlcIh3i0J1A/u7C+ILtp8McPekHGFYjmc3vxUavRyyQ8CLXA7qfR42OjYep3zzD9kswaiN/XYuHU6/2y8qMY7XhqMjrtUo468PqO5PogUgDj/UfezHy8l34USDs=&cb=40506527
Requested by: Host: www.upmedia.mg
URL: https://www.upmedia.mg/news_info.php?SerialNo=61811&Type=12
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.174.237.181 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-174-237-181.compute-1.amazonaws.com
Software: nginx/1.6.2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.upmedia.mg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 07 Feb 2022 07:35:38 GMT
server: nginx/1.6.2

GET
H3 200 rar Show response
as.ad4m.at/ad/ Frame 6D06 7 KB
4 KB 45ms
44ms Document
text/html 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://as.ad4m.at/ad/rar?a=15579%2C14044%2C24673&b=RA2hgfQfD4pTkHwH3tQtJgDS9SzTqxTG9x%2CeYET3fVfxBVcjHZHet1teW3swSQT81s7Ew%2CrW4FQf9fd3jTAH7HjtqtBwxuYS8TxmhX4R&f=QM4U4fjf4gRHxH5HYt9CXkWc6S4TqjTj9Y%2CDXEH3fwfbqPS3HmH9twCwAmFxSmT8jsRQE%2CP6rTBfbfRbzh9HjHbtgCPzEHJS9TMYH73A&c=300&d=250&e=EqHinm5zKdG3ma7A1yVwsHQZe4d2jbmo&g=f1ceafe73b833a7269e711ebe4e3737d%2F2800782983793426027&i=26474%2C25007%2C20430&j=41%2C16%2C21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach09_PRIVATKREDIT&r=1644219338070&h=%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1k34srhn3mbd731mtcd1q1f5bdpj1zqes35zbj1h9n7krq8gnphymfr8gw4brvt497epyc58ht7c74bebrp38dqvjqahrwxhg3zvna8en30gp98f0cxc85fvaqyk1saa2p50em8wy88td5sjnzj9fg4khj0adc4zw26da7vzetg4615wb0gx1kccyzcj89d48jccpbmfz3jwcp3vmv9f52z94zefjq8pgvs052mhj6q5bv0dvvp02wd14ag96018vdvgwex4bm164s4pqs6egt6n%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DClVamyMsAYq6YN6To3gOYjpjwBJDhgYRctqjCivACwI23ARABIABglZqSgqAHggEXY2EtcHViLTEzMTA4NTI2MDQzMzUyNTSgAcKu6N0DyAEJqQKF7wPBzjWzPuACAKgDAaoEpQJP0JCEpPGIJ7jB00bJrP6oSrBGAdp5WC1pQw-ci5OsDQrI2VHE9rv69KgBmqiV8XedDQH5qpMVpCGbCO9O4G1gLaUbr9z4-1mOTVO4gPh2qAdt-4ebpO8SjTsjud8845x3Ujayog7zxL05AMlnpjPkG8CFZZ9uJu7mddnqRHUMXfu0386lk8kLSVCePDG3OEb50tjSWMtnvRHiWAKsNa23AqQtNATJj0XBqoD3ra6vnEg04uIXi-G_x8Qbih1Lgb-0vRN9izVLpllW1CdHpoJ_9KPwjaOmajwJzve2MySS_8OUaNbwaXeSA1GiByoqE26gp-nRI9ZxiIaDIC408zPrODSVlrBgVxbtP5UX05xETsnURccWKWUm3QJs3iQCV3RLIOExBuAEAYAG8LGN5faIvuxvoAYhqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%252526num%25253D1%252526sig%25253DAOD64_0k1Lt8jKl_w6dRhR5XQDSMjPNZZA%252526client%25253Dca-pub-1310852604335254%252526adurl%25253D&y=1&z=0

Requested by

Host: ad4m.at
URL: https://ad4m.at/r62eglto.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

aa14829e861296db467dead809a3a112bab4bcb3e619e9248e3d148dbde9de7c

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri ;child-src ;connect-src ;default-src 'self';font-src ;form-action 'none';frame-ancestors * data:;frame-src ;img-src data:;manifest-src 'none';media-src 'none';navigate-to ;object-src 'none';prefetch-src 'none';script-src 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
Strict-Transport-Security	max-age=86400; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://as.ad4m.at/ad/dr?ed=1jt0n16w93wybd7k2kezeeky5bzfhnxxy2mfwgk9xtg7s7gkx1k7t97shsf05fffzmtj4j70tz1vt1k3570tajdmegrcxhnck2fayrkvv3qc2py6q0tygf2eym5apt7bqgzwbfcr27qc32jxx2c2z0fy7phk8epkbk1ssbrw8m0h9pp80njn7p6j3cfj8d3as5a9pah7b062d44c3g8w8f3ja01bzea3qve5fvzcz4t8ahszh0k3ndcwehmrzcwndmjtvcy0h8zgmf0680ayjwmyp6ax1dnzeb4dbe3rhmq73awtx7k2ys9z2rqzegzyd5193gv2qqanzq96d06bz7d9578dp0pek0mmg74es2g6xdcc9r162dgrdy8erj08f8je6ebcv866q9qc7yrhtqah8yqk7chxa1q7f6epz3r85smczajw94setdq56zx0g3e0&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DClVamyMsAYq6YN6To3gOYjpjwBJDhgYRctqjCivACwI23ARABIABglZqSgqAHggEXY2EtcHViLTEzMTA4NTI2MDQzMzUyNTSgAcKu6N0DyAEJqQKF7wPBzjWzPuACAKgDAaoEpQJP0JCEpPGIJ7jB00bJrP6oSrBGAdp5WC1pQw-ci5OsDQrI2VHE9rv69KgBmqiV8XedDQH5qpMVpCGbCO9O4G1gLaUbr9z4-1mOTVO4gPh2qAdt-4ebpO8SjTsjud8845x3Ujayog7zxL05AMlnpjPkG8CFZZ9uJu7mddnqRHUMXfu0386lk8kLSVCePDG3OEb50tjSWMtnvRHiWAKsNa23AqQtNATJj0XBqoD3ra6vnEg04uIXi-G_x8Qbih1Lgb-0vRN9izVLpllW1CdHpoJ_9KPwjaOmajwJzve2MySS_8OUaNbwaXeSA1GiByoqE26gp-nRI9ZxiIaDIC408zPrODSVlrBgVxbtP5UX05xETsnURccWKWUm3QJs3iQCV3RLIOExBuAEAYAG8LGN5faIvuxvoAYhqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_0k1Lt8jKl_w6dRhR5XQDSMjPNZZA%26client%3Dca-pub-1310852604335254%26adurl%3D

Response headers

date: Mon, 07 Feb 2022 07:35:38 GMT
content-type: text/html; charset=utf-8
strict-transport-security: max-age=86400; includeSubDomains; preload
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate
x-download-options: noopen
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
report-to: {"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
x-xss-protection: 1; mode=block
cross-origin-embedder-policy: unsafe-none
content-security-policy: block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri *;child-src *;connect-src *;default-src 'self';font-src *;form-action 'none';frame-ancestors * data:;frame-src *;img-src * data:;manifest-src 'none';media-src 'none';navigate-to *;object-src 'none';prefetch-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
referrer-policy: same-origin
feature-policy: geolocation 'none';midi 'none';sync-xhr 'none';microphone 'none';camera 'none';magnetometer 'none';gyroscope 'none';fullscreen 'none';payment 'none';accelerometer 'none';usb 'none';autoplay 'self'
nel: {"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
expires: 0
surrogate-control: no-store
pragma: no-cache
cross-origin-opener-policy: unsafe-none
via: 1.1 google
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 6d9af14f2a7883b5-MXP
content-encoding: br

GET
H3 200 rar Show response
as.ad4m.at/ad/ Frame 97A1 7 KB
4 KB 41ms
41ms Document
text/html 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://as.ad4m.at/ad/rar?a=15579%2C14044%2C24673&b=RA2hgfQfD4pTkHwH3tQtJgDS9SzTqxTG9x%2CeYET3fVfxBVcjHZHet1teW3swSQT81s7Ew%2CrW4FQf9fd3jTAH7HjtqtBwxuYS8TxmhX4R&f=QM4U4fjf4gRHxH5HYt9CXkWc6S4TqjTj9Y%2CDXEH3fwfbqPS3HmH9twCwAmFxSmT8jsRQE%2CP6rTBfbfRbzh9HjHbtgCPzEHJS9TMYH73A&c=120&d=600&e=F9SIIBsUtV1cES_dGQedjRwL_dWotX5h&g=6e7ba19df44172886016f50f592e1c41%2F10111569030503391235&i=26474%2C25007%2C20430&j=41%2C16%2C21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach09_PRIVATKREDIT&r=1644219338070&h=%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1j3vtzmssdbcrnga9td2ek7nnthf24mqx57p010ftag2st1ea8gn4xeggzg33qqwqtyae0gcg3rk57qg4awgjsfnqb3fq0syc44b8d4h110fwd0dccbzrqwn0w5m9ge04k95z4vd3w3m5mn1x3zzy8sn670nnt3kk337nbvt0c9jhah5z03cwpg47z3dae64mztw4t9g6ctjhtyx25ggcgn6a8p6n6y933evypsj34x0sz6ewxs7248t2dvqb42h47nv4hek7msht3vpx2rv3jmk%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DC0IZ2ycsAYrvHBNbq3wPNrKBYkOGBhFy2qMKK8ALAjbcBEAEgAGCVmpKCoAeCARdjYS1wdWItMTMxMDg1MjYwNDMzNTI1NKABwq7o3QPIAQmpAoXvA8HONbM-4AIAqAMBqgSlAk_Qk-4K5xG8OaehGRAiv-1-TuMpvBFJvwsRKS4HJzWR27O9GFaU7Ol7N9XpFjIxDq9nIrhz2tWfok_SLmXixyyjMO_xNYd9RAm6BRjgdFjAu4dV1RKalCM2LajtUzUCQS-EHQBRLH6vfLxKSk851K6el9gHY_NLYj8iltR9odj7_P6VteGEFVvJZPvTYXTts2viKUmwoSdRPwPRX5HUplpkeuH-rblxPFwVsTo0tgtzv1FyXj7RP9EOnEBY_d04cwYR8IRG7AkVEX8qfusSiRpmL_aKor3xB3xVozOFQvcMsK5tebrBvpMF_j3R_qRfh8sE13puPFF3p4Nc1BJJg8gNZn_wAnv9fhSkv1d4dEGcFUOyRuG8LhFLHIoThYs_U1mq2DVs4AQBgAb-tNCS3Jaevb0BoAYhqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%252526num%25253D1%252526sig%25253DAOD64_0abY8oaaCAEsGi3oTn1r3DrRSs8Q%252526client%25253Dca-pub-1310852604335254%252526adurl%25253D&y=1&z=0

Requested by

Host: ad4m.at
URL: https://ad4m.at/r62eglto.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

29a44a78fbbdccc9532915b8c963143900691d86fe08986ea2ee11d6880431ad

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri ;child-src ;connect-src ;default-src 'self';font-src ;form-action 'none';frame-ancestors * data:;frame-src ;img-src data:;manifest-src 'none';media-src 'none';navigate-to ;object-src 'none';prefetch-src 'none';script-src 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
Strict-Transport-Security	max-age=86400; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://as.ad4m.at/ad/dr?ed=1jtv2ys8vmn3hkhm55348wddq7769pzhqxxcaea0vdpzjdcdsptm9ef73e9r5vvzw68rjhp592n44e56fepkmwwvkp5a2yrdvfhew9z3cbdj50w7zk8sqhgtbp4pawkjhfh2sxt0nh91f71v12esetvjcgvvnv09wrxpjq13b7ad2nz7yvqtc0ch8480t285wh58xpvfyqy8v2fnss2hcjc5ds7t6fz3dxeqh7etzwy1zawwdb5yv5xhyxt126x4rw41270pavtqy4t8es9jajjwb7shty4xqymjys9m4c3tz9nz5mzmsrgdk7zz3y3p0s14ktjqsrdz3f49yxperkd94a9ktf05s3eahy4vqtpka4ncqm8mgmevst763zj2xmkgd8af5mbq061j09bptc5wtmq4zpq834as32vwj7mg4x8dee6r5p0tr57z9pkdj040&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC0IZ2ycsAYrvHBNbq3wPNrKBYkOGBhFy2qMKK8ALAjbcBEAEgAGCVmpKCoAeCARdjYS1wdWItMTMxMDg1MjYwNDMzNTI1NKABwq7o3QPIAQmpAoXvA8HONbM-4AIAqAMBqgSlAk_Qk-4K5xG8OaehGRAiv-1-TuMpvBFJvwsRKS4HJzWR27O9GFaU7Ol7N9XpFjIxDq9nIrhz2tWfok_SLmXixyyjMO_xNYd9RAm6BRjgdFjAu4dV1RKalCM2LajtUzUCQS-EHQBRLH6vfLxKSk851K6el9gHY_NLYj8iltR9odj7_P6VteGEFVvJZPvTYXTts2viKUmwoSdRPwPRX5HUplpkeuH-rblxPFwVsTo0tgtzv1FyXj7RP9EOnEBY_d04cwYR8IRG7AkVEX8qfusSiRpmL_aKor3xB3xVozOFQvcMsK5tebrBvpMF_j3R_qRfh8sE13puPFF3p4Nc1BJJg8gNZn_wAnv9fhSkv1d4dEGcFUOyRuG8LhFLHIoThYs_U1mq2DVs4AQBgAb-tNCS3Jaevb0BoAYhqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_0abY8oaaCAEsGi3oTn1r3DrRSs8Q%26client%3Dca-pub-1310852604335254%26adurl%3D

Response headers

date: Mon, 07 Feb 2022 07:35:38 GMT
content-type: text/html; charset=utf-8
strict-transport-security: max-age=86400; includeSubDomains; preload
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate
x-download-options: noopen
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
report-to: {"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
x-xss-protection: 1; mode=block
cross-origin-embedder-policy: unsafe-none
content-security-policy: block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri *;child-src *;connect-src *;default-src 'self';font-src *;form-action 'none';frame-ancestors * data:;frame-src *;img-src * data:;manifest-src 'none';media-src 'none';navigate-to *;object-src 'none';prefetch-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
referrer-policy: same-origin
feature-policy: geolocation 'none';midi 'none';sync-xhr 'none';microphone 'none';camera 'none';magnetometer 'none';gyroscope 'none';fullscreen 'none';payment 'none';accelerometer 'none';usb 'none';autoplay 'self'
nel: {"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
expires: 0
surrogate-control: no-store
pragma: no-cache
cross-origin-opener-policy: unsafe-none
via: 1.1 google
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 6d9af14f2a8183b5-MXP
content-encoding: br

GET
H3 200 default.css
as.ad4m.at/ad/style/0.1.18/one-ad/ Frame 97A1 81 KB
11 KB 29ms
28ms Stylesheet
text/css 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://as.ad4m.at/ad/style/0.1.18/one-ad/default.css

Requested by

Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=15579%2C14044%2C24673&b=RA2hgfQfD4pTkHwH3tQtJgDS9SzTqxTG9x%2CeYET3fVfxBVcjHZHet1teW3swSQT81s7Ew%2CrW4FQf9fd3jTAH7HjtqtBwxuYS8TxmhX4R&f=QM4U4fjf4gRHxH5HYt9CXkWc6S4TqjTj9Y%2CDXEH3fwfbqPS3HmH9twCwAmFxSmT8jsRQE%2CP6rTBfbfRbzh9HjHbtgCPzEHJS9TMYH73A&c=120&d=600&e=F9SIIBsUtV1cES_dGQedjRwL_dWotX5h&g=6e7ba19df44172886016f50f592e1c41%2F10111569030503391235&i=26474%2C25007%2C20430&j=41%2C16%2C21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach09_PRIVATKREDIT&r=1644219338070&h=%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1j3vtzmssdbcrnga9td2ek7nnthf24mqx57p010ftag2st1ea8gn4xeggzg33qqwqtyae0gcg3rk57qg4awgjsfnqb3fq0syc44b8d4h110fwd0dccbzrqwn0w5m9ge04k95z4vd3w3m5mn1x3zzy8sn670nnt3kk337nbvt0c9jhah5z03cwpg47z3dae64mztw4t9g6ctjhtyx25ggcgn6a8p6n6y933evypsj34x0sz6ewxs7248t2dvqb42h47nv4hek7msht3vpx2rv3jmk%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DC0IZ2ycsAYrvHBNbq3wPNrKBYkOGBhFy2qMKK8ALAjbcBEAEgAGCVmpKCoAeCARdjYS1wdWItMTMxMDg1MjYwNDMzNTI1NKABwq7o3QPIAQmpAoXvA8HONbM-4AIAqAMBqgSlAk_Qk-4K5xG8OaehGRAiv-1-TuMpvBFJvwsRKS4HJzWR27O9GFaU7Ol7N9XpFjIxDq9nIrhz2tWfok_SLmXixyyjMO_xNYd9RAm6BRjgdFjAu4dV1RKalCM2LajtUzUCQS-EHQBRLH6vfLxKSk851K6el9gHY_NLYj8iltR9odj7_P6VteGEFVvJZPvTYXTts2viKUmwoSdRPwPRX5HUplpkeuH-rblxPFwVsTo0tgtzv1FyXj7RP9EOnEBY_d04cwYR8IRG7AkVEX8qfusSiRpmL_aKor3xB3xVozOFQvcMsK5tebrBvpMF_j3R_qRfh8sE13puPFF3p4Nc1BJJg8gNZn_wAnv9fhSkv1d4dEGcFUOyRuG8LhFLHIoThYs_U1mq2DVs4AQBgAb-tNCS3Jaevb0BoAYhqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%252526num%25253D1%252526sig%25253DAOD64_0abY8oaaCAEsGi3oTn1r3DrRSs8Q%252526client%25253Dca-pub-1310852604335254%252526adurl%25253D&y=1&z=0

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0442de55e3838ce2b8cfca9a7ad2a6bcecfd94844453c13b38d7a9f1d31944b9

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://as.ad4m.at/ad/rar?a=15579%2C14044%2C24673&b=RA2hgfQfD4pTkHwH3tQtJgDS9SzTqxTG9x%2CeYET3fVfxBVcjHZHet1teW3swSQT81s7Ew%2CrW4FQf9fd3jTAH7HjtqtBwxuYS8TxmhX4R&f=QM4U4fjf4gRHxH5HYt9CXkWc6S4TqjTj9Y%2CDXEH3fwfbqPS3HmH9twCwAmFxSmT8jsRQE%2CP6rTBfbfRbzh9HjHbtgCPzEHJS9TMYH73A&c=120&d=600&e=F9SIIBsUtV1cES_dGQedjRwL_dWotX5h&g=6e7ba19df44172886016f50f592e1c41%2F10111569030503391235&i=26474%2C25007%2C20430&j=41%2C16%2C21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach09_PRIVATKREDIT&r=1644219338070&h=%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1j3vtzmssdbcrnga9td2ek7nnthf24mqx57p010ftag2st1ea8gn4xeggzg33qqwqtyae0gcg3rk57qg4awgjsfnqb3fq0syc44b8d4h110fwd0dccbzrqwn0w5m9ge04k95z4vd3w3m5mn1x3zzy8sn670nnt3kk337nbvt0c9jhah5z03cwpg47z3dae64mztw4t9g6ctjhtyx25ggcgn6a8p6n6y933evypsj34x0sz6ewxs7248t2dvqb42h47nv4hek7msht3vpx2rv3jmk%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DC0IZ2ycsAYrvHBNbq3wPNrKBYkOGBhFy2qMKK8ALAjbcBEAEgAGCVmpKCoAeCARdjYS1wdWItMTMxMDg1MjYwNDMzNTI1NKABwq7o3QPIAQmpAoXvA8HONbM-4AIAqAMBqgSlAk_Qk-4K5xG8OaehGRAiv-1-TuMpvBFJvwsRKS4HJzWR27O9GFaU7Ol7N9XpFjIxDq9nIrhz2tWfok_SLmXixyyjMO_xNYd9RAm6BRjgdFjAu4dV1RKalCM2LajtUzUCQS-EHQBRLH6vfLxKSk851K6el9gHY_NLYj8iltR9odj7_P6VteGEFVvJZPvTYXTts2viKUmwoSdRPwPRX5HUplpkeuH-rblxPFwVsTo0tgtzv1FyXj7RP9EOnEBY_d04cwYR8IRG7AkVEX8qfusSiRpmL_aKor3xB3xVozOFQvcMsK5tebrBvpMF_j3R_qRfh8sE13puPFF3p4Nc1BJJg8gNZn_wAnv9fhSkv1d4dEGcFUOyRuG8LhFLHIoThYs_U1mq2DVs4AQBgAb-tNCS3Jaevb0BoAYhqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%252526num%25253D1%252526sig%25253DAOD64_0abY8oaaCAEsGi3oTn1r3DrRSs8Q%252526client%25253Dca-pub-1310852604335254%252526adurl%25253D&y=1&z=0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 07 Feb 2022 07:35:38 GMT
via: 1.1 google
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
age: 1005032
cross-origin-embedder-policy: unsafe-none
cf-polished: origSize=83581
surrogate-control: no-store
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=86400; includeSubDomains; preload
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block
pragma: no-cache
referrer-policy: same-origin
expires: 0
last-modified: Wed, 26 Jan 2022 16:25:06 GMT
server: cloudflare
cross-origin-opener-policy: unsafe-none
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-download-options: noopen
report-to: {"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
content-type: text/css; charset=utf-8
vary: Accept-Encoding
cache-control: max-age=3600, must-revalidate, proxy-revalidate
cf-ray: 6d9af14f8b6983b5-MXP
cf-bgj: minify

GET
H2 200 A936526A7BBD1A3667304FF9801CD69D64491F536141498A04EE917B95C4F41805FB0684491C85587102A447B68BEB66A82BA2BA68F7C41066BBF7DD19871BB8
assets.ad4m.at/logo/ Frame 97A1 15 KB
16 KB 67ms
66ms Image
image/webp 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/logo/A936526A7BBD1A3667304FF9801CD69D64491F536141498A04EE917B95C4F41805FB0684491C85587102A447B68BEB66A82BA2BA68F7C41066BBF7DD19871BB8
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=15579%2C14044%2C24673&b=RA2hgfQfD4pTkHwH3tQtJgDS9SzTqxTG9x%2CeYET3fVfxBVcjHZHet1teW3swSQT81s7Ew%2CrW4FQf9fd3jTAH7HjtqtBwxuYS8TxmhX4R&f=QM4U4fjf4gRHxH5HYt9CXkWc6S4TqjTj9Y%2CDXEH3fwfbqPS3HmH9twCwAmFxSmT8jsRQE%2CP6rTBfbfRbzh9HjHbtgCPzEHJS9TMYH73A&c=120&d=600&e=F9SIIBsUtV1cES_dGQedjRwL_dWotX5h&g=6e7ba19df44172886016f50f592e1c41%2F10111569030503391235&i=26474%2C25007%2C20430&j=41%2C16%2C21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach09_PRIVATKREDIT&r=1644219338070&h=%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1j3vtzmssdbcrnga9td2ek7nnthf24mqx57p010ftag2st1ea8gn4xeggzg33qqwqtyae0gcg3rk57qg4awgjsfnqb3fq0syc44b8d4h110fwd0dccbzrqwn0w5m9ge04k95z4vd3w3m5mn1x3zzy8sn670nnt3kk337nbvt0c9jhah5z03cwpg47z3dae64mztw4t9g6ctjhtyx25ggcgn6a8p6n6y933evypsj34x0sz6ewxs7248t2dvqb42h47nv4hek7msht3vpx2rv3jmk%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DC0IZ2ycsAYrvHBNbq3wPNrKBYkOGBhFy2qMKK8ALAjbcBEAEgAGCVmpKCoAeCARdjYS1wdWItMTMxMDg1MjYwNDMzNTI1NKABwq7o3QPIAQmpAoXvA8HONbM-4AIAqAMBqgSlAk_Qk-4K5xG8OaehGRAiv-1-TuMpvBFJvwsRKS4HJzWR27O9GFaU7Ol7N9XpFjIxDq9nIrhz2tWfok_SLmXixyyjMO_xNYd9RAm6BRjgdFjAu4dV1RKalCM2LajtUzUCQS-EHQBRLH6vfLxKSk851K6el9gHY_NLYj8iltR9odj7_P6VteGEFVvJZPvTYXTts2viKUmwoSdRPwPRX5HUplpkeuH-rblxPFwVsTo0tgtzv1FyXj7RP9EOnEBY_d04cwYR8IRG7AkVEX8qfusSiRpmL_aKor3xB3xVozOFQvcMsK5tebrBvpMF_j3R_qRfh8sE13puPFF3p4Nc1BJJg8gNZn_wAnv9fhSkv1d4dEGcFUOyRuG8LhFLHIoThYs_U1mq2DVs4AQBgAb-tNCS3Jaevb0BoAYhqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%252526num%25253D1%252526sig%25253DAOD64_0abY8oaaCAEsGi3oTn1r3DrRSs8Q%252526client%25253Dca-pub-1310852604335254%252526adurl%25253D&y=1&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d5661858a1ac96084163595f8a5da3f9c0208037dbe609d6a8bbe48ada46c3b5

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-goog-hash: crc32c=i1Ff/Q==, md5=AYpfNzYzK/oFCZjsj3K+tA==
date: Mon, 07 Feb 2022 07:35:38 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 386607
cf-polished: origFmt=png, origSize=26777
x-guploader-uploadid: ADPycdvfcAp17sFLL_yvaw3EaXfJGc3JyCJEbdexH5Hf2yleWrO5i--MAviHBa-sIMUx4UPgUbFRcGnYBJldyCBS90NkHWJTyA
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 15238
last-modified: Tue, 07 Jul 2020 09:20:40 GMT
server: cloudflare
etag: "018a5f3736332bfa050998ec8f72beb4"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=B07jWEb2bbwqHiXz%2BnTYJl8YHH9mnQShEC2m3UBQbPp5vounfUujLJ%2BVA4qRskgy3X9akGpwFV5rDA0r8%2BdM6o8JKmoT%2FKus%2FdWV5CMxrKRLtkd4BnYvd8Toif2e6V64vMKtznmzApHp4Mk7"}],"group":"cf-nel","max_age":604800}
x-goog-generation: 1594113640078278
content-type: image/webp
expires: Tue, 08 Feb 2022 07:35:38 GMT
cache-control: public, max-age=86400
x-goog-stored-content-length: 26777
accept-ranges: bytes
cf-ray: 6d9af14f9b440f86-MXP
cf-bgj: imgq:85,h2pri

GET
H2 200 CD344C7198208A9A5F740F476AC3F2335508D7627FCE5B0F39A1436D67E60AB1E86775C9CFAD06EEACFED0D65DCA993D91C20CCA09713249CF6834EEECD25F41
assets.ad4m.at/product_image/ Frame 97A1 382 KB
383 KB 32ms
31ms Image
image/webp 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/product_image/CD344C7198208A9A5F740F476AC3F2335508D7627FCE5B0F39A1436D67E60AB1E86775C9CFAD06EEACFED0D65DCA993D91C20CCA09713249CF6834EEECD25F41
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=15579%2C14044%2C24673&b=RA2hgfQfD4pTkHwH3tQtJgDS9SzTqxTG9x%2CeYET3fVfxBVcjHZHet1teW3swSQT81s7Ew%2CrW4FQf9fd3jTAH7HjtqtBwxuYS8TxmhX4R&f=QM4U4fjf4gRHxH5HYt9CXkWc6S4TqjTj9Y%2CDXEH3fwfbqPS3HmH9twCwAmFxSmT8jsRQE%2CP6rTBfbfRbzh9HjHbtgCPzEHJS9TMYH73A&c=120&d=600&e=F9SIIBsUtV1cES_dGQedjRwL_dWotX5h&g=6e7ba19df44172886016f50f592e1c41%2F10111569030503391235&i=26474%2C25007%2C20430&j=41%2C16%2C21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach09_PRIVATKREDIT&r=1644219338070&h=%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1j3vtzmssdbcrnga9td2ek7nnthf24mqx57p010ftag2st1ea8gn4xeggzg33qqwqtyae0gcg3rk57qg4awgjsfnqb3fq0syc44b8d4h110fwd0dccbzrqwn0w5m9ge04k95z4vd3w3m5mn1x3zzy8sn670nnt3kk337nbvt0c9jhah5z03cwpg47z3dae64mztw4t9g6ctjhtyx25ggcgn6a8p6n6y933evypsj34x0sz6ewxs7248t2dvqb42h47nv4hek7msht3vpx2rv3jmk%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DC0IZ2ycsAYrvHBNbq3wPNrKBYkOGBhFy2qMKK8ALAjbcBEAEgAGCVmpKCoAeCARdjYS1wdWItMTMxMDg1MjYwNDMzNTI1NKABwq7o3QPIAQmpAoXvA8HONbM-4AIAqAMBqgSlAk_Qk-4K5xG8OaehGRAiv-1-TuMpvBFJvwsRKS4HJzWR27O9GFaU7Ol7N9XpFjIxDq9nIrhz2tWfok_SLmXixyyjMO_xNYd9RAm6BRjgdFjAu4dV1RKalCM2LajtUzUCQS-EHQBRLH6vfLxKSk851K6el9gHY_NLYj8iltR9odj7_P6VteGEFVvJZPvTYXTts2viKUmwoSdRPwPRX5HUplpkeuH-rblxPFwVsTo0tgtzv1FyXj7RP9EOnEBY_d04cwYR8IRG7AkVEX8qfusSiRpmL_aKor3xB3xVozOFQvcMsK5tebrBvpMF_j3R_qRfh8sE13puPFF3p4Nc1BJJg8gNZn_wAnv9fhSkv1d4dEGcFUOyRuG8LhFLHIoThYs_U1mq2DVs4AQBgAb-tNCS3Jaevb0BoAYhqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%252526num%25253D1%252526sig%25253DAOD64_0abY8oaaCAEsGi3oTn1r3DrRSs8Q%252526client%25253Dca-pub-1310852604335254%252526adurl%25253D&y=1&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 25cbb0598f62d55b16729065a0955ce9efcdfb096c7f11fec31e731dcfa11e8a

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-goog-hash: crc32c=d5mymQ==, md5=bWiWSMa0+LV8pKw7Fyjaew==
date: Mon, 07 Feb 2022 07:35:38 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 297399
cf-polished: origFmt=png, origSize=588465
x-guploader-uploadid: ADPycdu2bfeJrFqF_0p7Zs5Jyllz02v2slhPnMNMpI8-oa5x7Do6pB7mfq9O-oRk05zhA7gIY6Piahu_uE45LiNC4qM
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 391402
last-modified: Fri, 22 Oct 2021 09:31:50 GMT
server: cloudflare
etag: "6d689648c6b4f8b57ca4ac3b1728da7b"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9t0ZCxZytG7O9zu0K%2FS%2BNpPlKCyEp52VdSHb0GsqpP%2FBbZ9bfyeXG%2FhtnS45Hh%2F9VMEeVVtdbhFti0mCqhjvHDtRbeciJKhTvJzvr%2Fhc52oJ9gajHi8zQPa2C%2B%2B9v0vj50N1ZZP%2BPVvgdL3Q"}],"group":"cf-nel","max_age":604800}
x-goog-generation: 1634895110632642
content-type: image/webp
expires: Tue, 08 Feb 2022 07:35:38 GMT
cache-control: public, max-age=86400
x-goog-stored-content-length: 588465
accept-ranges: bytes
cf-ray: 6d9af14f9b530f86-MXP
cf-bgj: imgq:85,h2pri

GET
H2

200

view.aspx
pb.media01.eu/ Frame 97A1
Redirect Chain

https://pv.medialead.de/trck/epv/2aed39855b5f46b7d90f959867be60f8?t=htlp&subid=oneidRA2hgfQfD4pTkHwH3tQtJgDS9SzTqxTG9xoneid__asuidF9SIIBsUtV1cES_dGQedjRwL_dWotX5hasuid__suite_Netmix_Reach09_PRIVATK...
https://pb.media01.eu/view.aspx?trackid=529D4F146E3238B0FD87AE72E1190AD4&dt_subid1=57372&dt_subid2=oneidRA2hgfQfD4pTkHwH3tQtJgDS9SzTqxTG9xoneid__asuidF9SIIBsUtV1cES_dGQedjRwL_dWotX5hasuid__suite_Ne...

0
627 B

151ms
113ms

Image
text/html

88.198.250.30
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pb.media01.eu/view.aspx?trackid=529D4F146E3238B0FD87AE72E1190AD4&dt_subid1=57372&dt_subid2=oneidRA2hgfQfD4pTkHwH3tQtJgDS9SzTqxTG9xoneid__asuidF9SIIBsUtV1cES_dGQedjRwL_dWotX5hasuid__suite_Netmix_Reach09_PRIVATKREDIT&actionid=981741&produktid=&dt_url=

Requested by

Protocol

Server

88.198.250.30 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.88-198-250-30.clients.your-server.de

Software

Microsoft-IIS/10.0 / ASP.NET

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 07 Feb 2022 07:35:37 GMT
x-aspnet-version: 4.0.30319
x-powered-by: ASP.NET
p3p: policyref="https://pb.media01.eu/pb.media01.eu/p3p.xml", CP="NOI NID PSA OUR BUS NAV STA"
content-length: 0
x-xss-protection: 1; mode=block
pragma: no-cache
last-modified: Mon, 07 Feb 2022 08:35:37 GMT
server: Microsoft-IIS/10.0
access-control-allow-methods: GET,POST
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
access-control-allow-headers: Content-Type, Content-Range, Content-Disposition, Content-Description, X-XSRF-TOKEN, X-Location
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

Date: Mon, 07 Feb 2022 07:35:38 GMT
Server: nginx/1.17.5
Host: pv.medialead.de
X-IPLB-Request-ID: D9409707:D516_91EFC182:01BB_6200CBCA_27599B8:1E71D
X-IPLB-Instance: 40027
Strict-Transport-Security: max-age=15768000
Content-Type: application/javascript
Location: https://pb.media01.eu/view.aspx?trackid=529D4F146E3238B0FD87AE72E1190AD4&dt_subid1=57372&dt_subid2=oneidRA2hgfQfD4pTkHwH3tQtJgDS9SzTqxTG9xoneid__asuidF9SIIBsUtV1cES_dGQedjRwL_dWotX5hasuid__suite_Netmix_Reach09_PRIVATKREDIT&actionid=981741&produktid=&dt_url=
Keep-Alive: timeout=20
Content-Length: 0
Proxy-Host: pv.medialead.de

GET
H2 200 B4CB880477BA810028D7D7613EE7E9E1448DC35AF48781E4B95EC6ECB7049A9AA27B107B317198EC504A03E948F7EC5A02BC2426A27879C893669BA93941B528
assets.ad4m.at/logo/ Frame 97A1 18 KB
19 KB 61ms
60ms Image
image/webp 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/logo/B4CB880477BA810028D7D7613EE7E9E1448DC35AF48781E4B95EC6ECB7049A9AA27B107B317198EC504A03E948F7EC5A02BC2426A27879C893669BA93941B528
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=15579%2C14044%2C24673&b=RA2hgfQfD4pTkHwH3tQtJgDS9SzTqxTG9x%2CeYET3fVfxBVcjHZHet1teW3swSQT81s7Ew%2CrW4FQf9fd3jTAH7HjtqtBwxuYS8TxmhX4R&f=QM4U4fjf4gRHxH5HYt9CXkWc6S4TqjTj9Y%2CDXEH3fwfbqPS3HmH9twCwAmFxSmT8jsRQE%2CP6rTBfbfRbzh9HjHbtgCPzEHJS9TMYH73A&c=120&d=600&e=F9SIIBsUtV1cES_dGQedjRwL_dWotX5h&g=6e7ba19df44172886016f50f592e1c41%2F10111569030503391235&i=26474%2C25007%2C20430&j=41%2C16%2C21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach09_PRIVATKREDIT&r=1644219338070&h=%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1j3vtzmssdbcrnga9td2ek7nnthf24mqx57p010ftag2st1ea8gn4xeggzg33qqwqtyae0gcg3rk57qg4awgjsfnqb3fq0syc44b8d4h110fwd0dccbzrqwn0w5m9ge04k95z4vd3w3m5mn1x3zzy8sn670nnt3kk337nbvt0c9jhah5z03cwpg47z3dae64mztw4t9g6ctjhtyx25ggcgn6a8p6n6y933evypsj34x0sz6ewxs7248t2dvqb42h47nv4hek7msht3vpx2rv3jmk%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DC0IZ2ycsAYrvHBNbq3wPNrKBYkOGBhFy2qMKK8ALAjbcBEAEgAGCVmpKCoAeCARdjYS1wdWItMTMxMDg1MjYwNDMzNTI1NKABwq7o3QPIAQmpAoXvA8HONbM-4AIAqAMBqgSlAk_Qk-4K5xG8OaehGRAiv-1-TuMpvBFJvwsRKS4HJzWR27O9GFaU7Ol7N9XpFjIxDq9nIrhz2tWfok_SLmXixyyjMO_xNYd9RAm6BRjgdFjAu4dV1RKalCM2LajtUzUCQS-EHQBRLH6vfLxKSk851K6el9gHY_NLYj8iltR9odj7_P6VteGEFVvJZPvTYXTts2viKUmwoSdRPwPRX5HUplpkeuH-rblxPFwVsTo0tgtzv1FyXj7RP9EOnEBY_d04cwYR8IRG7AkVEX8qfusSiRpmL_aKor3xB3xVozOFQvcMsK5tebrBvpMF_j3R_qRfh8sE13puPFF3p4Nc1BJJg8gNZn_wAnv9fhSkv1d4dEGcFUOyRuG8LhFLHIoThYs_U1mq2DVs4AQBgAb-tNCS3Jaevb0BoAYhqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%252526num%25253D1%252526sig%25253DAOD64_0abY8oaaCAEsGi3oTn1r3DrRSs8Q%252526client%25253Dca-pub-1310852604335254%252526adurl%25253D&y=1&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 54d35e66675f9cc2ab471d0c389573b5ab0902937b397914a177712b27678a46

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-goog-hash: crc32c=GT8dCw==, md5=4YyWNM3TGeacJ2VHXynNEw==
date: Mon, 07 Feb 2022 07:35:38 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 389237
cf-polished: origFmt=png, origSize=35453
x-guploader-uploadid: ADPycduQg-M6sV4U0sBD56x4DQ1KFVNtiZQ4Zf8ej23-Tt_Z6w6QtOU9hJCUGetqF5DCN8Wj9xGixnoMEJ99UznyJpM
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 18872
last-modified: Mon, 18 May 2020 12:30:29 GMT
server: cloudflare
etag: "e18c9634cdd319e69c2765475f29cd13"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RI7L8UdBbieI61HllyL3vyhp3EvxzC5P0DjYGSIkU5NU2mzlHxXd45EP65Hu469i%2B5OQVcXoooF6DANTBePiIWkO%2B7SR%2B0hSaINXkptxOtNKtN0bV1t5U9eHYcBqQO1fLog6E4Pa6lKmabK5"}],"group":"cf-nel","max_age":604800}
x-goog-generation: 1589805029334103
content-type: image/webp
expires: Tue, 08 Feb 2022 07:35:38 GMT
cache-control: public, max-age=86400
x-goog-stored-content-length: 35453
accept-ranges: bytes
cf-ray: 6d9af14f9b540f86-MXP
cf-bgj: imgq:85,h2pri

GET
H2 200 285DE9FE17F697DA1B3C600D8F320A9D948FC7BBE696D077F9175DFE5ECD143923061A8E9DA395B492694AC69B9D920D397618A0BB22BBF5834FED5EDAA72A95
assets.ad4m.at/product_image/ Frame 97A1 9 KB
10 KB 62ms
61ms Image
image/webp 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/product_image/285DE9FE17F697DA1B3C600D8F320A9D948FC7BBE696D077F9175DFE5ECD143923061A8E9DA395B492694AC69B9D920D397618A0BB22BBF5834FED5EDAA72A95
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=15579%2C14044%2C24673&b=RA2hgfQfD4pTkHwH3tQtJgDS9SzTqxTG9x%2CeYET3fVfxBVcjHZHet1teW3swSQT81s7Ew%2CrW4FQf9fd3jTAH7HjtqtBwxuYS8TxmhX4R&f=QM4U4fjf4gRHxH5HYt9CXkWc6S4TqjTj9Y%2CDXEH3fwfbqPS3HmH9twCwAmFxSmT8jsRQE%2CP6rTBfbfRbzh9HjHbtgCPzEHJS9TMYH73A&c=120&d=600&e=F9SIIBsUtV1cES_dGQedjRwL_dWotX5h&g=6e7ba19df44172886016f50f592e1c41%2F10111569030503391235&i=26474%2C25007%2C20430&j=41%2C16%2C21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach09_PRIVATKREDIT&r=1644219338070&h=%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1j3vtzmssdbcrnga9td2ek7nnthf24mqx57p010ftag2st1ea8gn4xeggzg33qqwqtyae0gcg3rk57qg4awgjsfnqb3fq0syc44b8d4h110fwd0dccbzrqwn0w5m9ge04k95z4vd3w3m5mn1x3zzy8sn670nnt3kk337nbvt0c9jhah5z03cwpg47z3dae64mztw4t9g6ctjhtyx25ggcgn6a8p6n6y933evypsj34x0sz6ewxs7248t2dvqb42h47nv4hek7msht3vpx2rv3jmk%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DC0IZ2ycsAYrvHBNbq3wPNrKBYkOGBhFy2qMKK8ALAjbcBEAEgAGCVmpKCoAeCARdjYS1wdWItMTMxMDg1MjYwNDMzNTI1NKABwq7o3QPIAQmpAoXvA8HONbM-4AIAqAMBqgSlAk_Qk-4K5xG8OaehGRAiv-1-TuMpvBFJvwsRKS4HJzWR27O9GFaU7Ol7N9XpFjIxDq9nIrhz2tWfok_SLmXixyyjMO_xNYd9RAm6BRjgdFjAu4dV1RKalCM2LajtUzUCQS-EHQBRLH6vfLxKSk851K6el9gHY_NLYj8iltR9odj7_P6VteGEFVvJZPvTYXTts2viKUmwoSdRPwPRX5HUplpkeuH-rblxPFwVsTo0tgtzv1FyXj7RP9EOnEBY_d04cwYR8IRG7AkVEX8qfusSiRpmL_aKor3xB3xVozOFQvcMsK5tebrBvpMF_j3R_qRfh8sE13puPFF3p4Nc1BJJg8gNZn_wAnv9fhSkv1d4dEGcFUOyRuG8LhFLHIoThYs_U1mq2DVs4AQBgAb-tNCS3Jaevb0BoAYhqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%252526num%25253D1%252526sig%25253DAOD64_0abY8oaaCAEsGi3oTn1r3DrRSs8Q%252526client%25253Dca-pub-1310852604335254%252526adurl%25253D&y=1&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 48f67a152acf6ef2df67acd63779bee22382effa8a37b241811e04b683e312b1

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-goog-hash: crc32c=FPfkEg==, md5=cNeMaybSTgOMvyODLhu1OA==
date: Mon, 07 Feb 2022 07:35:38 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 384612
cf-polished: qual=85, origFmt=jpeg, origSize=83479
x-guploader-uploadid: ADPycdsBzHCJID7wgGNwnKSkKi7c9QRYrFjlphAOs_zeAJ0fHjab5tAnt3Rd5tvSj4Ub2af4jqKLZEUHspcqQ18ruc0
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 9260
last-modified: Mon, 29 Nov 2021 15:03:15 GMT
server: cloudflare
etag: "70d78c6b26d24e038cbf23832e1bb538"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wosCNHrTpjVq%2FIGHBALT734S7a62cNNuZU0NKJ2FfpS625askFwKUwgPK9McOiALU%2F%2FZeDuydInhTZsOOC9cXb96zi6Kc%2BW5scjyug%2Fr9JbmmSsRmmKHSv%2FLHpmzf2hPDeTPJv3f0%2FF%2FopaK"}],"group":"cf-nel","max_age":604800}
x-goog-generation: 1638198195167024
content-type: image/webp
expires: Tue, 08 Feb 2022 07:35:38 GMT
cache-control: public, max-age=86400
x-goog-stored-content-length: 83479
accept-ranges: bytes
cf-ray: 6d9af14f9b550f86-MXP
cf-bgj: imgq:85,h2pri

GET
H/1.1 200
OK cshow.php
www.awin1.com/ Frame 97A1 43 B
702 B 169ms
67ms Image
image/gif 104.111.239.217
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.awin1.com/cshow.php?s=2519498&v=14098&q=368694&r=412871&pv=1&pref3=oneideYET3fVfxBVcjHZHet1teW3swSQT81s7Ewoneid__asuidF9SIIBsUtV1cES_dGQedjRwL_dWotX5hasuid__suite_Netmix_Reach09_PRIVATKREDIT&gdpr_consent=&gdpr=0&gdpr_pd=0

Requested by

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

104.111.239.217 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-111-239-217.deploy.static.akamaitechnologies.com

Software

Resource Hash

2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 07 Feb 2022 07:35:38 GMT
Strict-Transport-Security: max-age=86400
P3P: policyref="http://www.awin1.com/w3c/p3p.xml", CP="NOI NID CURa ADMa PSAa HISa OUR IND UNI PUR COM NAV"
Cache-Control: no-store, no-cache, max-age=0, must-revalidate
Awin-Akamai-Rule-Set: default
Node: Helix
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: 0

GET
H2 200 E8A0B3404CF65D67FABF74F38D2E787E97D75F650E6720B8A047EFE226A7A598DA94FFCF3CDCC52A3B206A422DD3D5082778689277BC79BF962DEE607C6331D8
assets.ad4m.at/logo/ Frame 97A1 38 KB
38 KB 61ms
61ms Image
image/webp 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/logo/E8A0B3404CF65D67FABF74F38D2E787E97D75F650E6720B8A047EFE226A7A598DA94FFCF3CDCC52A3B206A422DD3D5082778689277BC79BF962DEE607C6331D8
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=15579%2C14044%2C24673&b=RA2hgfQfD4pTkHwH3tQtJgDS9SzTqxTG9x%2CeYET3fVfxBVcjHZHet1teW3swSQT81s7Ew%2CrW4FQf9fd3jTAH7HjtqtBwxuYS8TxmhX4R&f=QM4U4fjf4gRHxH5HYt9CXkWc6S4TqjTj9Y%2CDXEH3fwfbqPS3HmH9twCwAmFxSmT8jsRQE%2CP6rTBfbfRbzh9HjHbtgCPzEHJS9TMYH73A&c=120&d=600&e=F9SIIBsUtV1cES_dGQedjRwL_dWotX5h&g=6e7ba19df44172886016f50f592e1c41%2F10111569030503391235&i=26474%2C25007%2C20430&j=41%2C16%2C21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach09_PRIVATKREDIT&r=1644219338070&h=%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1j3vtzmssdbcrnga9td2ek7nnthf24mqx57p010ftag2st1ea8gn4xeggzg33qqwqtyae0gcg3rk57qg4awgjsfnqb3fq0syc44b8d4h110fwd0dccbzrqwn0w5m9ge04k95z4vd3w3m5mn1x3zzy8sn670nnt3kk337nbvt0c9jhah5z03cwpg47z3dae64mztw4t9g6ctjhtyx25ggcgn6a8p6n6y933evypsj34x0sz6ewxs7248t2dvqb42h47nv4hek7msht3vpx2rv3jmk%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DC0IZ2ycsAYrvHBNbq3wPNrKBYkOGBhFy2qMKK8ALAjbcBEAEgAGCVmpKCoAeCARdjYS1wdWItMTMxMDg1MjYwNDMzNTI1NKABwq7o3QPIAQmpAoXvA8HONbM-4AIAqAMBqgSlAk_Qk-4K5xG8OaehGRAiv-1-TuMpvBFJvwsRKS4HJzWR27O9GFaU7Ol7N9XpFjIxDq9nIrhz2tWfok_SLmXixyyjMO_xNYd9RAm6BRjgdFjAu4dV1RKalCM2LajtUzUCQS-EHQBRLH6vfLxKSk851K6el9gHY_NLYj8iltR9odj7_P6VteGEFVvJZPvTYXTts2viKUmwoSdRPwPRX5HUplpkeuH-rblxPFwVsTo0tgtzv1FyXj7RP9EOnEBY_d04cwYR8IRG7AkVEX8qfusSiRpmL_aKor3xB3xVozOFQvcMsK5tebrBvpMF_j3R_qRfh8sE13puPFF3p4Nc1BJJg8gNZn_wAnv9fhSkv1d4dEGcFUOyRuG8LhFLHIoThYs_U1mq2DVs4AQBgAb-tNCS3Jaevb0BoAYhqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%252526num%25253D1%252526sig%25253DAOD64_0abY8oaaCAEsGi3oTn1r3DrRSs8Q%252526client%25253Dca-pub-1310852604335254%252526adurl%25253D&y=1&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d997fba7832cb78b0933a9eb2ce191d53234c978e25c6c8fc50c75923ea8405e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-goog-hash: crc32c=RkBJ3g==, md5=Kw4C6d3nfjHTjXjXPcaeTw==
date: Mon, 07 Feb 2022 07:35:38 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1455924
cf-polished: origFmt=png, origSize=77267
x-guploader-uploadid: ADPycdtEpwCkm0BqUV9Y2f7-4_QL2_XjuscrUazIqubw9vO5CJLYjdpQNiZHFQ5tLhEaMywbt_t0YDzDnFb2TFF600I
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 38696
last-modified: Wed, 22 Jan 2020 13:11:48 GMT
server: cloudflare
etag: "2b0e02e9dde77e31d38d78d73dc69e4f"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=namY9EDKBRQ2f0GbRGJOHUw9AdMMQVmYapQkf1KW8k%2F5BemCUHuh03mQsHBsYQwq9qVW6tjrrRTGsj0Stf2%2F4TQxhLKQSIBrYvIO6lxvGp1Y2xl%2FGSLODjWnEe7yTo%2BOir1N%2FKkAv3cfdEXW"}],"group":"cf-nel","max_age":604800}
x-goog-generation: 1579698708801217
content-type: image/webp
expires: Tue, 08 Feb 2022 07:35:38 GMT
cache-control: public, max-age=86400
x-goog-stored-content-length: 77267
accept-ranges: bytes
cf-ray: 6d9af14f9b570f86-MXP
cf-bgj: imgq:85,h2pri

GET
H2 200 B45F893E9FFC024BF63F31BCCBD125167CBC3446F3678FC31F706A695A83CDCA7427229BCA4C5992B83E2F60A147FCD1B6148725AA0AF3ABB801A6BB7EA78390
assets.ad4m.at/ Frame 97A1 84 KB
84 KB 61ms
61ms Image
image/jpeg 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/B45F893E9FFC024BF63F31BCCBD125167CBC3446F3678FC31F706A695A83CDCA7427229BCA4C5992B83E2F60A147FCD1B6148725AA0AF3ABB801A6BB7EA78390
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=15579%2C14044%2C24673&b=RA2hgfQfD4pTkHwH3tQtJgDS9SzTqxTG9x%2CeYET3fVfxBVcjHZHet1teW3swSQT81s7Ew%2CrW4FQf9fd3jTAH7HjtqtBwxuYS8TxmhX4R&f=QM4U4fjf4gRHxH5HYt9CXkWc6S4TqjTj9Y%2CDXEH3fwfbqPS3HmH9twCwAmFxSmT8jsRQE%2CP6rTBfbfRbzh9HjHbtgCPzEHJS9TMYH73A&c=120&d=600&e=F9SIIBsUtV1cES_dGQedjRwL_dWotX5h&g=6e7ba19df44172886016f50f592e1c41%2F10111569030503391235&i=26474%2C25007%2C20430&j=41%2C16%2C21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach09_PRIVATKREDIT&r=1644219338070&h=%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1j3vtzmssdbcrnga9td2ek7nnthf24mqx57p010ftag2st1ea8gn4xeggzg33qqwqtyae0gcg3rk57qg4awgjsfnqb3fq0syc44b8d4h110fwd0dccbzrqwn0w5m9ge04k95z4vd3w3m5mn1x3zzy8sn670nnt3kk337nbvt0c9jhah5z03cwpg47z3dae64mztw4t9g6ctjhtyx25ggcgn6a8p6n6y933evypsj34x0sz6ewxs7248t2dvqb42h47nv4hek7msht3vpx2rv3jmk%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DC0IZ2ycsAYrvHBNbq3wPNrKBYkOGBhFy2qMKK8ALAjbcBEAEgAGCVmpKCoAeCARdjYS1wdWItMTMxMDg1MjYwNDMzNTI1NKABwq7o3QPIAQmpAoXvA8HONbM-4AIAqAMBqgSlAk_Qk-4K5xG8OaehGRAiv-1-TuMpvBFJvwsRKS4HJzWR27O9GFaU7Ol7N9XpFjIxDq9nIrhz2tWfok_SLmXixyyjMO_xNYd9RAm6BRjgdFjAu4dV1RKalCM2LajtUzUCQS-EHQBRLH6vfLxKSk851K6el9gHY_NLYj8iltR9odj7_P6VteGEFVvJZPvTYXTts2viKUmwoSdRPwPRX5HUplpkeuH-rblxPFwVsTo0tgtzv1FyXj7RP9EOnEBY_d04cwYR8IRG7AkVEX8qfusSiRpmL_aKor3xB3xVozOFQvcMsK5tebrBvpMF_j3R_qRfh8sE13puPFF3p4Nc1BJJg8gNZn_wAnv9fhSkv1d4dEGcFUOyRuG8LhFLHIoThYs_U1mq2DVs4AQBgAb-tNCS3Jaevb0BoAYhqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%252526num%25253D1%252526sig%25253DAOD64_0abY8oaaCAEsGi3oTn1r3DrRSs8Q%252526client%25253Dca-pub-1310852604335254%252526adurl%25253D&y=1&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3c3a0321547809818914bf6666db8a6b4f882b487d3e08e334566d25d5d38e55

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-goog-hash: crc32c=e08Zuw==, md5=psibsHmVB2WUau7aQuE9AQ==
date: Mon, 07 Feb 2022 07:35:38 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1455229
cf-polished: origSize=90165, status=webp_bigger
x-guploader-uploadid: ADPycdsR3wmClnbStqlIFGhf2FiTi7ubPfyZEA-InECuOPihrOubIRoiNYK7ZH5V8g1SN9XkZ97OaiQVQpuNKbcOjFI
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 85727
last-modified: Wed, 09 Oct 2019 16:06:53 GMT
server: cloudflare
etag: "a6c89bb079950765946aeeda42e13d01"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FJjO7zUOytqziGf7E60l4LQQrVsXCOJsQC94nDJUXMcQlw9sQokZgeMSQKLs5JS%2FcpKJY%2BdayfqYSz2Ow6TE3esXDC7FKFmlPorIbYzNYVK9OMhuXv3llsH%2FuT8SOazOOwD60KrKur6pll2J"}],"group":"cf-nel","max_age":604800}
x-goog-generation: 1570637213281727
content-type: image/jpeg
expires: Tue, 08 Feb 2022 07:35:38 GMT
cache-control: public, max-age=86400
x-goog-stored-content-length: 90165
accept-ranges: bytes
cf-ray: 6d9af14f9b580f86-MXP
cf-bgj: imgq:85,h2pri

GET
H3 200 default.css
as.ad4m.at/ad/style/0.1.18/one-ad/ Frame 6D06 81 KB
11 KB 46ms
46ms Stylesheet
text/css 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://as.ad4m.at/ad/style/0.1.18/one-ad/default.css

Requested by

Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=15579%2C14044%2C24673&b=RA2hgfQfD4pTkHwH3tQtJgDS9SzTqxTG9x%2CeYET3fVfxBVcjHZHet1teW3swSQT81s7Ew%2CrW4FQf9fd3jTAH7HjtqtBwxuYS8TxmhX4R&f=QM4U4fjf4gRHxH5HYt9CXkWc6S4TqjTj9Y%2CDXEH3fwfbqPS3HmH9twCwAmFxSmT8jsRQE%2CP6rTBfbfRbzh9HjHbtgCPzEHJS9TMYH73A&c=300&d=250&e=EqHinm5zKdG3ma7A1yVwsHQZe4d2jbmo&g=f1ceafe73b833a7269e711ebe4e3737d%2F2800782983793426027&i=26474%2C25007%2C20430&j=41%2C16%2C21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach09_PRIVATKREDIT&r=1644219338070&h=%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1k34srhn3mbd731mtcd1q1f5bdpj1zqes35zbj1h9n7krq8gnphymfr8gw4brvt497epyc58ht7c74bebrp38dqvjqahrwxhg3zvna8en30gp98f0cxc85fvaqyk1saa2p50em8wy88td5sjnzj9fg4khj0adc4zw26da7vzetg4615wb0gx1kccyzcj89d48jccpbmfz3jwcp3vmv9f52z94zefjq8pgvs052mhj6q5bv0dvvp02wd14ag96018vdvgwex4bm164s4pqs6egt6n%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DClVamyMsAYq6YN6To3gOYjpjwBJDhgYRctqjCivACwI23ARABIABglZqSgqAHggEXY2EtcHViLTEzMTA4NTI2MDQzMzUyNTSgAcKu6N0DyAEJqQKF7wPBzjWzPuACAKgDAaoEpQJP0JCEpPGIJ7jB00bJrP6oSrBGAdp5WC1pQw-ci5OsDQrI2VHE9rv69KgBmqiV8XedDQH5qpMVpCGbCO9O4G1gLaUbr9z4-1mOTVO4gPh2qAdt-4ebpO8SjTsjud8845x3Ujayog7zxL05AMlnpjPkG8CFZZ9uJu7mddnqRHUMXfu0386lk8kLSVCePDG3OEb50tjSWMtnvRHiWAKsNa23AqQtNATJj0XBqoD3ra6vnEg04uIXi-G_x8Qbih1Lgb-0vRN9izVLpllW1CdHpoJ_9KPwjaOmajwJzve2MySS_8OUaNbwaXeSA1GiByoqE26gp-nRI9ZxiIaDIC408zPrODSVlrBgVxbtP5UX05xETsnURccWKWUm3QJs3iQCV3RLIOExBuAEAYAG8LGN5faIvuxvoAYhqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%252526num%25253D1%252526sig%25253DAOD64_0k1Lt8jKl_w6dRhR5XQDSMjPNZZA%252526client%25253Dca-pub-1310852604335254%252526adurl%25253D&y=1&z=0

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0442de55e3838ce2b8cfca9a7ad2a6bcecfd94844453c13b38d7a9f1d31944b9

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://as.ad4m.at/ad/rar?a=15579%2C14044%2C24673&b=RA2hgfQfD4pTkHwH3tQtJgDS9SzTqxTG9x%2CeYET3fVfxBVcjHZHet1teW3swSQT81s7Ew%2CrW4FQf9fd3jTAH7HjtqtBwxuYS8TxmhX4R&f=QM4U4fjf4gRHxH5HYt9CXkWc6S4TqjTj9Y%2CDXEH3fwfbqPS3HmH9twCwAmFxSmT8jsRQE%2CP6rTBfbfRbzh9HjHbtgCPzEHJS9TMYH73A&c=300&d=250&e=EqHinm5zKdG3ma7A1yVwsHQZe4d2jbmo&g=f1ceafe73b833a7269e711ebe4e3737d%2F2800782983793426027&i=26474%2C25007%2C20430&j=41%2C16%2C21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach09_PRIVATKREDIT&r=1644219338070&h=%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1k34srhn3mbd731mtcd1q1f5bdpj1zqes35zbj1h9n7krq8gnphymfr8gw4brvt497epyc58ht7c74bebrp38dqvjqahrwxhg3zvna8en30gp98f0cxc85fvaqyk1saa2p50em8wy88td5sjnzj9fg4khj0adc4zw26da7vzetg4615wb0gx1kccyzcj89d48jccpbmfz3jwcp3vmv9f52z94zefjq8pgvs052mhj6q5bv0dvvp02wd14ag96018vdvgwex4bm164s4pqs6egt6n%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DClVamyMsAYq6YN6To3gOYjpjwBJDhgYRctqjCivACwI23ARABIABglZqSgqAHggEXY2EtcHViLTEzMTA4NTI2MDQzMzUyNTSgAcKu6N0DyAEJqQKF7wPBzjWzPuACAKgDAaoEpQJP0JCEpPGIJ7jB00bJrP6oSrBGAdp5WC1pQw-ci5OsDQrI2VHE9rv69KgBmqiV8XedDQH5qpMVpCGbCO9O4G1gLaUbr9z4-1mOTVO4gPh2qAdt-4ebpO8SjTsjud8845x3Ujayog7zxL05AMlnpjPkG8CFZZ9uJu7mddnqRHUMXfu0386lk8kLSVCePDG3OEb50tjSWMtnvRHiWAKsNa23AqQtNATJj0XBqoD3ra6vnEg04uIXi-G_x8Qbih1Lgb-0vRN9izVLpllW1CdHpoJ_9KPwjaOmajwJzve2MySS_8OUaNbwaXeSA1GiByoqE26gp-nRI9ZxiIaDIC408zPrODSVlrBgVxbtP5UX05xETsnURccWKWUm3QJs3iQCV3RLIOExBuAEAYAG8LGN5faIvuxvoAYhqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%252526num%25253D1%252526sig%25253DAOD64_0k1Lt8jKl_w6dRhR5XQDSMjPNZZA%252526client%25253Dca-pub-1310852604335254%252526adurl%25253D&y=1&z=0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 07 Feb 2022 07:35:38 GMT
via: 1.1 google
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
age: 1005032
cross-origin-embedder-policy: unsafe-none
cf-polished: origSize=83581
surrogate-control: no-store
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=86400; includeSubDomains; preload
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block
pragma: no-cache
referrer-policy: same-origin
expires: 0
last-modified: Wed, 26 Jan 2022 16:25:06 GMT
server: cloudflare
cross-origin-opener-policy: unsafe-none
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-download-options: noopen
report-to: {"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
content-type: text/css; charset=utf-8
vary: Accept-Encoding
cache-control: max-age=3600, must-revalidate, proxy-revalidate
cf-ray: 6d9af14f8b6c83b5-MXP
cf-bgj: minify

GET
H2 200 A936526A7BBD1A3667304FF9801CD69D64491F536141498A04EE917B95C4F41805FB0684491C85587102A447B68BEB66A82BA2BA68F7C41066BBF7DD19871BB8
assets.ad4m.at/logo/ Frame 6D06 15 KB
15 KB 64ms
63ms Image
image/webp 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/logo/A936526A7BBD1A3667304FF9801CD69D64491F536141498A04EE917B95C4F41805FB0684491C85587102A447B68BEB66A82BA2BA68F7C41066BBF7DD19871BB8
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=15579%2C14044%2C24673&b=RA2hgfQfD4pTkHwH3tQtJgDS9SzTqxTG9x%2CeYET3fVfxBVcjHZHet1teW3swSQT81s7Ew%2CrW4FQf9fd3jTAH7HjtqtBwxuYS8TxmhX4R&f=QM4U4fjf4gRHxH5HYt9CXkWc6S4TqjTj9Y%2CDXEH3fwfbqPS3HmH9twCwAmFxSmT8jsRQE%2CP6rTBfbfRbzh9HjHbtgCPzEHJS9TMYH73A&c=300&d=250&e=EqHinm5zKdG3ma7A1yVwsHQZe4d2jbmo&g=f1ceafe73b833a7269e711ebe4e3737d%2F2800782983793426027&i=26474%2C25007%2C20430&j=41%2C16%2C21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach09_PRIVATKREDIT&r=1644219338070&h=%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1k34srhn3mbd731mtcd1q1f5bdpj1zqes35zbj1h9n7krq8gnphymfr8gw4brvt497epyc58ht7c74bebrp38dqvjqahrwxhg3zvna8en30gp98f0cxc85fvaqyk1saa2p50em8wy88td5sjnzj9fg4khj0adc4zw26da7vzetg4615wb0gx1kccyzcj89d48jccpbmfz3jwcp3vmv9f52z94zefjq8pgvs052mhj6q5bv0dvvp02wd14ag96018vdvgwex4bm164s4pqs6egt6n%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DClVamyMsAYq6YN6To3gOYjpjwBJDhgYRctqjCivACwI23ARABIABglZqSgqAHggEXY2EtcHViLTEzMTA4NTI2MDQzMzUyNTSgAcKu6N0DyAEJqQKF7wPBzjWzPuACAKgDAaoEpQJP0JCEpPGIJ7jB00bJrP6oSrBGAdp5WC1pQw-ci5OsDQrI2VHE9rv69KgBmqiV8XedDQH5qpMVpCGbCO9O4G1gLaUbr9z4-1mOTVO4gPh2qAdt-4ebpO8SjTsjud8845x3Ujayog7zxL05AMlnpjPkG8CFZZ9uJu7mddnqRHUMXfu0386lk8kLSVCePDG3OEb50tjSWMtnvRHiWAKsNa23AqQtNATJj0XBqoD3ra6vnEg04uIXi-G_x8Qbih1Lgb-0vRN9izVLpllW1CdHpoJ_9KPwjaOmajwJzve2MySS_8OUaNbwaXeSA1GiByoqE26gp-nRI9ZxiIaDIC408zPrODSVlrBgVxbtP5UX05xETsnURccWKWUm3QJs3iQCV3RLIOExBuAEAYAG8LGN5faIvuxvoAYhqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%252526num%25253D1%252526sig%25253DAOD64_0k1Lt8jKl_w6dRhR5XQDSMjPNZZA%252526client%25253Dca-pub-1310852604335254%252526adurl%25253D&y=1&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d5661858a1ac96084163595f8a5da3f9c0208037dbe609d6a8bbe48ada46c3b5

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-goog-hash: crc32c=i1Ff/Q==, md5=AYpfNzYzK/oFCZjsj3K+tA==
date: Mon, 07 Feb 2022 07:35:38 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 386607
cf-polished: origFmt=png, origSize=26777
x-guploader-uploadid: ADPycdvfcAp17sFLL_yvaw3EaXfJGc3JyCJEbdexH5Hf2yleWrO5i--MAviHBa-sIMUx4UPgUbFRcGnYBJldyCBS90NkHWJTyA
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 15238
last-modified: Tue, 07 Jul 2020 09:20:40 GMT
server: cloudflare
etag: "018a5f3736332bfa050998ec8f72beb4"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BRSoLxWl1yCwBD7uWq2smBaT%2BQ5hYVLZR7yDIFa0KHXoF%2F58S1axBR%2FCizcwQLF%2FM3R7BFYbsBbl5Za7j3f%2B%2FPowWVJq7obxvUqyYhTGctU35rtbVZpOEK7T8jKUx4ckOdgsL88hgVDCaLj6"}],"group":"cf-nel","max_age":604800}
x-goog-generation: 1594113640078278
content-type: image/webp
expires: Tue, 08 Feb 2022 07:35:38 GMT
cache-control: public, max-age=86400
x-goog-stored-content-length: 26777
accept-ranges: bytes
cf-ray: 6d9af14f9b4a0f86-MXP
cf-bgj: imgq:85,h2pri

GET
H2 200 CD344C7198208A9A5F740F476AC3F2335508D7627FCE5B0F39A1436D67E60AB1E86775C9CFAD06EEACFED0D65DCA993D91C20CCA09713249CF6834EEECD25F41
assets.ad4m.at/product_image/ Frame 6D06 382 KB
383 KB 61ms
59ms Image
image/webp 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/product_image/CD344C7198208A9A5F740F476AC3F2335508D7627FCE5B0F39A1436D67E60AB1E86775C9CFAD06EEACFED0D65DCA993D91C20CCA09713249CF6834EEECD25F41
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=15579%2C14044%2C24673&b=RA2hgfQfD4pTkHwH3tQtJgDS9SzTqxTG9x%2CeYET3fVfxBVcjHZHet1teW3swSQT81s7Ew%2CrW4FQf9fd3jTAH7HjtqtBwxuYS8TxmhX4R&f=QM4U4fjf4gRHxH5HYt9CXkWc6S4TqjTj9Y%2CDXEH3fwfbqPS3HmH9twCwAmFxSmT8jsRQE%2CP6rTBfbfRbzh9HjHbtgCPzEHJS9TMYH73A&c=300&d=250&e=EqHinm5zKdG3ma7A1yVwsHQZe4d2jbmo&g=f1ceafe73b833a7269e711ebe4e3737d%2F2800782983793426027&i=26474%2C25007%2C20430&j=41%2C16%2C21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach09_PRIVATKREDIT&r=1644219338070&h=%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1k34srhn3mbd731mtcd1q1f5bdpj1zqes35zbj1h9n7krq8gnphymfr8gw4brvt497epyc58ht7c74bebrp38dqvjqahrwxhg3zvna8en30gp98f0cxc85fvaqyk1saa2p50em8wy88td5sjnzj9fg4khj0adc4zw26da7vzetg4615wb0gx1kccyzcj89d48jccpbmfz3jwcp3vmv9f52z94zefjq8pgvs052mhj6q5bv0dvvp02wd14ag96018vdvgwex4bm164s4pqs6egt6n%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DClVamyMsAYq6YN6To3gOYjpjwBJDhgYRctqjCivACwI23ARABIABglZqSgqAHggEXY2EtcHViLTEzMTA4NTI2MDQzMzUyNTSgAcKu6N0DyAEJqQKF7wPBzjWzPuACAKgDAaoEpQJP0JCEpPGIJ7jB00bJrP6oSrBGAdp5WC1pQw-ci5OsDQrI2VHE9rv69KgBmqiV8XedDQH5qpMVpCGbCO9O4G1gLaUbr9z4-1mOTVO4gPh2qAdt-4ebpO8SjTsjud8845x3Ujayog7zxL05AMlnpjPkG8CFZZ9uJu7mddnqRHUMXfu0386lk8kLSVCePDG3OEb50tjSWMtnvRHiWAKsNa23AqQtNATJj0XBqoD3ra6vnEg04uIXi-G_x8Qbih1Lgb-0vRN9izVLpllW1CdHpoJ_9KPwjaOmajwJzve2MySS_8OUaNbwaXeSA1GiByoqE26gp-nRI9ZxiIaDIC408zPrODSVlrBgVxbtP5UX05xETsnURccWKWUm3QJs3iQCV3RLIOExBuAEAYAG8LGN5faIvuxvoAYhqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%252526num%25253D1%252526sig%25253DAOD64_0k1Lt8jKl_w6dRhR5XQDSMjPNZZA%252526client%25253Dca-pub-1310852604335254%252526adurl%25253D&y=1&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 25cbb0598f62d55b16729065a0955ce9efcdfb096c7f11fec31e731dcfa11e8a

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-goog-hash: crc32c=d5mymQ==, md5=bWiWSMa0+LV8pKw7Fyjaew==
date: Mon, 07 Feb 2022 07:35:38 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 297399
cf-polished: origFmt=png, origSize=588465
x-guploader-uploadid: ADPycdu2bfeJrFqF_0p7Zs5Jyllz02v2slhPnMNMpI8-oa5x7Do6pB7mfq9O-oRk05zhA7gIY6Piahu_uE45LiNC4qM
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 391402
last-modified: Fri, 22 Oct 2021 09:31:50 GMT
server: cloudflare
etag: "6d689648c6b4f8b57ca4ac3b1728da7b"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MLR6TjsLIRwxZzbHLOQpoPwED2qEXN6kxk2bH3iiRs4AZi0JFEc6oAfIJoWwoF7j2el0qorCk0Ohi1of7Cv303xbdGVynCApLhKbtFaRXKnubH3VRAfdBhAUYDuEdmtfQLggpSI7jsX2ExrM"}],"group":"cf-nel","max_age":604800}
x-goog-generation: 1634895110632642
content-type: image/webp
expires: Tue, 08 Feb 2022 07:35:38 GMT
cache-control: public, max-age=86400
x-goog-stored-content-length: 588465
accept-ranges: bytes
cf-ray: 6d9af14f9b5a0f86-MXP
cf-bgj: imgq:85,h2pri

GET
H2

200

view.aspx
pb.media01.eu/ Frame 6D06
Redirect Chain

https://pv.medialead.de/trck/epv/2aed39855b5f46b7d90f959867be60f8?t=htlp&subid=oneidRA2hgfQfD4pTkHwH3tQtJgDS9SzTqxTG9xoneid__asuidEqHinm5zKdG3ma7A1yVwsHQZe4d2jbmoasuid__suite_Netmix_Reach09_PRIVATK...
https://pb.media01.eu/view.aspx?trackid=529D4F146E3238B0FD87AE72E1190AD4&dt_subid1=57372&dt_subid2=oneidRA2hgfQfD4pTkHwH3tQtJgDS9SzTqxTG9xoneid__asuidEqHinm5zKdG3ma7A1yVwsHQZe4d2jbmoasuid__suite_Ne...

0
200 B

180ms
113ms

Image
text/html

88.198.250.30
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pb.media01.eu/view.aspx?trackid=529D4F146E3238B0FD87AE72E1190AD4&dt_subid1=57372&dt_subid2=oneidRA2hgfQfD4pTkHwH3tQtJgDS9SzTqxTG9xoneid__asuidEqHinm5zKdG3ma7A1yVwsHQZe4d2jbmoasuid__suite_Netmix_Reach09_PRIVATKREDIT&actionid=981741&produktid=&dt_url=

Requested by

Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=15579%2C14044%2C24673&b=RA2hgfQfD4pTkHwH3tQtJgDS9SzTqxTG9x%2CeYET3fVfxBVcjHZHet1teW3swSQT81s7Ew%2CrW4FQf9fd3jTAH7HjtqtBwxuYS8TxmhX4R&f=QM4U4fjf4gRHxH5HYt9CXkWc6S4TqjTj9Y%2CDXEH3fwfbqPS3HmH9twCwAmFxSmT8jsRQE%2CP6rTBfbfRbzh9HjHbtgCPzEHJS9TMYH73A&c=300&d=250&e=EqHinm5zKdG3ma7A1yVwsHQZe4d2jbmo&g=f1ceafe73b833a7269e711ebe4e3737d%2F2800782983793426027&i=26474%2C25007%2C20430&j=41%2C16%2C21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach09_PRIVATKREDIT&r=1644219338070&h=%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1k34srhn3mbd731mtcd1q1f5bdpj1zqes35zbj1h9n7krq8gnphymfr8gw4brvt497epyc58ht7c74bebrp38dqvjqahrwxhg3zvna8en30gp98f0cxc85fvaqyk1saa2p50em8wy88td5sjnzj9fg4khj0adc4zw26da7vzetg4615wb0gx1kccyzcj89d48jccpbmfz3jwcp3vmv9f52z94zefjq8pgvs052mhj6q5bv0dvvp02wd14ag96018vdvgwex4bm164s4pqs6egt6n%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DClVamyMsAYq6YN6To3gOYjpjwBJDhgYRctqjCivACwI23ARABIABglZqSgqAHggEXY2EtcHViLTEzMTA4NTI2MDQzMzUyNTSgAcKu6N0DyAEJqQKF7wPBzjWzPuACAKgDAaoEpQJP0JCEpPGIJ7jB00bJrP6oSrBGAdp5WC1pQw-ci5OsDQrI2VHE9rv69KgBmqiV8XedDQH5qpMVpCGbCO9O4G1gLaUbr9z4-1mOTVO4gPh2qAdt-4ebpO8SjTsjud8845x3Ujayog7zxL05AMlnpjPkG8CFZZ9uJu7mddnqRHUMXfu0386lk8kLSVCePDG3OEb50tjSWMtnvRHiWAKsNa23AqQtNATJj0XBqoD3ra6vnEg04uIXi-G_x8Qbih1Lgb-0vRN9izVLpllW1CdHpoJ_9KPwjaOmajwJzve2MySS_8OUaNbwaXeSA1GiByoqE26gp-nRI9ZxiIaDIC408zPrODSVlrBgVxbtP5UX05xETsnURccWKWUm3QJs3iQCV3RLIOExBuAEAYAG8LGN5faIvuxvoAYhqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%252526num%25253D1%252526sig%25253DAOD64_0k1Lt8jKl_w6dRhR5XQDSMjPNZZA%252526client%25253Dca-pub-1310852604335254%252526adurl%25253D&y=1&z=0

Protocol

Server

88.198.250.30 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.88-198-250-30.clients.your-server.de

Software

Microsoft-IIS/10.0 / ASP.NET

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 07 Feb 2022 07:35:37 GMT
x-aspnet-version: 4.0.30319
x-powered-by: ASP.NET
p3p: policyref="https://pb.media01.eu/pb.media01.eu/p3p.xml", CP="NOI NID PSA OUR BUS NAV STA"
content-length: 0
x-xss-protection: 1; mode=block
pragma: no-cache
last-modified: Mon, 07 Feb 2022 08:35:37 GMT
server: Microsoft-IIS/10.0
access-control-allow-methods: GET,POST
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
access-control-allow-headers: Content-Type, Content-Range, Content-Disposition, Content-Description, X-XSRF-TOKEN, X-Location
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

Date: Mon, 07 Feb 2022 07:35:38 GMT
Server: nginx/1.17.5
Host: pv.medialead.de
X-IPLB-Request-ID: D9409707:D514_91EFC182:01BB_6200CBCA_27599B9:1E71D
X-IPLB-Instance: 40027
Strict-Transport-Security: max-age=15768000
Content-Type: application/javascript
Location: https://pb.media01.eu/view.aspx?trackid=529D4F146E3238B0FD87AE72E1190AD4&dt_subid1=57372&dt_subid2=oneidRA2hgfQfD4pTkHwH3tQtJgDS9SzTqxTG9xoneid__asuidEqHinm5zKdG3ma7A1yVwsHQZe4d2jbmoasuid__suite_Netmix_Reach09_PRIVATKREDIT&actionid=981741&produktid=&dt_url=
Keep-Alive: timeout=20
Content-Length: 0
Proxy-Host: pv.medialead.de

GET
H2 200 B4CB880477BA810028D7D7613EE7E9E1448DC35AF48781E4B95EC6ECB7049A9AA27B107B317198EC504A03E948F7EC5A02BC2426A27879C893669BA93941B528
assets.ad4m.at/logo/ Frame 6D06 18 KB
19 KB 61ms
59ms Image
image/webp 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/logo/B4CB880477BA810028D7D7613EE7E9E1448DC35AF48781E4B95EC6ECB7049A9AA27B107B317198EC504A03E948F7EC5A02BC2426A27879C893669BA93941B528
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=15579%2C14044%2C24673&b=RA2hgfQfD4pTkHwH3tQtJgDS9SzTqxTG9x%2CeYET3fVfxBVcjHZHet1teW3swSQT81s7Ew%2CrW4FQf9fd3jTAH7HjtqtBwxuYS8TxmhX4R&f=QM4U4fjf4gRHxH5HYt9CXkWc6S4TqjTj9Y%2CDXEH3fwfbqPS3HmH9twCwAmFxSmT8jsRQE%2CP6rTBfbfRbzh9HjHbtgCPzEHJS9TMYH73A&c=300&d=250&e=EqHinm5zKdG3ma7A1yVwsHQZe4d2jbmo&g=f1ceafe73b833a7269e711ebe4e3737d%2F2800782983793426027&i=26474%2C25007%2C20430&j=41%2C16%2C21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach09_PRIVATKREDIT&r=1644219338070&h=%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1k34srhn3mbd731mtcd1q1f5bdpj1zqes35zbj1h9n7krq8gnphymfr8gw4brvt497epyc58ht7c74bebrp38dqvjqahrwxhg3zvna8en30gp98f0cxc85fvaqyk1saa2p50em8wy88td5sjnzj9fg4khj0adc4zw26da7vzetg4615wb0gx1kccyzcj89d48jccpbmfz3jwcp3vmv9f52z94zefjq8pgvs052mhj6q5bv0dvvp02wd14ag96018vdvgwex4bm164s4pqs6egt6n%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DClVamyMsAYq6YN6To3gOYjpjwBJDhgYRctqjCivACwI23ARABIABglZqSgqAHggEXY2EtcHViLTEzMTA4NTI2MDQzMzUyNTSgAcKu6N0DyAEJqQKF7wPBzjWzPuACAKgDAaoEpQJP0JCEpPGIJ7jB00bJrP6oSrBGAdp5WC1pQw-ci5OsDQrI2VHE9rv69KgBmqiV8XedDQH5qpMVpCGbCO9O4G1gLaUbr9z4-1mOTVO4gPh2qAdt-4ebpO8SjTsjud8845x3Ujayog7zxL05AMlnpjPkG8CFZZ9uJu7mddnqRHUMXfu0386lk8kLSVCePDG3OEb50tjSWMtnvRHiWAKsNa23AqQtNATJj0XBqoD3ra6vnEg04uIXi-G_x8Qbih1Lgb-0vRN9izVLpllW1CdHpoJ_9KPwjaOmajwJzve2MySS_8OUaNbwaXeSA1GiByoqE26gp-nRI9ZxiIaDIC408zPrODSVlrBgVxbtP5UX05xETsnURccWKWUm3QJs3iQCV3RLIOExBuAEAYAG8LGN5faIvuxvoAYhqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%252526num%25253D1%252526sig%25253DAOD64_0k1Lt8jKl_w6dRhR5XQDSMjPNZZA%252526client%25253Dca-pub-1310852604335254%252526adurl%25253D&y=1&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 54d35e66675f9cc2ab471d0c389573b5ab0902937b397914a177712b27678a46

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-goog-hash: crc32c=GT8dCw==, md5=4YyWNM3TGeacJ2VHXynNEw==
date: Mon, 07 Feb 2022 07:35:38 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 389237
cf-polished: origFmt=png, origSize=35453
x-guploader-uploadid: ADPycduQg-M6sV4U0sBD56x4DQ1KFVNtiZQ4Zf8ej23-Tt_Z6w6QtOU9hJCUGetqF5DCN8Wj9xGixnoMEJ99UznyJpM
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 18872
last-modified: Mon, 18 May 2020 12:30:29 GMT
server: cloudflare
etag: "e18c9634cdd319e69c2765475f29cd13"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hYC6cPkqzzbbVLeP57S2Ff5X1i8QX7v8O8z6oF6dkhAGP%2Bs%2FnT6Vpi%2Bv04Q8zz9SN5ec705r%2FOVoGUsK5ezCxk0F74Uo%2BFTe%2FSLY3te29Q%2BJhjmePUe0FoC7TJ%2BUDP88IcICdVw14a1I7gTU"}],"group":"cf-nel","max_age":604800}
x-goog-generation: 1589805029334103
content-type: image/webp
expires: Tue, 08 Feb 2022 07:35:38 GMT
cache-control: public, max-age=86400
x-goog-stored-content-length: 35453
accept-ranges: bytes
cf-ray: 6d9af14f9b610f86-MXP
cf-bgj: imgq:85,h2pri

GET
H2 200 285DE9FE17F697DA1B3C600D8F320A9D948FC7BBE696D077F9175DFE5ECD143923061A8E9DA395B492694AC69B9D920D397618A0BB22BBF5834FED5EDAA72A95
assets.ad4m.at/product_image/ Frame 6D06 9 KB
9 KB 60ms
58ms Image
image/webp 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/product_image/285DE9FE17F697DA1B3C600D8F320A9D948FC7BBE696D077F9175DFE5ECD143923061A8E9DA395B492694AC69B9D920D397618A0BB22BBF5834FED5EDAA72A95
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=15579%2C14044%2C24673&b=RA2hgfQfD4pTkHwH3tQtJgDS9SzTqxTG9x%2CeYET3fVfxBVcjHZHet1teW3swSQT81s7Ew%2CrW4FQf9fd3jTAH7HjtqtBwxuYS8TxmhX4R&f=QM4U4fjf4gRHxH5HYt9CXkWc6S4TqjTj9Y%2CDXEH3fwfbqPS3HmH9twCwAmFxSmT8jsRQE%2CP6rTBfbfRbzh9HjHbtgCPzEHJS9TMYH73A&c=300&d=250&e=EqHinm5zKdG3ma7A1yVwsHQZe4d2jbmo&g=f1ceafe73b833a7269e711ebe4e3737d%2F2800782983793426027&i=26474%2C25007%2C20430&j=41%2C16%2C21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach09_PRIVATKREDIT&r=1644219338070&h=%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1k34srhn3mbd731mtcd1q1f5bdpj1zqes35zbj1h9n7krq8gnphymfr8gw4brvt497epyc58ht7c74bebrp38dqvjqahrwxhg3zvna8en30gp98f0cxc85fvaqyk1saa2p50em8wy88td5sjnzj9fg4khj0adc4zw26da7vzetg4615wb0gx1kccyzcj89d48jccpbmfz3jwcp3vmv9f52z94zefjq8pgvs052mhj6q5bv0dvvp02wd14ag96018vdvgwex4bm164s4pqs6egt6n%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DClVamyMsAYq6YN6To3gOYjpjwBJDhgYRctqjCivACwI23ARABIABglZqSgqAHggEXY2EtcHViLTEzMTA4NTI2MDQzMzUyNTSgAcKu6N0DyAEJqQKF7wPBzjWzPuACAKgDAaoEpQJP0JCEpPGIJ7jB00bJrP6oSrBGAdp5WC1pQw-ci5OsDQrI2VHE9rv69KgBmqiV8XedDQH5qpMVpCGbCO9O4G1gLaUbr9z4-1mOTVO4gPh2qAdt-4ebpO8SjTsjud8845x3Ujayog7zxL05AMlnpjPkG8CFZZ9uJu7mddnqRHUMXfu0386lk8kLSVCePDG3OEb50tjSWMtnvRHiWAKsNa23AqQtNATJj0XBqoD3ra6vnEg04uIXi-G_x8Qbih1Lgb-0vRN9izVLpllW1CdHpoJ_9KPwjaOmajwJzve2MySS_8OUaNbwaXeSA1GiByoqE26gp-nRI9ZxiIaDIC408zPrODSVlrBgVxbtP5UX05xETsnURccWKWUm3QJs3iQCV3RLIOExBuAEAYAG8LGN5faIvuxvoAYhqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%252526num%25253D1%252526sig%25253DAOD64_0k1Lt8jKl_w6dRhR5XQDSMjPNZZA%252526client%25253Dca-pub-1310852604335254%252526adurl%25253D&y=1&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 48f67a152acf6ef2df67acd63779bee22382effa8a37b241811e04b683e312b1

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-goog-hash: crc32c=FPfkEg==, md5=cNeMaybSTgOMvyODLhu1OA==
date: Mon, 07 Feb 2022 07:35:38 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 384612
cf-polished: qual=85, origFmt=jpeg, origSize=83479
x-guploader-uploadid: ADPycdsBzHCJID7wgGNwnKSkKi7c9QRYrFjlphAOs_zeAJ0fHjab5tAnt3Rd5tvSj4Ub2af4jqKLZEUHspcqQ18ruc0
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 9260
last-modified: Mon, 29 Nov 2021 15:03:15 GMT
server: cloudflare
etag: "70d78c6b26d24e038cbf23832e1bb538"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NKz%2Bn5lG4kfZtcORwXm0NHYA5TczUKh3y30qJG4kWQ1tYDaTBf7sOoSHTb41YwW4mul92pMs%2B3by6MJKyr7sKE69OpztM2qu0JorA1T%2BKSCUF7j6KhDDvybNJUCzs4fKSHJvg%2FiH7VCWIDkq"}],"group":"cf-nel","max_age":604800}
x-goog-generation: 1638198195167024
content-type: image/webp
expires: Tue, 08 Feb 2022 07:35:38 GMT
cache-control: public, max-age=86400
x-goog-stored-content-length: 83479
accept-ranges: bytes
cf-ray: 6d9af14f9b620f86-MXP
cf-bgj: imgq:85,h2pri

GET
H/1.1 200
OK cshow.php
www.awin1.com/ Frame 6D06 43 B
702 B 168ms
68ms Image
image/gif 104.111.239.217
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.awin1.com/cshow.php?s=2519498&v=14098&q=368694&r=412871&pv=1&pref3=oneideYET3fVfxBVcjHZHet1teW3swSQT81s7Ewoneid__asuidEqHinm5zKdG3ma7A1yVwsHQZe4d2jbmoasuid__suite_Netmix_Reach09_PRIVATKREDIT&gdpr_consent=&gdpr=0&gdpr_pd=0

Requested by

Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=15579%2C14044%2C24673&b=RA2hgfQfD4pTkHwH3tQtJgDS9SzTqxTG9x%2CeYET3fVfxBVcjHZHet1teW3swSQT81s7Ew%2CrW4FQf9fd3jTAH7HjtqtBwxuYS8TxmhX4R&f=QM4U4fjf4gRHxH5HYt9CXkWc6S4TqjTj9Y%2CDXEH3fwfbqPS3HmH9twCwAmFxSmT8jsRQE%2CP6rTBfbfRbzh9HjHbtgCPzEHJS9TMYH73A&c=300&d=250&e=EqHinm5zKdG3ma7A1yVwsHQZe4d2jbmo&g=f1ceafe73b833a7269e711ebe4e3737d%2F2800782983793426027&i=26474%2C25007%2C20430&j=41%2C16%2C21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach09_PRIVATKREDIT&r=1644219338070&h=%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1k34srhn3mbd731mtcd1q1f5bdpj1zqes35zbj1h9n7krq8gnphymfr8gw4brvt497epyc58ht7c74bebrp38dqvjqahrwxhg3zvna8en30gp98f0cxc85fvaqyk1saa2p50em8wy88td5sjnzj9fg4khj0adc4zw26da7vzetg4615wb0gx1kccyzcj89d48jccpbmfz3jwcp3vmv9f52z94zefjq8pgvs052mhj6q5bv0dvvp02wd14ag96018vdvgwex4bm164s4pqs6egt6n%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DClVamyMsAYq6YN6To3gOYjpjwBJDhgYRctqjCivACwI23ARABIABglZqSgqAHggEXY2EtcHViLTEzMTA4NTI2MDQzMzUyNTSgAcKu6N0DyAEJqQKF7wPBzjWzPuACAKgDAaoEpQJP0JCEpPGIJ7jB00bJrP6oSrBGAdp5WC1pQw-ci5OsDQrI2VHE9rv69KgBmqiV8XedDQH5qpMVpCGbCO9O4G1gLaUbr9z4-1mOTVO4gPh2qAdt-4ebpO8SjTsjud8845x3Ujayog7zxL05AMlnpjPkG8CFZZ9uJu7mddnqRHUMXfu0386lk8kLSVCePDG3OEb50tjSWMtnvRHiWAKsNa23AqQtNATJj0XBqoD3ra6vnEg04uIXi-G_x8Qbih1Lgb-0vRN9izVLpllW1CdHpoJ_9KPwjaOmajwJzve2MySS_8OUaNbwaXeSA1GiByoqE26gp-nRI9ZxiIaDIC408zPrODSVlrBgVxbtP5UX05xETsnURccWKWUm3QJs3iQCV3RLIOExBuAEAYAG8LGN5faIvuxvoAYhqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%252526num%25253D1%252526sig%25253DAOD64_0k1Lt8jKl_w6dRhR5XQDSMjPNZZA%252526client%25253Dca-pub-1310852604335254%252526adurl%25253D&y=1&z=0

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

104.111.239.217 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-111-239-217.deploy.static.akamaitechnologies.com

Software

Resource Hash

2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 07 Feb 2022 07:35:38 GMT
Strict-Transport-Security: max-age=86400
P3P: policyref="http://www.awin1.com/w3c/p3p.xml", CP="NOI NID CURa ADMa PSAa HISa OUR IND UNI PUR COM NAV"
Cache-Control: no-store, no-cache, max-age=0, must-revalidate
Awin-Akamai-Rule-Set: default
Node: Helix
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: 0

GET
H2 200 E8A0B3404CF65D67FABF74F38D2E787E97D75F650E6720B8A047EFE226A7A598DA94FFCF3CDCC52A3B206A422DD3D5082778689277BC79BF962DEE607C6331D8
assets.ad4m.at/logo/ Frame 6D06 38 KB
38 KB 61ms
60ms Image
image/webp 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/logo/E8A0B3404CF65D67FABF74F38D2E787E97D75F650E6720B8A047EFE226A7A598DA94FFCF3CDCC52A3B206A422DD3D5082778689277BC79BF962DEE607C6331D8
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=15579%2C14044%2C24673&b=RA2hgfQfD4pTkHwH3tQtJgDS9SzTqxTG9x%2CeYET3fVfxBVcjHZHet1teW3swSQT81s7Ew%2CrW4FQf9fd3jTAH7HjtqtBwxuYS8TxmhX4R&f=QM4U4fjf4gRHxH5HYt9CXkWc6S4TqjTj9Y%2CDXEH3fwfbqPS3HmH9twCwAmFxSmT8jsRQE%2CP6rTBfbfRbzh9HjHbtgCPzEHJS9TMYH73A&c=300&d=250&e=EqHinm5zKdG3ma7A1yVwsHQZe4d2jbmo&g=f1ceafe73b833a7269e711ebe4e3737d%2F2800782983793426027&i=26474%2C25007%2C20430&j=41%2C16%2C21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach09_PRIVATKREDIT&r=1644219338070&h=%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1k34srhn3mbd731mtcd1q1f5bdpj1zqes35zbj1h9n7krq8gnphymfr8gw4brvt497epyc58ht7c74bebrp38dqvjqahrwxhg3zvna8en30gp98f0cxc85fvaqyk1saa2p50em8wy88td5sjnzj9fg4khj0adc4zw26da7vzetg4615wb0gx1kccyzcj89d48jccpbmfz3jwcp3vmv9f52z94zefjq8pgvs052mhj6q5bv0dvvp02wd14ag96018vdvgwex4bm164s4pqs6egt6n%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DClVamyMsAYq6YN6To3gOYjpjwBJDhgYRctqjCivACwI23ARABIABglZqSgqAHggEXY2EtcHViLTEzMTA4NTI2MDQzMzUyNTSgAcKu6N0DyAEJqQKF7wPBzjWzPuACAKgDAaoEpQJP0JCEpPGIJ7jB00bJrP6oSrBGAdp5WC1pQw-ci5OsDQrI2VHE9rv69KgBmqiV8XedDQH5qpMVpCGbCO9O4G1gLaUbr9z4-1mOTVO4gPh2qAdt-4ebpO8SjTsjud8845x3Ujayog7zxL05AMlnpjPkG8CFZZ9uJu7mddnqRHUMXfu0386lk8kLSVCePDG3OEb50tjSWMtnvRHiWAKsNa23AqQtNATJj0XBqoD3ra6vnEg04uIXi-G_x8Qbih1Lgb-0vRN9izVLpllW1CdHpoJ_9KPwjaOmajwJzve2MySS_8OUaNbwaXeSA1GiByoqE26gp-nRI9ZxiIaDIC408zPrODSVlrBgVxbtP5UX05xETsnURccWKWUm3QJs3iQCV3RLIOExBuAEAYAG8LGN5faIvuxvoAYhqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%252526num%25253D1%252526sig%25253DAOD64_0k1Lt8jKl_w6dRhR5XQDSMjPNZZA%252526client%25253Dca-pub-1310852604335254%252526adurl%25253D&y=1&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d997fba7832cb78b0933a9eb2ce191d53234c978e25c6c8fc50c75923ea8405e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-goog-hash: crc32c=RkBJ3g==, md5=Kw4C6d3nfjHTjXjXPcaeTw==
date: Mon, 07 Feb 2022 07:35:38 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1455924
cf-polished: origFmt=png, origSize=77267
x-guploader-uploadid: ADPycdtEpwCkm0BqUV9Y2f7-4_QL2_XjuscrUazIqubw9vO5CJLYjdpQNiZHFQ5tLhEaMywbt_t0YDzDnFb2TFF600I
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 38696
last-modified: Wed, 22 Jan 2020 13:11:48 GMT
server: cloudflare
etag: "2b0e02e9dde77e31d38d78d73dc69e4f"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=guabY8mz70l3uPgNl8%2Ba0w8m41w%2FzpqYkG4IZATsObDWgcgkvuypcRWtX1mKEZ049hbDnhnmbgReGCq4AghbpKIYBC6Yl6dG8tX8QjA%2FvFQwgWt6ZwxHpQTXNDMRmZ72S%2FePYRhp7kKIdA4M"}],"group":"cf-nel","max_age":604800}
x-goog-generation: 1579698708801217
content-type: image/webp
expires: Tue, 08 Feb 2022 07:35:38 GMT
cache-control: public, max-age=86400
x-goog-stored-content-length: 77267
accept-ranges: bytes
cf-ray: 6d9af14fbb8b0f86-MXP
cf-bgj: imgq:85,h2pri

GET
H2 200 B45F893E9FFC024BF63F31BCCBD125167CBC3446F3678FC31F706A695A83CDCA7427229BCA4C5992B83E2F60A147FCD1B6148725AA0AF3ABB801A6BB7EA78390
assets.ad4m.at/ Frame 6D06 84 KB
84 KB 61ms
60ms Image
image/jpeg 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/B45F893E9FFC024BF63F31BCCBD125167CBC3446F3678FC31F706A695A83CDCA7427229BCA4C5992B83E2F60A147FCD1B6148725AA0AF3ABB801A6BB7EA78390
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=15579%2C14044%2C24673&b=RA2hgfQfD4pTkHwH3tQtJgDS9SzTqxTG9x%2CeYET3fVfxBVcjHZHet1teW3swSQT81s7Ew%2CrW4FQf9fd3jTAH7HjtqtBwxuYS8TxmhX4R&f=QM4U4fjf4gRHxH5HYt9CXkWc6S4TqjTj9Y%2CDXEH3fwfbqPS3HmH9twCwAmFxSmT8jsRQE%2CP6rTBfbfRbzh9HjHbtgCPzEHJS9TMYH73A&c=300&d=250&e=EqHinm5zKdG3ma7A1yVwsHQZe4d2jbmo&g=f1ceafe73b833a7269e711ebe4e3737d%2F2800782983793426027&i=26474%2C25007%2C20430&j=41%2C16%2C21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach09_PRIVATKREDIT&r=1644219338070&h=%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1k34srhn3mbd731mtcd1q1f5bdpj1zqes35zbj1h9n7krq8gnphymfr8gw4brvt497epyc58ht7c74bebrp38dqvjqahrwxhg3zvna8en30gp98f0cxc85fvaqyk1saa2p50em8wy88td5sjnzj9fg4khj0adc4zw26da7vzetg4615wb0gx1kccyzcj89d48jccpbmfz3jwcp3vmv9f52z94zefjq8pgvs052mhj6q5bv0dvvp02wd14ag96018vdvgwex4bm164s4pqs6egt6n%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DClVamyMsAYq6YN6To3gOYjpjwBJDhgYRctqjCivACwI23ARABIABglZqSgqAHggEXY2EtcHViLTEzMTA4NTI2MDQzMzUyNTSgAcKu6N0DyAEJqQKF7wPBzjWzPuACAKgDAaoEpQJP0JCEpPGIJ7jB00bJrP6oSrBGAdp5WC1pQw-ci5OsDQrI2VHE9rv69KgBmqiV8XedDQH5qpMVpCGbCO9O4G1gLaUbr9z4-1mOTVO4gPh2qAdt-4ebpO8SjTsjud8845x3Ujayog7zxL05AMlnpjPkG8CFZZ9uJu7mddnqRHUMXfu0386lk8kLSVCePDG3OEb50tjSWMtnvRHiWAKsNa23AqQtNATJj0XBqoD3ra6vnEg04uIXi-G_x8Qbih1Lgb-0vRN9izVLpllW1CdHpoJ_9KPwjaOmajwJzve2MySS_8OUaNbwaXeSA1GiByoqE26gp-nRI9ZxiIaDIC408zPrODSVlrBgVxbtP5UX05xETsnURccWKWUm3QJs3iQCV3RLIOExBuAEAYAG8LGN5faIvuxvoAYhqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%252526num%25253D1%252526sig%25253DAOD64_0k1Lt8jKl_w6dRhR5XQDSMjPNZZA%252526client%25253Dca-pub-1310852604335254%252526adurl%25253D&y=1&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3c3a0321547809818914bf6666db8a6b4f882b487d3e08e334566d25d5d38e55

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-goog-hash: crc32c=e08Zuw==, md5=psibsHmVB2WUau7aQuE9AQ==
date: Mon, 07 Feb 2022 07:35:38 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1455229
cf-polished: origSize=90165, status=webp_bigger
x-guploader-uploadid: ADPycdsR3wmClnbStqlIFGhf2FiTi7ubPfyZEA-InECuOPihrOubIRoiNYK7ZH5V8g1SN9XkZ97OaiQVQpuNKbcOjFI
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 85727
last-modified: Wed, 09 Oct 2019 16:06:53 GMT
server: cloudflare
etag: "a6c89bb079950765946aeeda42e13d01"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uQ5lGu%2FvuH6iWNwRUmcb0GNYi7A8dzUOQjuEI0mTGGqw52BUcyeQL0q3hLup%2F2yE2h7X9Sg%2BYlr4WZ4f13MF4u%2Bhih1psnoiFMXccRBm6miFYqG5YuAdLnGG3Jjaj1HhDRYorsorZ%2Bi6W6cB"}],"group":"cf-nel","max_age":604800}
x-goog-generation: 1570637213281727
content-type: image/jpeg
expires: Tue, 08 Feb 2022 07:35:38 GMT
cache-control: public, max-age=86400
x-goog-stored-content-length: 90165
accept-ranges: bytes
cf-ray: 6d9af14fbb8f0f86-MXP
cf-bgj: imgq:85,h2pri

GET
H/1.1 200
OK link.html Show response
track.webgains.com/ Frame 97A1 1 KB
2 KB 292ms
131ms Script
text/html 46.236.13.147
PULSANT-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://track.webgains.com/link.html?wglinkid=713569&wgcampaignid=1384975&js=1&nw=1&wgtarget=https%3A%2F%2Fas.ad4m.at%2Fad%2Frct%3Fed%3D1hy9bzbfrg8537xea6b2v5rkrameqet15c1n5x8a3snr16kmfdd02evhrak2zf8w22asdzffvp9zcwdax6kmxeg8gz1hqmws632s6pshx9knmw3s9jh6jwk51h6grj0f4mfnppke41qnv1fv9p8gd5nqcj9g183qzv0xyqf1gwqefpvrmwa961wwqd7ja5a8pwqas0trfzekte3ngdksz6e9e5t6a5br56tee3xyze25kvqf8fqyzy00nq0qk5pkmq3pq1xb75g3811a9ht97h7zpfwtz09z3pet1e87az5a9mctfnp4e%26a%3D&clickref=oneidP6rTBfbfRbzh9HjHbtgCPzEHJS9TMYH73Aoneid__asuidF9SIIBsUtV1cES_dGQedjRwL_dWotX5hasuid__suite_Netmix_Reach09_PRIVATKREDIT&viewref=oneidrW4FQf9fd3jTAH7HjtqtBwxuYS8TxmhX4Roneid__asuidF9SIIBsUtV1cES_dGQedjRwL_dWotX5hasuid__suite_Netmix_Reach09_PRIVATKREDIT
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=15579%2C14044%2C24673&b=RA2hgfQfD4pTkHwH3tQtJgDS9SzTqxTG9x%2CeYET3fVfxBVcjHZHet1teW3swSQT81s7Ew%2CrW4FQf9fd3jTAH7HjtqtBwxuYS8TxmhX4R&f=QM4U4fjf4gRHxH5HYt9CXkWc6S4TqjTj9Y%2CDXEH3fwfbqPS3HmH9twCwAmFxSmT8jsRQE%2CP6rTBfbfRbzh9HjHbtgCPzEHJS9TMYH73A&c=120&d=600&e=F9SIIBsUtV1cES_dGQedjRwL_dWotX5h&g=6e7ba19df44172886016f50f592e1c41%2F10111569030503391235&i=26474%2C25007%2C20430&j=41%2C16%2C21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach09_PRIVATKREDIT&r=1644219338070&h=%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1j3vtzmssdbcrnga9td2ek7nnthf24mqx57p010ftag2st1ea8gn4xeggzg33qqwqtyae0gcg3rk57qg4awgjsfnqb3fq0syc44b8d4h110fwd0dccbzrqwn0w5m9ge04k95z4vd3w3m5mn1x3zzy8sn670nnt3kk337nbvt0c9jhah5z03cwpg47z3dae64mztw4t9g6ctjhtyx25ggcgn6a8p6n6y933evypsj34x0sz6ewxs7248t2dvqb42h47nv4hek7msht3vpx2rv3jmk%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DC0IZ2ycsAYrvHBNbq3wPNrKBYkOGBhFy2qMKK8ALAjbcBEAEgAGCVmpKCoAeCARdjYS1wdWItMTMxMDg1MjYwNDMzNTI1NKABwq7o3QPIAQmpAoXvA8HONbM-4AIAqAMBqgSlAk_Qk-4K5xG8OaehGRAiv-1-TuMpvBFJvwsRKS4HJzWR27O9GFaU7Ol7N9XpFjIxDq9nIrhz2tWfok_SLmXixyyjMO_xNYd9RAm6BRjgdFjAu4dV1RKalCM2LajtUzUCQS-EHQBRLH6vfLxKSk851K6el9gHY_NLYj8iltR9odj7_P6VteGEFVvJZPvTYXTts2viKUmwoSdRPwPRX5HUplpkeuH-rblxPFwVsTo0tgtzv1FyXj7RP9EOnEBY_d04cwYR8IRG7AkVEX8qfusSiRpmL_aKor3xB3xVozOFQvcMsK5tebrBvpMF_j3R_qRfh8sE13puPFF3p4Nc1BJJg8gNZn_wAnv9fhSkv1d4dEGcFUOyRuG8LhFLHIoThYs_U1mq2DVs4AQBgAb-tNCS3Jaevb0BoAYhqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%252526num%25253D1%252526sig%25253DAOD64_0abY8oaaCAEsGi3oTn1r3DrRSs8Q%252526client%25253Dca-pub-1310852604335254%252526adurl%25253D&y=1&z=0
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_CBC
Server: 46.236.13.147 , United Kingdom, ASN12703 (PULSANT-AS, GB),
Reverse DNS: 46-236-13-147.servers.dedipower.net
Software: Apache /
Resource Hash: b4dc6c436b230432acc620cf498374ec82ef0aa89a3b8e0dec06cc814d2a3181

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 07 Feb 2022 07:35:38 GMT
Last-Modified: Mon, 07 Feb 2022 07:35:38 GMT
Server: Apache
P3P: policyref="http://www.webgains.com/w3c/p3p.xml", CP="NON DSP COR NID ADM DEV CURi OUR NOR COM NAV"
X-WG-cache: hit
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection: close
Content-Type: text/html;charset=utf-8
Content-Length: 1464
Expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H/1.1 200
OK link.html Show response
track.webgains.com/ Frame 6D06 1 KB
2 KB 301ms
136ms Script
text/html 46.236.13.147
PULSANT-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://track.webgains.com/link.html?wglinkid=713569&wgcampaignid=1384975&js=1&nw=1&wgtarget=https%3A%2F%2Fas.ad4m.at%2Fad%2Frct%3Fed%3D1kss8fdwd0rpc26ja1qjtbeh2d6sx0vjes70z9vgxarxhhytfn6v3nnr9t2azwggjey2ef561ebxzq2beqv9r35yyaesdb5ggy2x83pmabhhagcykwyawjm1sb58z56e52932gj885dtrm763qx740xq4e3sf7p5tk2f3yyta6yhvzksag9bqw8agecevmm8yrfdr2a68x9983nf4swe4y868w96jhpxn55gfv88qmcfr7hsga3rxv9325asd4afgz0rby72bhdnfxkv8b1gvcdkn9yzhx4gnd42j6ehqb7grs5jwa9g%26a%3D&clickref=oneidP6rTBfbfRbzh9HjHbtgCPzEHJS9TMYH73Aoneid__asuidEqHinm5zKdG3ma7A1yVwsHQZe4d2jbmoasuid__suite_Netmix_Reach09_PRIVATKREDIT&viewref=oneidrW4FQf9fd3jTAH7HjtqtBwxuYS8TxmhX4Roneid__asuidEqHinm5zKdG3ma7A1yVwsHQZe4d2jbmoasuid__suite_Netmix_Reach09_PRIVATKREDIT
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=15579%2C14044%2C24673&b=RA2hgfQfD4pTkHwH3tQtJgDS9SzTqxTG9x%2CeYET3fVfxBVcjHZHet1teW3swSQT81s7Ew%2CrW4FQf9fd3jTAH7HjtqtBwxuYS8TxmhX4R&f=QM4U4fjf4gRHxH5HYt9CXkWc6S4TqjTj9Y%2CDXEH3fwfbqPS3HmH9twCwAmFxSmT8jsRQE%2CP6rTBfbfRbzh9HjHbtgCPzEHJS9TMYH73A&c=300&d=250&e=EqHinm5zKdG3ma7A1yVwsHQZe4d2jbmo&g=f1ceafe73b833a7269e711ebe4e3737d%2F2800782983793426027&i=26474%2C25007%2C20430&j=41%2C16%2C21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach09_PRIVATKREDIT&r=1644219338070&h=%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1k34srhn3mbd731mtcd1q1f5bdpj1zqes35zbj1h9n7krq8gnphymfr8gw4brvt497epyc58ht7c74bebrp38dqvjqahrwxhg3zvna8en30gp98f0cxc85fvaqyk1saa2p50em8wy88td5sjnzj9fg4khj0adc4zw26da7vzetg4615wb0gx1kccyzcj89d48jccpbmfz3jwcp3vmv9f52z94zefjq8pgvs052mhj6q5bv0dvvp02wd14ag96018vdvgwex4bm164s4pqs6egt6n%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DClVamyMsAYq6YN6To3gOYjpjwBJDhgYRctqjCivACwI23ARABIABglZqSgqAHggEXY2EtcHViLTEzMTA4NTI2MDQzMzUyNTSgAcKu6N0DyAEJqQKF7wPBzjWzPuACAKgDAaoEpQJP0JCEpPGIJ7jB00bJrP6oSrBGAdp5WC1pQw-ci5OsDQrI2VHE9rv69KgBmqiV8XedDQH5qpMVpCGbCO9O4G1gLaUbr9z4-1mOTVO4gPh2qAdt-4ebpO8SjTsjud8845x3Ujayog7zxL05AMlnpjPkG8CFZZ9uJu7mddnqRHUMXfu0386lk8kLSVCePDG3OEb50tjSWMtnvRHiWAKsNa23AqQtNATJj0XBqoD3ra6vnEg04uIXi-G_x8Qbih1Lgb-0vRN9izVLpllW1CdHpoJ_9KPwjaOmajwJzve2MySS_8OUaNbwaXeSA1GiByoqE26gp-nRI9ZxiIaDIC408zPrODSVlrBgVxbtP5UX05xETsnURccWKWUm3QJs3iQCV3RLIOExBuAEAYAG8LGN5faIvuxvoAYhqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%252526num%25253D1%252526sig%25253DAOD64_0k1Lt8jKl_w6dRhR5XQDSMjPNZZA%252526client%25253Dca-pub-1310852604335254%252526adurl%25253D&y=1&z=0
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_CBC
Server: 46.236.13.147 , United Kingdom, ASN12703 (PULSANT-AS, GB),
Reverse DNS: 46-236-13-147.servers.dedipower.net
Software: Apache /
Resource Hash: 17d21e03f410ca5abbd70c83687c96768a873e35a86c69a99aba6e0f14eb0df0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 07 Feb 2022 07:35:38 GMT
Last-Modified: Mon, 07 Feb 2022 07:35:38 GMT
Server: Apache
P3P: policyref="http://www.webgains.com/w3c/p3p.xml", CP="NON DSP COR NID ADM DEV CURi OUR NOR COM NAV"
X-WG-cache: hit
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection: close
Content-Type: text/html;charset=utf-8
Content-Length: 1442
Expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2 200 upmedia.js Show response
avivid.likr.tw/sample/before_page/ 4 KB
968 B 52ms
47ms Script
text/javascript 2606:4700:10::6816:2a5e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://avivid.likr.tw/sample/before_page/upmedia.js
Requested by: Host: www.upmedia.mg
URL: https://www.upmedia.mg/news_info.php?SerialNo=61811&Type=12
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:2a5e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1401992f2de25018f3ba6db7a52c76dba5904e3a8381e83a2bb6fef5eb25ea06

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.upmedia.mg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 07 Feb 2022 07:35:38 GMT
content-encoding: gzip
cf-cache-status: HIT
age: 4450
last-modified: Fri, 28 Jan 2022 08:22:57 GMT
server: cloudflare
etag: W/"660008-1178-5d6a0246e9df5"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
access-control-allow-methods: POST
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=10800
access-control-allow-credentials: true
cf-ray: 6d9af150aef659e3-MXP
access-control-allow-headers: origin, x-requested-with, content-type, X-CSRF-Token, origin, x-requested-with, content-type, X-CSRF-Token

GET
H/1.1 200
OK impstats.php Show response
prebid.andbeyond.media/ 68 B
297 B 971ms
201ms XHR
text/html 52.76.199.242
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid.andbeyond.media/impstats.php?aff=551817&type=pv
Requested by: Host: rtbcdn.andbeyond.media
URL: https://rtbcdn.andbeyond.media/prod-global-551817.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.76.199.242 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-76-199-242.ap-southeast-1.compute.amazonaws.com
Software: Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash: c55a101364d331430c4ba7388d8842f29cdf1546a4d497b235d02c86637a3247

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.upmedia.mg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Date: Mon, 07 Feb 2022 07:35:39 GMT
Server: Apache/2.2.15 (CentOS)
Connection: keep-alive
X-Powered-By: PHP/5.3.3
Content-Length: 68
Content-Type: text/html; charset=UTF-8

GET
H2 200 pvClk.min.js Show response
analytics.webgains.io/ Frame 97A1 51 KB
51 KB 62ms
7ms Script
application/javascript 18.66.97.9
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.webgains.io/pvClk.min.js
Requested by: Host: track.webgains.com
URL: https://track.webgains.com/link.html?wglinkid=713569&wgcampaignid=1384975&js=1&nw=1&wgtarget=https%3A%2F%2Fas.ad4m.at%2Fad%2Frct%3Fed%3D1hy9bzbfrg8537xea6b2v5rkrameqet15c1n5x8a3snr16kmfdd02evhrak2zf8w22asdzffvp9zcwdax6kmxeg8gz1hqmws632s6pshx9knmw3s9jh6jwk51h6grj0f4mfnppke41qnv1fv9p8gd5nqcj9g183qzv0xyqf1gwqefpvrmwa961wwqd7ja5a8pwqas0trfzekte3ngdksz6e9e5t6a5br56tee3xyze25kvqf8fqyzy00nq0qk5pkmq3pq1xb75g3811a9ht97h7zpfwtz09z3pet1e87az5a9mctfnp4e%26a%3D&clickref=oneidP6rTBfbfRbzh9HjHbtgCPzEHJS9TMYH73Aoneid__asuidF9SIIBsUtV1cES_dGQedjRwL_dWotX5hasuid__suite_Netmix_Reach09_PRIVATKREDIT&viewref=oneidrW4FQf9fd3jTAH7HjtqtBwxuYS8TxmhX4Roneid__asuidF9SIIBsUtV1cES_dGQedjRwL_dWotX5hasuid__suite_Netmix_Reach09_PRIVATKREDIT
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.97.9 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-97-9.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: c6ce2b47cde7cf913a3c34ddce355fa9c75012577dd34c35928add8676cb7fa0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-amz-version-id: wvDglZsFnxZ0eZ1mUErJkFMo1VNidWYJ
via: 1.1 83f1b8f73f37458f38e2ee1fc0b9e68c.cloudfront.net (CloudFront)
last-modified: Tue, 09 Nov 2021 11:05:10 GMT
server: AmazonS3
age: 4791
etag: "ec0ced40cbb5211db06b8a36f209e442"
x-cache: Hit from cloudfront
content-type: application/javascript
date: Mon, 07 Feb 2022 06:15:48 GMT
x-amz-cf-pop: FRA56-P2
accept-ranges: bytes
content-length: 51794
x-amz-cf-id: L_cla2nwxgUsL_zVWFIFFnVzzoHg3LVq3ILqWCW_IRK0cl1-jvUuDA==

GET
H/1.1 200
OK link.html
track.webgains.com/ Frame 97A1 85 KB
85 KB 83ms
30ms Image
image/png 46.236.13.147
PULSANT-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://track.webgains.com/link.html?wgcampaignid=1384975&viewref=oneidrW4FQf9fd3jTAH7HjtqtBwxuYS8TxmhX4Roneid__asuidRWX4Nmqc1W58xXqno6y0x61ykTQa6pqsasuid__suite_Netmix_Reach09_PRIVATKREDIT&wglinkid=713569
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=15579%2C14044%2C24673&b=RA2hgfQfD4pTkHwH3tQtJgDS9SzTqxTG9x%2CeYET3fVfxBVcjHZHet1teW3swSQT81s7Ew%2CrW4FQf9fd3jTAH7HjtqtBwxuYS8TxmhX4R&f=QM4U4fjf4gRHxH5HYt9CXkWc6S4TqjTj9Y%2CDXEH3fwfbqPS3HmH9twCwAmFxSmT8jsRQE%2CP6rTBfbfRbzh9HjHbtgCPzEHJS9TMYH73A&c=120&d=600&e=F9SIIBsUtV1cES_dGQedjRwL_dWotX5h&g=6e7ba19df44172886016f50f592e1c41%2F10111569030503391235&i=26474%2C25007%2C20430&j=41%2C16%2C21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach09_PRIVATKREDIT&r=1644219338070&h=%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1j3vtzmssdbcrnga9td2ek7nnthf24mqx57p010ftag2st1ea8gn4xeggzg33qqwqtyae0gcg3rk57qg4awgjsfnqb3fq0syc44b8d4h110fwd0dccbzrqwn0w5m9ge04k95z4vd3w3m5mn1x3zzy8sn670nnt3kk337nbvt0c9jhah5z03cwpg47z3dae64mztw4t9g6ctjhtyx25ggcgn6a8p6n6y933evypsj34x0sz6ewxs7248t2dvqb42h47nv4hek7msht3vpx2rv3jmk%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DC0IZ2ycsAYrvHBNbq3wPNrKBYkOGBhFy2qMKK8ALAjbcBEAEgAGCVmpKCoAeCARdjYS1wdWItMTMxMDg1MjYwNDMzNTI1NKABwq7o3QPIAQmpAoXvA8HONbM-4AIAqAMBqgSlAk_Qk-4K5xG8OaehGRAiv-1-TuMpvBFJvwsRKS4HJzWR27O9GFaU7Ol7N9XpFjIxDq9nIrhz2tWfok_SLmXixyyjMO_xNYd9RAm6BRjgdFjAu4dV1RKalCM2LajtUzUCQS-EHQBRLH6vfLxKSk851K6el9gHY_NLYj8iltR9odj7_P6VteGEFVvJZPvTYXTts2viKUmwoSdRPwPRX5HUplpkeuH-rblxPFwVsTo0tgtzv1FyXj7RP9EOnEBY_d04cwYR8IRG7AkVEX8qfusSiRpmL_aKor3xB3xVozOFQvcMsK5tebrBvpMF_j3R_qRfh8sE13puPFF3p4Nc1BJJg8gNZn_wAnv9fhSkv1d4dEGcFUOyRuG8LhFLHIoThYs_U1mq2DVs4AQBgAb-tNCS3Jaevb0BoAYhqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%252526num%25253D1%252526sig%25253DAOD64_0abY8oaaCAEsGi3oTn1r3DrRSs8Q%252526client%25253Dca-pub-1310852604335254%252526adurl%25253D&y=1&z=0
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_CBC
Server: 46.236.13.147 , United Kingdom, ASN12703 (PULSANT-AS, GB),
Reverse DNS: 46-236-13-147.servers.dedipower.net
Software: Apache /
Resource Hash: 272d25a3bc4e780b90797dc968a382dbccaa40157d7612ace2f59f2768a6bb86

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 07 Feb 2022 07:35:38 GMT
Last-Modified: Mon, 07 Feb 2022 07:35:38 GMT
Server: Apache
Transfer-Encoding: chunked
P3P: policyref="http://www.webgains.com/w3c/p3p.xml", CP="NON DSP COR NID ADM DEV CURi OUR NOR COM NAV"
X-WG-cache: hit
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection: close
Content-Type: image/png
Expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2 204 pixel.gif
p.trvdp.com/ 0
50 B 98ms
98ms Image
text/plain 54.174.237.181
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://p.trvdp.com/pixel.gif?e=otfMbHyCEyYHdI4uOWB/zxhbucxoQn6+m8LJBgAVn2a+l+sSR8X3jDfYy9IIWZuRZm6jWdwQzRwIPDrhStJtuKkr4iLXzlxVRWDDwWLuQTl816n9ADVEmiMcWGGK9p8AUPKI5SDRUkGz2H3B3xSgMszDDUWFLtp0xINhvsnKvKJQKO0UC+UgK05Iq/1QDrlZ/L+otpJQt2Fp8LQ3a7XMWD3Zlm0qm2JrOTYJwHHnUjV8O1X+ZrvGZdnaYXEz966799JyL8jZ5wOx9xThYq56Jhdx2TrLQ3zb9R0KM0GHl8X/Wvg+Mhx7qFNFv40SZaPtjtp0Q1/zQDl+a9hnKox+v5obJwgM6lTgkc9KD3lWenk=&cb=98497091
Requested by: Host: www.upmedia.mg
URL: https://www.upmedia.mg/news_info.php?SerialNo=61811&Type=12
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.174.237.181 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-174-237-181.compute-1.amazonaws.com
Software: nginx/1.6.2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.upmedia.mg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 07 Feb 2022 07:35:38 GMT
server: nginx/1.6.2

GET
H3 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
122 B 19ms
19ms Script
application/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=www.upmedia.mg

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.upmedia.mg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 07 Feb 2022 07:35:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
122 B 17ms
16ms Script
application/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.upmedia.mg

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.upmedia.mg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 07 Feb 2022 07:35:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 204 pixel.gif
p.trvdp.com/ 0
50 B 100ms
99ms Image
text/plain 54.174.237.181
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://p.trvdp.com/pixel.gif?e=J1l5m7P1HA0YYnjkZ+4POhhbucxoQn6+m8LJBgAVn2a+l+sSR8X3jDfYy9IIWZuRZm6jWdwQzRwIPDrhStJtuKkr4iLXzlxVRWDDwWLuQTl816n9ADVEmiMcWGGK9p8AUPKI5SDRUkGz2H3B3xSgMszDDUWFLtp0xINhvsnKvKJQKO0UC+UgK05Iq/1QDrlZ/L+otpJQt2Fp8LQ3a7XMWD3Zlm0qm2JrOTYJwHHnUjV8O1X+ZrvGZdnaYXEz9667v0uPNXfbX+N9CbsjJMvg89sKyxMcBAwV/1VP+m9mVD7/Wvg+Mhx7qFNFv40SZaPtjtp0Q1/zQDl+a9hnKox+v5obJwgM6lTgkc9KD3lWenk=&cb=07290965
Requested by: Host: www.upmedia.mg
URL: https://www.upmedia.mg/news_info.php?SerialNo=61811&Type=12
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.174.237.181 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-174-237-181.compute-1.amazonaws.com
Software: nginx/1.6.2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.upmedia.mg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 07 Feb 2022 07:35:38 GMT
server: nginx/1.6.2

GET
H3 200 ads Show response
pubads.g.doubleclick.net/gampad/ Frame 39F8 156 B
145 B 195ms
195ms XHR
text/xml 142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pubads.g.doubleclick.net/gampad/ads?iu=%2F22065771467%2C303462569%2Fvideo_1%2Fupmedia.mg_desktop&description_url=https%3A%2F%2Fwww.upmedia.mg%2Fnews_info.php%3FSerialNo%3D61811%26Type%3D12&tfcd=0&npa=1&sz=400x300%7C640x480&gdfp_req=1&output=xml_vast4&unviewed_position_start=1&env=vp&correlator=59349068970966&vad_type=linear&vpa=auto&sdkv=h.3.496.0&osd=2&frm=0&vis=1&sdr=1&hl=en&afvsz=450x50%2C468x60%2C480x70%2C728x90&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&u_so=l&ctv=0&mpt=truvid&mpv=1.0.0&sdki=44d&adk=2932035276&sdk_apis=2%2C7%2C8&omid_p=Google1%2Fh.3.496.0&sid=115DAB05-E74B-499A-88A6-7A3A4C9F348D&nel=0&eid=44725355%2C44756710&url=https%3A%2F%2Fwww.upmedia.mg%2Fnews_info.php%3FSerialNo%3D61811%26Type%3D12&dlt=1644219335373&idt=2380&dt=1644219338506&cookie=ID%3Df4b1e5fd6938a7f7%3AT%3D1644219335%3AS%3DALNI_MYKsCnRkBuOSFwb4msn5mnwUpqdbg&scor=1660247087606424&ged=ve4_td4_tt2_pd4_la4000_er0.0.0.0_vi0.0.1200.1600_vp0_ts1_eb16491

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.496.0_en.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

cafe /

Resource Hash

8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 07 Feb 2022 07:35:38 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 113
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/xml; charset=UTF-8
access-control-allow-origin: https://imasdk.googleapis.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 pvClk.min.js Show response
analytics.webgains.io/ Frame 6D06 51 KB
51 KB 41ms
14ms Script
application/javascript 18.66.97.9
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.webgains.io/pvClk.min.js
Requested by: Host: track.webgains.com
URL: https://track.webgains.com/link.html?wglinkid=713569&wgcampaignid=1384975&js=1&nw=1&wgtarget=https%3A%2F%2Fas.ad4m.at%2Fad%2Frct%3Fed%3D1kss8fdwd0rpc26ja1qjtbeh2d6sx0vjes70z9vgxarxhhytfn6v3nnr9t2azwggjey2ef561ebxzq2beqv9r35yyaesdb5ggy2x83pmabhhagcykwyawjm1sb58z56e52932gj885dtrm763qx740xq4e3sf7p5tk2f3yyta6yhvzksag9bqw8agecevmm8yrfdr2a68x9983nf4swe4y868w96jhpxn55gfv88qmcfr7hsga3rxv9325asd4afgz0rby72bhdnfxkv8b1gvcdkn9yzhx4gnd42j6ehqb7grs5jwa9g%26a%3D&clickref=oneidP6rTBfbfRbzh9HjHbtgCPzEHJS9TMYH73Aoneid__asuidEqHinm5zKdG3ma7A1yVwsHQZe4d2jbmoasuid__suite_Netmix_Reach09_PRIVATKREDIT&viewref=oneidrW4FQf9fd3jTAH7HjtqtBwxuYS8TxmhX4Roneid__asuidEqHinm5zKdG3ma7A1yVwsHQZe4d2jbmoasuid__suite_Netmix_Reach09_PRIVATKREDIT
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.97.9 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-97-9.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: c6ce2b47cde7cf913a3c34ddce355fa9c75012577dd34c35928add8676cb7fa0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-amz-version-id: wvDglZsFnxZ0eZ1mUErJkFMo1VNidWYJ
via: 1.1 83f1b8f73f37458f38e2ee1fc0b9e68c.cloudfront.net (CloudFront)
last-modified: Tue, 09 Nov 2021 11:05:10 GMT
server: AmazonS3
age: 4791
etag: "ec0ced40cbb5211db06b8a36f209e442"
x-cache: Hit from cloudfront
content-type: application/javascript
date: Mon, 07 Feb 2022 06:15:48 GMT
x-amz-cf-pop: FRA56-P2
accept-ranges: bytes
content-length: 51794
x-amz-cf-id: jZEasjCUK-CH_awNWxdHkydXNYUxNrEmVPnPIrUhK4LPa436-lPUIw==

GET
H/1.1 200
OK link.html
track.webgains.com/ Frame 6D06 85 KB
85 KB 80ms
30ms Image
image/png 46.236.13.147
PULSANT-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://track.webgains.com/link.html?wgcampaignid=1384975&viewref=oneidQb4f4fjfqPkt4C5HYtGtZgzs6S4TxFVoneid__asuid5j7NsTcvP012_m6GBu3cxpyj_ZbPifLPasuid__Stroeer_RONmobile_300x250&wglinkid=713569
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=15579%2C14044%2C24673&b=RA2hgfQfD4pTkHwH3tQtJgDS9SzTqxTG9x%2CeYET3fVfxBVcjHZHet1teW3swSQT81s7Ew%2CrW4FQf9fd3jTAH7HjtqtBwxuYS8TxmhX4R&f=QM4U4fjf4gRHxH5HYt9CXkWc6S4TqjTj9Y%2CDXEH3fwfbqPS3HmH9twCwAmFxSmT8jsRQE%2CP6rTBfbfRbzh9HjHbtgCPzEHJS9TMYH73A&c=300&d=250&e=EqHinm5zKdG3ma7A1yVwsHQZe4d2jbmo&g=f1ceafe73b833a7269e711ebe4e3737d%2F2800782983793426027&i=26474%2C25007%2C20430&j=41%2C16%2C21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach09_PRIVATKREDIT&r=1644219338070&h=%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1k34srhn3mbd731mtcd1q1f5bdpj1zqes35zbj1h9n7krq8gnphymfr8gw4brvt497epyc58ht7c74bebrp38dqvjqahrwxhg3zvna8en30gp98f0cxc85fvaqyk1saa2p50em8wy88td5sjnzj9fg4khj0adc4zw26da7vzetg4615wb0gx1kccyzcj89d48jccpbmfz3jwcp3vmv9f52z94zefjq8pgvs052mhj6q5bv0dvvp02wd14ag96018vdvgwex4bm164s4pqs6egt6n%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DClVamyMsAYq6YN6To3gOYjpjwBJDhgYRctqjCivACwI23ARABIABglZqSgqAHggEXY2EtcHViLTEzMTA4NTI2MDQzMzUyNTSgAcKu6N0DyAEJqQKF7wPBzjWzPuACAKgDAaoEpQJP0JCEpPGIJ7jB00bJrP6oSrBGAdp5WC1pQw-ci5OsDQrI2VHE9rv69KgBmqiV8XedDQH5qpMVpCGbCO9O4G1gLaUbr9z4-1mOTVO4gPh2qAdt-4ebpO8SjTsjud8845x3Ujayog7zxL05AMlnpjPkG8CFZZ9uJu7mddnqRHUMXfu0386lk8kLSVCePDG3OEb50tjSWMtnvRHiWAKsNa23AqQtNATJj0XBqoD3ra6vnEg04uIXi-G_x8Qbih1Lgb-0vRN9izVLpllW1CdHpoJ_9KPwjaOmajwJzve2MySS_8OUaNbwaXeSA1GiByoqE26gp-nRI9ZxiIaDIC408zPrODSVlrBgVxbtP5UX05xETsnURccWKWUm3QJs3iQCV3RLIOExBuAEAYAG8LGN5faIvuxvoAYhqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%252526num%25253D1%252526sig%25253DAOD64_0k1Lt8jKl_w6dRhR5XQDSMjPNZZA%252526client%25253Dca-pub-1310852604335254%252526adurl%25253D&y=1&z=0
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_CBC
Server: 46.236.13.147 , United Kingdom, ASN12703 (PULSANT-AS, GB),
Reverse DNS: 46-236-13-147.servers.dedipower.net
Software: Apache /
Resource Hash: 272d25a3bc4e780b90797dc968a382dbccaa40157d7612ace2f59f2768a6bb86

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 07 Feb 2022 07:35:38 GMT
Last-Modified: Mon, 07 Feb 2022 07:35:38 GMT
Server: Apache
Transfer-Encoding: chunked
P3P: policyref="http://www.webgains.com/w3c/p3p.xml", CP="NON DSP COR NID ADM DEV CURi OUR NOR COM NAV"
X-WG-cache: hit
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection: close
Content-Type: image/png
Expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 25EF 42 B
64 B 58ms
41ms Fetch
image/gif 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvTs9m7Ygars5VzqsgQzDcNIDsFOvdSR94uLagP22w3ErFb-UlBGEcpLIOkxxp9SmptDeyWdTaAu9nqQPt06hkF6w&sig=Cg0ArKJSzDYuikYaIJuDEAE&cid=CAASF-RorWyKO3uU7F6bVmP4Ywl8dQf6sTDG&id=lidar2&mcvt=1000&p=323,1185,573,1485&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20220202&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=20&adk=647807112&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0%3D&vs=4&r=v&rst=1644219337185&rpt=447&isd=0&lsd=0&met=ie&wmsd=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://889d10e83f292ac4ee6083347361810f.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 07 Feb 2022 07:35:38 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame A872 42 B
64 B 47ms
47ms Fetch
image/gif 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvqNSqCBiJANP3V5y2Iud5AUPKZG9ZUdDqjFhgHGg3ziFWHxY7tv_GNSBQnao5g9LrHY1bwyjq7_dZnZxt0x5kYxw&sig=Cg0ArKJSzJuYdQ6pDdFPEAE&cid=CAASF-RoEEz72xkr3mgEQSKN4XBkfaQJyf4l&id=lidar2&mcvt=1000&p=596,1185,1196,1305&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20220202&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=20&adk=3997564383&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0%3D&vs=4&r=v&rst=1644219337547&rpt=138&isd=0&lsd=0&met=ie&wmsd=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://889d10e83f292ac4ee6083347361810f.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 07 Feb 2022 07:35:38 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 13 KB
10 KB 27ms
27ms XHR
application/json 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2022020101&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022020101.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

87543d1da4519be0b4f45e186cf920bf53ea32c739199b7349052f8debe10d89

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.upmedia.mg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 07 Feb 2022 07:35:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9906
x-xss-protection: 0

GET
H3 200 like.php Show response
www.facebook.com/v2.12/plugins/ Frame 019F 35 KB
13 KB 77ms
67ms Document
text/html 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/v2.12/plugins/like.php?action=like&app_id=125239581431127&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df36c5401acc27e%26domain%3Dwww.upmedia.mg%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fwww.upmedia.mg%252Ff7ad06fe50cb34%26relation%3Dparent.parent&container_width=70&href=https%3A%2F%2Fwww.facebook.com%2FUPMEDIA.MG%2F%3Ffref%3Dts&layout=button&locale=zh_TW&sdk=joey&share=false&show_faces=true&size=small

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/zh_TW/sdk.js?hash=b6fad95bc4b7236770f9050b97a62cd8

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

507a19ae6989fd73b8c9524defd67e2067826678655bb73a195b1b89cccc9d8b

Security Headers

Name	Value
Content-Security-Policy	default-src data: blob: 'self' https://.fbsbx.com 'unsafe-inline' .facebook.com 'unsafe-eval' .fbcdn.net;script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com .fbcdn.net data: .facebook.com 'unsafe-inline';connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com:* wss://.whatsapp.com: attachment.fbsbx.com ws://localhost:* blob: .cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ v.whatsapp.net .fbsbx.com .fb.com;font-src data: .gstatic.com .facebook.com .fbcdn.net .fbsbx.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com .tenor.co media.tenor.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net .giphy.com connect.facebook.net .carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com .whatsapp.net .fb.com .oculuscdn.com;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com https://.giphy.com data:;frame-src .doubleclick.net .google.com .facebook.com www.googleadservices.com .fbsbx.com fbsbx.com data: www.instagram.com .fbcdn.net https://paywithmybank.com;worker-src blob: .facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.upmedia.mg/

Response headers

vary: Accept-Encoding
content-encoding: br
report-to: {"max_age":3600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}],"group":"network-errors"}
x-fb-rlafr: 0
document-policy: force-load-at-top
nel: {"report_to":"network-errors","max_age":3600,"failure_fraction":0.01}
cross-origin-opener-policy: unsafe-none
pragma: no-cache
cache-control: private, no-cache, no-store, must-revalidate
expires: Sat, 01 Jan 2000 00:00:00 GMT
x-content-type-options: nosniff
x-xss-protection: 0
content-security-policy-report-only: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;report-uri https://www.facebook.com/csp/reporting/?minimize=0;
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
facebook-api-version: v6.0
strict-transport-security: max-age=15552000; preload
content-type: text/html; charset="utf-8"
x-fb-debug: iz6YA3i2ZzC1KY/6tgzbH1PgzGNTSSB6D8EjVJILRZ8ipw6kbxRsxzEeUCRif0TZmFLNYYVATRcYlnHCG8cCQw==
date: Mon, 07 Feb 2022 07:35:39 GMT
priority: u=3,i
alt-svc: h3=":443"; ma=3600, h3-29=":443"; ma=3600

GET
H3

200

feedback.php Show response
www.facebook.com/plugins/ Frame CA4E
Redirect Chain

https://www.facebook.com/v2.12/plugins/comments.php?app_id=125239581431127&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df2afc708ae4750c%26domain%3...
https://www.facebook.com/plugins/comments.php?app_id=125239581431127&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df2afc708ae4750c%26domain%3Dwww.u...
https://www.facebook.com/plugins/feedback.php?app_id=125239581431127&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df2afc708ae4750c%26domain%3Dwww.u...

132 KB
30 KB

3229ms
3229ms

Document
text/html

2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/plugins/feedback.php?app_id=125239581431127&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df2afc708ae4750c%26domain%3Dwww.upmedia.mg%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fwww.upmedia.mg%252Ff7ad06fe50cb34%26relation%3Dparent.parent&container_width=978&height=100&href=https%3A%2F%2Fwww.upmedia.mg%2Fnews_info.php%3FSerialNo%3D61811%26Type%3D12&locale=zh_TW&numposts=5&sdk=joey&version=v2.12&width

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/zh_TW/sdk.js?hash=b6fad95bc4b7236770f9050b97a62cd8

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

39f5f2a1a942b402320f5119fabd30be57d0fe61b9ac02f16b6218d9d278c97b

Security Headers

Name	Value
Content-Security-Policy	default-src data: blob: 'self' https://.fbsbx.com 'unsafe-inline' .facebook.com 'unsafe-eval' .fbcdn.net;script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com .fbcdn.net data: .facebook.com 'unsafe-inline';connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com:* wss://.whatsapp.com: attachment.fbsbx.com ws://localhost:* blob: .cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ v.whatsapp.net .fbsbx.com .fb.com;font-src data: .gstatic.com .facebook.com .fbcdn.net .fbsbx.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com .tenor.co media.tenor.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net .giphy.com connect.facebook.net .carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com .whatsapp.net .fb.com .oculuscdn.com;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com https://.giphy.com data:;frame-src .doubleclick.net .google.com .facebook.com www.googleadservices.com .fbsbx.com fbsbx.com data: www.instagram.com .fbcdn.net https://paywithmybank.com;worker-src blob: .facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: about:blank

Response headers

vary: Accept-Encoding
content-encoding: br
report-to: {"max_age":3600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}],"group":"network-errors"}
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-resource-policy: same-origin
nel: {"report_to":"network-errors","max_age":3600,"failure_fraction":0.01}
cross-origin-opener-policy: same-origin-allow-popups
pragma: no-cache
cache-control: private, no-cache, no-store, must-revalidate
expires: Sat, 01 Jan 2000 00:00:00 GMT
x-content-type-options: nosniff
x-xss-protection: 0
content-security-policy-report-only: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;report-uri https://www.facebook.com/csp/reporting/?minimize=0;
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
strict-transport-security: max-age=15552000; preload
content-type: text/html; charset="utf-8"
x-fb-debug: iGvWncS2adH7wZFtsHUi0PGZRSFQM+72HTiti7K4AfaJgLo2z+Zlwxj/Sqxv3guaHtgcGfHxOjYWYcIHp1UDWQ==
date: Mon, 07 Feb 2022 07:35:42 GMT
priority: u=3,i
alt-svc: h3=":443"; ma=3600, h3-29=":443"; ma=3600

Redirect headers

location: https://www.facebook.com/plugins/feedback.php?app_id=125239581431127&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df2afc708ae4750c%26domain%3Dwww.upmedia.mg%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fwww.upmedia.mg%252Ff7ad06fe50cb34%26relation%3Dparent.parent&container_width=978&height=100&href=https%3A%2F%2Fwww.upmedia.mg%2Fnews_info.php%3FSerialNo%3D61811%26Type%3D12&locale=zh_TW&numposts=5&sdk=joey&version=v2.12&width
strict-transport-security: max-age=15552000; preload
content-type: text/html; charset="utf-8"
x-fb-debug: TBc5liOL5YbFHMkthLZkflz6WRq3jhfCEVZCtC+pfOfzqkP0hCAiSnVygESz8a2USTCrFoBVZ2r77ebDOsDtFg==
content-length: 0
date: Mon, 07 Feb 2022 07:35:39 GMT
alt-svc: h3=":443"; ma=3600, h3-29=":443"; ma=3600
priority: u=0

GET
H3

200

/
www.facebook.com/login/ Frame 00F7
Redirect Chain

https://www.facebook.com/v2.12/plugins/page.php?adapt_container_width=true&app_id=125239581431127&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df14...
https://www.facebook.com/login/?next=https%3A%2F%2Fwww.facebook.com%2Fplugins%2Fpage.php%3Fadapt_container_width%3Dtrue%26app_id%3D125239581431127%26channel%3Dhttps%253A%252F%252Fstaticxx.facebook....

0
0

168ms
168ms

Document
text/html

2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/login/?next=https%3A%2F%2Fwww.facebook.com%2Fplugins%2Fpage.php%3Fadapt_container_width%3Dtrue%26app_id%3D125239581431127%26channel%3Dhttps%253A%252F%252Fstaticxx.facebook.com%252Fx%252Fconnect%252Fxd_arbiter%252F%253Fversion%253D46%2523cb%253Df149a435beeab44%2526domain%253Dwww.upmedia.mg%2526is_canvas%253Dfalse%2526origin%253Dhttps%25253A%25252F%25252Fwww.upmedia.mg%25252Ff7ad06fe50cb34%2526relation%253Dparent.parent%26container_width%3D300%26height%3D715%26hide_cover%3Dfalse%26href%3Dhttps%253A%252F%252Fwww.facebook.com%252FUPMEDIA.MG%252F%253Ffref%253Dts%26locale%3Dzh_TW%26sdk%3Djoey%26show_facepile%3Dtrue%26small_header%3Dfalse%26tabs%3Dtimeline

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/zh_TW/sdk.js?hash=b6fad95bc4b7236770f9050b97a62cd8

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	default-src data: blob: 'self' https://.fbsbx.com 'unsafe-inline' .facebook.com 'unsafe-eval' .fbcdn.net;script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com .fbcdn.net data: .facebook.com 'unsafe-inline';connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com:* wss://.whatsapp.com: attachment.fbsbx.com ws://localhost:* blob: .cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ v.whatsapp.net .fbsbx.com .fb.com;font-src data: .gstatic.com .facebook.com .fbcdn.net .fbsbx.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com .tenor.co media.tenor.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net .giphy.com connect.facebook.net .carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com .whatsapp.net .fb.com .oculuscdn.com;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com https://.giphy.com data:;frame-src .doubleclick.net .google.com .facebook.com www.googleadservices.com .fbsbx.com fbsbx.com data: www.instagram.com .fbcdn.net https://paywithmybank.com;worker-src blob: .facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: about:blank

Response headers

vary: Accept-Encoding
content-encoding: br
report-to: {"max_age":3600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}],"group":"network-errors"}
nel: {"report_to":"network-errors","max_age":3600,"failure_fraction":0.01}
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-opener-policy: unsafe-none
pragma: no-cache
cache-control: private, no-cache, no-store, must-revalidate
expires: Sat, 01 Jan 2000 00:00:00 GMT
x-content-type-options: nosniff
x-xss-protection: 0
content-security-policy-report-only: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;report-uri https://www.facebook.com/csp/reporting/?minimize=0;
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
x-frame-options: DENY
strict-transport-security: max-age=15552000; preload
content-type: text/html; charset="utf-8"
x-fb-debug: XaI0ohEqsIaCNROCCZvRtD3ddl++ocQPIHDokvYQ7rnca7XxAj1c/UWm0ANrtjJkUHQ9lKfTKxYrb89qdiy85A==
date: Mon, 07 Feb 2022 07:35:39 GMT
priority: u=3,i
alt-svc: h3=":443"; ma=3600, h3-29=":443"; ma=3600

Redirect headers

location: https://www.facebook.com/login/?next=https%3A%2F%2Fwww.facebook.com%2Fplugins%2Fpage.php%3Fadapt_container_width%3Dtrue%26app_id%3D125239581431127%26channel%3Dhttps%253A%252F%252Fstaticxx.facebook.com%252Fx%252Fconnect%252Fxd_arbiter%252F%253Fversion%253D46%2523cb%253Df149a435beeab44%2526domain%253Dwww.upmedia.mg%2526is_canvas%253Dfalse%2526origin%253Dhttps%25253A%25252F%25252Fwww.upmedia.mg%25252Ff7ad06fe50cb34%2526relation%253Dparent.parent%26container_width%3D300%26height%3D715%26hide_cover%3Dfalse%26href%3Dhttps%253A%252F%252Fwww.facebook.com%252FUPMEDIA.MG%252F%253Ffref%253Dts%26locale%3Dzh_TW%26sdk%3Djoey%26show_facepile%3Dtrue%26small_header%3Dfalse%26tabs%3Dtimeline
x-fb-rlafr: 0
document-policy: force-load-at-top
nel: {"report_to":"network-errors","max_age":3600,"failure_fraction":0.01}
cross-origin-opener-policy: unsafe-none
pragma: no-cache
cache-control: private, no-cache, no-store, must-revalidate
expires: Sat, 01 Jan 2000 00:00:00 GMT
x-content-type-options: nosniff
x-xss-protection: 0
content-security-policy-report-only: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;report-uri https://www.facebook.com/csp/reporting/?minimize=0;
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
facebook-api-version: v6.0
strict-transport-security: max-age=15552000; preload
content-type: text/html; charset="utf-8"
x-fb-debug: O2HGr93qOEVG/6LeF6TxzzZJWdjG5isQ9pn47Zn42vdbU7bmXrTUF502ha6oTkxPfw4SoyG5xvCo+DQT2cXAbA==
content-length: 0
date: Mon, 07 Feb 2022 07:35:38 GMT
alt-svc: h3=":443"; ma=3600, h3-29=":443"; ma=3600
priority: u=0

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 50ms
50ms Script
text/javascript 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022020101.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.upmedia.mg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 07 Feb 2022 07:35:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Mon, 07 Feb 2022 07:35:38 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame D240 13 KB
5 KB 7ms
6ms Document
text/html 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.upmedia.mg/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-length: 5046
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sun, 06 Feb 2022 18:44:34 GMT
expires: Mon, 06 Feb 2023 18:44:34 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
content-type: text/html
age: 46265
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 22B6 783 B
534 B 17ms
17ms Document
text/html 2a00:1450:4001:82b::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

81e61bca44ce704ce0bcc94b5af8f54a474b74d5ef8c4f49f97779b2d23ca161

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-rF/qQSVZSaZzsb2boAcv7A' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.upmedia.mg/

Response headers

cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy: require-corp
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
expires: Mon, 07 Feb 2022 07:35:39 GMT
date: Mon, 07 Feb 2022 07:35:39 GMT
cache-control: private, max-age=300
content-type: text/html; charset=utf-8
content-security-policy: script-src 'report-sample' 'nonce-rF/qQSVZSaZzsb2boAcv7A' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 512
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 K3QqjkDtpTyrF38W5JrZ5ol4_5B02gVdFCmanKaTR4c.js Show response
pagead2.googlesyndication.com/bg/ Frame D240 35 KB
13 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/K3QqjkDtpTyrF38W5JrZ5ol4_5B02gVdFCmanKaTR4c.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2b742a8e40eda53cab177f16e49ad9e68978ff9074da055d14299a9ca6934787

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sat, 05 Feb 2022 10:16:29 GMT
content-encoding: br
x-content-type-options: nosniff
age: 163150
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13776
x-xss-protection: 0
last-modified: Thu, 27 Jan 2022 13:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 05 Feb 2023 10:16:29 GMT

GET
H2 200 OqOE21UvWe3.png
static.xx.fbcdn.net/rsrc.php/v3/y5/r/ Frame 019F 400 B
825 B 7ms
6ms Image
image/png 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/y5/r/OqOE21UvWe3.png

Requested by

Host: www.facebook.com
URL: https://www.facebook.com/v2.12/plugins/like.php?action=like&app_id=125239581431127&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df36c5401acc27e%26domain%3Dwww.upmedia.mg%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fwww.upmedia.mg%252Ff7ad06fe50cb34%26relation%3Dparent.parent&container_width=70&href=https%3A%2F%2Fwww.facebook.com%2FUPMEDIA.MG%2F%3Ffref%3Dts&layout=button&locale=zh_TW&sdk=joey&share=false&show_faces=true&size=small

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

ed91fbb0cd9308f91f8e1fd93942c94ee850fc4161ed788b16f801b743c70b9b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.facebook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 07 Feb 2022 07:35:39 GMT
x-content-type-options: nosniff
content-md5: uF0RL4E+h23ClLQmPOTTMw==
document-policy: force-load-at-top
content-security-policy-report-only: default-src https: data: wss: blob: chrome-extension: 'unsafe-inline' 'unsafe-eval';report-uri https://www.xx.facebook.com/csp/reporting/?minimize=0;require-trusted-types-for 'script';
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=3600,h3-29=":443"; ma=3600
content-length: 400
x-fb-rlafr: 0
x-fb-debug: 5OFZjhOqAQTtMG4YUx+AY6I6OTnK2TAloUhPGshclisk8+vueATU2ceNyIuFCY8XuYnDYZQGOKCJZyndUYP/Gw==
x-fb-trip-id: 686109401
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
content-type: image/png
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
priority: u=3,i
expires: Fri, 27 Jan 2023 03:21:21 GMT

GET
H2 200 0Y4Rhm_-9wT.js Show response
static.xx.fbcdn.net/rsrc.php/v3iUNC4/yJ/l/zh_TW/ Frame 019F 520 KB
136 KB 22ms
7ms XHR
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3iUNC4/yJ/l/zh_TW/0Y4Rhm_-9wT.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

2fbeb7dffd2901499dff2d98c2e9ed89996a5f276b2b4a3224f4db87a9606b8d

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.facebook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 07 Feb 2022 07:35:39 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: ROBh84TXUdloHUpfA2RRuw==
document-policy: force-load-at-top
content-security-policy-report-only: default-src https: data: wss: blob: chrome-extension: 'unsafe-inline' 'unsafe-eval';report-uri https://www.xx.facebook.com/csp/reporting/?minimize=0;require-trusted-types-for 'script';
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=3600,h3-29=":443"; ma=3600
content-length: 138925
x-fb-rlafr: 0
x-fb-debug: P6a+YdCLKbe4fzmL5Kw3mUbpzjqdypap1BBfiDM9fFWL/NFISU1g7w2sGebY97IXBQ7Pa3nWArEz42U8wGyeDQ==
x-fb-trip-id: 686109401
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://www.facebook.com
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
expires: Fri, 03 Feb 2023 03:26:09 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 22B6 0
0 63ms
62ms Image
text/html 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_2022020101&jk=2835779083117571&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

GET
H/1.1 204
No Content request
ssp.tenmax.io/supply/tracking/ 0
206 B 307ms
306ms Image
text/plain 211.21.190.218
HINET Data Commun...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ssp.tenmax.io/supply/tracking/request?bid=8bdf6a80-87e8-11ec-b501-8f82c9fddd8e&chid=4adfbfaea5ce46ac&sid=5fa8b4358fde4db0
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_CBC
Server: 211.21.190.218 Hsinchu, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS: 211-21-190-218.hinet-ip.hinet.net
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.upmedia.mg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Mon, 07 Feb 2022 07:35:39 GMT
Server: nginx
Connection: keep-alive
X-Application-Context: application:prod,aggregator,build-ext:58070
P3P: CP="CUR ADM OUR NOR STA NID"

GET
H/1.1 204
No Content done
ssp.tenmax.io/supply/tracking/ 0
206 B 305ms
305ms Image
text/plain 211.21.190.218
HINET Data Commun...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ssp.tenmax.io/supply/tracking/done?bid=8bdd6eb1-87e8-11ec-b501-8f82c9fddd8e
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_CBC
Server: 211.21.190.218 Hsinchu, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS: 211-21-190-218.hinet-ip.hinet.net
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.upmedia.mg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Mon, 07 Feb 2022 07:35:39 GMT
Server: nginx
Connection: keep-alive
X-Application-Context: application:prod,aggregator,build-ext:58070
P3P: CP="CUR ADM OUR NOR STA NID"

GET
H/1.1 204
No Content done
ssp.tenmax.io/supply/tracking/ 0
206 B 624ms
319ms Image
text/plain 211.21.190.218
HINET Data Commun...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ssp.tenmax.io/supply/tracking/done?bid=8bde0af0-87e8-11ec-b501-8f82c9fddd8e
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_CBC
Server: 211.21.190.218 Hsinchu, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS: 211-21-190-218.hinet-ip.hinet.net
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.upmedia.mg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Mon, 07 Feb 2022 07:35:39 GMT
Server: nginx
Connection: keep-alive
X-Application-Context: application:prod,aggregator,build-ext:58070
P3P: CP="CUR ADM OUR NOR STA NID"

GET
H/1.1 204
No Content done
ssp.tenmax.io/supply/tracking/ 0
206 B 631ms
324ms Image
text/plain 211.21.190.218
HINET Data Commun...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ssp.tenmax.io/supply/tracking/done?bid=8bdef550-87e8-11ec-b501-8f82c9fddd8e
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_CBC
Server: 211.21.190.218 Hsinchu, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS: 211-21-190-218.hinet-ip.hinet.net
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.upmedia.mg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Mon, 07 Feb 2022 07:35:39 GMT
Server: nginx
Connection: keep-alive
X-Application-Context: application:prod,aggregator,build-ext:58070
P3P: CP="CUR ADM OUR NOR STA NID"

GET
H3 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
122 B 15ms
15ms Script
application/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=www.upmedia.mg

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022020101.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.upmedia.mg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 07 Feb 2022 07:35:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
122 B 17ms
17ms Script
application/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.upmedia.mg

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022020101.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.upmedia.mg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 07 Feb 2022 07:35:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 45 KB
11 KB 310ms
310ms XHR
text/plain 142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=2835779083117571&correlator=3610366848041844&output=ldjh&impl=fifs&eid=31061814%2C31064671%2C31064019%2C31062930&vrg=2022020101&ptt=17&sc=1&sfv=1-0-38&ecs=20220207&iu_parts=37275962%2Crmaxspace%2C5fa8b4358fde4db0&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=320x50&fluid=height&prev_scp=adx_region%3DTWN%26line_item_type%3DadExchange&eri=4&cookie=ID%3Df4b1e5fd6938a7f7%3AT%3D1644219335%3AS%3DALNI_MYKsCnRkBuOSFwb4msn5mnwUpqdbg&bc=31&abxe=1&dt=1644219339464&lmt=1644219339&dlt=1644219335373&idt=543&frm=20&biw=1600&bih=1200&oid=2&adxs=798&adys=8028&adks=2221901601&ucis=b&ifi=13&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&dmc=8&url=https%3A%2F%2Fwww.upmedia.mg%2Fnews_info.php%3FSerialNo%3D61811%26Type%3D12&vis=1&scr_x=0&scr_y=0&psz=937x966&msz=305x0&ga_vid=501655294.1644219336&ga_sid=1644219336&ga_hid=660759529&ga_fc=true&fws=0&ohw=0&btvi=4&nvt=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022020101.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

cafe /

Resource Hash

8f6c161e6bdd3cb70544349f6fef7294814ce998ca62844a15a3840085389ad7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.upmedia.mg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 07 Feb 2022 07:35:39 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11004
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.upmedia.mg
access-control-expose-headers: x-google-amp-ad-validated-version
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 tracking-event Show response
api.webgains.io/ Frame 97A1 16 B
232 B 87ms
86ms Fetch
application/json 54.72.0.164
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://api.webgains.io/tracking-event

Requested by

Host: analytics.webgains.io
URL: https://analytics.webgains.io/pvClk.min.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.72.0.164 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-72-0-164.eu-west-1.compute.amazonaws.com

Software

nginx / PHP/7.4.25

Resource Hash

c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type: application/json

Response headers

date: Mon, 07 Feb 2022 07:35:39 GMT
x-content-type-options: nosniff
server: nginx
x-powered-by: PHP/7.4.25
x-frame-options: SAMEORIGIN
content-type: application/json
access-control-allow-origin: *
cache-control: no-cache, private
x-xss-protection: 1; mode=block

OPTIONS
H2 204 tracking-event
api.webgains.io/ Frame 0
0 106ms
25ms Preflight 54.72.0.164
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api.webgains.io/tracking-event
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.72.0.164 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-72-0-164.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://as.ad4m.at
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

date: Mon, 07 Feb 2022 07:35:39 GMT
server: nginx
access-control-allow-origin: *
access-control-allow-headers: Content-Type
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS

POST
H2 200 tracking-event Show response
api.webgains.io/ Frame 6D06 16 B
232 B 111ms
111ms Fetch
application/json 54.72.0.164
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://api.webgains.io/tracking-event

Requested by

Host: analytics.webgains.io
URL: https://analytics.webgains.io/pvClk.min.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.72.0.164 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-72-0-164.eu-west-1.compute.amazonaws.com

Software

nginx / PHP/7.4.25

Resource Hash

c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type: application/json

Response headers

date: Mon, 07 Feb 2022 07:35:39 GMT
x-content-type-options: nosniff
server: nginx
x-powered-by: PHP/7.4.25
x-frame-options: SAMEORIGIN
content-type: application/json
access-control-allow-origin: *
cache-control: no-cache, private
x-xss-protection: 1; mode=block

OPTIONS
H2 204 tracking-event
api.webgains.io/ Frame 0
0 81ms
29ms Preflight 54.72.0.164
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api.webgains.io/tracking-event
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.72.0.164 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-72-0-164.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://as.ad4m.at
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

date: Mon, 07 Feb 2022 07:35:39 GMT
server: nginx
access-control-allow-origin: *
access-control-allow-headers: Content-Type
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS

GET
H3 200 cavalry_endpoint.php
www.facebook.com/common/ Frame 019F 67 B
100 B 31ms
30ms Image
image/png 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/common/cavalry_endpoint.php?t_cstart=1644219339038&t_start=1644219339038&t_domcontent=1644219339061&t_layout=1644219339679&t_onload=1644219339679&t_paint=1644219339679&t_creport=1644219339679&t_tti=1644219339061&lid=7061868284252190347-0

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a

Security Headers

Name	Value
Content-Security-Policy	default-src data: blob: 'self' https://.fbsbx.com 'unsafe-inline' .facebook.com 'unsafe-eval' .fbcdn.net;script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com .fbcdn.net data: .facebook.com 'unsafe-inline';connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com:* wss://.whatsapp.com: attachment.fbsbx.com ws://localhost:* blob: .cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ v.whatsapp.net .fbsbx.com .fb.com;font-src data: .gstatic.com .facebook.com .fbcdn.net .fbsbx.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com .tenor.co media.tenor.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net .giphy.com connect.facebook.net .carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com .whatsapp.net .fb.com .oculuscdn.com;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com https://.giphy.com data:;frame-src .doubleclick.net .google.com .facebook.com www.googleadservices.com .fbsbx.com fbsbx.com data: www.instagram.com .fbcdn.net https://paywithmybank.com;worker-src blob: .facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.facebook.com/v2.12/plugins/like.php?action=like&app_id=125239581431127&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df36c5401acc27e%26domain%3Dwww.upmedia.mg%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fwww.upmedia.mg%252Ff7ad06fe50cb34%26relation%3Dparent.parent&container_width=70&href=https%3A%2F%2Fwww.facebook.com%2FUPMEDIA.MG%2F%3Ffref%3Dts&layout=button&locale=zh_TW&sdk=joey&share=false&show_faces=true&size=small
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
content-encoding: br
x-content-type-options: nosniff
nel: {"report_to":"network-errors","max_age":3600,"failure_fraction":0.01}
document-policy: force-load-at-top
content-security-policy-report-only: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;report-uri https://www.facebook.com/csp/reporting/?minimize=0;
alt-svc: h3=":443"; ma=3600, h3-29=":443"; ma=3600
x-xss-protection: 0
pragma: no-cache
x-fb-debug: Z437E3x+oxXMN2VDOll6BiRDXTsEWXoFeBfcMHl5ESHsGb33JVgvSTqbZ5+L27+gdWn4LtpwAh1gpNL/RodpXg==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
date: Mon, 07 Feb 2022 07:35:39 GMT
strict-transport-security: max-age=15552000; preload
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}, {"max_age":3600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}],"group":"network-errors"}
content-type: image/png
vary: Accept-Encoding
cache-control: private, no-store, no-cache, must-revalidate
x-fb-rlafr: 0
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame D240 0
9 B 8ms
7ms Image
text/plain 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?dNrEaA
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 07 Feb 2022 07:35:39 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 58ms
57ms Image
image/gif 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=225&t=2&li=gpt_2022020101&jk=2835779083117571&bg=!RkWlRQHNAAYZkRhwGZE7ACkAdvg8WiFZf3FsAOPBTGhZT7FLLeGlKN_90_mJHvtodIqVnG2jj4CuNQIAAAKqUgAAAANoAQcKACiNlhOHR1ZAqZOUWqS2B-UG52sdyXNZntHL60NmTQh7ZG61La66HBPimQLMJtdjYmyHVettqlGr7cf4yjib37dzoa_GuYY2xaBhX2K84zJuqJ0ci_YjG0vqyESgG8yXbjCAlZykq1LpGU6d485B5bELOTQu-938-6drdQ4pZSCuytKzIowHMPJdj39cGseL4kd4AEJkcDZ8L61rLCEXafcXSaLVYJK9NXCS_6TQ40lwdk8nuLcnaIbRRoiDPIz4tJqgMr8hdOCAGUptgBRNRLl345WE3IgsPXOniQP-0Lz4vz7IeDDXiB1XR1f6dhaAqNqx8jT_VguLJqQg1TXUysNjPLpWgHi-3YWcUMtMYAAz2ge_Cu6KdxsS7Ca0GES9j_StB82TaXis9172Qx_idaaLPsLkD966Ej_sae6XZFFCtY_YfJAQmj6qdc3AnAj663x07k0p5yRoE3N_r-02XKMBZGrscE850BfQHQlxJkkwjIllEWMLO-hcXRSb4JQB48s-IoInHgg7dcPDeMZGBQ4sfnAd4rKd-WsTtmV5EfgWw8hMmZB6H5l2bEBMBGXdgs5yfIagqJFCqgGCPWnhmWtiSwGXY0CdtTet4quelWxYMOi6goHHORO6MFQ-45iEDbAMWCyK01IGVNoolTFaOopLb5rmogLgEe7Zl8xeChdPUFqgShNCVQP6uQntsqk1lAwBLQuheRwbvPNmU7ILbJpOKrDgNTRS8_1cei7b50kGo-qRtW01ic6rINFS_mShe2V8OfM7xVISmYxqEGBO20JCFTT1rF_KrhxywBQQY_jIcAgoRMIiNkuXPwedt4yzd33-hucwQ5Eq4wcRGu-yvZDguI7iD0zcR4GnxZNFZZU1Nc0INX2cD-V3OOBHuWxiZ_ZXfRn2ijNaUuWrutonFyrN78bbnNkW016USA3Py0xT5xEsDAYhjuGXYt1kUvohn_DXwoHXH-JTw_8_5pPTBP2hBn7ctQT0w5OBF-jS-8qH_DBRc4WW8OM

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.upmedia.mg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 07 Feb 2022 07:35:39 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 amp4ads-v0.mjs Show response
cdn.ampproject.org/rtv/012201141909000/ Frame E666 220 KB
61 KB 68ms
9ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012201141909000/amp4ads-v0.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022020101.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d8ade0d94aaf4b3d52776b75609e8d1c31995677a0a033a6fa2408425da07740

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.upmedia.mg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 307461
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 61542
x-xss-protection: 0
server: sffe
date: Thu, 03 Feb 2022 18:11:18 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "00d9ef7efeb287da"
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Fri, 03 Feb 2023 18:11:18 GMT

GET
H2 200 amp-ad-exit-0.1.mjs Show response
cdn.ampproject.org/rtv/012201141909000/v0/ Frame E666 16 KB
6 KB 78ms
23ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012201141909000/v0/amp-ad-exit-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022020101.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cb696ecd7c4f31fdd7c7c1cc37e8efc29614fbcbadf74f455aa496d72ce33250

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.upmedia.mg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 307461
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5698
x-xss-protection: 0
server: sffe
date: Thu, 03 Feb 2022 18:11:18 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "919adc590e0ff503"
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Fri, 03 Feb 2023 18:11:18 GMT

GET
H2 200 amp-analytics-0.1.mjs Show response
cdn.ampproject.org/rtv/012201141909000/v0/ Frame E666 96 KB
29 KB 79ms
24ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012201141909000/v0/amp-analytics-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022020101.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cc83fe6d180fd859f448bacd040799bf379ee7e0d9b1e6c3f19499c1c4358864

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.upmedia.mg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 307461
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 29570
x-xss-protection: 0
server: sffe
date: Thu, 03 Feb 2022 18:11:18 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "c52208c2e07002d5"
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Fri, 03 Feb 2023 18:11:18 GMT

GET
H2 200 amp-fit-text-0.1.mjs Show response
cdn.ampproject.org/rtv/012201141909000/v0/ Frame E666 5 KB
2 KB 89ms
34ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012201141909000/v0/amp-fit-text-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022020101.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ea29de07cdb14f2c6c59c06fdcd4ec30c2030b3ba8ee6a0aa325085496b9a94d

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.upmedia.mg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 307461
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1851
x-xss-protection: 0
server: sffe
date: Thu, 03 Feb 2022 18:11:18 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "76a8c96b6aaec2c9"
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Fri, 03 Feb 2023 18:11:18 GMT

GET
H2 200 amp-form-0.1.mjs Show response
cdn.ampproject.org/rtv/012201141909000/v0/ Frame E666 42 KB
13 KB 91ms
36ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012201141909000/v0/amp-form-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022020101.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a7d040d5e84706dac2d471ad33830bd0ae361ca06e53e72e817701478c6d5afa

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.upmedia.mg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 307461
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13611
x-xss-protection: 0
server: sffe
date: Thu, 03 Feb 2022 18:11:18 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "7aefe3fe93cc7383"
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Fri, 03 Feb 2023 18:11:18 GMT

GET
DATA 200
OK truncated
/ Frame E666 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 686bf47f13cf623a6c794e60f72c31709c3fefdfc9ac0427c4e66dba1807522c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 01olz4kLrBBbbWVVu7oIgnD5KjY6x8E38rjKx1ez9Z5FuZwsY_Qsf3vmY2IBavBS72AsRY_DR4zmnomcxEPdxbIcVJu6wZ-HYC8qfDaEzw-vEw1uLuavx03ZXb0YnmHh5FBML0CeNhqMufeB8l5K5tzhnEZbkq6kr0O3vNpBI9blJ_YIN7jeMDuwH_cFtQ=w1200-...
lh3.googleusercontent.com/proxy/ Frame E666 297 KB
297 KB 63ms
10ms Image
image/png 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://lh3.googleusercontent.com/proxy/01olz4kLrBBbbWVVu7oIgnD5KjY6x8E38rjKx1ez9Z5FuZwsY_Qsf3vmY2IBavBS72AsRY_DR4zmnomcxEPdxbIcVJu6wZ-HYC8qfDaEzw-vEw1uLuavx03ZXb0YnmHh5FBML0CeNhqMufeB8l5K5tzhnEZbkq6kr0O3vNpBI9blJ_YIN7jeMDuwH_cFtQ=w1200-h627-rp-pd

Requested by

Host: www.upmedia.mg
URL: https://www.upmedia.mg/news_info.php?SerialNo=61811&Type=12

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

3ba9bc87468945de75738afa5b8b5a22a20d8e46f22e40e6b55a8a88d9d032bf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.upmedia.mg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 07 Feb 2022 05:53:31 GMT
x-content-type-options: nosniff
server: fife
age: 6128
vary: Origin
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="unnamed.png"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 303875
x-xss-protection: 0
expires: Tue, 08 Feb 2022 05:53:31 GMT

GET
H3 200 adview
securepubads.g.doubleclick.net/pagead/ Frame E666 0
0 54ms
49ms Image
text/html 142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=C2-Rhy8sAYo34Hpnw3gP6zIioCu-7oulmjdfv1p8MrtT-4JgWEAEgyqbfJWCVmpKCoAegAdKf8NsDyAEGqQKF7wPBzjWzPuACAKgDAcgDCqoEkwJP0KMZdOBR9_AuDF9V9tYPXPs421yYWK12DQIRxsTmfK7MZq6A0F4O11OOqfclRaL1BL-mesxbQAnrsTFWI0rujAQlWuMCOGknAWmLdbgmlD9gjInWlaU5_0_1P90-bk_JtBFpnO0Zk7YXLdP0BYr9vR6hU5BgF2hQS-6gC7xRQU7rHMdZU34e81usgOoL42LrWdRFa7s5RLY1k07V98om0CLIN94DhRwbMDgtQU6NLYFO2XLhCZHuxhmNl9r1w9_nH27swMdY6d29t2Fgq6b4vClyHSsPMePucq1UWGwe3FZbMfKeu5MVDn4d7lP55AlKDCzVLhG_ICnr0EfMcC4T9vO_CHtjtJSh_IO9AvbhRaVHTcAEs_WP84sC4AQBkgUECAQYAZIFBAgFGASSBQQIBRgYkgUFCAUYqAGgBjeAB5bgjySoB47OG6gHk9gbqAfulrECqAf-nrECqAemvhvYBwHyBwQQ774C0ggJCIDhgBAQARgdgAoDyAsB2BMNiBQC0BUBmBYBgBcBshceChwIABIUcHViLTQzMzgyNTY0Mzk2MjYxNDUY6o8Y&sigh=2DM4PkzpUaM&uach_m=[UACH]&template_id=493&uap=UACH(platform)&uapv=UACH(platformVersion)&uaa=UACH(architecture)&uam=UACH(model)&uafv=UACH(uaFullVersion)&uab=UACH(bitness)
Requested by: Host: www.upmedia.mg
URL: https://www.upmedia.mg/news_info.php?SerialNo=61811&Type=12
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 142.250.186.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra24s04-in-f2.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.upmedia.mg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

GET
H3 204 l
www.google.com/ads/measurement/ Frame E666 0
0 22ms
17ms Image
text/html 2a00:1450:4001:82b::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaQKplIk_6_yiiWEjLdudbiFAo72CYAJhkmgNJD1nyHDNEdRiuPbgC2D-esDXwgPj_2CpKhHvqB-_WKJTybMZnBXlCdMEw
Requested by: Host: www.upmedia.mg
URL: https://www.upmedia.mg/news_info.php?SerialNo=61811&Type=12
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.upmedia.mg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

GET
H3 200 zh_tw.png
tpc.googlesyndication.com/pagead/images/abg/ Frame E666 3 KB
3 KB 21ms
16ms Image
image/png 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/abg/zh_tw.png

Requested by

Host: www.upmedia.mg
URL: https://www.upmedia.mg/news_info.php?SerialNo=61811&Type=12

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a956a6fe1ee57805393bf1781b32486b4ed9ca402a04320280e59a18bc348a87

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.upmedia.mg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sun, 06 Feb 2022 16:10:44 GMT
x-content-type-options: nosniff
server: cafe
age: 55495
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
etag: 7688947696963022458
vary: Accept-Encoding
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3430
x-xss-protection: 0
expires: Mon, 07 Feb 2022 16:10:44 GMT

GET
H3 200 icon.png
tpc.googlesyndication.com/pagead/images/abg/ Frame E666 344 B
368 B 19ms
14ms Image
image/png 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/abg/icon.png

Requested by

Host: www.upmedia.mg
URL: https://www.upmedia.mg/news_info.php?SerialNo=61811&Type=12

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

53b99e4bde7498900885e58f9d6c383258f8a59b04389d6b54d3d4b89537b6f2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.upmedia.mg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 07 Feb 2022 06:46:14 GMT
x-content-type-options: nosniff
server: cafe
age: 2965
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
etag: 6766994032117382215
vary: Accept-Encoding
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 344
x-xss-protection: 0
expires: Tue, 08 Feb 2022 06:46:14 GMT

GET
H/1.1 204
No Content impression
ssp.tenmax.io/supply/tracking/ 0
206 B 577ms
305ms Image
text/plain 211.21.190.218
HINET Data Commun...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ssp.tenmax.io/supply/tracking/impression?bid=8bdf6a80-87e8-11ec-b501-8f82c9fddd8e&chid=4adfbfaea5ce46ac&sid=5fa8b4358fde4db0&lineitemid=5342308983
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_CBC
Server: 211.21.190.218 Hsinchu, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS: 211-21-190-218.hinet-ip.hinet.net
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.upmedia.mg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Mon, 07 Feb 2022 07:35:40 GMT
Server: nginx
Connection: keep-alive
X-Application-Context: application:prod,aggregator,build-ext:58070
P3P: CP="CUR ADM OUR NOR STA NID"

GET
H3

200

si
googleads.g.doubleclick.net/pagead/drt/ Frame E666
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
0

90ms
89ms

Image
text/html

2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Requested by: Host: www.upmedia.mg
URL: https://www.upmedia.mg/news_info.php?SerialNo=61811&Type=12
Protocol: H3
Server: 2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Redirect headers

date: Mon, 07 Feb 2022 07:35:39 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
cache-control: private
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

POST
H2 200 /
track.adform.net/serving/unload/ Frame B601 35 B
503 B 40ms
40ms Ping
image/gif 37.157.4.39
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://track.adform.net/serving/unload/?version=15&unload=0@@52254091,7004497482567193787,0|0|0|0|0|0|0|0|0||0|1|346|07b79fdc-0d12-4b08-9d4c-a8eaace96ec5_1|0||1|0|0|UVaib8u7l7vi5nP9TebYOumn3tQYot-A0|||11||0

Requested by

Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.4.39 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://889d10e83f292ac4ee6083347361810f.safeframe.googlesyndication.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Mon, 07 Feb 2022 07:35:41 GMT
server: nginx
access-control-max-age: 86400
access-control-allow-methods: GET, POST
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: https://889d10e83f292ac4ee6083347361810f.safeframe.googlesyndication.com
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
access-control-allow-headers: Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
expires: -1

GET
H3 200 1pcBuxvQw2y.css
static.xx.fbcdn.net/rsrc.php/v3/yi/l/1,cross/ Frame CA4E 59 KB
11 KB 43ms
42ms Stylesheet
text/css 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/yi/l/1,cross/1pcBuxvQw2y.css?_nc_x=Ij3Wp8lg5Kz

Requested by

Host: www.facebook.com
URL: https://www.facebook.com/plugins/feedback.php?app_id=125239581431127&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df2afc708ae4750c%26domain%3Dwww.upmedia.mg%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fwww.upmedia.mg%252Ff7ad06fe50cb34%26relation%3Dparent.parent&container_width=978&height=100&href=https%3A%2F%2Fwww.upmedia.mg%2Fnews_info.php%3FSerialNo%3D61811%26Type%3D12&locale=zh_TW&numposts=5&sdk=joey&version=v2.12&width

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

0ddcf5079938afa282f4221d58e7dbaf18b4540b4ab5783995a4c5be8c0d6d3c

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 07 Feb 2022 07:35:42 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: pUUtytX8jmucZE9Ftl52eA==
document-policy: force-load-at-top
content-security-policy-report-only: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;report-uri https://www.facebook.com/csp/reporting/?minimize=0;
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=3600,h3-29=":443"; ma=3600
content-length: 11489
x-fb-rlafr: 0
x-fb-debug: ap06IP6hrkAfN6xD9u+/l0cd1hbVczmjZTKadHSQtOfpjC3YO3KbIe5rwUjr4JWkmsl7BvJqjux4uP9cWvVdMg==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: text/css; charset=utf-8
access-control-allow-origin: https://www.facebook.com
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
priority: u=3,i
expires: Mon, 06 Feb 2023 17:37:06 GMT

GET
H3 200 V0h2-P0LqLF.css
static.xx.fbcdn.net/rsrc.php/v3/yJ/l/1,cross/ Frame CA4E 125 KB
20 KB 44ms
44ms Stylesheet
text/css 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/yJ/l/1,cross/V0h2-P0LqLF.css?_nc_x=Ij3Wp8lg5Kz

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

9aafdca8db8d8ab1bb303bf8af5a0c1eb26977f36ab4ad6801ef447b7b71daa9

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 07 Feb 2022 07:35:42 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: wO0Y/fGms0+yI3PlX0dfvw==
document-policy: force-load-at-top
content-security-policy-report-only: default-src fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: chrome-extension: 'unsafe-inline' 'unsafe-eval';report-uri https://www.xx.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=3600,h3-29=":443"; ma=3600
content-length: 20381
x-fb-rlafr: 0
x-fb-debug: Azlzt1WTvWB1eO3zKhWYseEI31OyRdIgfTskLW/lufZQzC6P8oOuOQmoEsAP1ySKI3T7euFhIyvKrSkLC+ITyA==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: text/css; charset=utf-8
access-control-allow-origin: https://www.facebook.com
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
priority: u=3,i
expires: Thu, 02 Feb 2023 21:45:08 GMT

GET
H3 200 45LapIJFFqp.js Show response
static.xx.fbcdn.net/rsrc.php/v3/y_/r/ Frame CA4E 307 KB
82 KB 45ms
44ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/y_/r/45LapIJFFqp.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

3b095582926d785ec101de15de7cd7310e8c3961a2a9101cf1aac3f90ef2d9dd

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 07 Feb 2022 07:35:42 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: Iyn3V19JQR8hbEKrIU0XwA==
document-policy: force-load-at-top
content-security-policy-report-only: default-src https: data: wss: blob: chrome-extension: 'unsafe-inline' 'unsafe-eval';report-uri https://www.xx.facebook.com/csp/reporting/?minimize=0;require-trusted-types-for 'script';
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=3600,h3-29=":443"; ma=3600
content-length: 84331
x-fb-rlafr: 0
x-fb-debug: SlZwpjYjb5lbpRrobLlgotDeqXV6RqdXuRaVwv628trCUi8oDpfykzaTt7KbNJnsLUZOMQgOQmKkQC2ABVUXiA==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://www.facebook.com
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
priority: u=3,i
expires: Thu, 02 Feb 2023 17:59:15 GMT

GET
H3 200 YQ0AQWVm93U.js Show response
static.xx.fbcdn.net/rsrc.php/v3i63m4/yh/l/zh_TW/ Frame CA4E 158 KB
44 KB 46ms
45ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3i63m4/yh/l/zh_TW/YQ0AQWVm93U.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

bc13afc32c81c66b102a63a2c672cc4ab9a3338964e3e32c8f17f8cc5ab0db49

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 07 Feb 2022 07:35:42 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: 2bhhKWXqEwq03/MgbRhLCg==
document-policy: force-load-at-top
content-security-policy-report-only: default-src https: data: wss: blob: chrome-extension: 'unsafe-inline' 'unsafe-eval';report-uri https://www.xx.facebook.com/csp/reporting/?minimize=0;require-trusted-types-for 'script';
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=3600,h3-29=":443"; ma=3600
content-length: 44995
x-fb-rlafr: 0
x-fb-debug: B2P6i4GDKxVRt2iQZm8eQnRWy9BXLL/dRYLs0aXy7rYg9MCAhy0IiJg0NHS9gmjgMT2irmxiMprWJSaJhVJSEA==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://www.facebook.com
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
priority: u=1
expires: Fri, 03 Feb 2023 03:26:10 GMT

GET
H3 200 XwBBMjoHXtv.js Show response
static.xx.fbcdn.net/rsrc.php/v3iv3a4/yy/l/zh_TW/ Frame CA4E 1 MB
333 KB 83ms
83ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3iv3a4/yy/l/zh_TW/XwBBMjoHXtv.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

9a99f9f1c9939b5174008575d44dca5c126d7ec9438430ceb3537e354d29e6a2

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 07 Feb 2022 07:35:42 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: SLQzTSABIkfV/LIMtlhHzg==
document-policy: force-load-at-top
content-security-policy-report-only: default-src fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: chrome-extension: 'unsafe-inline' 'unsafe-eval';report-uri https://www.xx.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=3600,h3-29=":443"; ma=3600
content-length: 341251
x-fb-rlafr: 0
x-fb-debug: Dgq1ht7/7uHQwLoyu0I3miqnzXXV4ht0lqU2cB2fo0hTBA2ASOELPhoccg441dlXxTPhXUKQiPSD7cRJmrceJw==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://www.facebook.com
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
priority: u=3,i
expires: Thu, 02 Feb 2023 21:45:08 GMT

GET
H3 200 RICrecDQjt5.js Show response
static.xx.fbcdn.net/rsrc.php/v3/yV/r/ Frame CA4E 26 KB
8 KB 84ms
83ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/yV/r/RICrecDQjt5.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

ce060c4b31136228f92c39acd9a2b4e090d0cdb950d0f68c641cc4f2477decfa

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 07 Feb 2022 07:35:42 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: /OU5RA0NY50SIBcbFH/cGQ==
document-policy: force-load-at-top
content-security-policy-report-only: default-src https: data: wss: blob: chrome-extension: 'unsafe-inline' 'unsafe-eval';report-uri https://www.xx.facebook.com/csp/reporting/?minimize=0;require-trusted-types-for 'script';
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=3600,h3-29=":443"; ma=3600
content-length: 8493
x-fb-rlafr: 0
x-fb-debug: 4Yo5ZXxCwZVa9qAwnzfwYnxMkU1c8M8tY5JkIE3zlNKg7688QcRPdQKzrG2anHUn/43pimZLGRb/9AUZ3PPeLg==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://www.facebook.com
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
priority: u=3,i
expires: Thu, 02 Feb 2023 19:57:30 GMT

GET
H3 200 fkhasSJxDC6.js Show response
static.xx.fbcdn.net/rsrc.php/v3iAHa4/yz/l/zh_TW/ Frame CA4E 39 KB
12 KB 50ms
50ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3iAHa4/yz/l/zh_TW/fkhasSJxDC6.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

cb6edda44b62692b7e6c1b810291c46162b99c1f0c6228ab2a187b7d1072d026

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 07 Feb 2022 07:35:42 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: K85fmOH6FJbURLCYkOa9lA==
document-policy: force-load-at-top
content-security-policy-report-only: default-src https: data: wss: blob: chrome-extension: 'unsafe-inline' 'unsafe-eval';report-uri https://www.xx.facebook.com/csp/reporting/?minimize=0;require-trusted-types-for 'script';
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=3600,h3-29=":443"; ma=3600
content-length: 11794
x-fb-rlafr: 0
x-fb-debug: MxAlULvjotHI32Fr+vm9coxWBuZ/sZTBr5OK27H2SfIqv4IUx4AU3uCgF60Gpgj0cjuo77BXuREzL9FNGGiL0g==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://www.facebook.com
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
priority: u=1
expires: Fri, 03 Feb 2023 01:38:07 GMT

POST
H2 200 /
track.adform.net/serving/unload/ Frame 0A59 35 B
503 B 61ms
58ms Ping
image/gif 37.157.4.39
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://track.adform.net/serving/unload/?version=15&unload=399385002461958137@@50164610,5227713158226407522,0|0|0|0|0|0|0|0|0||0|1|1|6200cbc80007fb840a77894e7300ff7d_1|||1|0|0|1XQ6f_Wo4z1X7EYoWZQhUcQ4wTZfiEOPFD17YZStKSxiHAOlH8upnskllzAqADQrA7z_uuw_WOM1|||11||0

Requested by

Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.4.39 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://889d10e83f292ac4ee6083347361810f.safeframe.googlesyndication.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Mon, 07 Feb 2022 07:35:42 GMT
server: nginx
access-control-max-age: 86400
access-control-allow-methods: GET, POST
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: https://889d10e83f292ac4ee6083347361810f.safeframe.googlesyndication.com
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
access-control-allow-headers: Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
expires: -1

GET
H3 200 VY7VtWIM9fW.png
static.xx.fbcdn.net/rsrc.php/v3/yF/r/ Frame CA4E 251 KB
251 KB 18ms
9ms Image
image/png 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/yF/r/VY7VtWIM9fW.png

Requested by

Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/yJ/l/1,cross/V0h2-P0LqLF.css?_nc_x=Ij3Wp8lg5Kz

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

d845920d21b08795f90526d2d827e0baea7a2102b359f24a39ec28a87faacdd6

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://static.xx.fbcdn.net/rsrc.php/v3/yJ/l/1,cross/V0h2-P0LqLF.css?_nc_x=Ij3Wp8lg5Kz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 07 Feb 2022 07:35:42 GMT
x-content-type-options: nosniff
content-md5: VO922XrIvf6dPbMlbETwCQ==
document-policy: force-load-at-top
content-security-policy-report-only: default-src https: data: wss: blob: chrome-extension: 'unsafe-inline' 'unsafe-eval';report-uri https://www.xx.facebook.com/csp/reporting/?minimize=0;require-trusted-types-for 'script';
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=3600,h3-29=":443"; ma=3600
content-length: 257139
x-fb-rlafr: 0
x-fb-debug: F0+ukvvQJha8QPo6RWtElYvjqiIhwPFincbBMOCUmxXmhrooa5C5SIVP1yFGgLi4uGG7tonidwcX62mh2Byhsw==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
content-type: image/png
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
priority: u=3,i
expires: Tue, 31 Jan 2023 17:58:55 GMT

GET
H3 200 odA9sNLrE86.jpg
static.xx.fbcdn.net/rsrc.php/v1/yi/r/ Frame CA4E 1 KB
1 KB 12ms
12ms Image
image/jpeg 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.xx.fbcdn.net/rsrc.php/v1/yi/r/odA9sNLrE86.jpg

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

d7af70fd2dab0fadd7b57438ae80cd4cbfc69384ace14284c990e2916631ff3b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.facebook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 07 Feb 2022 07:35:42 GMT
x-content-type-options: nosniff
content-md5: 8E8V7SJfv5OQxsrCIaL7hQ==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=3600,h3-29=":443"; ma=3600
content-length: 1131
x-fb-rlafr: 0
x-fb-debug: rc2jEOBwe4XfT95dQzv4/dBvGVbOBMEcfad1zW5YPZN8iie1KTqFcN/bRKSuji+mNI9XCJ4pD0+Qmfaf5taivQ==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
priority: u=3,i
expires: Sat, 28 Jan 2023 23:40:26 GMT

POST
H2 200 /
track.adform.net/serving/unload/ Frame 7830 35 B
503 B 25ms
24ms Ping
image/gif 37.157.4.39
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://track.adform.net/serving/unload/?version=15&unload=399385002461958137@@52254093,7338043784151922305,0|0|0|0|0|0|0|0|0||0|1|1|6200cbc8000bea330815433268099418_1|0||1|0|0|AB-mbBkv9ki48M5tcwHHbcQ4wTZfiEOPwYydJHqXu_MA8w8tHMOWlskllzAqADQrA7z_uuw_WOM1|||11||0

Requested by

Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.4.39 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://889d10e83f292ac4ee6083347361810f.safeframe.googlesyndication.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Mon, 07 Feb 2022 07:35:42 GMT
server: nginx
access-control-max-age: 86400
access-control-allow-methods: GET, POST
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: https://889d10e83f292ac4ee6083347361810f.safeframe.googlesyndication.com
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
access-control-allow-headers: Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
expires: -1

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: google2waycm.netmng.com
URL: https://google2waycm.netmng.com/cm/?google_gid=CAESEOD1WJNZ35FjJcXblWEEGr4&google_cver=1&google_push=AYg5qPK3MSecawDYc_hGKp1ta5CAJiDzDwNx4u1_bxgxorT9pcOuV4jGYkkdPDcd5zaW3vx44OFlnaR-Eq1JqJYa76eTaN25wUPU

Domain: cm.g.doubleclick.net
URL: https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YgDLyXMRdudMLMtvMAwOvwAABFIAAAAB&google_cver=1&google_gid=CAESEMnjB0OXnFSHAmmtUZzHjNY&google_push=AYg5qPJ40pw3MV1WnTW5IAA3iNBABTL2qD7ahQK5tqx7E6KzMk5rSU0_G1Yjoa2Z-a67Bh0sEqrdcYQHaOBn9NpDQz8LeqopPgc

Verdicts & Comments Add Verdict or Comment

302 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

62 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
www.upmedia.mg/	1969-12-31 23:59:59	Name: PHPSESSID Value: etr75jjpmqjrq0sfu45tpbns9r
.upmedia.mg/	1970-01-20 00:43:41	Name: __asc Value: 1e713ca317ed31c03f3a9d5e1c6
.upmedia.mg/	1970-01-20 09:30:41	Name: __auc Value: 1e713ca317ed31c03f3a9d5e1c6
.upmedia.mg/	1970-01-20 18:14:51	Name: _ga Value: GA1.2.501655294.1644219336
.upmedia.mg/	1970-01-20 00:45:05	Name: _gid Value: GA1.2.1040507976.1644219336
.upmedia.mg/	1970-01-20 00:43:39	Name: _gat Value: 1
.scorecardresearch.com/	1970-01-20 18:00:27	Name: UID Value: 16193e16640b27f9fb927ef1644219335
.upmedia.mg/	1970-01-20 00:43:39	Name: _gat_two Value: 1
.youtube.com/	1969-12-31 23:59:59	Name: YSC Value: YGG4PY9G-aU
.youtube.com/	1970-01-20 05:02:51	Name: VISITOR_INFO1_LIVE Value: EUzCm_Kk5H0
.likr.com.tw/	1970-01-23 16:19:39	Name: uuid Value: f1752af4-fe76-45b4-97c6-f667e0664517
.likr.com.tw/	1970-01-23 16:19:39	Name: AviviD_uuid Value: f1752af4-fe76-45b4-97c6-f667e0664517
.upmedia.mg/	1970-01-23 16:19:39	Name: AviviD_uuid Value: f1752af4-fe76-45b4-97c6-f667e0664517
.upmedia.mg/	1970-01-23 16:19:39	Name: AviviD_refresh_uuid_status Value: 1
.upmedia.mg/	1970-01-23 16:19:39	Name: webuserid Value: 4f02bc68-7ebf-838d-59ca-2f0db5b14506
.doubleclick.net/	1970-01-20 10:05:15	Name: IDE Value: AHWqTUlQ-jhECkm3SfMj7xLEMkP5VtziClV5y2WWjszoNV7iQzEKwQvaeRq8toKZCYE
.adform.net/	1970-01-20 01:23:58	Name: C Value: 1
.tenmax.io/	1970-01-20 18:00:27	Name: uid Value: 8a672260-87e8-11ec-85d3-33027bb8cc15
data.ad-score.com/	1970-01-21 20:32:42	Name: token Value: DDgqXbEHVuXeM-jqg2-TMwTeFkDmDpNc
.krxd.net/	1970-01-20 05:02:51	Name: _kuid_ Value: OpdmeQwX
.adform.net/	1970-01-20 02:09:59	Name: uid Value: 399385002461958137
.adform.net/	1970-01-20 00:53:44	Name: TPC Value: 1644219336818
.upmedia.mg/	1970-01-20 10:05:15	Name: __gads Value: ID=f4b1e5fd6938a7f7:T=1644219335:S=ALNI_MYKsCnRkBuOSFwb4msn5mnwUpqdbg
.advertising.com/	1970-01-20 09:30:41	Name: APID Value: UP8ad61196-87e8-11ec-b702-02a0f9231304
.upmedia.mg/	1970-01-23 16:19:39	Name: AviviD_sw_version Value: 1.0.868.210701
.yahoo.com/	1970-01-20 09:29:36	Name: A3 Value: d=AQABBMnLAGICEFcnqtJp0AY-3QfEtMWWB9YFEgEBAQEdAmIKYgAAAAAA_eMAAA&S=AQAAAgD_k4k1Uu619k1esduqsfg
.advividnetwork.com/	1970-01-23 16:19:39	Name: AviviD_uuid Value: f1752af4-fe76-45b4-97c6-f667e0664517
.upmedia.mg/	1970-01-23 16:19:39	Name: AviviD_tid_rmed Value: 1
.quantserve.com/	1970-01-20 02:53:15	Name: d Value: EAwBCQGxJYEA
.quantserve.com/	1970-01-20 10:13:53	Name: mc Value: 6200cbc9-b198e-bac50-084f1
.adfarm1.adition.com/	1970-01-20 02:53:15	Name: UserID1 Value: 7061868279879628955
.travelaudience.com/	1970-01-20 10:09:34	Name: _tracker Value: %7B%22UUID%22%3A%226FC5842C-B296-4C0B-B7C0-BEFA53598B84%22%7D
.upmedia.mg/	1970-01-20 00:45:05	Name: AviviD_already_exist Value: 1
.upmedia.mg/	1970-01-20 00:45:05	Name: AviviD_show_sub Value: 1
.analytics.yahoo.com/	1970-01-20 09:30:41	Name: IDSYNC Value: "187s~233j:18wq~233j"
.pubmatic.com/	1970-01-20 00:45:05	Name: KTPCACOOKIE Value: YES
.turn.com/	1970-01-20 05:02:51	Name: uid Value: 2745957233872001249
.casalemedia.com/	1970-01-20 09:29:15	Name: CMID Value: YgDLyXMRdudMLMtvMAwOvwAA
.casalemedia.com/	1970-01-20 02:53:15	Name: CMPS Value: 5201
.pubmatic.com/	1970-01-20 02:53:15	Name: KADUSERCOOKIE Value: 9444AC41-1654-423E-9278-269ECD7ECF64
.casalemedia.com/	1970-01-20 02:53:15	Name: CMPRO Value: 1106
.casalemedia.com/	1970-01-20 00:45:05	Name: CMST Value: YgDLyWIAy8kA
.adaptv.advertising.com/	1970-01-20 18:14:51	Name: migrated2y Value: "1"
.bidswitch.net/	1970-01-20 09:29:15	Name: tuuid Value: ac248d67-828d-4362-86f6-21ab3db1cb9e
.bidswitch.net/	1970-01-20 09:29:15	Name: c Value: 1644219338
.bidswitch.net/	1970-01-20 09:29:15	Name: tuuid_lu Value: 1644219338
.tribalfusion.com/	1970-01-20 02:53:15	Name: ANON_ID Value: aPntmIwZcF1eoXarpfrg01huMZalZaeZaDFJYZaaGtmGVkZc7eFFSb2gicUZc3Cp8Rbos86APdUvLOrMfye0AWQbRKM6sPN
.upmedia.mg/	1970-01-20 00:53:44	Name: AviviD_token_retake Value: 0
.tenmax.io/	1970-01-20 00:45:05	Name: wt Value: 1
.awin1.com/	1969-12-31 23:59:59	Name: AWSESS Value: 379097:2519498
.awin1.com/	1970-01-20 00:53:44	Name: awpv14098 Value: 412871\|1644219338\|8b6c8471-87e8-11ec-afda-2235ec938b8e
.tenmax.io/	1970-01-20 00:45:05	Name: pb3 Value: doubleclick
.tenmax.io/	1970-01-20 00:45:05	Name: ul Value: 514624859
pb.media01.eu/	1969-12-31 23:59:59	Name: ASP.NET_SessionId Value: d2xt5v2dfljme00gf01lwnfv
pb.media01.eu/	1970-01-20 18:14:51	Name: DTU Value: 345C9429F00E50C19E40AFF7B77AE1E5
.tenmax.io/	1970-01-20 01:26:51	Name: x_dblkuid Value: CAESELahnQdkeYHH1Bw0bNRazik
.fg8dgt.com/	1970-01-20 18:14:51	Name: tuuid Value: a7bd48f8-70d9-41b3-a978-44115e62ad98
.fg8dgt.com/	1970-01-20 18:14:51	Name: c Value: 1644219338
.facebook.com/	1970-01-20 18:14:51	Name: sb Value: yssAYlId671AVH-bvq-fUdPd
.facebook.com/	1970-01-20 02:53:15	Name: fr Value: 0xkFV4UAlHljiEabg..BiAMvI.py.AAA.0.0.BiAMvK.AWWD0oPP028
.fg8dgt.com/	1970-01-20 18:14:51	Name: tuuid_lu Value: 1644219339
.doubleclick.net/	1970-01-20 00:43:42	Name: DSID Value: NO_DATA

4 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://www.upmedia.mg/css/images/bg_dragonboat_pc.jpg Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YgDLyXMRdudMLMtvMAwOvwAABFIAAAAB&google_cver=1&google_gid=CAESEMnjB0OXnFSHAmmtUZzHjNY&google_push=AYg5qPJ40pw3MV1WnTW5IAA3iNBABTL2qD7ahQK5tqx7E6KzMk5rSU0_G1Yjoa2Z-a67Bh0sEqrdcYQHaOBn9NpDQz8LeqopPgc Message: Failed to load resource: net::ERR_TOO_MANY_REDIRECTS
other	error	URL: chrome-error://chromewebdata/ Message: Refused to display 'https://www.facebook.com/' in a frame because it set 'X-Frame-Options' to 'deny'.
other	warning	URL: https://cdn.ampproject.org/rtv/012201141909000/v0/amp-ad-exit-0.1.mjs Message: Unrecognized feature: 'attribution-reporting'.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

889d10e83f292ac4ee6083347361810f.safeframe.googlesyndication.com
a.tribalfusion.com
ad.turn.com
ad4m.at
ads-eu.v.ssp.yahoo.com
ads.adaptv.advertising.com
ads.travelaudience.com
adservice.google.com
adservice.google.de
analytics.webgains.io
api.pvmax.net
api.webgains.io
as.ad4m.at
assets.ad4m.at
auto-load-balancer.likr.com.tw
avivid.likr.tw
avividone.likr.tw
beacon.krxd.net
cdn.ampproject.org
cdnjs.cloudflare.com
certify-js.alexametrics.com
certify.alexametrics.com
cm.g.doubleclick.net
cms.quantserve.com
code.jguery.com
code.jquery.com
connect.facebook.net
data.ad-score.com
dmp.tenmax.io
dsp.adfarm1.adition.com
elephant.likr.com.tw
eus.rubiconproject.com
firehose.ap-southeast-1.amazonaws.com
fonts.gstatic.com
global.cloud.netacuity.com
go.trvdp.com
google2waycm.netmng.com
googleads.g.doubleclick.net
image6.pubmatic.com
imasdk.googleapis.com
jp-u.openx.net
lh3.googleusercontent.com
load-balancer.likr.com.tw
m.fg8dgt.com
p.adlooxtracking.com
p.trvdp.com
pagead2.googlesyndication.com
partner.googleadservices.com
pb.media01.eu
pixel-us-east.rubiconproject.com
pixel.advertising.com
platform.twitter.com
prebid.andbeyond.media
prod-rtb.ad4mat.net
pubads.g.doubleclick.net
pv.medialead.de
pvmax.tenmax.io
r.turn.com
redirect.prod.experiment.routing.cloudfront.aws.a2z.com
rhea-cache.advividnetwork.com
rtbcdn.andbeyond.media
rtbpass-us.andbeyond.media
s.ad.smaato.net
s.tribalfusion.com
s.trvdp.com
s0.2mdn.net
s1.adform.net
sb.scorecardresearch.com
secure-assets.rubiconproject.com
securepubads.g.doubleclick.net
ssp.tenmax.io
static-de.ad4mat.net
static.xx.fbcdn.net
stats.g.doubleclick.net
stg.truvidplayer.com
sun.advividnetwork.com
syndication.twitter.com
tenmax-static.cacafly.net
token.rubiconproject.com
tpc.googlesyndication.com
track.adform.net
track.webgains.com
ups.analytics.yahoo.com
vid597.trvdp.com
www.awin1.com
www.facebook.com
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
www.upmedia.mg
www.youtube.com
x.bidswitch.net
cm.g.doubleclick.net
google2waycm.netmng.com
104.111.239.217
104.117.200.100
104.244.42.136
108.128.127.158
108.157.4.80
13.32.99.94
13.76.34.51
130.211.115.4
142.250.186.34
145.239.193.130
18.66.97.14
18.66.97.9
192.124.249.65
198.47.127.19
2.19.35.65
2001:4de0:ac18::1:a:2a
2001:678:cb4:bbbb::11
211.21.190.218
2600:1901:0:76b9::
2600:9000:223f:400:3:7e1c:5b40:93a1
2600:9000:223f:be00:1b:5138:8a40:93a1
2600:9000:2251:1c00:d:3c0f:bcc0:93a1
2600:9000:2251:6600:c:41fa:6240:93a1
2606:2800:234:59:254c:406:2366:268c
2606:4700:10::6816:2a5e
2606:4700:10::6816:3bf9
2606:4700:10::6816:4a44
2606:4700:10::6816:8ee
2606:4700:20::681a:ad1
2606:4700:20::ac43:444e
2606:4700:20::ac43:4a81
2606:4700:3034::ac43:baa1
2606:4700::6810:135e
2606:4700::6812:c05
2620:116:800d:21:5a23:9c4e:e774:96c1
2a00:1450:4001:801::2002
2a00:1450:4001:808::2001
2a00:1450:4001:808::200e
2a00:1450:4001:809::2002
2a00:1450:4001:809::200a
2a00:1450:4001:810::2003
2a00:1450:4001:811::200e
2a00:1450:4001:812::2001
2a00:1450:4001:812::2002
2a00:1450:4001:827::2001
2a00:1450:4001:827::2002
2a00:1450:4001:827::2003
2a00:1450:4001:828::2006
2a00:1450:4001:82b::2001
2a00:1450:4001:82b::2002
2a00:1450:4001:82b::2004
2a00:1450:4001:831::2008
2a00:1450:400c:c03::9d
2a03:2880:f01c:8012:face:b00c:0:3
2a03:2880:f11c:8183:face:b00c:0:25de
3.122.65.14
3.126.56.137
3.66.195.154
34.107.213.174
34.107.231.31
34.96.95.4
34.98.64.218
35.156.156.223
35.186.245.165
35.190.0.66
35.190.46.27
35.211.141.197
35.211.178.172
37.157.4.39
37.157.5.72
46.236.13.147
52.119.184.70
52.222.214.49
52.76.199.242
54.174.237.181
54.213.59.33
54.72.0.164
54.76.155.32
69.16.175.10
69.16.175.42
69.173.144.138
8.43.72.98
85.114.159.118
88.198.250.30
008209f62c2753c17627159e7b23947a4dc6254162b9f1165443bb62e2de1e2e
0125bea16a83a08016d5d52d6d30a8ba9f334d507f4977b36c981ece39e53d0f
01a7819541d3a41501fbdd0897420e84dbead38cb1e0f84b459414cddd97f9a2
0442de55e3838ce2b8cfca9a7ad2a6bcecfd94844453c13b38d7a9f1d31944b9
05e7681f1d0e7dc45e751a6506773483c3c401ddb0dc9e9bbe39af7c7d57d4f2
0808dc2d2a687e420d40b158c5f88ff5241c36d014c36ee586744cfb9c5ed47e
0a1be9981c0d8e130ef5bc7fecac75fb26a7428b9e91a8faedda343db76f2a6a
0a3d695e561ce2372a5a2a0a99c94b073691a630025ff56728e27701bb148c32
0a4f6bbc3f8a2317741fac36da2b33069fd36fc14574f1badad32fb276f442c4
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0bcac89d72d5f0b2bef20f815406384ff05489e4294acee57409060c2eccffc5
0c0084cfd1cebbbd3de8d057d0c43f0afe6851d69e0d69ee5bcfcab513c89d39
0ddcf5079938afa282f4221d58e7dbaf18b4540b4ab5783995a4c5be8c0d6d3c
0fbc3565f7e014078a89d17b85e8e0aea97fe35dfae6b92984265195fa86d092
101df151aa008e88d6f4e497cc3558f63d2524f788e46e3e3a109a4620aff141
10a7e524db359a94a66ea75b97e81a52932f0e10a04deabb49fb73ec5d038946
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
1401992f2de25018f3ba6db7a52c76dba5904e3a8381e83a2bb6fef5eb25ea06
144822a1b5316a4e9a06ffbf5802b8c1cbbc0a3f230d81b98f362f7fe4c128c8
16eeb4e3f9643a223810ecc0a37e99dce1b1d47f54274aa9c04a2e55f167c0c8
17d21e03f410ca5abbd70c83687c96768a873e35a86c69a99aba6e0f14eb0df0
192742672a5a9bb357b5b6d1d8a850e838634ac7ce9f5647472a74cc9ac0b759
1977ae2b50845838a0f0848012e1d2bb312a7a760bc7427c601305531de0d2d4
1d19f579a751135f28b74fd10b3e65d547a221d2fe7546be246d99125aea7c04
1d21c2081bffbbc75c4bbd7a0dfadd849be0b37ab0069baae002446d04d16edf
1f5a3cbf19a41df9f5e59f05ac4c668b3caa896cb3c2e5c96f7addf4f6a96479
20d1b3e68226539ee1befa4e362c8be95c062686cc9556d422135c9df7cabcb9
217e572ee9167a742ad31a9438ae0435df4b330767ab52553314e1b6a546d3d4
22e641c19e2deab3ff8d58f8c7830b38c22278aef37fdf0cd44006789be1818c
250994b91557fb39d6354119f4fdc7f324f7757faa7c3012a74e3689978dd167
254cdbcb4f52ac1abdd3921b472cc8f90b0a5bf6bcd6db02e255fd409e6d4c12
25cbb0598f62d55b16729065a0955ce9efcdfb096c7f11fec31e731dcfa11e8a
2677a9e641a6705292e1c0cfc94317ab2ad70a607ff8fd52ed5dd99721acc6ac
2725d337e8ed14d10b23407140abf3881d22818a639df5401386c70d4a055757
272d25a3bc4e780b90797dc968a382dbccaa40157d7612ace2f59f2768a6bb86
284420fd70bbf14ac974f7500fc85d2f82bd1bba50f9d122a910261fda74d0bb
294b0c2e3ec3edc89ec51dcef5ef2e099b3111a0634b2e7121cd249744d39b3a
29a44a78fbbdccc9532915b8c963143900691d86fe08986ea2ee11d6880431ad
2a6c2ee6907e4997f221a2a46bf8faee0eacec736d54a6973a311876db5f3aff
2b742a8e40eda53cab177f16e49ad9e68978ff9074da055d14299a9ca6934787
2db7835e3d3277f3ff45747ab2aad2a143266c5e1ae81b5338784915c57facbc
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
2ea2cef2fd04e1bbc69ebc2dd378d00da564ae8517a7c14869cc7abd534c5714
2eeaed1b310e214596abec926291c1a41c6333ddaeac312886fc0b5930d71f0e
2fbeb7dffd2901499dff2d98c2e9ed89996a5f276b2b4a3224f4db87a9606b8d
2fdaec32d631dd64fcaf6da94fa565b49ca2861dfa33280045d9ed3547bc336b
311cf3a7782168ebcc0f85de83dc1474072fba0e835e3a5a565c5061c4d7a4a8
313125653c6eeb4f0021e65e50e37c36203f0be5b9781f702a1e3a198a40c2b4
3155cd449a2085846e620747cc4f30dbf639cfcf5f4211e1c7224043e8806d45
3307c83dc14067def96427d5947df8a6a9f4231904925c9152cf04312a1df38d
35f4192951a6c9536f165e7e3572304b0fda4d2e7cf33bb5001ac096896c36d6
36cef33509352a3270cd0b60a57473f4599faa2361e5390210a4cf9e2554f271
371ad158bdcebe56a0a9aabba13412221715717eb6fb26a13e16026e2844aaa8
39785e11f5691152f2df6618fd7ec32f634ae712fd72cbdd9e5e5e951b45c5d4
39f5f2a1a942b402320f5119fabd30be57d0fe61b9ac02f16b6218d9d278c97b
3a59fc0dd7badbd25ef4d8d9d8ddc9c91e456c9cd5863ff30fdade102b62f869
3a981a7288749d6367a3c453280a7d1243529579a45366d25afbfe3375edb91a
3b095582926d785ec101de15de7cd7310e8c3961a2a9101cf1aac3f90ef2d9dd
3ba9bc87468945de75738afa5b8b5a22a20d8e46f22e40e6b55a8a88d9d032bf
3c0f5260093d770d9f37b112bc019f2f9e71984903ab4b11ba27890e9019e2b3
3c3a0321547809818914bf6666db8a6b4f882b487d3e08e334566d25d5d38e55
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390
4002c8bd93674c5c6880070a5b8a6f6a2bcc21b2101ccee15ebb972b572ea6e2
40f47febdff0bfb793258ef69cb4cb5f53d9d4a3c5e3cba05fec39c413fc7ab6
41c5eea1f77978efdb0084dfb91c4ace1bc8fc67a5ffaafb99a77fadca7d84ea
422abaab4fd6f80dd4dac0dfd1900512e37bdefe560de6a6e12921248a82e8c1
42a7a8707a6917c666777176ba2c4a9ca6d88ff10e9cf6ddf4932ff05261f067
43b8924e1838709ed3c11df6d5de135cf72acbc72d0628f5299964dd3ba24aab
45161f4b388b7f8047e0fb82dd210e670b93161a18b07b61ed3604de212d9063
46b398a342a9e3ecad72ae77c744cf397f67614ca4a6f5339fea677c3243df02
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
48f67a152acf6ef2df67acd63779bee22382effa8a37b241811e04b683e312b1
492abbc30ace41332a8f68b7f34f56333a037aebac34e0bc9b9cedb0d1c3b032
4c66cf58bddf9101dd5e3d83235728a64c8e7ef7032c4bcbbcc91b8aa7dcac18
4ef78091d8ec82bc91f8d492162c93bf5e4f10918aec5a02f91d6bb510e0c875
507a19ae6989fd73b8c9524defd67e2067826678655bb73a195b1b89cccc9d8b
519eb98dcb4e16d19e91185a49cffd292b3cb5506cdbff0448583ba639b836a0
523a5fb369d89cf63830b479941136c43333a1b5de77501e936efe6a7b4761ef
533e8ab00e73a9a61f550b956a872f9091fe48b79b4072d87bdb07348af7f4bc
53b99e4bde7498900885e58f9d6c383258f8a59b04389d6b54d3d4b89537b6f2
54bea01752aad016728dc9cf12165895352175e9a6e6f671c81c3f53f89dca58
54d35e66675f9cc2ab471d0c389573b5ab0902937b397914a177712b27678a46
55430db3ae14cc7856891c023050bb1f60e0152cafb69adfadaa8a3e3ea3a258
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
56194001dac6cb197d9bb1f8583c2959743d39e6b3aa12c7fbef3d7227912f8e
587d78ee993140dcfa279510b69b9c1a840e43d0da96f51fbbd32ae711cad262
5b3addc547dac418834534d301220ea7110d0d0ac1afdaff4d3bb095ec96389f
5ba1cc8ace5bd2f8b0b185898e42649829fd86f1c1f270d3596f3d41ae4c34f5
5dfbe2824e8570836764f31690817eb342f6a2605e0d93e74c497d1aa8ea9249
5e7df6c60a179d2271ef21754dcd1616423c59bba9164972968ac72c17aed020
5e84ce936bc3e3844a5d9efb3ac7d28107fa17234fa2a6c2bf3491fc284f0d4f
5ec06962acf846468c67189c9b5cc911c6071a2a9f8f366fc2db941a65f485fa
5fdffe46c571b0b392a68f61772f38210b2172738fc1dac3be70794daefebf6b
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
61d12a30821faa42787b965b89f1b2a17f99ab6b8297c2ec1eb570a3471d24da
6318550f5912b8080b39aee5a2ecb0981b2a71316e89ad74c283bf1797e7bdfd
65afaea4082ad768c0ed8556a78d1a2e3f9d555b7f599ff9680da3fc2dd2e11d
65bcfc9ceb55065bb35662773a522fb15fc9653423574d23dfe68ea983e20b7d
6785473e049e821b09e334869ce33fab0034b510485238f097fcdbe66acef187
686bf47f13cf623a6c794e60f72c31709c3fefdfc9ac0427c4e66dba1807522c
6992d83fcac1c28fa9b9c3ec90974607559550e5f92eb6074452936f0e2686d3
6b02fa45218625795d89950fd645838c8c4d7f6cb7f893fef9a8e191bfb204af
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6c138576e7381d3ab0aa7b511adc3a7cbb7fe3a3d33768bad05577f5dfc60cad
6d5b2484855a69e76d59cf2e5e518df99515b786e57ee5fa929b0e5cb478e57c
6edd68731e514566c05a3e9332505817102a8b5db834a80176856647b4162ad9
70270e26cdc41ff47602e2bcdc1f24d740da3330e6466cd472c24b6821e93885
70ba07fd6d1fc71cc98aae93fa37effb594720b42297251546fa2e99c6be1b1b
70f9df229f790b8ed4fe768fb42e0c77a3e90526d8253a7ad15d977a551bce22
71c96af12567c3c09cbe6d4b1172b5e11ffe3c2d7a7a37aeb70ef790a66dd6db
726906ee6ce6dfe1b6e35ddad151196c50277e31520de30e916e9cd9affc0ef3
746b935a49e1d40e7ff29603f1c73404976236e3fffd86300333ad294f3206f1
75986583bbe7f769523056315a3a9db0ed04e05520baa7ac354ba9936d0866af
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd
7a5f188495a436ba18ae9de859cb124d7de92ad63eb176884f3a1edd040e0a34
7da7718bf81eaad9e51fa1ed9cdd920bbd001a672891e4632861d33cee253776
7ea8a16a61f5625dd76ee52847e1510a60a5b2ca99bcc3083503e298f1614bac
7f523921b7e888f3e482e56d75c93f14b76dd9a20decf4b8f37d2a9542abb5cb
80182a21e69d7232583dcf7b19a5cfb9a597e7adbcc22f1a14e4096d8602612d
80c3fe2ae1062abf56456f52518bd670f9ec3917b7f85e152b347ac6b6faf880
81e61bca44ce704ce0bcc94b5af8f54a474b74d5ef8c4f49f97779b2d23ca161
82a463a0caf7fe5469197d58dc03113d5bebaecbaf858c0355958ae47f71bd26
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
83f7ae3b6cc221f09245207c1a643d267580bf13331fd9f8173539ece95522e8
8467a8357349298073591bd163beabc28e27331b03e6dc9bf7f9d2a66757bf7a
8541db75495eae1c9fe4b084f2f561a2576779940cc4afef906cafa6e5997321
87083882cc6015984eb0411a99d3981817f5dc5c90ba24f0940420c5548d82de
87543d1da4519be0b4f45e186cf920bf53ea32c739199b7349052f8debe10d89
88ad7b3ce8deb6a240b1fb08e6d495bed0c6211a84ccb396fb9918bf2a791d7d
892965e2aafabe1b97fd6b5c84c9c3fa630b48d1ed90400cfe69bbdfaf28dc15
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7
8b8bc4010a374e304ebe69fa345ce460768712d77cbc7a3f816297a675077bd7
8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7
8f07ec3f0f12595bc6d0feb1efeb25ab8ffd8171f44c90245abbe9aaaf898f14
8f6c161e6bdd3cb70544349f6fef7294814ce998ca62844a15a3840085389ad7
90ec3ba9d138d52be29a3693995d6e2aca5e0a85d5e8fd4a46e58b62d44f3b37
936a96afcde77875ce1b932be875ad57396d7b54dafdc05a190c994d14112630
93afb81d346b0114e1ea6edf6e4c9789481cea971f9b3a06cf7b7eb488ba05e1
9628a65b1c9f6d580d18b1025e5224cfe10f21c66b73ca8763ba674ab7be814c
970039be8affcc2a4784a06e910565bd7511b6743376371298fd01b91e417223
985ecf47e94361c366e2521124bf5c5ac81b8016252ef1813b8dce0e91639027
98611fb5fb431ae9e99a4a7874cb10a31a77e7203d94fa89322dab12b2d97c66
9989098fc1c049b13c07bad2cec13bbcd51a6b330a20aad93b21d99220366a60
9a14fb9bd4e426e21de3096c2c248cc3be38d0eb46ff3cd62b8e8ae54ed4501a
9a59c5e5bf506c979d9baf8521375edc46c510007ea428f877717bdf90a81528
9a99f9f1c9939b5174008575d44dca5c126d7ec9438430ceb3537e354d29e6a2
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9aafdca8db8d8ab1bb303bf8af5a0c1eb26977f36ab4ad6801ef447b7b71daa9
9f5ddf54b7227d86964934f2780bfd89f8ad61b282d9807d96d54617383be52d
a003c063a2d3c1526d14237e09e79a2b13e01d2a10d57b236a9a3f6b8d37d4f8
a048e640908046be06e00eab37742b5d5ff80964af58cfd22f7cb2de4dfe375f
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a1e0b560582212b6d76aea660a09ce3bf9782df4d62a265d73e87cf1075d4d96
a256529bd5b1b8846f8d2536ce7581fb6cea4479992f222d01535903dff48d79
a30b2e4dc3ebbd7beac019d3b53cc44239304f0c1b1a1f501298385ad340cc0c
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a575e2f63d79cdaf5a92b4453bfcaadb462119aa1216b4f28920e37e2d9b8e7b
a5c2876e359f0a8a54de826bb50798df74b46f6943a6d855fc65c49e2c1c6a34
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
a750ce5d847c5f88dd3c2f5484fa9bfb61c350786f1f9e38474ff0dcc77710c9
a7d040d5e84706dac2d471ad33830bd0ae361ca06e53e72e817701478c6d5afa
a87fb04a70fe7364bfc54b0da0da83529966d989451e5a1f4e1d97473c0a0ee3
a956a6fe1ee57805393bf1781b32486b4ed9ca402a04320280e59a18bc348a87
a999f1fec5154e3a48310ffb125352a4a0d9d42567b071568f26ff139de5ed89
aa14829e861296db467dead809a3a112bab4bcb3e619e9248e3d148dbde9de7c
aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a
ab40bc14232d4b94dc250241de7f3df1e175cd9fbf76d43b75f08fbe158bf83c
abfca4e99921285b4c8f134ad1796acc42945a3c71fa1adc8467c0aed83dfe46
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
aefc8e50742cf3f1a28c9eef6522e3d3b1e573af55a387b23015ed965df8d948
afb98097980721208768ce622a4e9cafbce2e73547eec2b42c5308b1f3d5f884
b161a452760e628e5d4e19573320eff7833f5da41a399d8fe332dcf191a49afa
b1ad18d59a923a30397279d4545c15ae7088bb6e70f37b6468b890fc4cfee8ba
b4a576181de48e65c16476d10dcb5de9730675835d885ae49ae1ae3a67ae950b
b4dc6c436b230432acc620cf498374ec82ef0aa89a3b8e0dec06cc814d2a3181
b653f2d721b7be044661fd5a3bd2e3bbe9b82498dba0ad46ecadc25c31601e3b
b67fad811e7e9b06f1bb367ae9204cbdd235b7de4d8b7131a4d4cb212ce6b298
bc13afc32c81c66b102a63a2c672cc4ab9a3338964e3e32c8f17f8cc5ab0db49
bf16629dd98e4bb51ebb72d91e9c3acfa8265ade602eabee8282e8f38accc02c
c0c71676fd900840c2698979462826c6b244e220f06bd8a1622cd1d23986ce3c
c10d2ca03db89e32aea5a917dd71ae0b1e5acfddccf80494a33df642e954d458
c12f6098e641aaca96c60215800f18f5671039aecf812217fab3c0d152f6adb4
c287fda21fe692127e9bcbf16dd92dd62edcbe10a0e2b52957a258ddabcc37d8
c3e0fc205ad46e9fa2364a2b71a69279d819abe128a489987e3aeb458612e441
c54e111bed9a6b263d07353f9ebf6a36df763e9d450fed644e185a52d15e6664
c55a101364d331430c4ba7388d8842f29cdf1546a4d497b235d02c86637a3247
c67f5533a52e08a12f9d0bcd325818bc0edc0646afdc68ee1b655375432ab6b1
c6c2b7bab05f229d52688154dfee125ec9dbb30500c940e028eea8796d4d0124
c6ce2b47cde7cf913a3c34ddce355fa9c75012577dd34c35928add8676cb7fa0
c6d03b7a5561687268e57b13d9d4a6a4c71ee570ea74718040ce9227676e3e5e
c76cec18a32b6e1b3beb109e20039399f107af3caa981e4cdc2b6d6ac2cf7d6c
c7defa0223f732449276a5e5dc9b8928f053c24c9edede57b6134560207ebb85
c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97
ca53103d383d18a92eb0f454ad90c2ef7edca35ac8c017cd700a3ac7ca2b3dd3
cb696ecd7c4f31fdd7c7c1cc37e8efc29614fbcbadf74f455aa496d72ce33250
cb6c780528ee77d8207d086ddfea7d4158f2e024584dd31832801328b3ae0707
cb6edda44b62692b7e6c1b810291c46162b99c1f0c6228ab2a187b7d1072d026
cc05e9f04683682906d0ad443881bd19fce83e240bbaeeb6ec814ce757204ee4
cc83fe6d180fd859f448bacd040799bf379ee7e0d9b1e6c3f19499c1c4358864
ce060c4b31136228f92c39acd9a2b4e090d0cdb950d0f68c641cc4f2477decfa
ce7e5db9f00c0c970069c4d160e5527174f843f9eec79676c505953e5b4718bf
cec6b6ad4d53f4c3390739f35ce07346303e7113b724fc8a3cae4a7efe3a1e67
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54
d12a71cd626ac8f0fc91e6f1b98280cfb49fd724f2dcc118d192adff9a0154b4
d318018d6f6a7de9cc5e37af102ca016cc1ef619c093d3447f6735e674caba35
d3a6fb9e39c82eed501889521b19cc4fc13d1104f83128928775b520c86f8abc
d5661858a1ac96084163595f8a5da3f9c0208037dbe609d6a8bbe48ada46c3b5
d5b585fa33bbf00e29420d3306dd6aa96e58a91060b9854980f9e057dbae16a7
d792afdac7f7ae5de7c6964950c6c61dc6e3f3813180a59e141c7cb4ac4364dc
d7af70fd2dab0fadd7b57438ae80cd4cbfc69384ace14284c990e2916631ff3b
d80f6ec3a78924d5f5276bd680cbfb9dd37879691c648dc14755cb3d9c5bf3b3
d845920d21b08795f90526d2d827e0baea7a2102b359f24a39ec28a87faacdd6
d8ade0d94aaf4b3d52776b75609e8d1c31995677a0a033a6fa2408425da07740
d997fba7832cb78b0933a9eb2ce191d53234c978e25c6c8fc50c75923ea8405e
dc0d73c41dbec615509751bcd61f60533890e105f419fc50e1143f9395ae5227
dcd89d1c043925d2a95d045bbe68dccdfbbe4c1507f4d16b8ec798c13ade4862
dd5052a42ab2a20dd0fe4a4fa07d9b8a13419473e7b93fac40a915f526745f23
dfd68e03d7b553507febb49143ed808b0cb300d962a6203781b4735a678dcef2
e14a47af6697d522e9da6e3a944ae8503d38e81abdaf2c0e245aa4f54934aaaf
e1ed332112466dd48d0ce36435c780728b5a2663ec3a27203b410b9c1b4e820a
e2511b147f3cf95f742758d3e2062eac98f5265a859dc07959eb8a32f0a2f528
e36c717f592ad349b99b164864ebc584f11f5a6f760c19b88184c34cdee12dde
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e
e7aca552b0dfb702f610cfeb2c59025a6d1baa886dc228721a102808ddb54e5e
e98570a175218d747c7a1bb83fb065c6bd93ab57ae63cb08bd445501a82e4d10
e9c2ea51112f76d8a1d637d680db5d0d0f662744e0a28dd950fe262fc3b08e91
ea29de07cdb14f2c6c59c06fdcd4ec30c2030b3ba8ee6a0aa325085496b9a94d
ea3bc8af6678d38415f2da755b0062dfe5595482c18040c1b2b411667946eba9
ea9a7cc743f85d8125ace5b7f7dac003957cde3ee374e88d560acbab98317885
ed5e0b23e098a4b9bee661a904db54dd8bcdbfce9438db83298465431b14a9ab
ed91fbb0cd9308f91f8e1fd93942c94ee850fc4161ed788b16f801b743c70b9b
ee1229a3684a04d2778613d1e3e827d6ccc9b332b2359a9b5e2372381435071d
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f0339e334c077ff7d80ddbcb9b2a170b6b53928c63e4ce0c1c904f60c514c33c
f092d56d7cf0d6afcd9e76c8538638f13ca61e1a96508f279abceded94d84246
f1bfa171ebc2afeb7dfdc3740255f624e6ec93b59abef341d8bd531799672f41
f1c2df328b04c0db753d3f12631a5f032c7475f69daafe966392c70ee078e39d
f391358d52bc90c43a751754cd67a3ef99319b67a9bc4153c248df8830f5e466
f6b32f5820acbfadd372e59d7a06cd93b7d2f080aa6008d1430fe51bb6203d48
f7f0ab9cd528d7c7472d26a2f9f73cbe20cea0a5a9b8ad30b38a3bc878ea43e3
fa70ba5d38e5e05f0befc6a7e1b3e6c790d5c402cfe43677547c712a092bf864
fb908a6b893a5ad58cab0a290445411258f8dfe5433928b5d676cf031bda8d83
fbb5a700094409ba321ed63b2d293f1acb6934c15c4999fe206ba553a1ceda12
fe20a993ae539a56ec5c5f6e9991a77eb9874de4aefb05e91addf16e10142a8b
fe3b65a64c2e2749b48987bc14fe3c15a89a9fa5dc98cf1b2ca63e245e631178

www.upmedia.mg Open in urlscan Pro 192.124.249.65 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

360 Requests

94 %HTTPS

46 %IPv6

61 Domains

94 Subdomains

75 IPs

10 Countries

11530 kBTransfer

19542 kBSize

62 Cookies

24 Outgoing links

Page URL History

Redirected requests

360 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 6 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

www.upmedia.mg Open in urlscan Pro
192.124.249.65 Public Scan

Screenshot
Live screenshot

Full Image

360
Requests

94 %
HTTPS

46 %
IPv6

61
Domains

94
Subdomains

75
IPs

10
Countries

11530 kB
Transfer

19542 kB
Size

62
Cookies

360 HTTP transactions
6 data transactions